iiot..ind 4.0..a thirst for data.. - easyfairs...big data / cloud applications from machine to...

siemens.com© Siemens AG 2018

IIOT..Ind 4.0..A Thirst for Data..Connected Manufacturing 2018

Unrestricted © Siemens AG 2018 ESH 2018 Conference

Who am i?

Paul Hingley

Data Services Business Manager / PSSO GB&I

Siemens

20 years at Siemens involved in industrial Networks, Safety and Security. Prior tothis an Electrical / Automation Engineer in the Process and Discreteengineering mainly focused in the Automotive, Steel and logistics Industries.

CAS (Cloud Application Solutions) MindSphereSafety Systems and ConsultancyPSSO (Product Solution Security Officer)CBM (Condition Based Monitoring Solutions)

Name:

Job Title:

Company:

Background:

Job Responsibilities:


Industry 4.0….moving into a fourth Industrial Revolution


Connected Devices

2000 2004 2008 2012 2016 20201996

(2003) 0.5B

1988 1992

(1992) 1M

50.1B (2020)

IoT Inception (2009)

8.7B (2012)

11.2B (2013)

14.2B (2014)

18.2B (2015)

22.9B (2016)

28.4B (2017)

34.8B (2018)

42.1B (2019)

MindSphere –The cloud-based,

open IoT operatingsystem

…through new service and business models

Differentiate in the Market …

…through development of applications &digital services

Build Digital Business …

…powered by digital transformation

Increase Performance …

The Internet of Things(projected number of connected assets)


2020it will be

45Zettabyte

2015it will be

7.4Zettabyte

2012 3.1Zettabyte

Big data / cloud applications

From machine to machine – the focus today and in the future

From person to person – that was the beginning

Machine2MachineSensors, meters, devices, industrial machines

Internet of Things/"Industry 4.0"Enabling additional productivity levers and new business models

People2MachineMedical technology, digital TV,cameras, computers, mobile phones

People2PeopleNetwork of virtual communities

The total volume ofdata generated on

earth summed up to

Source: Oracle, 2012, Roland Berger 2015

Industry Evolution: The future of big data and cloud applications willbe in the industrial space

1 Zettabyte = 1 sextillion bytes = 1000 Exabytes = 1 Billion Terabytes


Major industries facing these challenges are adopting the IoTBiggest year-over-year gainers: IoT initiatives

+ 8.2%

+ 4.5% + 4.3% + 3.7%

Facilitiesautomation

Mobile devicemanagement

Fleetmanagement

Smartcity

Source: 451 Research VoTE: Internet of Things, Organizational Dynamics 2017


IIOT makes data actionableHow it works

• Connect – Integrate new andexisting assets and sensors tosystems

• Collect – Aggregate data in realtime and over time

• Transform – Data profiling, trendanalysis, predictive modeling

• Visualize – Visual dataflowcreator, visual data analyzer,dashboards

• Insight – Highlight trends andanomalies

• Actions – Predictive maintenance,health monitoring and status, KPIs,all operations dashboard, energytuning

Insight and actionsTransform and visualizeConnect and collect

Key capabilities


Technological forces transforming industry

Changingthe way

productscome to life

GENERATIVEDESIGN

INTELLIGENTMODELS

SYSTEMS OFSYSTEMS

Changingthe way

productsare realized

MACHINELEARNING

ADDITIVEMANUFACTURING

ADVANCEDROBOTICS

Changingthe way

productsevolve

CLOUDTECHNOLOGY

KNOWLEDGEAUTOMATION

BIG DATAANALYTICS


Technological forces transforming industryManufacturers must embrace the technologiesand transform their business into a Digital Enterprise

