More and more companies are using external cloud solutions not only to store data, but also to use services. According to studies, 79% of companies already use external cloud services to store their sensitive data. One in five companies stated that they have no overview of the data stored in the cloud (source: it-daily.net).
While such a service saves companies time and money, it also comes with risks. This is especially critical when it comes to data that can be manipulated or affect a device in the field, and most of all when the data producer may not even know exactly what information is involved.
This blog post is intended to shed some light on the topic of cloud security. It therefore reports not only on the use of external cloud services, but also on their possible dangers and their effects. The post concludes showing exemplary usage scenarios. We hope you enjoy reading it!
The usage of external Cloud Services
Moving services to a cloud is a trend that is advancing at a rapid pace in traditional IT areas. In fact, many companies are now adopting a cloud-first strategy, preferring to use externally provided services over internal operations.
Cloud services are generally divided into Infrastructure as a Service (IAAS), Platform as a Service (PASS), and Application as a Service (SAAS), with industrial cloud services focused on the application layer.
Cloud services used in IT, often focus on specific use cases that are used for the entire company and managed centrally by the IT department. Industrial cloud services are usually decentralized, for example as services provided by a manufacturer for its products. In the case of an automation solution that is made up of elements from different providers and wants to use different functions of the cloud solutions, this results in a complex overall picture. This raises the question of who in the company can take over management, because the use of industrial cloud services requires well-organized use.
Cloud Services and their Effect
The impact of the industrial cloud services results from the interaction between the field devices and the services offered (SAAS). For this purpose, data must be exchanged between these two end points. A direct communication link from the field device installed in the automation system to the cloud service is possible. Alternatively, a cloud gateway can be used that bundles the communication connection of one or more field devices to the cloud service. Many coupling solutions and cloud approaches result from the variety of services.
Threats: As individual as their Users
Different functional advantages lead to different threats. They are as individual as their users and therefore exist in unlimited variants. In principle, there are two threat scenarios:
Scenario 1 – Intervention of the cloud service in the field device
If the cloud service actively intervenes in the field device, the risk arises, that data or commands can be manipulated. This could trigger a damaging effect at the field level. It would also be conceivable for the attacker to make an uncoordinated change at the field level, e. g. outside a maintenance window.
Scenario 2 – Danger when transmitting and storing in the cloud
A major risk exists when transferring information from the field to the external cloud. There is a risk of unwanted content being disclosed or more information than desired being retrieved from the field device. Unwanted eavesdropping can arise as an additional risk from unsecured information transfer. This scenario has a direct impact on the use of the information in the cloud service, but no direct impact on field operation.
No Control with direct Encryption
One example of successful deep learning is intelligent image recognition. It offers a solution for optimizing road traffic. Especially in inner cities (#smart There are several ways to counter threat scenarios. First, a look must be taken at the cloud offering: What data is to be transferred? Which offerings are to be used? Should communication take place via the corporate network or should dedicated connections be used?
The security features of the cloud service and the corresponding provider must be evaluated according to criticality: Is the service operated in a secure development process? Is a security management system in place? The security of the underlying platform and infrastructure must also be included in the assessment. Large providers tend to be well positioned in this regard, but not every provider can meet these frameworks at the same level. As is well known, any chain is only as strong as its weakest link. Corresponding assurances from the service provider should therefore be contractually regulated.
Communication relationships via the Internet must always be encrypted. This procedure serves not only to protect the data, but also in particular the identifiers, passwords or access tokens transmitted at the same time. Directly encrypted connections from field devices to the cloud are problematic in that the operator no longer has any control over what happens within the connection. This state can be acceptable overall if the necessary trust can be established between the contracting parties as part of the security assessment and the operator can carry out appropriate parameterization of the field device.
Examples: Application Scenarios
Industrial cloud services are as individual as their users. Accordingly, the respective protection is also entitled to individuality. Here are two example application scenarios:
Cloud-Gateway
A cloud gateway is suitable if the monitoring approach is one in which the data is transmitted unidirectionally from the field level to the cloud. In the gateway, the operator can control both the acquisition of the data and the local processing and further communication. In this way, the cloud gateway also relieves and decouples the field devices.
Energy-Monitoring
In an energy monitoring system, a lot of data can be collected and analyzed that does not require the highest level of confidentiality and therefore facilitates the use of a cloud service. For this purpose, a measuring device collects the energy data and transmits it to the cloud provider. There, the information can be evaluated and accessed by the user.
Device-Management
Higher safety requirements arise during device management. The reason: the influence on the field device is immediate. Accordingly, the security requirements must be evaluated in the context of the application before the cloud service can be used.
Conclusion
In the industrial environment, the use of cloud services is possible and feasible if the associated security requirements are considered. However, a detailed security assessment should already be conducted when selecting services and users. It is important to find a provider that presents its security concept transparently and whose technical implementation is oriented and adapted to the customer’s internal framework conditions. After all, the requirements for a comprehensive security concept are as individual as the company itself.
Our tip: Take a look at our brand-new Security Info Center. We have created this platform together with experts in the field of industrial security. Within this Info Center you will not only find general information about security, but also a guide for a holistic security approach and many more useful information. We look forward to welcoming you as a reader: Security Info Center >>