Key points
Industry 4.0 brings a wealth of opportunities to the manufacturing sector; from increased productivity to greater use of automated technologies, machine learning and artificial intelligence to drive real-time, data-based decision making.
The potential for greater collaboration throughout the supply chain to drive efficiencies and unleash previously untapped capacity also makes for an attractive proposition but it is not without risk.
With more machines connected to each other and transfer of data across private, public and hybrid networks, comes more network entry points and, crucially, more potential targets for industrial cyber-attacks.
So, what can manufacturers do to take advantage of the opportunities arising from greater use of IoT devices without compromising their intellectual property and sensitive commercial data?
The answer lies in the use of cryptography to protect data, so, what is it and how can companies working in process industries design an effective security system that will enable them to realise the production benefits of greater connectivity without leaving themselves vulnerable to cyber security breaches, either malicious or accidental?
What is cryptography?
Cryptography is the protection of data using mathematical algorithms. These have been designed to withstand cyber-attacks, their aim being to:
- protect the confidentiality of data
- provide assurance in its trustworthiness, and
- allow access only on a ‘need to know’ basis.
Who decides which algorithms to use?
Organisations such as NISTÂ (the National Institute of Standards and Technology) make recommendations as to which algorithms to use and their usable lifespan. The current algorithms have been around for more than 20 years and have stood the test of time, but a new set of NIST approved algorithms is being defined, with standardisation expected in 2024.
These new algorithms are considered to be ‘quantum-secure’ in that they provide defence against cyber-attacks that utilise the massive computing power of quantum computers.
Cryptographic hardware devices
Cryptographic algorithms have been coded to run on a variety of hardware devices, including general purpose computers, but ideally, they need to run within special-purpose cryptographic hardware. In this way, the algorithms themselves – plus any secret information they need for their operation – are securely protected.
Two important algorithms – encryption and digital signatures
There are a large number of cryptographic algorithms but, for this article, we shall look at two types (encryption and digital signatures) and how these are used to implement a comprehensive IP data protection scheme:
Encryption
Encryption algorithms are used to protect the confidentiality of data, and work by scrambling data in order to make it difficult for an attacker to determine the actual information. They make use of shared secret information, known as a ‘secret key’, to which only the entities that need access to the data have a copy.
These secret keys are not typically shared manually between the entities, but generated ‘on-the-fly’ by another algorithm called ‘key agreement’. This works in a similar way to digital signatures (described next) as it makes use of a pairs of cryptographic keys; one kept private and the other made public. By combining the private key of one entity with the public key from a different entity, a mutually-agreed encryption key can be generated.
Digital Signatures
Encryption only goes so far though, as it doesn’t say anything about the trustworthiness of the data source, or whether the original data has been tampered with. This is where digital signatures come in. If the data has been digitally signed by a trustworthy source, and the signature is shown to be valid, we can have confidence that the data hasn’t been altered and can be trusted.
Digital signatures are generated using an entity’s private key and can be verified by any other entity that has knowledge of the corresponding public key.
The need for protection
Intellectual Property (IP) data needs to be protected from the moment it is created until it is no longer relevant. As a starting point we therefore need to think about:
- What IP data needs to be protected
- Who or what needs access to the data, and
- How long should the data be protected
Once we understand this, we can design a data security architecture to protect the IP data over its lifetime.
Deciding what data needs protecting
When thinking about the protection of IP data, first we need to decide what it is, whether and why it needs protecting, and from whom. This is not always obvious. For example, some seemingly unexciting data may be extremely valuable to competitors. Consider a steel works producing different types and grades of steel.
Here, quality and volume data might be very interesting to a competitor. Another example is a chemical works that has developed an artificial intelligence algorithm for controlling a chemical process. This could be of great interest to a competitor, particularly if a correlation with other run-time data can be made.
Who or what needs access to the data
After deciding what data need to be protected, then there is the question of where this data can be legitimately used. Who (or what) should have access to the data, and how should they provide ongoing protection for it? Should there be an audit trail of who (or what) has accessed it and when? How should the data eventually be destroyed when is it no longer relevant or considered important from an IP perspective?
A simple process industry example
To illustrate these points, let’s say we have implemented an artificial intelligence (AI) algorithm to make recommendations to the plant management about optimisations that can be made to the operation of a process plant. The algorithm takes as input information from the plant, plus external monitoring data such as air quality and by-product data.
Let’s say we have decided to run the AI algorithm within a cryptographic hardware device to protect both the algorithm and the data it is processing. Data from the plant and the environmental monitoring arrives as encrypted, digitally signed data – i.e. it was encrypted and signed at source as it was created. This has protected its confidentiality while in transit and includes the assurance that the data can be trusted.
Inside the protected environment of the cryptographic hardware, the digital signature of the incoming data is checked for validity, the input data is decrypted, and then provided as input to the AI algorithm.
Once the AI algorithm has processed the data, the AI results are made available outside of the cryptographic hardware in encrypted, digitally-signed form. The data is perfectly safe in this form until it needs to be accessed by an entity with the necessary credentials.
Scaling up – a logistical nightmare?
So far so good, but typically there may be hundreds of data items and AI algorithms that need to be protected. Further, some of this data needs to be accessible by different people and systems. This might all sound like a logistical nightmare to provide the necessary and complete data protection. However, the use of digital certificates can make all of this much more manageable and they are totally scalable as there is no limit to the number that can be generated.
Digital Certificates
Digital certificates are data objects that are digitally signed by a trusted authority – if a digital certificate is valid then it can be trusted. Mostly they contain information about an entity, the entity’s public key, the algorithm used, key usage information for the key, validity dates, and a Certification Authority (CA) signature.
Digital certificates provide a very flexible way to manage complexity when defining the entities that can have access to data and what type of access they have.
They can take many forms; some of them standardised (as shown in the diagram), but others can be bespoke, depending upon the data security strategy being implemented. In all cases, they are issued by trusted Certification Authorities, which can either be trusted third parties or internal to an organisation. In the above process plant example, the trusted CA could be the plant owner itself.
How are digital certificates used?
Digital certificates are used to provide trust that certain operations can be safely executed, for example negotiating encryption keys, digitally signing data, and allowing data access to individuals and systems. Certificates can also be revoked if an individual or system has gone ‘rogue’.
Implementing a system using cryptographic hardware modules and digital certificates
A number of companies have implemented cryptographic algorithms within cryptographic hardware components, along with the necessary software to integrate these into a data security scheme, as well as software for generating digital certificates, creating and verifying digital signatures and encrypting data.
It is technically possible for an in-house team to build a comprehensive data-security solution using off-the-shelf software and hardware components, but it does require a lot of knowledge and the use of an external company or consultants – such as network IT equipment vendors, cloud computing companies, industrial control system suppliers, or specialist information security company – may provide a better option.
Crucially, it is important to remember that, as the IP data under protection may change over time, whatever data security solution you choose has to be flexible enough to allow for this.
Designing and implementing a data protection system fit for the quantum computing age is a challenge but not one that is unachievable. Deciding what to protect and who or what has access to that data is the first step, after which companies will need to develop a wider security solution – bespoke to their needs – using either in-house or external resources.
Getting it right will be key to giving process industries the confidence to explore the full potential offered by Industry 4.0, protecting IP data throughout its lifecycle, from its creation to its eventual disposal.
