Issue link: https://resources.mouser.com/i/1437657
36 ADI | Industry 4.0 and Beyond What Is Changing the Security Risk? The need for edge computing means more devices are being connected that interact with the real world based on the data they receive. These smart devices are critical to enabling the outcomes of today's digital era. As computing power becomes more pervasive, so does the need for security to address the increased cyberrisk. It is only a matter of time before the next smart coffee machine makes the news for being held ransom by a cyberattack. Even though ransom will be negligible, the incentive to attack a coffee machine exists because of the low barrier in facilitating a successful attack, making performing the attack worthwhile. Consider the effort one might put toward holding an entire factory ransom. The potential reward increases significantly, as does the attacker's incentive. Only relying on firewalls for critical infrastructure is no longer effective with the converged information technology (IT) and operation technology (OT) networks. The assumption should be made that someone has already gained access to the factory network. For this reason, device integrity and robust authentication protocols must be in place for all connected devices. Network-connected devices need to authenticate with other devices on the network, establish shared keys, perform signatures on data, and validate data being received. Standard ways are established for doing this, but the factory presents constraints that can make adapting security challenging for some use cases. For instance, the sensitivity to time in motion-control applications can create latency tolerances that make traditional means of doing device-to-device authentication prohibitive. Using standard public-key infrastructure, devices will challenge each other to establish authenticity and exchange a shared session key using means such as transport layer security (TLS). This method has already been adopted to many factory applications; however, this method is prohibitive in high-speed, motion-control applications because many devices must interoperate together on a specific time scale. When latency requirements are measured in microseconds, the appropriate message authentication scheme must be selected to achieve the desired level of security and speed. Data flow from the controller to all devices on the control loop needs to be received congruently. One method to effectively enable this data flow is to have all devices use the same shared session key. This requires a unique network configuration that allows devices to authenticate with a security manager to provide the same session key to all devices on a designated security group. These keys will be exchanged using standard TLS and revert to alternative protocols during time-critical operation. Figure 2: Cyber economics. (Source: Analog Devices, Inc.) 2