Digitalization, networking, and automation are essential for a successful energy and mobility transition. It is necessary to intelligently control energy flows and reduce energy consumption. Without networking, this endeavor is impossible – but it also opens the door to cybercrime.
Therefore, companies want to minimize the risk of cyber-attacks. In 2023 alone, there were 420 million cyber-attacks worldwide, 65 attacks every five seconds!
Cybersecurity for industry – transition to critical infrastructure
The news about cyber-attacks does not stop. A month ago, there was a cyber-attack on American Water Works, the largest water supplier in the USA. It is important to raise awareness: cyber-attacks must be prevented in all areas – from manufacturing to critical infrastructure.
Securing the water supply
In particular, the water and electricity supply must be guaranteed at all times.
Together with the Rhein-Wupper waterworks in Wermelskirchen (WVV), work is being done on this. In North Rhine-Westphalia, the large Dhünn dam was built as a drinking water reservoir. The water association supplies 140,000 residents in nine cities and municipalities with drinking water through a 110-kilometer-long pipeline network. Cyber-attacks can significantly impair the security of supply and throw entire systems into chaos. Due to system failures, citizens could no longer be provided with the usual drinking water quality and quantity.
Challenges: need for cybersecurity measures
Cybersecurity has so far been little considered at WVV. Now, as the process control system was being updated, also the entire network infrastructure, including the possibility of remote maintenance, had to be considered and modernized. This went hand in hand with IT connectivity, which made cybersecurity an essential consideration. As part of the german critical infrastructure, it was necessary to comply with the industry security standard for the water industry, B3SWA. To ensure the security of remote access and avoid potential dangers, Phoenix Contact was selected as a partner to develop a new and secure network design.
Solution overview: implementation of a cybersecurity solution
The waterworks installed a system to protect the entire OT infrastructure from cyber-attacks. This process included four steps:
1. Analysis of the current situation and comparison with the target specification.
2. Development and implementation of a specific concept.
3. Documentation of the measures taken.
4. The measures taken are cyclically reviewed, and the system is maintained as needed during the operational phase.
Solution details: appearance of a cybersecurity solution
The cybersecurity solution works in layers to prevent attacks or at least reduce their impact. The exact solution cannot be mentioned for security reasons. In summary, the solution includes the following steps:
– Securing access to the system from the internet
– Secure remote access using the mGuard Secure Cloud infrastructure
– Segmenting the network into multiple areas to isolate incidents
– Implementing IEC 62443-compliant products. That support secure communication protocols and user management
– Integration of anomaly detection software if needed
– Update and patch management software to ensure that the products always meet the latest security standards.
Benefits: security of supply meets home office
For the waterworks, this means increased security of supply. Employees also benefit from secure remote access options, which also makes home office and on-call services easier. The implementation of the system with Phoenix Contact was characterized by their expertise and knowledge, which could not be maintained internally to the same extent.
Urgency: regulations and increasing attacks
The urgency of cybersecurity arises from the increasing number of cyber-attacks and stricter security regulations such as NIS 2. Phoenix Contact addresses these regulatory requirements with a 360° Security approach. Security must be considered from the beginning of the product development process. But a secure product alone is not enough. Experts develop secure and certified network designs and continuously monitor all products, services, and solutions for potential security vulnerabilities. OT security is a continuous journey, where systems must always correspond to the state of the art and be continuously adapted.
Did you know, that our PLCnext Control are the first PLCs which are certified by TÜV Süd in accordance with IEC 62443-4-1 ML 3 Full Process Profile in combination with IEC 62443-4-2. This confirms that the Secure Development Life Cycle was fully applied in the development of PLCnext Control! Do you want to read more about this? Here you are
