ericsson.com
Your location is listed as Global
Login

Securing your Industrial IoT ecosystem against cyber threats

With Industry 4.0 come inherent security risks. How will you safeguard your devices, data and systems from potential threats as Industry 4.0 takes hold? Security is the question on the minds of many as industries move forward with digitalization to create value and boost economic gain.

Woman sitting in front of computer screens
Bodil Josefsson 

Ericsson's Head of IoT Security

Florin Deaconu 

Advanced Industries System Manager

Category, topic & hashtags
Category
Topic

The industrial landscape is becoming increasingly interconnected, bringing with it new and emerging risks. With more connected and more diverse devices and systems, there is a much broader base of assets to protect and many more points of access for would-be attackers to identify as security weaknesses. It is clear smart industries must rethink security for the Industrial Internet of Things (IIoT).

 

Bigger security challenges as industries get smarter

As with any paradigm shift, there are challenges. Industry 4.0 is no exception. Integrating new devices and systems provides more points of access, raising the security stakes exponentially.

The number of connected things on factory floors is multiplying quickly and, with it, comes the need for comprehensive security strategies to safeguard industrial enterprises against the risk of potential attack. There is a need for higher levels of security management on two levels ­– horizontally and vertically – to ensure a trusted and secure industrial environment.

  • Horizontal security, or across domains, for connectivity and application. Developing and agreeing upon connectivity and application security policies with partners and customers is paramount to security.
  • Vertical security from hardware to application for every domain to provide a hardware-based root of trust, which ensures domain integrity. Each domain is built using trusted hardware and software, and when required, trust is anchored to the hardware.

A layered approach to security for Industrial IOT

The best defense against cyber-attacks in an industrial IoT environment is to ensure that proper security measures are taken on all levels. Establish a secure approach and use this as the foundation for secure products, advanced security features and functions, and comprehensive security management.

A layered approach to security for Industrial IOT

A layered approach to security for Industrial IOT

 

Secure approach. Different industries currently use a wide variety of security best practices and standards, making it difficult to ensure scalable cybersecurity solutions across industries, countries and continents.It is therefore important to adopt a security strategy that can cope with the challenges of Industry 4.0 at scale.

The 3rd Generation Partnership Project (3GPP) is a standards organization which develops protocols for global mobile telephony. The 3GPP standards ensure that billions of smartphones are connected in a trusted manner. Using 3GPP standards to connect smart devices and systems instead of relying on the fragmented landscape of industry best practices is the best way forward to securing Industry 4.0.

Secure products. Using products that are inherently secure is critical. Security must be built in from the start during the product development stage, not bolted on as an afterthought. It is important to conduct thorough security risk assessments and vulnerability analyses. Selecting products that are easy to integrate, pose no risk to data privacy and security, and are ready to withstand potential threats is a must.

Security products. Besides securing the product itself, it is crucial to ensure that security and identity functions work across all domains. In an interconnected world, high levels of protection for devices, data, interfaces and network elements are essential.

The radio access network and the core network are critical to securing the high reliability required for connected IIoT devices. For the radio access network, it is important to have reliable authentication and encryption services as well as ensuring that data termination occurs in a trusted environment on site. For the core network, it is important to consider perimeter protections using gateways or firewalls, traffic domain separation and access control to prevent potential threats and minimize the risk of attack.

Security operations and management. How the industrial network is deployed plays a vital role in securing devices and systems. The more connected the production control systems become, the more important it becomes to separate the production network from the IT network. Also physical security must be taken into consideration during risk assessment. All products located in public areas, accessible to unauthorized personnel, shall be locked in special cabinets that would prevent local attacks through available interfaces or possible sabotage acts.

Finally, to protect the business-critical production network, smart industries need an end-to-end security management system that provides:

  • Security policy automation for compliance to industry security standards and objectives.
  • Security analytics for timely detection and response to security threats.
  • Security risk intelligence for a continuous strong security posture.

End-to-end security is critical to be able to manage and orchestrate security across all domains – from connected devices to access and network and through to the cloud and apps and on to the users. Existing Intrusion Detection and Prevention Systems (IDPS) and Security Incident and Event Management (SIEM) systems must be incorporated in the end-to-end security management view. Only with trustworthy and resilient end-to-end security is it possible to predict and prevent security threats while ensuring full visibility across the network.

Industry 4.0 value won’t materialize without first solving IoT security challenges

Combating IIoT cyber threats is all about preventing security risks in the first place. Using a 3GPP-based security approach helps secure your network against potential cyber threats. A reliable and secure connectivity solution is a business imperative. A dedicated wireless network provides high data throughput with the lowest possible latency. It also ensures that data stays on premises and, if shared, employs the highest level of data security with 3GPP-compliant encryption and authentication services.

As industries embrace Industry 4.0 and create business value, it is more important than ever to safeguard this interconnected landscape. Implementing a holistic security management strategy is essential to securing IIoT. Ericsson has developed a 5G-enabled security management solution with Industry 4.0 in mind. Based on industry standards and anchored in trust, Ericsson Security Manager has the capability to provide end-to-end security management across all domains. It provides a single, unified security management solution for smart manufacturing and advanced industries.

Ericsson Security Manager is an essential part of evolved networks where security functions, policies and related configurations are dynamically deployed and adjusted across domains, often in multi-vendor environments. It is also ready to evolve from use on dedicated cellular LTE networks provided by communication service providers to 5G.

Discover how using telecom security can safeguard your IIoT network.

You can read more about security management here.

Curious about secure, reliable, wireless connectivity for Industry 4.0? Industry Connect keeps all data on premises using built-in LTE security protocols to increase data security.

The Ericsson Blog

Like what you’re reading? Please sign up for email updates on your favorite topics.

Subscribe now

At the Ericsson Blog, we provide insight to make complex ideas on technology, innovation and business simple. In a world that is increasingly complex, we are on a quest for easy.