GENERATIVEDESIGN

INTELLIGENTMODELS

SYSTEMS OFSYSTEMS

MACHINELEARNING

ADDITIVEMANUFACTURING

ADVANCEDROBOTICS

CLOUDTECHNOLOGY

KNOWLEDGEAUTOMATION

BIG DATAANALYTICS

Changingthe way

productscome to life

Changingthe way

productsare realized

Changingthe way

productsevolve

Ideation UtilizationRealization


Continuously improve product and productionThe complete digital twin


User

Customer

Supplier

PARTNER

IT/OT convergence supporting New Business and Collaboration Models

Customer

Consumer

Connected machines

R&D

PARTNER

Connected

customers

Connected products

Connected

consumers

Connected R&D

Connected Suppliers

Connected Enterprise

Field Level

Control Level

Enterprise Level

Management Level

Operator Level


We're seeing an increasing digitization of industries

Based on "Smart Service Welt" report/Accenture visualization

Degree of maturity ofdigital business models

Energy

To help protect your privacy, PowerPoint has blocked automatic download of this picture.

Discrete &Process

Industries


Health


Mobility


Trade


Media


Less complex industry

Easy to digitize industries have already started to change ……more complex industries will follow

Digitization, Sensors,Connectivity, Bandwidth,Data Capturing andStorage, Clouds,Analytics …

New Business Models,Ecosystem concept andParadigm shift: Fromproduct-focused touser-centric mindset …

Technical Drivers

Business Drivers

More complex industry

1

2

Tipping-Point!

Why do I need Security ?13


ICS Attack surface is growingChallenges: Increasing vulnerability, high connectivity.

Introduction of malware via removablemedia and external hardware

Human error and sabotage

Intrusion via remote access

Control componentsconnected to the Internet

Compromising of smartphonesin the production environment

Compromising of extranetand cloud components

Malware infection via theInternet and Intranet

(Distributed) denial-of-service ((D)DOS) attacks

Technical malfunctions

Source © BSI analysis on cyber security 2016, German Federal Office for Information Security

Social engineering and phishing


Differences between office and manufacturing networks


Industrial Security ServicesDefinition IT-Security vs. OT- (Industrial) Security

AvailabilityConfidentialityIntegrity

ConfidentialityIntegrityAvailability

Availability

Installation

Topology

Location

Device

Downtime < 300 ms

Plant-ICS-Staff

Plant specific

Industrial environment

Low, Switches with fewer ports

Range in minutes is acceptable

Network Specialists

Ring structure

Air conditioned environment

High, Switches with many ports

What is it about?Increasing attacks on devices

Investment Cycles Min 5-15 YearsAll 2-3 Years

IT-Security Industrial Security

16November 18


ChallengesProductivity, Cost Pressure and Regulations

17

Protect against

• externally caused incidentsthrough increasing connectivity

• internal misbehavior

• the evolving Threat Landscape

Costs

• for qualified personnel

• for essential SecurityTechnologies

Comply to

• Reporting Requirements

• Minimum Standards

• Security Knowhow

Protect Productivity Reduce cost Comply to regulations

§§

§


Selected IT Security Standards, Guidelines and Committees

VDI/VDE

BSI Grundschutz

NIST

Roadmap to SecureControl Systems inthe Energy Sector

IEC 62351

IEC TC 57WG15

US-CERT ControlSystems Security

Center

SACTC 124

DKE

CommitteesAssociationsGovernmental bodies

Standards

Guidelines

DHSChemSecRoadmap

NERC-CIP

ISO/IEC15408

WIB M-2784

ISO/IEC 2700x

IEC / ISA-62443Siemens Focus

GDPRGeneral Data Protection

Regulation

NISNetwork and Information

Systems


NIS1

1)Wording from NCSC/DCMS

What is it? An EU Directive on Security of Networks & Information Systemsthat will come into UK legislation 9th May 2018

Who is leading implementation? The Department for Digital, Culture, Media and Sport (DCMS)

What is the aim? Raise the level of overall security and resilience of networkand information systems.

• Have a national framework for security to include: a National Cyber security strategy, a CSIRT2, a SPOC3

and a NIS competent authority (CA)

What is expected of member states?

