Why Cybersecurity Must Be Built In, Not Bolted On

‘Secure by design’ needs to become the core approach for all industrial companies to avoid cyber chaos in the not too distant future.

Aw 159777 Hilscher Marshallweb 8

A recent white paper from British semiconductor technology company ARM predicts that 1 trillion Internet of Things (IoT) devices will be built between 2017 and 2035. That’s a lot of silicon and it made me think: Where will all these devices be used? What kind of devices will they be? Will silicon and classic microprocessor technology still be relevant by 2035?

And with newer computing technologies coming on stream fast (e.g., quantum devices), is ARM’s number an underestimate? Most critically, what about the cybersecurity implications of all those connected devices?

It seems we are badly vulnerable today, so we have to get better—and fast—especially where critical processes are concerned (which is pretty much all of automation).

There’s no doubting the importance of ARM technology to the world. More or less, every smartphone uses ARM technology in some way or another and that won’t change. More and more chips with standard ARM processor cores are appearing in automation, too. With the Industrial IoT (IIoT) clearly in developers’ sights, we’d better all take note of the opportunities and implications.

Hilscher is already making use of ARM processor cores, and we’ve taken bigger steps than ever with our two latest chips—the netX 90 and the netX 4000—which are aimed squarely at next-generation automation devices. The netX 90 is one of the smallest chips we’ve ever made and it’s designed for embedding in slave devices. The netX 4000, its big brother, is aimed at master/slave applications (e.g., controllers) and is capable of delivering a powerful boost to automation systems of all sizes.

Embedded security has been a key factor in the development of both chips. They each incorporate not one, but multiple ARM CPUs. This is all part of our determination to support a truly integrated security concept, which enables developers of embedded devices to apply the IEC 62443 security standard that is starting to dominate industrial applications. Anyone involved with automation and control systems, including end users, system integrators, security practitioners and control system manufacturers, should be taking note of IEC 62443 by now.

Logical separation of comms and app

In our new netX designs, one set of CPUs handles communications in a way that many users of Hilscher devices will be familiar with. It’s basically a no-brainer solution for adding industrial networking protocols to any device.

As usual, all popular protocols are supported on the same hardware using pre-certified firmware downloads. There are some additions for IIoT-specific functions, via MQTT and OPC UA, to connect field devices to cloud services in parallel with conventional network activity.

A second set of CPUs handles the application. In the case of the netX 90, which is likely be embedded in devices such as sensors, the applications will be relatively straightforward. This means we can keep the chip size small (10 x 10 mm) and cost-competitive. In the netX 4000, things are less size-sensitive, so the chip can be bigger and more functionality can be included. It has considerably more computing capability than anything we’ve introduced before—enough, in fact, to run programmable logic controller (PLC) programs, supervisory control and data acquisition (SCADA) or data analytics locally. It can support multiple network protocols simultaneously, uses open source software (hardened Linux OS), and is the most powerful and secure chip we’ve ever built.

What’s the importance of having multiple CPUs? Well, this enables us to logically separate the communications functions (that’s the network activity) from the application (e.g., control and monitoring). This restricts software access to on-chip peripherals on either side, allowing customers to build layers of security in accordance with IEC 62443. It will help ensure that the application is unaffected by attacks over the network. Why? For example, a denial-of-service attack could bring down the network communications or keep the stack so busy with answering network requests that the processing of critical IO data gets interrupted. Mechanisms provided by the netX Dual-Port Memory (DPM) interface would allow the application side to detect that something is wrong on the communications side. In a worst-case scenario, the application could be forced into a secure and safe state to avoid causing any harm.

Additional protection is included, such as secure boot, TLS/SSL, firewalls, algorithms for secure enablement, cryptography and much more.

All of this development boils down to the fact that we are already offering chip-based platforms that will make next-generation automation devices and systems much more secure. We can’t do everything, of course, and OEMs, system integrators and end users all share responsibility for building systems and equipment that are as secure as possible.

It’s simply a fact of life today that security should be built in at every layer of an enterprise. “Secure by design” is an essential mantra for all industrial companies if we are to avoid cyber chaos by the time those 1 trillion IIoT devices come online by 2035.

For more information, visit Hilscher North America.

Companies in this article
More in IIoT