New possibilities for smart-factory security

November 14, 2016 // By Hubertus Grobbel
IIot and smart factories rely on sensors, actuators and systems that are networked and communicate with each other, but how can that communication and data be safeguarded against espionage and sabotage? Flash-memory specialist Swissbit offers an answer - smart and highly flexible SD cards featuring integrated security for system identification.

Intelligent production that automatically adapts to products or circumstances, providing convenient remote control and remote maintenance are poised to bring manufacturing to a new level in terms of quality, efficiency and flexibility.  However, networking industrial installations and the consequent autonomous communication between ‘things’ also bring with it new risks.  For instance, what happens if hackers or manipulated systems seize control of robots or industrial installations?  In other words, how does a ‘thing’ know that the data or data selections it receives from another ‘thing’ are legitimate and that these system components are ‘who’ they say they are?

 

Three steps to security - Identification, authentication, authorization

IIoT issues can be addressed through the use of modern security solutions in classic IT, along with communication between human users.  These solutions require identification, authentication and authorization here on the example of a user.

  • Identification involves a user to log-in to reveal his/her identity - in doing so confirms that he/she is a specific user.
  • The next step is authentication, i.e. verifying that the user is who they say they are.  In order for this to occur, the user needs to identify themselves by means of a password/PIN and/or additional hardware-specific identification credentials, which can be a token, smart card or the like.For applications where security is mission critical, two-factor identification is needed comprising of elements such as a password/PIN in addition to a non-copyable means of validation such as face recognition or other biometrics tools.
  • Once the user has been successfully identified, access is granted and usage rights provided with approved permissions (authorization).

The user could also be thought of as a (sub-) system in machine based processes.