Industry 4.0: Revolutions Require Security — From The Outset


Eugene Kaspersky, Contributor

January 25, 2016

Almost everywhere you go in Davos this week you hear that the ‘fourth industrial revolution’ is taking place right now. It’s said to be bringing massive disruptive changes to the way humanity produces stuff and does business. There are great hopes that these changes will help bring about a leap in business productivity and efficiency. At the same time, there are fears it could also cause millions of job losses and bring poverty to whole communities. With so much at stake, it’s more than just a buzzword; it’s also why it’s this year’s central theme at the World Economic Forum, which I’m attending.

The concept goes like this: The first industrial revolution came about from the use of machines, steam and waterpower in factories; the second was enabled by electricity and mass production; the third began not so long ago with the introduction of computers, permitting improved automation of manufacturing. What drives the fourth industrial revolution is a blend of technologies that are leading to the creation of a ‘smart’ and highly versatile ‘cyber-physical’ production environment. It involves various smart sensors, connected self-configuring robots, 3D printing, big data analytics, and communication channels sending massive troves of data to and fro. The idea is that, all together, these innovations will encourage better, highly customized goods faster and at a lower cost, and make supply lines more effective.

One clear challenge to the rollout of such smart factories of the future is that represented by cybersecurity. The problem is that many of the technologies, concepts and protocols that collectively constitute the Industry 4.0 shift are old, with most never designed with omnipresent hyper-connectivity in mind. And since we’re only at the very beginning of this new innovational era, the risks are quite high – just as they were early on in industrial revolutions one, two and three.

In each of the previous industrial revolutions, new technologies meant that it was becoming possible to produce or process things at higher speeds, in greater volumes, at higher temperatures, in more aggressive environments, and so on – meaning that each revolution brought with it new, higher levels of industrial risks. The fact that factories operate day-by-day, year-by-year largely without incident today demonstrates that the technologies used in them are mature and dependable. But in the very beginning it was quite a different story. Steam engines would explode from time to time before becoming consistently reliable. ‘Health and safety’ regulations of today would have seemed absurd in the earlier industrial revolutions.

Large corporations today live in fear of large-scale data breaches. The cost of high-profile cyberattacks like the one on Sony Pictures has been immense. But in the case of cyber-physical systems, potential damage from a computer attack could be even greater. If malicious hackers try to cause as much damage as possible by targeting a large hyper-connected chemical factory, the potential for disaster would be off the scale.

Of course, the trend of everything around us becoming smart (sometimes alarmingly so) is not going to halt. However, engineers who design new innovative equipment should bear in mind the security implications of what they’re doing. Equally important is developing and implementing security standards for connected technologies – including for the industrial Internet of Things – on national and international levels, not after accidents, but before any – to prevent them. My company is actively involved in the development of solutions for industrial IT security, and takes part in discussions on standardization on a global scale – for example those of the Industrial Internet Consortium, of which we are a member.

I’ve heard how some people are trying to create checklists so a business can determine if it is already fully ‘4.0’, or still ‘3.1’, by ticking boxes. The goal of innovation should be to gain a competitive edge, not to take part in some hyped fad just for the sake of it. And anyway, 4.0 or not, if new smart industrial systems aren’t secure and reliable, they’ll be prone to fail and drag business down, not give it a boost.

Although we see that IT security of various types of industrial equipment is often inadequate, I’m still optimistic: at least the issue of infrastructure protection and IT security is now being discussed at the highest levels. I hope such discussion will move Industry 4.0 forward, and I’m confident this new stage of industrial development will eventually be safe and secure for everyone. Let’s just hope it doesn’t take too long becoming so.

This article was written by Eugene Kaspersky from Forbes and was legally licensed through the NewsCred publisher network.

Great ! Thanks for your subscription !

You will soon receive the first Content Loop Newsletter