Tom Canning, VP of IoT Devices at Canonical, the company behind open-source software platform Ubuntu, discusses cybersecurity, the Industrial Internet of Things and Industry 4.0.
Whether you know it or not, we are surrounded by the Internet of Things (IoT). As we go about our daily lives, we quietly navigate through an invisible IoT network, surrounded by device-to-device communications as different objects trade commands and exchange data with one another. This is the era of smart devices. Smart homes where everything can be controlled by the touch of a button, connected cars that can detect potential hazardous road conditions and communicate with each other, and the ever-growing marvel that is robotics, automating once static and lifeless objects.
Machine builders in the manufacturing industry are living through a change known as Industry 4.0 that is underpinned by the Industrial Internet of Things (IIoT). Thanks to machine-to-machine communications, manufacturers now have a treasure trove of new data insights at their fingertips. Advances in big data analytics also further enables AI-assisted systems to now access and analyse large data sets of new device and system data to produce valuable insights that were not available previously.
However, on the factory floor, IoT deployments may unfortunately act as just one part of a wider cost-saving or productivity-enhancing exercise, meaning security may be treated as nothing more than a mere afterthought. Cybersecurity threats may arise because of the incompatibility of IoT devices with existing systems and software infrastructure on the factory floor. Combine this with a lack of systems management and oversight on individual devices, and you have a scenario based on end-savings goals, and not on safety and security.
Smart does not mean secure
To avoid the risks that come with IoT, organisations need to adapt their security culture to be more holistic, moving away from simply deploying a device and then forgetting about it. One fault in an IoT network could compromise an entire factory floor, so designing security from the start will allow organisations to distribute important security updates automatically, remotely and from a position of governance and control.
Smart does not inherently mean secure - so organisations should not be fooled in a state of comfort and security. With millions of devices deployed in industrial factory floors across the world, gathering and exchanging valuable data, the prospect of hackers infiltrating these intricate webs of connectivity presents a serious threat to the security and productivity of any organization. This is why IoT device manufacturers must build with a 'Security-by-Design' mindset and this begins by selecting a robust operating system that is both secure, manageable and ready for future market demands.
As malicious actors are constantly evolving their activities, manufacturers must also be flexible and proactive in their approach to security, shedding the old hardware-centric view of IoT security. Additionally device manufacturers risk missing out on new market opportunities unless they differentiate with software-defined features. Software maintenance must also increase to align to the extended lifespan of a hardware device in order to stay relevant in the world of IoT and usable to the end user on the factory floor.
Inherently secure operating system and Snaps
The Internet of Things is the gateway to the future but, like any gateway, unless somebody or something is standing guard, then anyone can walk in and tamper with your belongings. That is why any device maker must arm their hardware with an inherently secure operating system (OS) to help it protect machine builders and their production lines on the factory floor. Today's operating systems must not only support and enhance hardware security but also provide the necessary future-proofing. One OS that does this is Ubuntu Core. Created by Canonical, Ubuntu Core has the ability to support both its operating system and associated IoT software applications in a secure and modular packaging format called Snaps.
Snaps are containerised software packages that enable developers to easily push software updates automatically and roll back in the event of failure. The likelihood of an improper update breaking a device or degrading the user experience in the factory as a result is greatly reduced. If a security vulnerability is discovered in the code used by an application, the application publisher is notified so the Snap can be rebuilt quickly with the supplied fix and pushed out in a controlled and managed fashion. In the case of smart manufacturing, rolling out a security patch seamlessly without disrupting the production line can lead to reduced downtime and increased efficiencies.
Snaps are just one example supporting an emerging trend in IoT to shift away the traditional hardware centric, single fixed function view of embedded devices and to begin to embrace the power of software defined capabilities and features at the hardware device level.
In the past, once a device was deployed to the field – for example to help monitor performance and boost efficiency on a factory floor – there were minimal mechanisms for quickly deploying any new feature updates or addressing any newly discovered security vulnerabilities. Device hardware can no longer be static and vulnerable in the smart era of Industry 4.0. Manufacturers should recognise and appreciate the need for multi-functional, software-defined capabilities to be supported on all Industry 4.0 devices.
Covering all bases
Devices equipped with the ability to properly support revisions and updates of applications typically have lower support costs. The fact that applications can automatically update to the latest version means manufacturers can be assured that all their equipment is running properly. Whether it is a security breach or issue of software failure, the damage caused by any form of disruption to our increasingly connected factory floors would be substantial.
As manufacturers rely ever more on connected devices, the downtime of their machinery and production lines needs to be minimal. Therefore in the event of an attack, the response must be to maintain the factory floor on an operational state as they deploy a stream of software updates to protect against unwelcome threats. The previous high-profile exposures of security attacks such as Meltdown and Spectre highlighted that unfortunately there is no simple or magic bullet to security.
In the case of being prepared for software failure, it is no longer a reality that you can develop software once and expect it to be secure and bug free forever. Rollback features can help guard against software failure by giving hardware components such as security cameras and other connected machinery on the factory floor an added layer of reliability. Software will fail; it is how a quickly and comprehensively an organisation can respond to that failure that is key and a true business differentiator.
Securing machine builders for the future
Despite hardware security being crucial to the manufacturing industry, organisations are still not paying sufficient attention to securing their defences. Instead organisations place the responsibility on the end-user on the factory floor to monitor the security and safety of their factory networks. This is not sustainable in the smart era of industry 4.0. With the arrival of the Snap-based IoT applications, the security burden can be taken off the end-user and businesses can now trust their machinery as it silently stands guard, updating and automatically remediating any security issues that might arise.
Industry 4.0 and modern IoT devices demand heightened security. As the world becomes more dependent on smart devices to operate critical pieces of infrastructure, whether that be in your home, your car or on the factory floor, organisations need to use hardware not just for the issues of today but the issues and challenges of tomorrow. Future-proofing devices will become the standard for IoT security. If organisations can future-proof their devices, then they will future-proof their business for years to come.