The SiDaFab project protects industrial systems from espionage and sabotage
The collaborative SiDaFab project (Secure data communication for the distributed factory of the future, or "Sichere Datenkommunikation für die verteilte Fabrik der Zukunft" in German) was presented at the National Conference on IT Security Research 2017 in Berlin, which was initiated by the German Federal Ministry of Education and Research (BMBF). Since the beginning of the year, research and development for new IT security solutions for the Industry 4.0 environment has been taking place as part of the project and under the leadership of devolo AG based in Aachen, Germany. The objective is to give a significant boost to protection against data theft and tampering using both hardware-based and software-based security components. devolo, Infineon, Arend Prozessautomation and the Bremen University of Applied Sciences are working on innovative, process-oriented security concepts for networked industrial systems and plan to complete them by mid-2019. The project is set to conclude with field tests at the facilities of the associated partners FRABA and A+G connect. These tests will assess the real-world suitability of the developed solution. The German Federal Ministry of Education and Research (BMBF) is providing approximately 1.45 million euros in support of the collaborative project as part of the "IKT 2020 - Research for Innovations" funding initiative.
Digitalisation needs security
The potential and the acceptance of digitalisation depend on the protection and security of the systems involved. Data protection as well as protection against tampering and unauthorised access, in combination with real-time-capable communication, are of paramount importance to Industry 4.0. The SiDaFab project is developing a new, integrative security system for data communication between various systems and locations within one company. The core element will be a hardware-based security component.
Secure data communication for the distributed factory of the future
Today‘s production systems are seeing increases in automation, characterised by networked computing, measurement, control and regulation systems. Requirements such as just-in-time production or individual production requests from customers are changing industrial production processes. Previously isolated production networks are becoming increasingly networked with in-house office IT as well as with customer or supplier systems. Technology areas that were once largely autonomous and separate are now merging. This networking greatly increases both the number and severity of threats to the industrial systems involved. The focus in data communication is currently on network security. The integration of firewalls or VPNs alone is not enough. Instead, special consideration must be given to the extensive use of cryptography, secure identity management and the flexible adaptation of safety levels to dynamically variable value-creation chains. The SiDaFab project involves research and development for new solutions that meet these challenges, giving special consideration to the real-time-capability of the security system.
The Secure Gateway as a central communication interface
The goal of the collaborative SiDaFab project is to develop a precedent for an effective and efficient hardware-based IT security solution that can be used in an Industry 4.0 environment. The core element of the IT security solution is the devolo Secure Gateway I4.0, which is being developed as part of the project. The Secure Gateway is the central communication component in each respective production facility. The individual industrial systems are connected to the Secure Gateway. A high-security connection is established by the Secure Gateway between the company locations and production facilities. It has control over who is allowed access to what data. This way, the requirements imposed by increasing automation and networking with other systems are taken into consideration.In the production process, for example, the remote R&D department can send a piece of device software directly to the production systems. When the software is sent, the Secure Gateway ensures that no unauthorised parties can tamper with the software or steal data, enabling secure data communication from product development to manufacturing.In addition to various software-based safety modules, the Secure Gateway is equipped with hardware-based security through the use of a Trusted Platform Module (TPM) from Infineon. This well-tested security module is based on the internationally recognised security standards of the Trusted Computing Group (TCG) and serves as a reliable security anchor. The module supports better authentication and can be used as storage for private security IDs. This means improved risk prevention compared to previous solutions, ensuring a considerably higher level of protection.
The project partners
devolo AGAs a hardware manufacturer for the smart grid, devolo is able to incorporate its own expertise in data network communication security into the project, continuing to develop its expertise in the process. One of devolo‘s primary goals is to take the concept for data protection and data security in smart grid communication developed by the German Federal Office for Information Security and apply it to the Industry 4.0 environment to achieve secure cross-location communication.
Infineon Technologies AGInfineon Technologies AG is a world-leading provider of semiconductor solutions that make life easier, safer and more environmentally friendly. Micro-electronics from Infineon are the key to a future worth living in. The company employs more than 36,000 people worldwide and achieved profits of around 6.5 billion euros in the 2016 fiscal year (as of the end of September). Infineon is listed in Frankfurt under the stock symbol "IFX" and in the United States (in the over-the-counter OTCQX International Premier tier) under the stock symbol "IFNNY". For more information, visit www.infineon.com
Bremen University of Applied SciencesAs an academic research partner, the Bremen University of Applied Sciences is contributing to the project by drawing upon skills from the areas of IT security and network technology, including trusted computing and IT security standards. The goal of the Bremen University of Applied Sciences is to adapt existing IT security solutions according to the secure-by-design approach to ensure secure networking of distributed production facilities. By doing so, the university hopes to advance the state of the art of technology for future industrial application areas.
Arend Prozessautomation GmbHArend Prozessautomation is a system integrator for automation and Industry 4.0 with 30 years of practical experience as well as an active proponent of digitalisation and networking for production systems. As a medium-sized company, Arend invests heavily in growth by developing its own industrial IoT products and by cooperating in multiple research projects in production data collection/evaluation and cyber security. Arend Prozessautomation is making contributions to the SIDAFAB project in particular through its knowledge and experience in production networking and in the integration of disparate automation systems.
FRABA GmbH (associated partner)FRABA GmbH is a manufacturer of sensors for industrial automation. It develops, produces and sells rotary encoders, tilt sensors and safety sensors. The international organisation has 7 locations around the world and requires secure communication networks. Thus, as an associated partner, FRABA has a great deal of interest in the results of the SiDaFab project.
A+G connect GmbH (associated partner)As a solutions provider, A+G oversees projects within the areas of network technology, voice communication and data security. A+G is incorporating its experience from all three of these fields to assist with implementation and support of the pilot project during the field test.