Today’s factory world is characterized by increasing digitalization. In this context, control technology, IoT, OT and security concepts have to be linked in a meaningful way. Industry 4.0, IIoT, open source, AI, app technologies and web-based engineering are ubiquitous. For many customers, moreover, the cybersecurity of industrial and critical infrastructures, especially operational technology (or OT), has become a major concern.
However, most current systems and equipment are not designed to meet the resulting challenges. For them, the focus is on process stability, availability and cost efficiency. Cybersecurity, however, is often missing from industrial components.
The challenge: Security gaps due to lack of analysis and new attack scenarios
However, digitalization is not an end in itself, but in addition to optimizations and efficiency increases, it must necessarily have cyber security as its goal. This is because networks, for example, often cannot be fully segmented. In addition, forms of attack such as zero-day exploits – i.e., methods used by hackers to attack previously unknown vulnerabilities – pose a major threat that are not yet detected by firewalls.
Hans Michael Krause, Product Manager ctrlX World at Bosch Rexroth AG, explains: “The cyber security of industrial automation systems as well as process security and plant availability are existential for production companies” and adds: “However, many companies lack tools and structures to monitor and protect the corresponding processes.”
The solution: ctrlX AUTOMATION - an open control and automation platform - meets OT safety from Rhebo
Bosch Rexroth has recognized this situations and is launching ctrlX AUTOMATION, a high-performance, communication-enabled control platform – an ecosystem with open system architecture and the ability to integrate a wide variety of hardware and applications. As the world’s leading supplier of drive and control technologies, Bosch Rexroth ensures efficient, powerful and safe motion in machines and systems of all types and sizes. With intelligent components, customized system solutions as well as services, this creates the conditions for fully networkable applications.
ctrlX AUTOMATION has all the features of a classic controller and is built on the Linux Ubuntu Core operating system. This ensures overall robustness, openness, standardized interfaces, as well as resilience and security.
Developers thus have the option of using any open source software, programming applications themselves and downloading third-party apps. Any common programming languages (Python, …) can be used.
ctrlX AUTOMATION also offers companies that are members of the ctrlX WORLD ecosystem a marketplace for industrial solutions. . As of fall 2022, more than 70 partners worldwide offered their add-on solutions for the platform.
One of these partner companies – and so far the only one from the cybersecurity sector – is Rhebo GmbH from Leipzig. Its mission is to ensure both cybersecurity and the stability of OT and IoT infrastructure in industrial, energy and water companies. As the only German company on the market, it helps managers increase the cybersecurity, productivity and availability of their assets. Rhebo is also a partner of the Alliance for Cyber Security of the German Federal Office for Information Security (BSI) and is actively involved in Teletrust – Bundesverband IT-Sicherheit e.V. and Bitkom working group.
Lean integration of OT security without system change
The concrete solution approach is to integrate Rhebo’s software directly into the system manufacturer’s controllers, thus bringing the monitoring functionalities directly into the IoT solutions.
Rhebo relies on ctrlX AUTOMATION as the integration platform. The entire communication within a production plant is monitored seamlessly in real time down to the individual machine modules – i.e. from the shop floor to the process control center – and analyzed for security incidents and technical error states. The result for those responsible in companies is one hundred percent transparency and visibility of anomalies in the OT.
This is ensured by the Rhebo Sensor App, which can be installed directly on ctrlX AUTOMATION’s control platform ctrlX CORE due to its open architecture. This eliminates the need for additional hardware that would otherwise be required to collect data.
IT managers can thus maintain 24/7 security monitoring of industrial plants and perform in-depth forensic analysis of all security incidents. Asset management, network segmentation, dynamic firewall configuration and security automation are also implemented. In perspective, Rhebo complements the security functions of the IEC 62443 SL3 certified ctrlX CORE.
Klaus Mochalski, co-founder of Rhebo, explains: “ctrlX AUTOMATION represents for us the ideal integration platform for a wide range of applications due to useful functionalities, high extensibility as well as connectivity with other systems. With its openness, the platform sets a new benchmark for automation systems. This is an important multiplier for our solutions.”
The result: The Smart Factory becomes secure
Two strong partners in industrial digitalization have launched ctrlX AUTOMATION, a solution that helps ensure both OT and IT infrastructure availability and cyber security.
The powerful IoT platform from Bosch Rexroth enables value-added integration of a wide range of IoT functions in the Smart Factory. Rhebo’s OT security monitoring with anomaly detection enables industrial companies to easily overcome the complex challenges of securing industrial networks and infrastructures. As a dedicated solution for OT, the intrusion detection implemented in this way adheres to the requirements of industrial infrastructures: process stability and availability. Contrary to common practice in IT security, anomaly detection does not automatically block suspicious communication, but evaluates it for criticality and reports it to the responsible parties. They can then specifically assess the incident and initiate countermeasures if necessary. This ensures the availability and continuity of industrial processes.
“The passive and non-reactive mode of operation of our anomaly detection is crucial in industrial infrastructures, because not every anomaly is automatically a security incident,” adds Klaus Mochalski. “Anomalies can typically also be caused by technical fault conditions in the OT or by software changes made by maintenance and technology personnel, which of course should not be automatically blocked. It is important to us that operators retain full control over their processes and equipment.”