Industry 4.0 at productronica 2015

When it comes to Industry 4.0, companies have to deal with a variety of challenges: What opportunities and risks are associated with the IoT? How can companies ensure that they are perfectly prepared for them? How can intelligent production planning further optimise capacity utilisation of production facilities? Answers to these questions will be available at productronica 2015, particularly thanks to the new Future Markets cluster and IT2Industry, the trade fair and open conference for intelligent, networked working environments that is being held in conjunction with productronica for the first time. IT2Industry takes a comprehensive look at what Industry 4.0 means in electronics manufacturing and where the trend in the electronics industry is headed, from industrial IT security concepts to cloud computing, big data and analytics and software engineering to energy efficiency. Within the scope of the Future Markets cluster, it focuses on topics that pertain to hardware such as the capabilities that cyber-physical systems have to offer.

When discussing Industry 4.0, the topic of IT security is of key significance for hardware and software alike, as we have seen time and again Hackers have attacked the federal government, airlines, the vehicle registration center and television networks, every company and organisation appears to be a potential target. A study conducted by the VDE confirmed that, for seven of ten people surveyed, concerns about IT security are currently the largest obstacle to the proliferation of Industry 4.0 in Germany. Nevertheless, universal digitalisation and complete networking of production operations has already started. According to a representative survey by BITKOM, four out of ten companies in key industrial sectors are already using Industry 4.0 applications and must ensure that their production facilities are secure.

That is why productronica and the ZVEI are dedicating this year's CEO Roundtable on the opening day of the fair on 10th November 10 2015 to the topic of Cyber Security—Challenges for the Manufacturing Industry. Experts from the commercial, political and scientific sectors will discuss existing cyber threats and how to recognise and stop them. The objective is to sensitise all companies and organisations to cyber security issues. Besides priorities in office IT such as virus and malware attacks, special aspects of cyber security in manufacturing that emerge as companies transform to the smart factory will also be discussed. "Cyber security is a key topic for Industry 4.0 to succeed," says Carolin Theobald from the Automation Division of the ZVEI. "Linking and analysing data in the digital age can have great advantages, but they can also be associated with risks and cause a great deal of concern in many companies. We need accepted rules, but we also need to trust the fact that the digital world offers security. That is why cyber security is one of the key topics of our time."

Anyone who wants to reliably protect their company against hacker attacks must follow a holistic approach. Cyber security in manufacturing starts with office IT security because all Industry 4.0 scenarios include several interfaces between both IT worlds. An attack on a steel plant in Germany in December 2014 illustrates the dangers that are involved. First the plant's office network was infected, then the plant's industrial network, and that ultimately triggered a safety stop of the plant's blast furnace. The operating companies suffered extensive damage.

Manufacturing companies also face another challenge. In some cases, several partners such as suppliers, customers, logistics companies and other service providers are closely integrated into the production network. As a result, known procedures for setting up and operating security-management systems must be expanded accordingly.

So, mere island solutions for industrial IT do not provide the desired result, and universal protection of the entire IT platform with a holistic concept must have top priority. That also calls for changes in the organisational structure during implementation. Until now, security in the office and in production have been separated with regard to personnel, organisation and content. According to Dr. Lutz Jänicke, CTO at Innominate Security Technologies and a speaker at the productronica CEO Roundtable, it actually makes sense to have one person in charge of all these responsibilities in the future: "Technically speaking, office and production IT are more similar than one would think. However, security in production is associated with very special challenges that IT managers are not always familiar with. At the same time, production employees also need to be sensitised to security-related topics. In this case, a Chief Information Security Officer who is responsible for IT security in the entire company would be ideal."

Besides the cyber-security aspect of software, using hardware measures to improve cyber security is also a central topic at productronica. As part of the Manufacturing Industrial Electronics highlight day on 12th November, questions on this topic and possible solutions will be presented. The day is being organised by VDMA Productronic and the Konradin Media Group.

When it comes to cyber security in the automation sector, guaranteeing system availability is essential. IT-security solutions from office IT such as upgrades and patches can only be used to protect industrial endpoints and networks to a certain extent, in manufacturing operations, applications usually have to run without interruption for several months and cannot be restarted every day for an update. In addition, technical IT security measures for production facilities that are available right now are usually installed in addition to the actual automation-technology components, which makes them complex and difficult to control. "When it comes to production machinery, security is not yet a competition characteristic," says Jänicke. "In this case, it is up to the operators to establish mandatory standards on the market that are drafted together with the manufacturers and to make them part of the conditions of purchase."

The new NAMUR Recommendation NE 153 Automation Security 2020—Design, Implementation and Operation of Industrial Automation Systems takes the first step in that direction. It summarises a few fundamental requirements for future automation solutions to find alternatives to currently available technical IT security measures for production facilities. Reliability, availability, sustainability and investment security play a central role here. Carolin Theobald from the ZVEI says: "Our companies understand that the time has come to develop economically feasible security concepts. They share the objectives and provisions of NE 153 and are fully aware that all partners in this sector, i.e. the manufacturers, the integrators and the operators of automation solutions, must make a serious effort here. Naturally, we provide them assistance."

Awareness about security in the context of Industry 4.0 has increased significantly during the past few years and the first steps have been taken. However, when it comes to electronics manufacturing as well as other branches of industry, a number of questions about securing networked machines and systems that are becoming increasingly intelligent must still be answered. Besides productronica, IT2Industry will also deal with the topic of IT security in its open conference. The Employers’ Associations for the Bavarian Metalworking and Electrical Industries will present approaches and solutions for industrial IT security on Wednesday 12th November. The next day, Sicherheitsnetzwerk München will give interested visitors insights into typical problems and weaknesses of commonly used IT systems that are currently in use in the production world.