10 months ago

Smart Industry 1/2018

Smart Industry 1/2018 - The IoT Business Magazine - powered by Avnet Silica


Smart Solutions Industrial Data Space Data Networks In IoT we trust The Industrial Internet of Things, or Industry 4.0, not only connects machines and computers but also vendors, suppliers, and customers. Transmission and exchange of confidential data requires secure links and virtual data spaces. The Industrial Data Space initiative aims at achieving just that. ■ By Gerhard Kafka 80

The Industrial Data Space (IDS) initiative was launched by Fraunhofer-Gesellschaft in late 2014 with the backing of industry partners and govern ment agencies. Its purpose is to establish a reference architecture for a virtual data space using standards and common governance models to facilitate the secure exchange and easy linkage of data in business ecosystems and to promote its use on a European and international scale. The three elements that need to be upheld to provide information and industrial system asset security are con fidentiality, integrity, and availability, often referred to as CIA: Confidentiality is the principle that information is not made available or disclosed to unauthorized individuals, entities, or processes. Confidentiality in business includes encryption and access control technologies. Integrity ensures that improper information modification or destruction is guarded against. Data integrity, a subset, ensures that unauthorized parties cannot alter data and take control of the system without detection. Availability is the property of timely, on-demand, and reliable access to, and the use of, information by an IDS components use IDS software Data Consumer use IDS software Software Provider receive data search metadata log transaction identify use data apps use IDS software auth orized user. Availability controls usually involve redundancy and engineering change control. Sometimes security activities are included. Standards for industrial security The Industrial Internet Consortium (IIC) published a comprehensive document, Industrial Internet of Things Volume G4: Security Framework, to initiate the creat ion of a broad industry consensus on how to secure Industrial Internet of Things (IIoT) systems. These connect and integrate industrial control systems with enterprise systems, business pro cesses, and analytics. They also enable large advances in optimizing decision-making, operations, and collaborations in numerous increasingly autonomous control systems. One section of the book gives an overview of existing standards: • The IEC publishes the IEC 62443 series of standards for industrial automation and control systems security. The series is comprised of four sections: General, Policies & Procedures, System, and Component. • The National Institute of Standards and Technology (NIST) has published NIST SP 800-82 Revision 2. This offers guidance on improving security in Service Provider Broker Service Provider transfer data Clearing House Identity Provider identify App Store Provider transfer data publish metadata log transaction identify use data apps publish app Data Provider use IDS software App Provider We have a compelling opportunity for Germany to take the lead in the digital transformation of industry by creating a de facto standard Reimund Neugebauer President of Fraunhofer- Gesellschaft authorize provide vocabularies data flow metadata flow software flow identification Vocabulary Provider Data Owner The IDS Business Layer connects data owners with defined business partners industrial control systems (ICSs), including supervisory control and data acquisition (SCADA) systems, distributed control systems (DCSs), and other control system configurations such as programmable logic controllers (PLCs). Performance, safety, and reliability requirements are also considered in the 2015 update. • NERC CIP Standards, published by the North American Electric Reliability Corporation, aim at improving the security and reliability of the electricity industry by defining auditable require ments for critical infrastructure protection (CIP). • The IEEE Standard for Intelligent Electronic Devices Cyber Security Capabilities (IEEE Std 1686-2013) defines functions and features to be provided in intelligent electronic devices (IEDs). The document addresses access, operation, configuration, firmware revision, and data retrieval of an IED. Virtual data rooms Historically, the term data room comes from its purpose with regard to due diligence audits for mergers and acquisitions (M&A). Originally, during an M&A, companies created actual, tightly secured rooms on neutral ground, such as within a law firm’s premises. Today, virtual data rooms have become the norm but are now located in the cloud, where they securely house all relevant and related content to be audited. 81