Help
  • Get started
  • Ask the Community
  • How-To & Best Practices
  • Contact Support
Login / Register
Brand Logo
Help
  • Get started
  • Ask the Community
  • How-To & Best Practices
  • Contact Support
close
  • Community Home
  • Forums
    • By Topic
    • By Topic
      EcoStruxure Building
      • Field Devices Forum
      • SmartConnector Forum
      EcoStruxure Power & Grid
      • Gateways and Energy Servers
      • Metering & Power Quality
      • Protection & Control
      APC UPS, Critical Power, Cooling and Racks
      • APC UPS Data Center & Enterprise Solutions Forum
      • APC UPS for Home and Office Forum
      EcoStruxure IT
      • EcoStruxure IT forum
      • EcoStruxure IT™ Advisor CFD
      Remote Operations
      • EcoStruxure Geo SCADA Expert Forum
      • Remote Operations Forum
      Industrial Automation
      • Alliance System Integrators Forum
      • AVEVA Plant SCADA Forum
      • CPG Expert Forum DACH
      • EcoStruxure Automation Expert / IEC 61499 Forum
      • Fabrika ve Makina Otomasyonu Çözümleri
      • Harmony Control Customization Forum
      • Industrial Edge Computing Forum
      • Industry Automation and Control Forum
      • Korea Industrial Automation Forum
      • Machine Automation Forum
      • Modicon PAC Forum
      • PLC Club Indonesia
      Schneider Electric Wiser
      • Schneider Electric Wiser Forum
      Power Distribution IEC
      • Eldistribution & Fastighetsautomation
      • Elektrik Tasarım Dağıtım ve Uygulama Çözümleri
      • Paneelbouw & Energie Distributie
      • Power Distribution and Digital
      • Solutions for Motor Management
      • Specifiers Club ZA Forum
      • Електропроектанти България
      Power Distribution NEMA
      • Power Monitoring and Energy Automation NAM
      Power Distribution Software
      • EcoStruxure Power Design Forum
      • LayoutFAST User Group Forum
      Energy & Sustainability Services
      • Green Building Scoring and Certification Forum
      Light and Room Control
      • SpaceLogic C-Bus Forum
      Solutions for your Business
      • Solutions for your Business Forum
      Support
      • Ask the Community
  • Knowledge Center
    • Building Automation Knowledge Base
    • Remote Operations Devices Knowledge Base
    • Geo SCADA Knowledge Base
    • Industrial Automation How-to videos
    • Digital E-books
    • Success Stories Corner
    • EcoStruxure IT Help Center
  • Events & Webinars
    • All Events
    • Innovation Talks
    • Innovation Summit
    • Let's Exchange Series
    • Partner Success
    • Process Automation Talks
    • Technology Partners
  • Ideas
    • EcoStruxure Building
      • EcoStruxure Building Advisor Ideas
      Remote Operations
      • EcoStruxure Geo SCADA Expert Ideas
      • Remote Operations Devices Ideas
      Industrial Automation
      • Modicon Ideas & new features
  • Blogs
    • By Topic
    • By Topic
      EcoStruxure Power & Grid
      • Backstage Access Resources
      EcoStruxure IT
      • EcoStruxure IT™ Advisor CFD
      Remote Operations
      • Remote Operations Blog
      Industrial Automation
      • Industrie du Futur France
      • Industry 4.0 Blog
      Power Distribution NEMA
      • NEMA Power Foundations Blog
      Energy & Sustainability Services
      • Active Energy Management Blog
      Light and Room Control
      • KNX Blog
      Knowledge Center
      • Digital E-books
      • Geo SCADA Knowledge Base
      • Industrial Automation How-to videos
      • Remote Operations Devices Knowledge Base
      • Success Stories Corner
  • companyImpact

Important Announcement: Community Back to Full Functionality

Dear Members, we are thrilled to announce that our Community is back to full functionality and that posts publication is now enabled again! We appreciate your patience during the last weeks. Learn more about our Community Guidelines. Thank you, Schneider Electric Community Team.

Security Considerations for Scalable Predictive Maintenance

Industry 4.0 Blog

This blog is addressing the Industry 4.0 and includes news and information aroud topics as smart manufacturing, artificial intelligence and Industrial Internet of Things (IIoT).

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • Home
  • Communities
  • Industrial Automation
  • Industry 4.0 Blog
  • Security Considerations for Scalable Predictive Maintenance
Invite a Co-worker
Send a co-worker an invite to the portal.Just enter their email address and we'll connect them to register. After joining, they will belong to the same company.
You have entered an invalid email address. Please re-enter the email address.
This co-worker has already been invited to the Exchange portal. Please invite another co-worker.
Please enter email address
Send Invite Cancel
Invitation Sent
Your invitation was sent.Thanks for sharing Exchange with your co-worker.
Send New Invite Close
Top Labels
Top Labels
  • Alphabetical
  • Smart Operations 48
  • Digital Transformation 42
  • Workforce Empowerment 22
  • Smart Design & Engineering 19
  • Cybersecurity 9
  • Asset Management 7
  • Energy Efficiency 4
  • Ecodial 1
  • Electrical Calculation Tools 1
Latest Blog Posts
  • Optimization in steel product storage halls... A real challenge for more than one WMS tool!
  • Why measure exposure to risk factors?
  • Why should I optimize shared labor in my plant?
  • Industry 5.0. A more human model ?
  • Annualization of working hours: flexibility or a trap for the most competent?

Invite a Colleague

Found this content useful? Share it with a Colleague!

Invite a Colleague Invite
Matthew_Hanna
Ensign Matthew_Hanna
Ensign
‎2020-04-16 07:40 AM
3 Likes
0
815
  • Subscribe to RSS Feed
  • Mark as New
  • Mark as Read
  • Bookmark
  • Subscribe
  • Email to a Friend
  • Printer Friendly Page
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

‎2020-04-16 07:40 AM

Security Considerations for Scalable Predictive Maintenance

Originally published on Industry 4.0 Blog by Matthew_Hanna | April 16, 2020 04:40 PM

Originally published on the Senseye blog 

 

Predictive Maintenance and other connected technologies associated with the smart factory revolution offer huge opportunities for production efficiency and visibility, but they also bring an additional operational risk – security.

Cyber-attacks are increasing, and the manufacturing sector is being hit with data theft, ransoms for access to locked data, machinery downtime, site safety, and build quality threats.

 

We look at the security considerations organizations should be taking note of when implementing a scalable Predictive Maintenance program.

 

The importance of security

November 2019 – Pilz, one of the world’s largest producers of automation tools, suffered a ransomware infection which impacted all its locations across 76 countries for more than a week. [1]

 

July 2018 – A hacker put an airport’s security system access onto the dark web for sale for just $10.[2]

 

March 2018 – The city of Atlanta was hit by a ransomware attack, holding its online services to ransom for $55,000 in bitcoin. It is reported that the city spent over $2.5 million recovering from the attack.[3]

 

June 2017 – Ransomware hit Cadbury’s in Australia, after disrupting Evraz and Rosneft steel and oil firms in Russia.[4] The same month, Honda was forced to halt production in one of its factories in Japan after finding WannaCry malware across its international networks, including Japan, North America, Europe and China.[5]

 

May 2017 - The NHS in the UK was crippled by the WannaCry ransomware, which locked access to files until a ransom was paid. The same ransomware quickly went on to attack several more factories around the world.[6]

 

Clearly, security cannot be ignored, but it should also not be a reason to halt innovation. Within the manufacturing sector, there is huge opportunity in the use of technology to streamline production for cost savings, increased quality and visibility from start to finish. So, what can be done to minimize the risk of cyberattacks?

 

Our Security Lead, Harry Rose, has put together some guidance for companies to consider:

 

1. Assess the risk

Risk assessments are essential when bringing a new piece of technology into a business and should include all touchpoints, passwords, staff access, the movement of data, supplier security, etc.

 

2. Design from the outset with usable security in mind

Security is much easier to implement when it has been considered from the start. Ideally, it should be as transparent as possible to the users – if it’s doing its job correctly, it won’t be noticed, and if it gets in the way, users will find an easier path.

 

3. Choose the right supplier for your business

It is critical to have confidence in the supplier and their product. Full system information including security should be available and any concerns or requests should be dealt with efficiently and intelligently. Look for accreditations such as ISO27001 and ISO9001 that show the company has robust information security and quality policies in place.

