Michael Jochem, Head of the Working Group "Security of Networked Systems" at the conference "Securing Global Industrial Value Networks - Synchronizing International Approaches" in 2018 in Berlin

Michael Jochem, Head of the Working Group "Security of Networked Systems" at the conference "Securing Global Industrial Value Networks - Synchronizing International Approaches" in 2018 in Berlin

© BMWi / BILDKRAFTWERK

Challenge and mission: Security as an enabler for Industrie 4.0

Producers, suppliers and customers from all over the world exchange their data in networked production. The central prerequisite for this is trust—only those who know their data to be in good hands with partners pass it on. This makes IT security a pioneer of Industrie 4.0 and an important mark of quality in companies. After all, companies that apply verifiable IT security measures are trustworthy and become sought-after partners in digital networks.

IT security must therefore have a firm place in the consciousness of those responsible, in the qualifications of employees and in international standards. This working group supports this process with solutions, recommendations for action and concrete application examples for a secure, networked industry.

Outcome 1: Appropriate solutions for global challenges

Overview of the four challenges

Overview of the four challenges

© Plattform Industrie 4.0

The working group "Security of Networked Systems" works on several core topics of IT security, which are closely interlinked:

  • Secure communication: In a networked industry, systems, machines and products should always interact and exchange data. But this only works if technical communication mechanisms ensure that Industrie 4.0 components can make secure contact. This working group is thinking through the technical requirements for secure communication.

  • Identification and Authentication: For secure data exchange, it must be clear that the sender and recipient of data are the ones they claim to be and that they have the right to send and receive the information. This working group provides an overview of the essential requirements for secure identities and develops recommendations for action for politics and industry.

  • Integrity and trustworthiness: Digitalization and networking require trust in the correctness of your own data and external data. This working group investigates how correctness, unalterability and completeness (= integrity) of data, systems and processes can be provided and checked.

The security requirements formulated by the working group are to be anchored in the basic architecture of Industrie 4.0. That is why the working group "Security of Networked Systems" works closely together with the working group "Reference Architectures, Standards and Norms". For example, security requirements for the administration shell were worked out together and the extent to which communication with the OPC UA standard can be securely communicated was analyzed.

Outcome 2: The working group brings together global key players 

Internationales Panel auf der Konferenz Securing Global Industrial Value Chains Enlarge

© BMWi / BILDKRAFTWERK

In May 2018, the working group together with the Federal Ministry for Economic Affairs and Energy implemented the international conference "Securing Global Industrial Value Networks - Synchronizing International Approaches". About 140 international decision-makers from business and politics accepted the invitation and discussed IT security issues in Berlin. The conference was about technical aspects and appropriate political regulation. The discussion was based on the concepts of the working group "Security of Networked Systems".

The contributions and debates revealed starting points for a common approach. The working group and its international partners therefore agreed to answer open questions together after the conference and to work out ideas for technical and regulatory solutions.

Objective: to anchor security as a quality feature

The working group will build on these results and deepen their work on technical issues. At the same time, the "soft" factors should also come to the fore: what does a corporate organization that is just for security look like? And what qualifications do employees need to protect company data? Work on standards is also to be continued: A demonstrator for the secure use of OPC UA should be developed. Safety requirements developed by the working group should feed into (inter-)national standardization processes and research plans. The overall goal remains: anchoring security as a quality feature.

Structure and working methods: intensive work on a wide range of topics

Over 40 experts work intensively in the working group "Security of Networked Systems". In addition, they meet in person six times a year as well as ad hoc by phone and online. Experts discuss and produce results withing six sub-working groups:

  • Secure identities
  • Secure communication for Industrie 4.0 (together with the working group “reference architectures, standards and norms”)
  • Standards
  • Organization and qualification
  • Roles and legal models
  • SG Security (ZVEI)