尽管它看起来像是科幻电影中直接的东西,但它很快就会成为未来生产大厅的现实:沿生产线的产品将知道它们的位置,他们已经完成了哪些步骤以及它们仍然是什么需要成为成品。
看法:Photo of the Day: Industry 4.0
生产设施将协调他们的工作步骤,并彼此交换信息。技术人员无需涉足生产厅进行维修,而是远程进行了机械检查。一词:产品和植物将很聪明。这也称为“行业4.0” - 在机械化,电气化和数字化之后,第四代的行业。
不过,有一个症状。设施将使用数据网络相互通信,甚至产品本身也必须“登录”。人类也将使用这种网络连接来控制和监视生产 - 即使他们不在生产厅里,也要关注植物的运行。最重要的是,将进行远程维护和远程软件更新。对于所有这些功能,一件事是必不可少的:将工业海盗和破坏者淘汰的安全访问。当然,企业可以在这种形式的数据流量中使用普通的Internet连接,通过“虚拟专用网络”或简称VPN来保护它。“But there’s something many people don’t know: there are VPNs and there are VPNs – and not every VPN access is secure,” explains Bartol Filipovic, division director at the Fraunhofer Institute for Applied and Integrated Security (AISEC) in Garching, Germany.
That is why researchers have come up with a router that offers secure VPN access. Authorization and firewall functionalities provide additional access protection. The necessary security protocols can also be integrated directly in the industrial customer’s plants and machinery. “The system is a software kit. We’ve already developed the basic components, and we can tailor them to fit the customer’s specific requirements,” Filipovic points out. The process takes around four weeks to complete. The researchers integrate simple systems at the same time, such as sensors in the pharmaceuticals industry that report filling levels or mixing ratios – these, too, should not forward their information to unauthorized parties.
Physical Protection: Film Sounds an Alarm
On the one hand, the system protects companies from spies trying to hack their way into the network from off-site locations. On the other hand, it also outwits data thieves trying to coax secrets out of routers and circuit boards on location. A special film affixed to security-relevant casings immediately reports any attempts to unscrew the protective covering to access security-relevant data. Developed at AISEC, the film is affixed to the router casing, or directly onto the circuit boards – the board containing key control elements such as microcontrollers, chips, diodes and other security-critical processing units – and sealed shut at multiple points. If the router is switched off, all of the software it contains is stored in encrypted form. If it is in operation, though, it needs the decrypted program code. Each decryption key is a function of the properties of the protective film. And if these properties are changed – by tearing open or drilling into the film to reach the circuit boards, for instance – the film detects the attack in a few milliseconds and responds immediately: it deletes all of its unencrypted, security-relevant data.
未经授权的入侵者无法进入该软件。但是,数据删除对业务没有问题:一家公司要做的就是重新安装软件并贴上新的保护膜。菲利波维奇说:“结合软件和电影为我们提供了理想的安全水平,2013年的事件非常清楚地教会了我们的重要性。”安全的通信软件和硬件对于数字化和行业4.0的生产发展至关重要;防止间谍活动,破坏和产品盗版的保护对于创新和强大的竞争地位至关重要。
有关更多信息,请访问http://www.fraunhofer.de/
Filed Under:M2M (machine to machine)
