The Industrial Internet of Things (IIoT), Cybersecurity and Manufacturing

CSA

December 20, 2017

Industrialized nations are being influenced by transformative forces creating what many are calling “The 4th Industrial Revolution,” also referred to as Industry 4.0, Industrial Internet of Things (IIoT), and Smart Manufacturing.

Companies all over the world are investing in this digital industrial future in an effort to establish themselves as a leader in IIoT enabled productivity. Indeed, these heavy investments—in developments such as analytics software, machine learning capability, and 3D printing—can help ensure industry can set new expectations for the speed and cost of manufacturing.

The machines so prevalent in the manufacturing sector are becoming part of electronically-connected systems that can communicate wirelessly. An effective manufacturing model should seamlessly incorporate all of these connected systems into a user-friendly digital space, while maintaining safe and secure operations. While this new reality of digitized manufacturing brings incredible opportunity for increased efficiencies and cost savings, it also brings significant safety and security concerns.

Some of the cornerstones of IIoT are also the ones that bring the most risk—multiple innovative moving parts, multiple stakeholders, partnerships spanning time zones and jurisdictions, and remotely controlled operational activities. Companies still need to keep their workers safe, their machines performing efficiently, their intellectual property well protected, and their sustainability goals within reach. Implementing strategies early in the production cycle is key to getting products to intended markets safely and securely. Functional safety and cybersecurity measures should be included in these strategies.

Functional Safety
The performance of safety-related products and systems must be more than just functional—it must be reliable and safe. Fast and efficient safety and evaluation services, as well as technical guidance, support and training for functional safety, is essential.

When an operation failure of a safety-related system could harm people, property or the environment, functional safety is the undisputed top priority. CSA Group provides functional safety evaluation and certification services for products and systems, Functional Safety Management (FSM) certification, and technical support and training. We utilize the CASS Scheme (Conformity Assessment of Safety-related Systems) to perform our certifications to ensure transparency throughout the process, minimize costs for clients and provide assistance in preparing the necessary technical files.

Cybersecurity—An Extension of Functional Safety Evaluation
The technology and standards around cybersecurity are still evolving in an effort to keep pace with the sophisticated and complex form that cyberattacks often take. A comprehensive set of evaluations and tests can help ensure an automated, safety-related device or system operates correctly in response to its inputs, protecting operators and/or property and the environment from any hazard.

Cybersecurity analysis and testing should be performed by qualified third-party testing organizations as part of the overall product functional safety evaluation. Cybersecurity Evaluation parallels the Functional Safety Testing and Certification process, assessing the security of the product development process as well as the implementation of security measures in the product itself.

The Cybersecurity Evaluation process typically includes the following analyses and tests:

• Gap Analysis and Risk Assessment. Analyses of the supplier’s Information Security Management System (ISMS) and Security Development Lifecycle (SDLC) are performed to identify strengths, weaknesses, and recommend any procedural and policy changes that should be addressed in order to support a secure SDLC process and demonstrate supplier due diligence in mitigating security risk. This analysis and the resulting recommendations are designed to identify and address security threats early in the product life cycle, before devices enter production.

• Vulnerability Identification Testing (VIT). The objective of VIT is to ensure that connected devices are free from known vulnerabilities. Security weaknesses are defined and detected and the effectiveness of proposed countermeasures is forecast so actual effectiveness can be evaluated upon implementation. Vulnerabilities are analyzed to determine their impact on applicable functional safety requirements, which are established as part of the overall Functional Safety Testing and Certification process.

• Penetration Testing. Penetration testing evaluates the security of a connected system by attempting to exploit potential vulnerabilities. This internal testing of the system, network or software helps identify security weaknesses so they can be fixed before being exposed to an actual attack. Effective penetration tests are designed to simulate an attack involving a specific objective. The test findings reveal how security was breached so appropriate preventive counter measures can be adopted.

• Communication Robustness Testing (CRT)—CRT evaluates product resilience when subjected to network stress testing, identifying network-based security vulnerabilities. The test provides a measure of the extent to which network-based protocols can defend themselves against incorrectly formed messages and inappropriate sequences of messages used to attack the system. CRT identifies the presence of common programming errors and known denial of service vulnerabilities specifically for networking protocols, which impact the robustness of embedded devices that use those protocols.

Clearly IIoT offers immense untapped opportunities for the manufacturing sector. However, greater connectivity and data sharing comes with greater threat of breach and tampering and more complex projects pose higher risks of costs due to delays, mistakes and omissions at the planning stage. Addressing safety and security early can help ensure compliance at the time of product launch and potentially mitigate serious threats to safety, security and ultimately success.

CSA Group’s aim is to provide its customers with services to help them reach their markets faster. Visit www.csagroup.org for more information.

To view more articles from CSA Group visit the Safety & Sustainability Centre.