 

4. Ensure good encryption

At a minimum, whenever data is transmitted over the cloud, it should be encrypted. Current industry standards recommend TLS1.2 as a cryptographic protocol, and AES-based cipher suites. At rest, sensitive data should also be encrypted, with AES-256 being the current industry recommended algorithm.

 

5. Keep it simple

Always look for the ‘least exposure’ option. Use firewalls to limit communication between hosts, and to minimize your exposure to external networks. Many companies also separate operational machinery from internal IT networks. Always ask if less contact is possible; this can always be increased over time as confidence grows and opportunities are realized.

 

6. Consider the potential of the project

The potential opportunity of a project is only there with a degree of freedom and lack of restrictions. While security is critical, it is a balance, and there’s no reason for it to cripple innovation.

 

7. Create an incident management plan

If an incident does happen, it is important that everyone knows how to respond so the threat can be quickly contained and managed to minimize the impact

 

8. Continually review security

Security isn’t a one-off job. The threat landscape and best-practice recommendations are always changing. Your security approach must be adaptable and nimble.

 

Security with Senseye

At Senseye we take data security seriously. Data stored within Senseye is encrypted at rest, and in transport in line with industry-recommended standards.

 

Senseye PdM is regularly tested and audited by independent security organizations, and in addition, all employees adhere to a set of strict internal security policies covering a range of topics such as data handling, use of equipment and software development to ensure that confidential client data is treated with the appropriate safety and care. Senseye believes in transparency and makes available all results and reports to clients.

 

Conclusion

Security is a major concern for any business, and it is crucial to put in place a thorough and robust security strategy to minimize the risk of a cyber-attack. However, when a cloud-based Predictive Maintenance solution is designed with security in mind it can be safer than having some third-party software installed inside the network.

 

Getting full commitment from all stakeholders, internal and external, to ensure continuous improvement, ongoing network monitoring, transparency regarding solution providers’ security arrangements and protecting network access means that risk can be balanced with innovation and opportunity.

 

Want to find out more about security considerations for scalable Predictive Maintenance? Download our white paper 'Security Considerations For Scalable Predictive Maintenance' or visit the Senseye Schneider Electric Exchange listing.

 
  1. https://www.zdnet.com/article/major-german-manufacturer-still-down-a-week-after-getting-hit-by-ranso...
  2. https://www.mcafee.com/blogs/consumer/consumer-threat-notices/airport-security-system-dark-web-rdp-s...
  3. https://www.wired.com/story/atlanta-spent-26m-recover-from-ransomware-scare
  4. https://www.theguardian.com/technology/2017/jun/28/petya-cyber-attack-cadbury-chocolate-factory-in-h...
  5. https://www.forbes.com/sites/peterlyon/2017/06/22/cyber-attack-at-honda-stops-production-after-wanna...
  6. https://www.theguardian.com/technology/2017/may/12/global-cyber-attack-ransomware-nsa-uk-nhs
Labels
  • Cybersecurity

  • Smart Operations

  • Tags:
  • asset management
  • Asset Performance
  • Condition monitoring
  • industry 4.0
  • Predictive maintenance
  • Preventative Maintenance
  • security
  • Smart Factories
  • Smart Operations
  • Unplanned Downtime

Author

Biography

Matthew_Hanna

Link copied. Please paste this link to share this article on your social media post.

  • Back to Stream
  • Newer Article
  • Older Article

Would you like to add a comment?

All registered members have full access to the Community and can post comments and start topics.

  • Sign in / Register
To The Top!

Forums

  • APC UPS Data Center Backup Solutions
  • EcoStruxure IT
  • EcoStruxure Geo SCADA Expert
  • Metering & Power Quality
  • Schneider Electric Wiser

Knowledge Center

Events & webinars

Ideas

Blogs

Get Started

  • Ask the Community
  • Community Guidelines
  • Community User Guide
  • How-To & Best Practice
  • Experts Leaderboard
  • Contact Support
Brand-Logo
Subscribing is a smart move!
You can subscribe to this forum after you log in or create your free account.
Forum-Icon

Create your free account or log in to subscribe to the forum - and gain access to more than 10,000+ support articles along with insights from experts and peers.

Register today for FREE

Register Now

Already have an account? Login

Terms & Conditions Privacy Notice Change your Cookie Settings © 2023 Schneider Electric, Inc