Security in the age of Industry 4.0

How the advent of automation and robotics as part of the fourth industrial revolution is reshaping security in the manufacturing sector

By Jo Best

Wed 12 Sep 2018 @ 12:16

Following the arrival of the steam engine in the 18th century, the harnessing of electricity and the invention of the internal combustion engine in the 20th, and the spread of computing decades later, the world is now said to be on the brink of a fourth industrial revolution – one driven by data, robotics and automation.

By moving to an operating model where human oversight is minimal and technology manages the production process, it's hoped that manufacturing will become cheaper, more efficient and more flexible.

The move to Industry 4.0 is already being felt with the concept of the 'smart factory' being adopted – a facility that is automated and able to learn and adapt to reflect changes, not only in the factory but in market conditions and customer demand as well.

But as facilities become increasingly able to work with minimal human intervention, using a stream of data and artificial intelligence to guide decisions, there is also the possibility that they will become more of a security risk.

In order to function most effectively, factories will not only need data from sources within the company, but also directly from customers, suppliers, logistics providers and others. While all those connections are vital for the running of plants, every connection represents an extra potential attack vector. In the future, manufacturers will need to make sure of their own security, but also that of the entire network and supply chain that surrounds them.

It will be a particular challenge for manufacturers given the delicate balance they will have to strike between protecting their IT operations and ensuring the smooth running of their production lines. Manufacturers will not only have to keep their networks sufficiently locked down to prevent intrusions, they will also have to do so while ensuring they are open enough to preserve the flow of data that's so vital to improving their operations.

Similarly, this growing interconnectedness will present challenges when it comes to security governance – including how responsibility will be shared with third parties if a vulnerability in their systems causes a breach within a manufacturer's.

The advent of Industry 4.0 will also make the challenges of Internet of Things security more critical. So far, much has been talked about the security risks of the growing number of objects being connected to the internet, but successful attacks on businesses as a result of IoT have been rare. As more and more elements of the manufacturing supply chain are equipped with internet connectivity and linked to sensors to govern their behaviour, those security risks may be replicated but also magnified. If any part of the production line should become hijacked or even fall victim to ransomware, the costs and dangers of outages and delays to production could be huge.

Industry 4.0 will take security threats from being purely contained within the digital sphere and out into the physical world – Stuxnet has shown how serious the consequences could be if industrial control systems are successfully exploited.

With Industry 4.0, the combination of analytics, AI and robotics will reduce the need for human workers on the factory floor. A similar change will need to happen in manufacturers' security environments: Increasing automation and the deployment of robotics software will be a necessary response to the hyperconnected smart factory and the threats this will attract.

Industry 4.0 will open up new possibilities but also bring new risks for manufacturers, spurring them to adopt new approaches to prevent breaches and outages. However, while keeping one eye on future threats, manufacturers still need to keep the past in mind as previous threats will remain as new ones emerge.