The “Internet of Things” (IoT) or “Industry 4.0” allows companies in the manufacturing industry to make enormous innovative and productive leaps. However, this development also generates considerable new risks for companies: With machines and tools independently executing digital commands, new digital channels open up which offer new opportunities of industrial espionage for cyber criminals. If the Industry 4.0 is to become an economic success, cyberattacks as well as network errors have to be detected and prevented in time. Conventional security solutions are no longer suitable for this kind of challenge. At this year’s Hannover Messe, the IT security company Rohde & Schwarz Cybersecurity is presenting specialized IT security solutions for digital industrial processes (at BITKOM Innovation Area in hall 6, booth K01).
At this year’s Hannover Messe, Rohde & Schwarz Cybersecurity is presenting a multi-level security concept for network protection in the Industry 4.0. This concept consists of two parts: One of them is the R&S Industrial Network Analytics solution. It comprises the IP Probe R&S Net Sensor and the analytics platform R&S Net Reporter, which provides real-time information about a network’s behavior. This allows for an early detection of problems that are caused by infected machine controls, misconfigurations, or potential cyber-attacks. The other component of the security concept are the gateprotect Firewalls from the “Specialized Line”, which use the information gained from the network analysis to fend off attackers and protect the network. These firewalls were especially designed for complex industrial environments which require a high degree of protection, and they support SCADA protocols such as IEC 60870-5-104, Modbus, or DNP 3.
Thanks to the R&S Industrial Network Analytics solution, industrial companies stay on top of their dynamically growing industrial networks. The event monitoring function of R&S Net Reporter proactively informs administrators and industrial network operators about potential problems in the network. This way, a troubleshooting can be run early enough to prevent production losses and high costs. Thanks to this functionality, companies can rely on a continuous operation and are able to plan their network utilization and dimensioning in detail. This kind of analysis is becoming more and more important, especially considering that companies are becoming increasingly connected with external partners for remote plant maintenance, product data are exchanged between production systems, plants are monitored permanently (condition monitoring) and logistics processes are closely synchronized with each other.
The “Specialized Line” firewalls as well as the R&S Net Sensor use the deep packet inspection technology (DPI) to decode and classify data streams at content level. This allows for the creation of a fine-grained ruleset which is used to block all unauthorized data traffic. This whitelisting approach ensures that industrial networks can only be accessed by authorized users with defined commands. The DPI engine R&S PACE 2 can be extended with sector-specific communication protocols and integrated neatly into the process networks.
R&S PACE 2 now also features a decoder for Modbus protocols. This way, all devices communicating over Modbus are reliably secured.
At Hannover Messe, Rohde & Schwarz Cybersecurity is presenting more products designed for securing “Industry 4.0” processes: Industrial firewall “gateprotect Tough”
The industrial firewall gateprotect Tough was developed for challenging environments like wind farms, factories, workshops, and transportation (e.g. the shipping industry). Featuring a fanless housing for the top-hat rail and hardened hardware, the firewall reliably protects the network even under extreme temperature conditions and against electric or electromagnetic interference. The gateprotect Tough also features deep packet inspection as a key function. Using this method, the firewall does not only filter the data via the used port, but on the basis of protocol contents. Unlike the traditional tabular display, the graphical user interface allows for an easy, fast and clear administration. The firewall can be used as a VPN gateway, which makes it ideal for the connection with and maintenance of machines. Moreover, thanks to its flexible and low-effort integration, it is possible to secure several small, segmented production networks.
Rohde & Schwarz Cybersecurity at the Hannover Messe 2017: hall 6 / booth K01