How to keep your machines secure over the next 15 years?
How to keep your machines secure over the next 15 years?
Connectivity is becoming a commodity forming a risk for machine builders and factory owners. Nowadays, an average machine is connected to an internal network, to talk to SCADA and MES systems, or to the internet for remote access and data analysis.
However, software running in the machines’ controllers and operating systems gets older and new vulnerabilities are discovered to make such systems insecure. In worst case scenarios this leads to production stops. So, how do you guarantee that your installed machines are protected now and in the future?
‘Never touch a running system’
‘Never touch a running system’ is probably the motto of many machine builders. When an OEM machine builder makes the software he doesn’t want to change it, unless there is a problem. They can't just turn machines off for an update and risk the machine working differently after a security patch. The impact can be high. Think of losing the machine's quality/safety certification, long lasting downtime or lower quality output of the end product.
But have you thought about the fact that outdated software running in your operating system can cause major security risks?
Machine lifecycle versus IT system lifecycle
Do you still have machines running on Windows XP? Your machines have a life expectancy of probably more than 10 years, but most operating systems only live for 5 to 7 years. So the operating system, software, libraries and code making up the machine's firmware might be state-of-the-art now, but will be hopelessly outdated before your machine is decommissioned. Therefore the risk of vulnerabilities and cyber attacks increase overtime if you don’t think upfront to prevent this.
According to IT, you should always use the latest security patch configurations to keep your machines secure. However, installing patches or updating the operating system almost always results in downtime or production stops as the PLC has to be updated, reset and tested.
Risks machine builders are facing today
The machine builder needs (remote) connectivity to guarantee a higher uptime, but connectivity always brings some risks. That’s why you need to have the right security in place to minimise these risks.
Machines with outdated software run the risk that they contain known vulnerabilities that can be exploited by a hacker. Even without a connection to the internet you run security risks, such as:
- An external service technician connects his laptop to your machine for diagnostic purposes which exposes you to unnecessary risks and threats such as viruses or access to internal confidential data;
- Someone with bad intentions has physical access to the machine and changes the configuration or extracts personal data;
- Employees make unintended configuration changes via tools that don’t require authentication;
- Incorrect firmware is downloaded to your machine.
The possible consequences of these risks may vary from downtime and virus installations that damage your systems to stealing and spreading sensitive data.
You have to be aware of the risks and pay attention with proper expertise and restrictions to prevent them from happening. Let’s see how you can keep everything secure during the entire lifetime of your machine.
Secure machines in the long term with edge connectivity
By opening as few network ports as possible from outside to your machine or opposite, you minimise security risks. A big challenge, since this isn’t feasible when you want to benefit from remote connectivity. Although, edge connectivity can help you to secure your machines.
To optimally secure your machine, you need to seperate the machine network and OT (Operational Technology) with a firewall or edge gateway. An edge gateway is a multifunctional device which includes a router to seperate networks, a modem to connect securely to the internet and a firewall to block unwanted connections.
Best of both worlds to protect IT/OT networks
An edge gateway has an IT part (which is connected to the larger OT network, e.g. SCADA/MES/ERP systems) and runs the latest firmware versions with the latest security patches. It can be updated without you having to think about it.
The OT part of the edge gateway (the machine network) is not updated, but separated from the outside world and therefore safe. This means machine systems like PLCs and industrial PCs don't have to be extra secured and updated as well.
Using an edge gateway takes the best of IT (latest security patches) and OT (not modifying the machine). This minimises the security risks, without influencing the machine or quality of the production process.
Choosing an IT approved connectivity solution
When looking for a connectivity solution or IoT partner, the machine builder has to consider if he can securely connect his machines to the connectivity/IoT solution to scale his business case. You need at least a solution which securely separates your machine from the rest of the OT-network to make sure old unsecure and unpatched operating systems on the machines are not a threat during its lifecycle.
The separation can be done with the IXrouter. This is IXON’s industrial edge device to establish a secure remote connection from the PLC, industrial PCs, robots and HMIs to the web-based IXON Cloud platform. With this edge-to-cloud setup you can benefit from everything an Industrial IoT solution brings. It has a built-in firewall that separates the machine network from the factory network.
By installing an IXrouter in all your machinery, you’ll ensure that your machines are protected during their lifetime, with less maintenance efforts and with minimised risks for your end customers.
In our security white paper you can read about the security measures in place at IXON to support machine builders and their customers. Would you like to discover more about our IXrouter?