Manufacturing Engineering: What are the key cyber threats to manufacturing in the era of the IIoT/Industry 4.0 and the proliferation of digital manufacturing systems?
Christopher Morales: According to the 2018 Verizon Data Breach Industry Report, state-sponsored attackers caused more than half of the data breaches in manufacturing. Along with these state-sponsored attacks, the Verizon report reveals that cyberespionage was the leading motive behind these breaches. In the new 2018 Spotlight Report on Manufacturing, Vectra reveals that attackers who evade perimeter security can easily spy, spread and steal, unhindered by insufficient internal access controls.
The manufacturing industry exhibits higher than normal rates of cyberattack-related reconnaissance and lateral movement activity. This is due to the rapid convergence of enterprise information technology (IT) and operational technology (OT) networks in manufacturing organizations, combined with the lack of security standards or controls on the IIoT.
ME: What are the worst threats, such as ransomware, denial of service, botnets, computer worms, and Stuxnet type zero-day threats, for manufacturers?
Morales: There are three categories of documented attacks against manufacturing infrastructure. Intentional targeted attacks, such as gaining unauthorized access to computers inside the network, performing denial-of-service attacks or spoofing; Unintentional consequences or collateral damage from worms, viruses, ransomware or control system failures; and Unintentional consequences caused by internal personnel or mechanisms. This includes the testing of inappropriate software on operational systems or unauthorized system configuration changes.
ME: How difficult is it for manufacturers to obtain optimal cybersecurity while melding their IT with shop-floor OT?
Morales: In the age of Industry 4.0, manufacturers are racing to get an edge by integrating complex digital systems, IIoT devices and cloud computing resources to power analytics, automation and optimization. Consequently, OT networks are converging with IT networks faster than our ability to protect those devices. Manufacturers are using a broad variety of smart, connected IIoT devices on a vast scale: A single manufacturing plant may have tens of thousands of IIoT devices and sensors—sending a steady stream of data to the edge or cloud.
In addition, manufacturers use many enterprise IoT devices—surveillance cameras, digital signage, building automation and environmental controls, for example. Like IIoT sensors and instruments, many of these smart devices are new and lack a proven history of security.
ME: Why are older “air-gapped” industrial controls inherently more secure than the new cloud-based digital systems in manufacturing?
Morales: Many factories connect IIoT and industrial control system (ICS) devices to large, highly connected networks that rely on communication with general computing devices and enterprise applications. These digital factories have Internet-enabled production lines for data telemetry and remote management.
In the past, manufacturers relied on more customized, proprietary protocols, which made mounting an attack more difficult for cybercriminals. An attack used to require highly specialized knowledge of a manufacturer’s ICS and a method for accessing those devices, which quite often meant a trusted insider who was incentivized to compromise their employer. The conversion from proprietary to standard protocols makes it easier to infiltrate the manufacturing network infrastructure from a remote location without an insider.
ME: What should manufacturers aim for in a reliable cybersecurity system?
Morales: Security teams need full knowledge of connected and interconnected assets, configurations, and the integrity of communications to successfully protect critical infrastructure. It is crucial to have visibility inside the network that can adapt to the dynamics of growth and change. Organizations also need technology that automates the real-time analysis of communication, devices, administrators, and human behaviors on a converged network to detect intentional attacks or unintentional consequences.
ME: How does the Vectra Cognito cybersecurity platform employ artificial intelligence (AI) to secure manufacturing client platforms?
Morales: The Cognito platform provides continuous, automated threat surveillance to proactively expose hidden and unknown cyberattacks that spread inside networks. Cognito continuously monitors and analyzes all network traffic—from cloud and data center workloads to user and IIoT devices. Cognito automatically correlates threats with host devices under attack, presenting the security operations team with an intuitive view of the highest risk threats and a trail of forensic evidence to launch conclusive incident investigations.
ME: Is AI or machine learning essential to combating hackers in the age of the IIoT and Industry 4.0?
Morales: Cybersecurity is an ongoing exercise in operational efficiency. Organizations have limited resources to address unlimited risks, threats and attackers. Network security must always be evaluated in terms of efficiency as well as its impact on the operational fitness of the organization. At the same time, there is a global shortage of highly-skilled cybersecurity professionals to handle detection and response at any reasonable speed.
As a result, the use of artificial intelligence is essential to augment existing cybersecurity teams, so they can detect and respond to threats faster and stay well ahead of attackers.
InfinityQS (Fairfax, VA), developers of enterprise quality software, has expanded its channel partner network with the addition of Process Automation Solutions (Ludwigshafen, Germany, and Greenville, SC), providers of automation solutions. The partnership enables PA Solutions’ customers to access InfinityQS’ Enact Cloud-based quality management system while InfinityQS’ channel partners can utilize PA Solutions’ experience in industrial engineering and application integration.
