Featured Product
This Week in Quality Digest Live

More Videos

Management Features
The Graceful Exit
Martin J. Smith
How to shutter a business when the pandemic forces closure
Shingo’s Whys
Harish Jose
The next logical step in complexity
Five Skills to Master High-Stakes Communication
Katy Kvalvik
Effective communication is foundational for effective leadership
Eliminate Technology Silos to Ensure Quality in Manufacturing Processes
Wendy Stanley
PLM, MES, QMS, and ERP work best when they work together
Preparing for the HEROES Act
William A. Levinson
Businesses can start planning on how to meet or exceed whatever is forthcoming from OSHA

More Features

Management News
Book: Resilience--Adapt and Plan for the New Abnormal of the Covid-19 Coronavirus Pandemic
How to develop an effective strategic plan and make the best major decisions in the context of uncertainty and ambiguity
Book Release: Project Management for Performance Improvement Teams
What continual improvement, change, and innovation are, and how they apply to performance improvement
Study Finds Quality Shifting From Operational Compliance to Strategic Business Driver
Good quality is adding an average of 11 percent to organizations’ revenue growth
Greenlight Guru Updates Risk Management to Align With ISO 14971:2019
Further enhances change management capabilities
Marposs Introduces CNC Probing Recorder Software for Improved Workpiece Quality
Designed with ease of use in mind
Six Healthcare, Nonprofit, and Education Organizations Win Baldrige Awards
Awards to be presented March 24, 2020, at the Quest for Excellence Conference, in National Harbor, MD
Conference Board: Job Satisfaction Climbs to Highest Level in More Than Two Decades
Workers more at ease about job security. Millennials more confident regarding wages.
Office Environment Is Vitally Important to 21% of People
46% of creative workers want video games in the office
Statistical Process Control for the Food Industry
A guide for practitioners and managers

More News

Denrie Caila Perez

Management

How Smart Manufacturing Is Vulnerable to Attacks

A report from Trend Micro demonstrates how proprietary systems can be exploited

Published: Thursday, June 25, 2020 - 12:03

A new report from Trend Micro Research illustrates how advanced hackers are using unconventional attack vectors against smart manufacturing environments. Smart manufacturing technology generally operates through proprietary systems, which use their own proprietary language. However, these systems also still run on the computing power of traditional IT systems. While typically designed to function independently from other systems, it’s this particular loophole that leaves these systems vulnerable to IT threats.

“Past manufacturing cyberattacks have used traditional malware that can be stopped by regular network and endpoint protection,” says Bill Malik of Trend Micro. “However, advanced attackers are likely to develop operational technology-specific attacks designed to fly under the radar. As our research shows, there are multiple vectors now exposed to such threats, which could result in major financial and reputational damage for Industry 4.0 businesses. The answer is IIoT-specific security designed to root out sophisticated, targeted threats.”

Working in partnership with Politecnico di Milano, Trend Micro used real-time equipment from its Industry 4.0 Lab to demonstrate how malicious threats can potentially exploit these systems in an industrial IoT (IIoT) environment. According to the report, the system languages can be easily “abused to input malicious code, traverse through the network, or steal confidential information without being detected.” Due to its isolated nature, integrity checks are limited—subsequently making the system unprotected against certain risks and malicious activity.

Manufacturing execution systems, human machine interfaces, and customizable IIoT devices were identified as the most vulnerable to these kinds of attacks.

To combat these threats, the report recommends a number of defense and mitigation measures, such as:
• Deep packet inspection that supports operational technology protocols to identify anomalous payloads at the network level
• Integrity checks run regularly on endpoints to identify any altered software components
• Code signing on IIoT devices to include dependencies such as third-party libraries
• Risk analysis that extends beyond physical safety to automation software
• Full chain of trust for data and software in smart manufacturing environments
• Detection tools to recognize vulnerable/malicious logic for complex manufacturing machines
• Sandboxing and privilege separation for software used on industrial machines

Trend Micro stresses that failing to address these potential weak links could result in damaged goods or malfunctions, as well as disrupt workflows, resulting in the manufacture of defective products.

First published on the engineering.com blog.

Discuss

About The Author

Denrie Caila Perez’s picture

Denrie Caila Perez

As an accomplished contributing writer for engineering.com, Denrie Caila Perez covers news and stories on additive manufacturing, aerospace, IoT, artificial intelligence, and environmental breakthroughs.