Related Articles


Changing Scene

  • Wesco Opens State-of-the-Art Facility in Eastern Canada to Support Influx of Megaprojects in the Region

    Wesco Opens State-of-the-Art Facility in Eastern Canada to Support Influx of Megaprojects in the Region

    Wesco International has recently announced the grand opening of a new state-of-the-art facility on Higney Avenue in Dartmouth, Nova Scotia, Canada, making this the largest facility of any distributor in the Atlantic region. The new building, facilitated by Touchette Real Estate, a division of Groupe Touchette, will feature Wesco’s comprehensive suite of services and solutions including… Read More…

  • PataBid Nominated for Canadian Choice Award in Software Services

    PataBid Nominated for Canadian Choice Award in Software Services

    PataBid is proud to announce its nomination for a Canadian Choice Award in the Software Services category. This recognition highlights PataBid’s commitment to supporting the electrical contracting community across Canada by providing innovative estimating software solutions that streamline estimating processes and ensure predictable and profitable projects. Read More…


Sponsored Content
The Easy Way to the Industrial IoT

The way to the Industrial IoT does not have to be complicated. Whether access to valuable data is required or new, data-driven services are to be generated, Weidmuller enables its customers to go from data to value the easy way. Weidmuller’s comprehensive and cutting-edge IIoT portfolio applies to greenfield and brownfield applications. Weidmuller offers components and solutions from data acquisition, data pre-processing, data communication and data analysis.

Visit Weidmuller’s Industrial IoT Portfolio.


ADVANCED Motion Controls Takes Servo Drives to New Heights (and Depths) with FlexPro Extended Environment Product Line

Advanced Motion Controls is proud to announce the addition of six new CANopen servo drives with Extended Environment capabilities to their FlexPro line. These new drives join AMC’s existing EtherCAT Extended Environment FlexPro drives, making the FlexPro line the go-to solution for motion control applications in harsh environments.

Many motion control applications take place in conditions that are less than ideal, such as extreme temperatures, high and low pressures, shocks and vibrations, and contamination. Electronics, including servo drives, can malfunction or sustain permanent damage in these conditions.

Read More


Service Wire Co. Announces New Titles for Key Executives

Bruce Kesler and Mark Gatewood have been given new titles and responsibilities for Service Wire Co.

Bruce Kesler has assumed the role of Senior Director – Business Development. Bruce will be responsible for Service Wire’s largest strategic accounts and our growing Strategic Accounts Team.

Mark Gatewood has been promoted to the role of Vice President – Sales & Marketing. In this role, Gatewood will lead the efforts of Service Wire Company’s entire sales and marketing organization in all market verticals.

Read More


Tri-Mach Announces the Purchase of an Additional 45,000 sq ft. Facility

Tri-Mach Elmira Facility

Recently, Tri-Mach Inc. was thrilled to announce the addition of a new 45,000 sq ft. facility. Located at 285 Union St., Elmira, ON, this facility expands Tri-Mach’s capabilities, allowing them to better serve the growing needs of their customers.

Positioning for growth, this additional facility will allow Tri-Mach to continue taking on large-scale projects, enhance product performance testing, and provide equipment storage for their customers. The building will also be the new home to their Skilled Trades Centre of Excellence.

Read More


JMP Parent Company, CONVERGIX Acquires AGR Automation, Expanding Global Reach

Convergix Automation Solutions has completed the acquisition of AGR Automation (“AGR”), a UK-based provider of custom, high-performance automation design and systems integration primarily to the life sciences industry.

Following Convergix’s acquisitions of JMP Solutions in August 2021 and Classic Design in February 2022, AGR marks the third investment in Crestview’s strategy to build Convergix into a diversified automation solutions provider targeting the global $500+ billion market, with a particular focus on the $70 billion global systems integration and connectivity segments. Financial terms of the transaction were not disclosed.

Read More


Latest Articles

  • How Advanced X-Ray and AI Inspection Technologies Optimize Quality Control and Reduce Costs in SMT Manufacturing

    How Advanced X-Ray and AI Inspection Technologies Optimize Quality Control and Reduce Costs in SMT Manufacturing

    Explore how Omron’s latest X-Ray machines and AI-driven solutions are setting new standards in manufacturing efficiency and quality control. The manufacturing landscape is swiftly evolving, and Omron is at the forefront with its innovative PCB inspection machines. These systems offer profound insights into SMT production process, enhanced quality control, and can significantly reduce labor costs. Advancements… Read More…

  • KUKA Establishes New Software and Digital Business Segment

    KUKA Establishes New Software and Digital Business Segment

    Software is playing an increasingly important role in mechanical engineering. What used to be mostly solved mechanically is now done by electronics and the associated software. “With KUKA Digital, we are expanding our offering in order to position ourselves broadly for a market with strong growth potential. Our customers need products, solutions and consulting approaches to digitalize… Read More…