Top 3 Secure IT Technologies for the OT Engineer’s Industry 4.0 Toolbox

By Taryn Engmark

Associate Editor

Embedded Computing Design

March 09, 2022


Top 3 Secure IT Technologies for the OT Engineer’s Industry 4.0 Toolbox

Industry 4.0 has been in the works for more than a decade but is finally reaching critical mass. As OT professionals prepare to safely and securely ramp up industrial digitization initiatives, there are a range of new, probably unfamiliar technologies they must become acquainted with to have a shot at success.

Here are the top three.

1. Industrial AI & Machine Learning: From Predictive Maintenance to Penetration Testing

When Industry 4.0 was conceptualized by the German government back in 2011, artificial intelligence and machine learning were still firmly in the domain of research, development, academia, and sci-fi. Fast forward 11 years, and they’re at the center of current and future automation strategies everywhere.

AI and machine learning are becoming widespread in manufacturing systems that range from quality inspection systems equipped with computer vision algorithms all the way to plant- and company-wide analytics engines that drive productivity, efficiency, and cost optimizations.

Today, even moderately sophisticated machine learning tech can account for the physical operating characteristics of a machine’s components (i.e., heat, vibration, oscillation, speed) to determine a piece of equipment’s mean time to failure (MTTF) and schedule maintenance before it occurs. These analyses can even include AI-powered cyber threat monitoring and prevention to help safeguard high-value industrial assets.

For instance, security teams are now using simulation engines like Wind River Simics to uncover vulnerabilities in their systems and deploying virtual targets as honeypots to attract hackers. After studying these vulnerabilities and/or attack procedures, the security professionals can feed various threat indicators into AI models that will continuously monitor real systems for attack signatures and act before resources or lost or damaged. (Editor’s Note: Read the white paper “Cybersecurity, IoT, and Embedded Systems: Reducing Risk with Pen Testing” or view a recent webinar that details the use of simulation technology in penetration testing)

In short, AI and machine learning are helping solve problems before they exist and will continue to evolve as during the transitions to Industry 4.0 and later Industry 5.0 where technologies like cobots are being positioned as universal replacements for human factory workers.

2. From Fixed-Function to VMs to Container Separation in Real-Time

Since the inception of factory automation, the electronics that power it have been governed by the pillars of safety, security, reliability, and determinism. Period.

But enterprise technologies like AI/ML, IP-based networking, and the cloud being introduced to these environments are none of those things. How can IT and OT exist in the same plant, or even the same system, much less the same subsystem, without process interference that can result in system faults or failures?

The answer, in many cases, is virtualization, which partitions system resources such that each process believes it is running entirely on its own system. There are many types of virtualization and technologies that support it, ranging from hardware virtualization of multicore chipsets to hypervisors that create strict partitions between different cores and memory regions. Another is OS virtualization, of which containers are a leading solution.

Container technology bundles all an application’s services into an ultra-portable package. Each container separates its contents from the rest of the system, which ensures different system operations do not interfere with each other and also provides software isolation that is crucial to modern electronic device security principles. (Editor’s Note: A white paper outlining 10 security properties required of today’s electronic systems can be read here)

Furthermore, containers are agnostic to the infrastructure they’re deployed on. Of course, being born of the enterprise and data center, “agnostic” historically refers to Windows or Linux OSs on an x86 server.

Now, real-time container technologies are coming to market that can run on top of Windows or Linux distributions in embedded environments, but also on top of real-time OSs. This is a gamechanger for OT edge system intelligence, as it enables IoT DevOps deployment architectures built around continuous software updating and delivery.

3. Dive into DevSecOps

Industry 4.0, for the first time in many automation use cases, opens endpoints (and their vulnerabilities) to networks. And by extension, cyber threats. This makes endpoint security one of the primary concerns for industrial automation companies whose data and physical assets are often either extremely valuable, potentially harmful, or both.

Take the Colonial Pipeline ransomware attack, for example. Hackers found a leaked VPN password on the dark web that provided access to Colonial Pipeline servers, and subsequently locked the company out of its own electronic systems before demanding cryptocurrency.

Because cyber threats evolve much more quickly than the traditionally set-and-forget world of industrial automation technology, development, security, and operational engineering methodologies must change. This is precisely where DevSecOps shines. (Editor’s Note: Learn more about DevSecOps in the webinar “Get Better Cybersecurity With Less Cost By Leveraging DevSecOps”)

DevSecOps is an approach to automation and platform design that integrates security as a vital step in every phase of the software development lifecycle (SDLC) rather than solely during the end stages of development as is customary in traditional engineering workflows. While it can take longer and cost more to develop securely up front, it saves exponentially more time and money to identify bugs early in the lifecycle – according to IBM, fixing bugs found during the testing phase of software development can cost companies up to 15x more than if they had identified it in the design phase.

A DevSecOps approach represents a change from completely air-gapping systems from external networks. But with the opportunities of Industry 4.0 applying pressure to connect the entire industrial infrastructure, you may no longer really have a choice.

Keep Up with Industrial Revolutions

Industry 4.0 has been in the works for over a decade now. Some industrial facilities are and have been thriving in it, some are still catching up, but time waits for no one.

Familiarize yourself with these three technologies to make your Industry 4.0 implementations a success and get you on your way to Industry 5.0.

For more information on successfully and securely completing digital transformation efforts, check out the following resources: