Industry & Factory Automation

Security is paramount in industrial IoT and oT for factory automation and critical infrastructures. Secure-IC ensures compliance with industrial frameworks such as IEC 62443. Securyzr^TM iSSP for industry & factory automation protects the endpoints, connectivity and lifecycle of existing in-field and new device fleets.

Home > Applications > Markets > Industry & Factory Automation

The revolution in industry is all about finding new ways to accelerate process and save time. We are now in our fourth revolution, the smart manufacturing era, which is changing manufacturing methods by integrating enabling technologies such as IoT, cloud computing, analytics and even AI and Machine Learning. All these improvements and ways to accelerate and facilitate production are changing the industry in a good way, but also opening up new threats for companies moving in this direction.

Having modern smart technology may bring new and amazing things like a connected factory for ultra-customization, supply chain integration, industrial IoT or geolocalization and asset protection, Big Data for model and design, quality insurance or AI and Machine learning assisted manufacturing or augmented reality for quality control and insurance, ergonomics and fast training. But this also means that there are many things to protect such as equipment availability and data against theft or corruption for the robot user or even counterfeiting and theft for the robotic system manufacturer. Cybersecurity is therefore critical as industrial scale means massive capital and connected industry means potential accessibility from anywhere. IT specialists can protect companies from remote attacks, but it is now paramount that devices must embed physical security as well.

The specific security challenges for Industry & Factory Automation

Secure endpoints: security hardening for the whole device fleet (including existing devices)
- Protect embedded devices
Secure communications: devices’ secure connectivity (for example TLS embedded capability in each device) & ID management for the whole fleet (including existing devices)
- Secure connection between connected devices to each other and also the Cloud
Real-time security monitoring and management:
- Lifecycle management, how to address security/anomaly events

Many assets must be protected within factories, such as:

PLCs,
SCADA system,
Gateways
Etc.

Industry 4.0 and cybersecurity

Secure Supply Chain needs

Secure-IC has expertise in industrial equipment and IP protection. Using a Secure Element allows to implement a root of trust and resistance to attacks.

Implementing cryptographic algorithms within an embedded system can leak sensitive information that can be easily exploited by physical analysis, namely Side-Channel and Fault Injection Analysis. These types of analysis are part of the security evaluation that Secure-IC uses to verify whether systems are indeed resistant to attack.

Secure-IC’s range of products are germinating in a broad market segment targeting industrial technologies such as SCADA and PLCs that are an integral part of the IACS especially within the Industry 4.0 and Industrial internet of things approaches.

Secure-IC’s PESC approach is built on a portfolio of security products and services that, when combined, create a deep security by design that protects the very foundation of your industry.

Protect

Evaluate

Service & Certify

Protect

Securyzr^TM iSE for Industry compliant with IEC 62443 for new SoC with secure remote connectivity and management with TLS/secure protocol requirements and FW stack
Securyzr^TM full Software for Industry for legacy/already installed devices
- ID management for all devices of the fleet. It can be achieved for each device thanks to Secure-IC’s PUF (both in HW and SW)
Securyzr^TM Server for lifecycle management, device onboarding/offboarding, Secure firmware update Over-The-Air

Evaluate

Laboryzr^TM: Security Evaluation: Make sure that there are no potential threats to industry lines

Hardware Trojans
Reverse Engineering
Hardware/Software penetration testing
Laboryzr^TM includes 3 tools:
- Analyzr^TM, evaluation tool to validate the security level of real physical chip/boards after foundry tape-out that enables ISO/IEC 17825, 20085
- Virtualyzr^TM, an EDA Tool to assess the security design verification at all design levels (RTL, Post-Synthesis, Place & Route and Layout)
- Catalyzr^TM, software tool to evaluate software code vulnerability with static and dynamic analysis

Service & Certify

Expertyzr^TM for Industry & Factory Automation: Expertyzr^TM is Secure-IC’s expertise service, it constitutes of a number of services and trainings that could bring your business to the next level in terms of Security such as:

Evaluation as a Service for both legacy devices and new devices (including SCADA system pentesting, etc.)
Support to Certification
Security Training (on IEC 62443, system security)
Embedded Security Watch
- Asset models for PLCs, SCADA, Critical infrastructures, etc.

Standards & Certification to consider in Industry & Factory Automation

Since security for the industry is paramount, there are several standards that specifically frame it. General certifications such as FIPS-140, OSCCA or Common Criteria are used in many different industries, including industrial IoT. As a security science expert; it is one of Secure-IC’s objectives to support companies that wish to acquire these certifications whether it be through operational consulting, collaborative projects, tutorials and training or standardization.

General Certifications are also applicable to the industry market:

FIPS 140-3 (U.S. Standard)
Common Criteria (EU Standard)
OSCCA (Chinese Standard)

ISA/IEC 62443 is a series of standards that provide detailed requirements for Industrial Automation and Control Systems (IACS). It is a comprehensive set of standards that cover security risk assessment at various stages of design and development processes. It enables all agents in the supply chain to identify risks and address them with countermeasures to ensure security in response to the ever-growing risk of cyber threats. ISA/IEC 62443 is subdivided into four levels namely General, Policies & Procedures, System and Component with each level consisting of several parts relevant to that particular level.