Siemens Research Cyber Security Rainer Falk, Uwe Blöcher November 26 th, 2018 Siemens Corporate Technology
Cyber Security is the most important enabler for Digitalization Design & Engineering Automation & Operation Maintenance & Utilization Siemens Software Siemens Digital Services MindSphere The cloud-based, open IoT operating system Platform as a Service Enabler: Infrastructure as a Service (storage, processing power, provider agnostic) Digitally enhanced Electrification and Automation Page 2 Holistic IT security concept
The challenges to Cyber Security require new approaches to technologies Digitalization Increasingly connected Industrial Control Systems offer new levels of efficiency and productivity However: Connected critical Infrastructures offer new possibilities to attack Business Units What Cyber Security technology to use for my future products/solutions? Is there technology to secure my existing installations? How can I securely use and connect to the cloud for digital services? How do I scale my effort for CyberSecurity? What is the technology to generate security business? Standards and regulations e.g. IEC 62443 Security Levels SL1 SL2 SL3 SL4 Protection against casual or coincidental violation Protection against intentional violation using simple means, low resources, generic skills, low motivation Protection against intentional violation using sophisticated means, moderate resources, ICS specific skills, moderate motivation Protection against intentional violation using sophisticated means, extended resources, ICS specific skills, high motivation Need for Cyber Security Technologies ICS: Industrial Control System IEC: International Electrotechnical Commission Page 3
Cyber Security at Siemens builds on innovation during production and testing along lifecycle and for databased business models during operation and service IoT Public Key Infrastructure Penetration Test Automation Access Management for public clouds Secure data connectors Security Analytics Platform Artificial Intelligence for Security DCU SiESTA Small footprint IoT Cryptography Zero touch security Automatic response - Malware containment Industrial firewall deep packet inspection Page 4
Cyber Security at Siemens builds on innovation during production and testing along lifecycle and for databased business models during operation and service IoT Public Key Infrastructure Penetration Test Automation Access Management for public clouds Secure data connectors Security Analytics Platform Artificial Intelligence for Security DCU SiESTA Small footprint IoT Cryptography Zero touch security Automatic response - Malware containment Industrial firewall deep packet inspection Page 5
Secure Data Connector DCU Protecting our installed base and enabling cloud connectivity Secure Data Connector Challenge Legacy systems were designed and built as isolated from other networks (for security reasons) Digitalization will get everything connected, incl. legacy systems Availability Released in 2018 OPC-UA support, IEC 62443-4-2 SL3 Business Benefit/USPs Cost-effective (compared to competitor diode solutions) Safety certification: No inferences of critical safety networks Safe, secure and easy enabling cloud connect (MindSphere) Technical Solution HW design to guarantee one-way data connection only 100% resistant against a break into a protected network Maintains safety and integrity for all connectivity scenarios Edge computing enabled for 3 rd party applications Joint development by Mobility and Corporate Technology https://www.siemens.com/dcu DCU: Data Capture Unit OPC-UA: Open Platform Communications Unified Architecture IEC: International Electrotechnical Commission Page 6
DCU enables business to address opportunities of digitalization with their existing infrastructures Businesses need to address digitalization Existing infrastructures are not ready for digitalization approaches DCU enables new digital business models through secure connectivity DCU provides unidirectional connectivity enabling Connectivity via DCU ensures freedom of interference DCU is accredited and thus applicable for retrofits MindConnect DCU Page 7
CCT Cyber Security Radar long term research topics Self-Securing Systems Design Security Validation on Digital Twin NextGen Patching Security for Cooperative Autonomous Systems Post Quantum Crypto Homomorphic Encryption Automated Forensics and Malware Analysis Secure Cloud based Realtime Control Supply Chain Security Page 8