2019-09-25 Company
For a long time, protecting machines primarily meant protecting them from overheating or insufficient oil. In the future, protection against cyber attacks will be just as - if not more - important.
And this poses major challenges for all companies. This is why the Managing Director of KRIWAN, Dr Christian Ellwein, has made cyber security a top priority.
Be careful on the Internet of Things!
More and more things are being connected to the Internet: Coffee machines, cameras, baby monitors, etc. The market research company Gartner* estimates that there are around 8.4 billion networked devices and forecasts further unchecked growth for 2020 - i.e. up to 20.4 billion devices with their own IP address.
The lion's share of these devices connected to the internet are, of course, consumer products and not industrial products. Although many intelligent sensors are installed there, they are often highly specialised and therefore more expensive and fewer in number. However, market researchers also see strong growth for industry: ‘Applications in mechanical engineering, production and energy have increased significantly,’ says Gartner analyst Bettina Tratz-Ryan.
So-called submetering is growing: this means that sensors are installed not only in the industrial plant, but also in connected data centres or individual machines, which, for example, record how high the energy consumption is or analyse maintenance cycles.
* Source: https:||www.gartner.com|newsroom|id|3598917
The term Internet of Things refers to the increasing networking between ‘intelligent’ objects, both with each other and externally with the Internet. Various objects, everyday items or machines are equipped with processors and embedded sensors so that they are able to communicate with each other via an IP network.
More than risks: structural threats
In addition to these opportunities, digitalisation also harbours risks for the refrigeration and air conditioning sector. Risks in terms of security against cyber attacks. ‘And for a sector that is central to the infrastructure of our society, this is not without its risks,’ explains Dr Christian Ellwein, Managing Director of KRIWAN, citing the following examples:
‘If cyber attacks occur that paralyse central functions in these systems, then we're not just talking about risks, but a serious threat’ - says Dr Ellwein. ‘If cyber criminals manage to interrupt the supply of water and food or disrupt the data networks, a society is very quickly confronted with very fundamental problems.’ It is therefore important to connect machines such as pumps, compressors or fans to the internet with sufficient security. However, this is much more difficult in the area of machine security than in office security and office applications, for example.
Office IT versus machine IT
While security-compliant password assignment or a stable firewall are sufficient for office IT to prevent cyber attacks or a simple backup to restore data after successful cybercriminal attacks, it is not so easy to guarantee the security of machines.
‘This is because machines can be PHYSICALLY destroyed by cyber attacks,’ says Dr Ellwein, describing the particularly sensitive situation in machine IT. ‘If the motor winding of a compressor has burnt out or if pipes have been damaged by the excitation of resonance frequencies, it takes a really long time to repair the damage.’
This safety-critical situation is further exacerbated by the fact that cyber criminals can relatively easily ‘hack’ central information on neuralgic functions of machines such as compressors, fans or pumps that are connected to the internet via special search engines such as www.shodan.io. This gives them direct access to the web. This gives them direct access to the web interface of the networked machine, including passwords and access to technical data, which they can then manipulate.
‘We have set ourselves the task of identifying all cyber threats and developing a systematic security concept based on a comprehensive analysis,’ says Dr Ellwein about his cyber security initiative, which he has made a top priority.
‘We as manufacturers have a duty here!’
Dr. Christian Ellwein | Managing Director KRIWAN Industrie-Elektronik
In 2014, Dr Christian Ellwein was appointed sole Managing Director of KRIWAN Industrie-Elektronik GmbH, Forchtenberg, by shareholder Friedrich Kriwan and the company's advisory board.
Dr. Ellwein, you have made the protection of refrigeration and air conditioning machines against cyber attacks a top priority. Why is this so important?
Telecommunications companies and internet service providers now attach the highest priority to cyber security and develop new products from the outset in such a way that they offer as little vulnerability to cyber attacks as possible. As a leading refrigeration and air conditioning technology company, this is precisely the approach we take: we must do everything we can to offer our customers the best possible security for their machines and systems.
This is our duty as a manufacturer. This is only possible if we start with product development, anticipate potential safety gaps and avoid them with intelligent engineering strategies. In short: we don't develop first and then look at how we can make things safe, but rather develop from the outset with a view to recognising safety gaps and making avoidance strategies part of product development.
How do you come up with such avoidance strategies?
A deep understanding of technology, experimenting and testing - that's the golden path. We consistently work strategically on our portfolio to further develop security concepts - also in close collaboration with Aalen University and Mars Solutions, an IT security service provider from Göppingen.
However, our networking with partners who face the same or similar challenges is also a decisive factor in the development of strategies to prevent security gaps. As a member of ASERCOM, the Association of European Manufacturers of Refrigeration and Air Conditioning Components, KRIWAN is in close contact with leading global partners in the refrigeration and air conditioning industry and is therefore also in a position to analyse and assess the potential dangers of cyber attacks at a more comprehensive level and develop its own solutions. At association level, we are working intensively on this topic in a working group of manufacturers such as Bitzer, Carel, Danfoss, Dorin, ebm papst, Eliwell, Emerson, Frascold etc. and, among other things, on a guideline on how refrigeration and air conditioning systems can be securely networked.
Are there examples that show that such an avoidance strategy has already been successful at KRIWAN?
A first security measure relates to the KRIWAN USB/Bluetooth gateway. The English term gateway generally stands for ‘exit and entry’. In computer science, the term refers to a component, hardware or software that establishes a connection between two systems. The term gateway implies that the forwarded data can be processed, but also read or manipulated.We can prevent this possibility.
The USB/Bluetooth gateway from KRIWAN has a switchable write line into the connected device. We can ‘drop’ the gateways and thus disconnect the basic function (protective relay, oil level regulator, etc.) from the network to prevent cyber attacks.
Another example is a solution for the INT69 diagnostic protection relays. They were developed from the outset in such a way that they send data to the network but can only be reprogrammed on site. This one-way security feature prevents unauthorised persons from accessing the protective relays.
And another example: We have developed the safety concept of two microprocessors. Nowadays, controllers, sensors or protective relays are almost always equipped with a microprocessor. This can be hacked when connected to the Internet or via Bluetooth.
The KRIWAN idea to circumvent this works like this: Microprocessor 1 calculates a result, controls an output and is connected to the Internet. Microprocessor 2 is not connected to the Internet, but is built into the device. It is connected to the same input (sensors) and calculates the same algorithm. Its result is compared with the result of microprocessor 1 in a comparator. Any change to the first processor can be recognised directly. If desired, it can be acknowledged. If unintentional, the hacker attack is clearly recognisable and the machine should be disconnected from the mains.
Do you have further questions or comments about the blog post? Please contact us!