Safety meets Security: PLC with integrated security
So far, security certificates are a rare feature in the market for automation components. Phoenix Contact pioneers in offering double security solutions for the manufacturing industry. The dimension safety meets security is being created and executed in cooperation with the client.
Until a few years ago the data infrastructure within the manufacturing industry was only seldomly targeted by hackers. The automation data-systems were clearly separated from the IT-networks and thus protected against attacks from outsiders. However, this division is disappearing more and more as part of the industrial digitalization in terms of IoT and Industry 4.0. All those who want to benefit from centralized data entry and machine operation, must connect IT and OT. Along with facing a new challenge: securing all digital access points to the shop floor.
Thus, all security measures have a significant impact on the overall safety within a manufacturing operation. Here is an example: In the summer of 2017 malware was found inside a Saudi-Arabic chemical plant, which distinctly aimed at shutting down its safety system. Only by coincidence was this attack identified and the amount of damage reduced.
In Germany the Federal Authority for Safety in Information Technology (BSI) identified the top ten threats in its analyses “Industrial Control System Security” (2022). They include the following:
- Infiltrating malware via removable media and mobile systems
- Malware infection through the internet and intranet
- Compromising the extranet and cloud-components
- Internet-related control components
- Intrusion via remote maintenance access points
- Weak spots within the soft- and hardware of the supply chain
- Sabotage
After a primal attack has been launched through one of the ways listed above, the BSI has often observed some of these follow-up-attacks:
- Access authorization expansion: The IT-components within an industrial set-up often have flaws or weak points like operating systems, application servers or databases, which can be used by attackers to gain access to authorization protocols.
- Unauthorized access to additional internal systems: Protocols and components inside a company’s control network are being misused if there are no sufficient methods for authentication and authorization or basic protection protocols in place.
- Interference with fieldbus communication: As most PLC components communicate unprotected via clear text protocols, spying, manipulation or entering control commands is often possible without much effort.
- Manipulation of network components: Components such as routers or firewalls can be manipulated by attackers, to repeal security mechanisms or detour data flows.
- Employment of ransomware: Data and entire systems are being encrypted for the purpose of blackmailing. As long as there are no backups in place, a recovery is normally impossible. Even of ransom money is being paid the entire system must be reinstalled.
The advantages of IoT and Industry 4.0 have a massive downside – once the security aspects are being neglected. Given the damage potential and the elaborated risk of entry, every organization should be highly motivated to optimize its cyber security efforts. In addition, there are external requirements such as the European Cyber Resilience ACT (CRA) and the new regulations for network- and information security NIS2, where the safety of OT-systems are no longer just limited to the operation of critical infrastructures. NIS2 defines a broad expansion of the range of application for medium-sized and large enterprises. The issue of security affects the business world today more than ever.
Security and control technology
Due to threat assessment and regulations, it makes sense for the (manufacturing) industry to implement control technology, which is already secure. That way the users need to integrate less security components into their automation system, making the overall operation more effective and cost efficient.
Phoenix Contact puts great emphasis on the topic security. IT-security plays a vital part in the life cycle of all products and solutions. The implementation of this security-concept is documented through the IEC 62443 certificates by TÜV Süd. All devices or subsystems that get certified by TÜV must prove a security-focus as early as in their design stage. This “security-by-design”-concept according to IEC 62443-4-1 Phoenix Contact has already realized in an early development stage of the PLCnext Control. The 4-1-part of the norm family “IT security for industrial communication networks” defines secure development processes. That’s basic groundwork.
Any potential safety gaps are already being identified during the concept phase and closed, for example when a threat analysis shows how a device could be attacked and which attack vectors (the tactics of hackers) could be expected. Here Phoenix Contact reaches the maturity level 3 (ML3), which defines the functional range of a product. The open control platform by PLCnext Technology is the very first within the automation industry with integrated security standards according to the IEC 62443-4-2 guidelines for security level 2 (SL2).
TÜV Süd certifies devices and solutions as an independent agent, in this case: security level 2 for security products. The currently awarded security certificates are still very rarely found in the automation industry so far.
The interplay between safety and security
Besides focusing on the still relatively new (data) security issue Phoenix Contact has been implementing certified industrial safety measures for a long time routinely. In this area functional safety is key. It regards those safety measures in technical operations concerning all process control aspects.
Two products have been certified “dually” since the end of 2022, meaning both the IEC 62433-4-2 security and the EN 61508 safety standard:
- The PLC extension module AXC F XT SPLC 1000 with which both PLCnext Controls AXC 2152 and AXC 3152 can be expanded for security features and
- the high-performance control (Remote Field Control) RFC 4072S based on PLCnext Technology. The RFC 4072S enables operational management control for standard applications as well as a security-geared control for safety applications.
Why does this effort especially make sense for the protection of safety products? The experience with hacker attacks shows that safety procedures and systems are often being targeted to cause physical damage. This happens when safety systems fail to fulfill their primary task, which is reliably detecting technical malfunctions and thus protecting man and machine.
Organizations that protect their networks and hence their communication channels through security measures, are increasing the availability of their safety functions at the same time. The other way around an optional safety solution can prevent the malfunction of a security measure: the safety protocol PROFIsafe for example includes data integration checks, which help detect data manipulation through malware or a hacker attack.
Safety meets security is relevant for all plant operators alike. Especially when it comes to modernizing or securing existing devices or entire setups. Designers and creators of manufacturing plants also need to consider both dimensions of threat evaluation, which calls for security-focused controls with SL 3 today more than ever.
Bottom line: Security systems protect networks – and thus safety systems. These in turn protect man and machine. Even if a network should be the target of an attack.