Cyber Security is a major challenge in Industrial Automation

Cyber Security is a major challenge in Industrial Automation and OTA can provide some crucial solutions when challenges with access rights, infrastructure, liability and scheduling are addressed.

The more we automate, the more we have to manage and protect all the assets we use for automation. Cybersecurity does not stop once a device is installed. When we have a look at industrial automation, we quickly realize that we are facing several challenges. The first challenge we face is being able to connect to all devices and when needed implement (security) patches. And even when that can already be a significant challenge, it is still only the beginning of the journey and it might even be the easiest challenge to face.

Once we have figured connectivity for all devices, we need to sort out authorization for applying those updates. Who will take care of validating the distribution and activation? The IT Department or the vendor? We should say vendors, because we will hardly find a facility with just 1 supplier of devices and technology. And that is the moment when it starts to become really complicated. Because now we need to analyze things like liability for the distribution and validation, and we also need to evaluate the impact of for example delaying that.

As the name suggests, Industrial Automation takes place in industrial environments and scheduling and availability take an entirely different significance compared to for example office environments. Maintenance windows are created for maintenance and are often scarce. A lot speaks against authorizing a vendor to distribute patches and updates directly to the devices in a production plant. Over the Air (OTA) can be the vehicle to solve the technical challenges but the organizational and legal challenges need to be addressed before OTA can become the solution for vendors and customers!

Dr. ir Johannes Drooghaag – CEO Spearhead Management