Securing open automation in the IIoT age
The Engineering Network Ltd
Posted to News on 13th Jun 2024, 11:30

Securing open automation in the IIoT age

Open automation systems are transforming manufacturing, with their connectivity unlocking incredible efficiencies. But this also creates a vast attack surface for cyber threats. Stephen Hayes, managing director of Beckhoff UK, explores how companies can strengthen cybersecurity in open automation systems and safeguard their connected factories.

Securing open automation in the IIoT age

(See Beckhoff at MachineBuilding.Live, 2 October 2024, on stand 43)

IIoT technologies enable manufacturers to integrate and automate processes in ways that were previously unimaginable. Machines equipped with sensors and controllers communicate in real-time, allowing for advanced data analytics, predictive maintenance and optimised production workflows. However, each connected device represents a potential entry point for malicious actors. The more devices and systems are interconnected, the more complex and challenging the cybersecurity landscape becomes.

When establishing a robust network architecture, the primary objective is to bolster your digital infrastructure against cyber threats - implementing strategies that forge a formidable defence system is paramount. One effective tactic involves segmenting the network, essentially erecting barriers that limit the spread of malware and unauthorised access.

Industrial Demilitarised Zones (IDMZ) serve as vital partitions, separating operational technology (OT) from information technology (IT) networks, thereby enhancing overall resilience. Additionally, employing secure communication protocols such as HTTPS, TLS and VPNs ensures that data transmission remains encrypted, safeguarding it from interception and tampering.

Ensuring stringent access controls is another critical aspect of cybersecurity in the IIoT landscape. Role-Based Access Control (RBAC) plays a pivotal role in this regard, ensuring that users are granted only the minimal privileges necessary for their designated tasks. This approach not only mitigates the risk of insider threats but also adheres to the principle of least privilege, thereby limiting unauthorised access to critical systems. Furthermore, integrating Multi-Factor Authentication (MFA) adds an extra layer of security by requiring multiple forms of verification before access is granted.

Moreover, continuous monitoring and proactive incident response mechanisms are indispensable in safeguarding connected factories against cyber threats. Real-time monitoring of network traffic and device behaviour enables early detection of anomalies, serving as a pre-emptive defence against potential cyber attacks. Additionally, having a well-defined incident response plan equips organisations with the agility to respond swiftly and effectively to breaches, minimising the impact and facilitating expedited recovery.

Adhering to industry standards and regulations is another critical aspect of cybersecurity in IIoT. Standards such as ISO/IEC 27001 for information security management and IEC 62443 for industrial automation and control systems security provide frameworks for implementing and maintaining robust cybersecurity practices. Compliance not only enhances security but also demonstrates a commitment to protecting stakeholder interests.

The integration of IIoT in manufacturing holds immense promise for driving efficiency and innovation. However, as factories become more connected, the importance of cybersecurity increases. By adopting a comprehensive, multi-faceted approach to cybersecurity, manufacturers can protect their operations against the evolving threat landscape. Implementing these strategies ensures that the benefits of IIoT are fully realised while minimising the risks, securing the future of connected manufacturing.


Beckhoff Automation Ltd

The Boathouse
RG9 1AZ
United Kingdom

+44 (0)1491 410539

Lenze Selection (a Division of Lenze Ltd) ABSSAC Ltd Mechan Controls Ltd SICK (UK) LTD Leuze electronic Ltd Aerotech Ltd AutomateUK Dold Industries Ltd FATH Components Ltd STOBER Drives Ltd Micro Epsilon UK Limited Smartscan Ltd PI (Physik Instrumente) Ltd Rittal Ltd ifm electronic Limited Kawasaki Robotics (UK) Ltd Murrelektronik Ltd Top Hex Ltd Moore International Ltd Servo Components & Systems Ltd
The Engineering Network Ltd