Enact allows users to view quality information across all geographic regions and plants, using any device. It also allows the user to visualize how processes are performing, where problems exist, and where quality resources should be engaged to generate the greatest economic benefit.
Pierre Lavergne, director of business development at PA Solutions, said that manufacturers are reaping the benefits of Cloud technology. “If you consider this from a quality management perspective, being able to capture data streams from a variety of plants and sites means that manufacturers can achieve greater insight into how to improve production processes. Inherently, the data streams generated will enable them to improve the quality of the products they are taking to market and therefore provide huge savings.”
Open Mind Technologies AG (Needham, MA), a developer of CAD/CAM software, has partnered with Okuma America Corp. (Charlotte, NC) in Okuma’s Partners in THINC collaborative group. Partners in THINC is a network of 50 companies that service the metalcutting and manufacturing industries.
Open Mind offers the hyperMILL CAM solution with capabilities that include 2.5D, 3D, five-axis milling and turning strategies, as well as specialty applications available in one interface.
Wade Anderson, director of Partners in THINC, said that Open Mind’s five-axis and multifunction CAD/CAM solutions will “strengthen and expand our technology portfolio to address the needs of the expanding additive manufacturing segment.”
Cyberattacks are a critical concern, especially at facilities that depend on industrial control systems (ICS) and supervisory, control and data acquisition systems (SCADA).
AVEVA (Cambridge, UK), developers of engineering and industrial software systems, has strengthened its defense capabilities against these targeted cyberattacks by partnering with Virsec (San Jose, CA), a cybersecurity company that offers patented technology designed to reduce risks posed by targeted cyberattacks across information technology (IT) and operations technology (OT) systems.
Rashesy Mody, vice president of monitoring and control at AVEVA, says the company continues to pursue new strategies and alliances to “pre-emptively” harden and secure its industrial and engineering software portfolio. “By partnering with Virsec, we have added an important layer of protection for our customers, leading the industry in applying the latest security technologies.”
Mody added that there is increasing convergence between IT and OT systems and software solutions must deliver increasing levels of security while working seamlessly with IT systems.
The Virsec Trusted Execution system provides a layer of protection against advanced attacks by ensuring applications perform only as designed, the company says. “We are thrilled to help AVEVA proactively protect industrial, engineering and critical infrastructure organizations from these dangerous security threats,” said Atiq Raza, CEO of Virsec. “With this partnership, we can now provide AVEVA customers our industry-leading security technology as an integrated part of an AVEVA solution.”
Vero Software (Gloucester, UK, and Tuscaloosa, AL) released two new products, including a modeling program that the company says will become the core modeling engine for all of its CAM applications, and an on-machine probing system for in-process measurements.
Vero, a Hexagon company, introduced Designer, a direct modeling system to fill the gap between CAD and CAM by focusing on needs specific to machining programmers. As a stand-alone optional application for the Vero CAM portfolio, Designer enables users to create new designs or modify existing geometry from third-party CAD systems. Designer does not depend on a series of parameters to drive it or a feature tree. A dynamic editing and modeling environment allows users to sketch, drag, hold, push or twist to create and modify models, the company said. A single, unified solution for solids-based designs gives users the flexibility of receiving a CAD file from any source for review or modification.
The company’s Edgecam Inspect incorporates metrology tools from Hexagon Manufacturing Intelligence. The solution is designed for generation of on-machine measurement cycles. It provides a set of geometric features and constructions for measuring part characteristics while the user interface transitions from programming CAM cycles to measurement cycles.
Improved toolpath creation, expanded inspection capabilities and the ability to develop customized reports are new updates to PC-DMIS 2018 measurement software from Hexagon Manufacturing Intelligence (North Kingstown, RI). This is the second of two releases scheduled for 2018, with continued service pack updates to the platform. PC-DMIS 2018 R2 introduces a new reporting workflow, which the company said makes it easier to create customized reports with a drag-and-drop and slideshow-style interface. Users can also add run charts from qs-STAT into the PC-DMIS report.
Also, a new QuickPath function expands on existing QuickFeature functionality to simplify feature creation with a safe path. An improved probe utility allows users to mark favorite tip configurations and create required tip angles by clicking on CAD.
CNC Software Inc. (Tolland, CT), developers of Mastercam, has named Stas Mylek partnership program manager. This is a new position responsible for developing, managing and supporting the Mastercam Partnership Program. Mylek, formerly a senior product marketing specialist, is now charged with expanding development of strategic relationships to support emerging technologies and solutions.
“I am excited to build a more formalized Partnership Program and relationships with leaders in innovation that bring business and technology advances to our common customers,” said Mylek. “Working alongside other leaders benefits everyone, as we continue to bring productivity improvements and more automation solutions to the manufacturing industry.”