• Set up a Cooperation Group among Member States to support and facilitate strategic cooperation and the exchange ofinformation among Member States. Member States will also need to participate in a CSIRT Network to promote swiftand effective operational cooperation on specific network and information system security incidents and as well assharing information about risks.

• Ensure that businesses within vital sectors which rely heavily on information networks, for example utilities,healthcare, transport, and digital infrastructure sectors, are identified by each Member State as “operators ofessential services” (OES). Those OES will have to take appropriate and proportionate security measures tomanage risks to their network and information systems, and they will be required to notify serious incidents to therelevant national authority. Engagement with industry is therefore crucial in the implementation of the directive.

2)Computer Security Incident Response Team3)Single Point of Contact

https://www.ncsc.gov.uk/information/ncsc-support-nis-directive-implementation


NIS1 - continued

What is the NCSC’s role in preparing for the implementation of the NIS Directive?The NCSC is providing technical support and guidance to other government departments and CAs through:

a set of cyber security principles for securing essential services

a collection of supporting guidance

a Cyber Assessment Framework (CAF), incorporating indicators of Good Practice

implementation guidance and support to CAs to enable them to:

• adapt the NCSC NIS principles for use in their sectors

• plan and undertake assessments using the CAF, and interpret the results.

Once the NIS Directive is live in May 2018, we expect our role to be:Single Point of Contact (SPOC) - we'll act as the contact point for engagement with EU partners, coordinating requests for action orinformation and submitting annual incident statistics.

CSIRT (Computer Security Incident Response Team) - we will receive all incident reports and will provide advice and support on thecyber aspects to operators and Digital Service providers in the event of an incident. We will be responsible for the dissemination ofappropriate risk and incident information to Competent Authorities and other relevant stakeholders.

Technical Authority on Cyber Security - the NCSC will support CAs with security advice and guidance and act as a source of technicalexpertise. We'll tailor some generic guidance to individual sectors to support CAs.

1)Wording from NCSC/DCMS

Aiming to be CAAlso see OG86

https://www.ncsc.gov.uk/information/ncsc-support-nis-directive-implementation


Standards

NIST 800-82, 800-30,800-53

ISA 99

ISA/IEC 62443

NERC-CIP 4

ISO 27032

NIS Directive

2018 May 9thUK Law, priority is CNI companies.

WIB M2784

ISO 27002ISO 27001


Framework

CDV* 4Q17


Each stakeholder can create vulnerabilitiesExample User Identification and Authentication

IACS environment / project specific

Independent of IACS environment

Industrial Automation and Control System(IACS)

Product Supplier

SystemIntegrator

Asset Owner

develops

designs and deploys

operates

Control Systemas a combination of

Hostdevices

Networkcomponents ApplicationsEmbedded

devices

is the base for

+

Operational and Maintenancepolicies and procedures

Automation solutionBasic Process

Control System(BPCS)

Safety InstrumentedSystem (SIS)

ComplementaryHardware and

Software

Hard coded passwords

Elevation of privileges

Default passwords notchanged

Temporary accounts notdeleted

Non confidential passwords

Passwords not renewedcan createweaknesses

can createweaknesses

can createweaknesses

Example: User Identification and Authentication

Invalid accounts notdeleted


Independent of IACS environment

IACS environment / project specific

Various parts of IEC / ISA-62443 are addressing Defense in Depth

2-4

3-2

2-1

2-4

3-3

4-2

4-1

Asset Owner

Operational and Maintenancespolicies and procedures

System Integrator

Policies and procedures

3-3

Product Supplier

Development process

Security capabilities of the products

Security capabilities of theAutomation Solution

TRUST…….25

Unrestricted © Siemens AG 2018April 2018 Charter of Trust for a secure digital world

Unrestricted © Siemens AG 2018April 2018Page 27 Charter of Trust for a secure digital world

Digitalizationchanges

everythingArtificial intelligence and big data analytics are revolutionizing the way wemake decisions. And billions of devices are being connected by the Internetof Things and are interacting on an entirely new level and scale.


