In the long run few companies will be able to ignore digitization and comprehensive interconnectedness. It therefore makes sense to address the opportunities and risks brought by ongoing digitization at an early stage. Industry 4.0 will only succeed and achieve market penetration if companies can safeguard their business interests. This involves protecting their know-how, policing their rights of use and, above all, ensuring the effective interaction of functional safety and IT security.
The VDE Trend Report 2015 reveals how security in its broadest sense is currently by far the biggest obstacle to the spread of Industry 4.0 in Germany.
This is immediately apparent considering the effects which a hacker attack can have on manufacturing and production, e.g. bringing production lines to a standstill, or the minor manipulation of control systems which can ultimately have a major impact on product quality. This can have not only serious financial consequences, but also endanger the wellbeing of people and the environment.
The quest to find the "ideal security strategy" must be led by the three key "CIA" objectives - Confidentiality, Integrity and Availability - of IT security on the one hand and by the overriding safety requirements (protection of life and limb) on the other. The DKE is working in a cross-industry panel to create a VDE application guide which will contain recommendations on the systematic harmonization of IT security and functional safety issues, with the aim of resolving the discrepancy between IT security and safety. This work is being conducted on a cross-industry basis because these problems are of great relevance not only for Industry 4.0, but also in connection with other areas such as smart home, railway signalling systems, aerospace and nuclear technology.
For this reason the industrial automation systems in the VDE application guide are presented as a use case that will support manufacturers, system integrators and also operators. At the same time it is important to note that office IT security mechanisms from the ICT sector cannot be transferred directly to the process and automation industry. In addition, existing technical devices which are currently in use must be given appropriate protection. A suitable migration strategy is therefore needed for German industry. The DKE is also working on this wide-ranging task area.