Options
April 1, 2021
Report
Title
Cybersecurity in Networked Production. White Paper
Abstract
Digitalization and networking bring with them an enormous growth potential for companies and will gain more importance for Germany as a business location in the coming years [1, 2]. The management and strategy consultancy McKinsey & Company estimates that German companies will be able to generate an additional € 126 billion in added value by 2025 through consistent digitalization [3]. Viewed in this overall context, the manufacturing sector generated more than a quarter of Germany’s total gross domestic product in 2018 [4]. Despite the large growth potential, the digitalization rate in the production of large German companies is only just under 30 percent – with small and medium-sized companies even only at 20 percent [5]. And one of the biggest obstacles to networking is cybersecurity [6]: whereas the focus used to be primarily on the functional safety of production facilities, cybersecurity - due to the shift from closed to open cyber-physical systems - is now increasingly coming to the fore [7]. However, long life cycles mean that updates are no longer offered for plants, patch policies become outdated and thus inadequate, and the available network protocols are no longer secure [8].
Moreover, due to worldwide networking, cybercrime is not only a local, but a global problem for all industrialized nations. Especially attacks on industrial automation systems and the number of publicized cyber incidents are increasing rapidly [9, 10]. Cybercrime examples ranges from severe extortion of car manufacturers by means of ransomware to physical damage of a blast furnace in a German steel plant [11, 12].
The Fraunhofer Institute for Production Technology IPT has therefore developed a holistic Production Security Readiness Check (PSRC) based on current norms, standards and guidelines, which shows manufacturing companies what security level they are currently at and what risks they are exposed to. Based on the company security level, the PSRC shows options for action that companies can use to close the gap between the security level already achieved and the desired level.
Moreover, due to worldwide networking, cybercrime is not only a local, but a global problem for all industrialized nations. Especially attacks on industrial automation systems and the number of publicized cyber incidents are increasing rapidly [9, 10]. Cybercrime examples ranges from severe extortion of car manufacturers by means of ransomware to physical damage of a blast furnace in a German steel plant [11, 12].
The Fraunhofer Institute for Production Technology IPT has therefore developed a holistic Production Security Readiness Check (PSRC) based on current norms, standards and guidelines, which shows manufacturing companies what security level they are currently at and what risks they are exposed to. Based on the company security level, the PSRC shows options for action that companies can use to close the gap between the security level already achieved and the desired level.
Author(s)
Publisher
Fraunhofer IPT
Publishing Place
Aachen