Unrestricted © Siemens AG 2018April 2018Page 28

As much as these advances are improving our livesand economies, the risk of exposure to maliciouscyber attacks is also growing dramatically.

– Crucial to the success of thedigital economy.

– Users need to trust that their digitaltechnologies are safe and secure.

– Digitalization and cybersecuritymust evolve hand in hand.

Cybersecurity –A critical factor for the successof the digital economy


Cybersecurity – an increasingly critical factorfor the success of the digital economy

Digital ConnectivityDigital InformationProcessing Digital Automation and Intelligence

1950s – 1960sMilitary, governments andother organizations implementcomputer systems

1980sComputers make theirway into schools, homes,business and industry

2020sInternet of Things, Smartand autonomous systems,Artificial Intelligence, Big Data

1999The globe isconnectedby the internet

1970sHome computeris introduced

1991The World WideWeb becomespublicly accessible

2010sCloud computingenters themainstream

1990sDigital enhancementof electrification andautomation

2020sIndustry 4.0

2000sMobile flexibility

Blue Boxing

Cryptovirology

AOHell

Level Seven Crew hackDenial-of-service attacks

Cloudbleedsl1nk SCADA hacks

Meltdown/SpectreInfinion/TPM

AT&T Hack

Morris WormMelissa Worm

ILOVEYOU

WannaCry

NotPetya

HeartbleedIndustroyer/Chrashoverride

Stuxnet


“We can’t expect people to actively support thedigital transformation if the security of data andnetworked systems is not guaranteed.”

1. Protecting the data of individuals and companies

2. Preventing damage from people, companies and infrastructures

3. Establishing a reliable foundation on which confidencein a networked, digital world can take root and grow

That’s why Siemens will be working with partners from industry,government and society to sign a “Charter of Trust” –a charter aimed at three important objectives:


Unrestricted © Siemens AG 2018April 2018Page 31 Charter of Trust for a secure digital world

We sign forcybersecurity!

We sign theCharter of Trust.


Guidance

National Cyber Security Centre

CPNI – SICS FrameworkOperational Guidance OG86

https://www.ncsc.gov.uk/guidance/10-steps-cyber-security

http://www.hse.gov.uk/foi/internalops/og/index.htm

Thank you


Security Information

Siemens provides products and solutions with industrial security functions that support the secure operation of plants, systems, machinesand networks.In order to protect plants, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintaina holistic, state-of-the-art industrial security concept. Siemens’ products and solutions only form one element of such a concept.

Customer is responsible to prevent unauthorized access to its plants, systems, machines and networks. Systems, machines andcomponents should only be connected to the enterprise network or the internet if and to the extent necessary and with appropriate securitymeasures (e.g. use of firewalls and network segmentation) in place.

Additionally, Siemens’ guidance on appropriate security measures should be taken into account. For more information about industrialsecurity, please visit http://www.siemens.com/industrialsecurity.

Siemens’ products and solutions undergo continuous development to make them more secure. Siemens strongly recommends to applyproduct updates as soon as available and to always use the latest product versions. Use of product versions that are no longer supported,and failure to apply latest updates may increase customer’s exposure to cyber threats.

To stay informed about product updates, subscribe to the Siemens Industrial Security RSS Feed underhttp://www.siemens.com/industrialsecurity.

http://www.siemens.com/industrialsecurity

http://www.siemens.com/industrialsecurity


Questions


Contact Information

Paul HingleyData Services Business ManagerDF DS GB

Sir William Siemens House

Princess Road

Manchester

M20 2UR

Phone:Mobile: +44 (0) 7808 822265

E-mail: [email protected]

siemens.com/simatic-pcs7

iiot..ind 4.0..a thirst for data.. - easyfairs...big data / cloud applications from machine to...

Documents