Unlike other industries where the opportunity only seems promising, factories are primed to be completely transformed by 5G and edge now.
How goes it with the digitization of manufacturing processes and the “factory of the future”? Progress has been slow but steady, but the increasing adoption of edge and 5G technologies means these businesses have new security challenges.
A survey last year of 200 executives by Analysys Mason and Accedian found sentiment toward 5G in factories to be overwhelmingly positive, with 76% of manufacturers planning to leverage private 5G networks over the next three years. Manufacturers are looking to private 5G networks to achieve high reliability (82%), security (78%), and support for low-latency applications (75%). Network security was a key factor among 63% of those looking to adopt 5G.
“Manufacturing is an exciting industry because it’s one that can immediately take advantage of the promise of new 5G technology,” says Gerhard Auer of Accedian. “Factories are primed to be completely transformed by 5G, the next generation of networking technology, and unlike other industries, where the opportunity only seems promising, this transformation is happening in manufacturing now.”
Edge and 5G, of course, won’t magically be slotted into industrial facilities. There needs to be active engagement and collaboration across the board, especially among three sectors that haven’t really communicated on a deep level previously: The convergence of information technology (IT), operational technology (OT), and communication technology (CT). These sectors all represent different backgrounds, requiring a new breed of threat intelligence, according to an eBook released by TrendMicro. An accompanying survey report finds 60% of factories already using the cloud with another 27% who will soon implement it) and 26% with private 5G already implemented (and 41% planning to son implement it).
Examples of manufacturing digitization include “predictive maintenance using information collected by cameras and sensors on the shop floor, digital twins of production lines and products, work support using VR and AR, and autonomous driving of AGVs and free layout by wireless controlled robots,” the authors of the book state. These all call for collaborative roles between IT, OT, and CR teams. The most pronounced challenge is that “as apps, data, and processing move to the cloud and edges, the boundary segments between layers will no longer work together.”
That makes edge/5g security issues front and center. “Traditional industrial control systems, which fall in the OT domain, have not been integrated with cybersecurity,” the book’s authors explain. “Systems using new technologies such as the cloud, edge computing, and 5G are often secure by design and also have the advantage of integrated management of assets. Cloud and 5G are not recognized as a high-security risk as a whole, but vulnerabilities can lay within siloed areas.”
The holistic, data-driven means to address the challenges posed is threat intelligence. While the book’s authors admit threat intelligence “ is a broad term that can be misinterpreted, the essential elements include context and action. And the intelligence required depends on who uses it for what.” It is important, they add, that “each stakeholder involved in manufacturing
cybersecurity leverages threat intelligence across IT, OT, and CT, depending on their role.”
The authors break this down into four classes of threat intelligence:
- Strategic intelligence is used by management “to formulate risk forecasting, security strategies, and policies due to changes in the environment.”
- Operational intelligence “provides the perspective on what an attack campaign is aiming to achieve. This knowledge helps security team managers allocate resources needed to combat these and similar attacks.”
- Tactical intelligence is known as tactics, techniques, and procedures (TTP), and MITRE Adversarial Tactics, Techniques, and Common Knowledge (MITRE ATT&CK) are typical examples.
- Technical intelligence “can be achieved by recognizing indicators of compromise (IoCs), which include vulnerabilities, IP addresses, ports, file names, and hash values. The security operations center is responsible for handling these.”
The book’s authors provide measures that need to be taken to address the issues that arise with edge and 5G deployments within factories:
- Enterprise and control network: “Prevent lapses and mistakes in basic settings and configurations (password, privilege, router, etc.”
- Enterprise, control, and field network: “Database protection Access control, cloud security, EWS protection, development policy, software supply chain visualization.”
- Control and field network: Network encryption, manage network routing, use secured–encrypted, authentication, certificated protocol, network encryption, support challenge-response authentication in PLC, endpoint security for LTE/5G-based devices, development policy across IT and CT, content security in 5G network.”
- Field network: Manage protocol gateways as important assets, select protocol gateways with a packet filtering function, introduce industrial firewalls, supporting the OT protocol, network segmentation, secure coding practices adoption, source code review, patching, automatic code scanning, security libraries, privilege separation, code signing.”