Cyber Security as THE Key Enabler for Digitalization · Cyber Security as THE Key Enabler for...

Cyber Security as THE KeyEnabler for DigitalizationDr. Norbert Gaus | July 2018

Unrestricted

Unrestricted © Siemens AG 2018July 2018 Corporate Technology RDA ITS

Digitalization is changing everything ……we address Digitalization with a holistic approach

Business modelsSmart services

Value creationprocessesSmart factory, smart plant,smart buildings

Digitally enhancedproductsSmart products and solutions


Innovation with a clear focus –Siemens Company Core Technologies

AdditiveManufacturing

AutonomousRobotics

BlockchainApplications

Connected(e)Mobility

Connectivity andEdge Devices

Cybersecurity Data Analytics,Artificial Intelligence

DistributedEnergy Systems

EnergyStorage

Future ofAutomation

Materials Power Electronics Simulationand Digital Twin

Software Systemsand Processes


Company Core Technologies to drive Innovation in Digitalization

Block-chain ApplicationsManaging Transactions

Connectivity and Edge DevicesDevices becomeintelligent and connected

Software Systems and ProcessesManaging theSW Life-cycle

Simulation and Digital TwinExpanding the Digital Twin

Future of AutomationFrom automated towardsautonomous systems

Connected (e)MobilityMobility is electric,connected, autonomous

Cyber Security Enabling Digitalization

Data Analytics, Artificial IntelligenceMaking automateddecisions

Autonomous RoboticsControlling pervasiverobotics


Cyber Security is a key enabler to Digitalization

Block-chain ApplicationsManaging Transactions

Connectivity and Edge DevicesDevices becomeintelligent and connected

Software Systems and ProcessesManaging theSW Life-cycle

Simulation and Digital TwinExpanding the Digital Twin

Future of AutomationFrom automated towardsautonomous systems

Connected (e)MobilityMobility is electric,connected, autonomous

Cyber Security Enabling Digitalization

Data Analytics, Artificial IntelligenceMaking automateddecisions

Autonomous RoboticsControlling pervasiverobotics

Cyber Security

Enabling Digitalization


Cybersecurity – An increasingly critical factorfor the success of the digital economy

Digital ConnectivityDigital Information Processing Digital Automation and Intelligence

1950s – 1960sMilitary, governments andother organizations implementcomputer systems

1980sComputers make theirway into schools, homes,business and industry

2020sInternet of Things, Smartand autonomous systems,Artificial Intelligence, Big Data

1999The globe is connectedby the internet

1970sHome computeris introduced

1991The World WideWeb becomespublicly accessible

2010sCloud computingenters the mainstream

1990sDigital enhancementof electrification andautomation

2020sIndustry 4.0

2000sMobile flexibility

Blue Boxing

CryptovirologyAOHell

Level Seven Crew hackDenial-of-service attacks

Cloudbleed

sl1nk SCADA hacksMeltdown/Spectre

Infinion/TPM

AT&T Hack

Morris WormMelissa Worm

ILOVEYOU

WannaCry

NotPetya

HeartbleedIndustroyer/Chrashoverride

Stuxnet


The challenges to Cyber Securityrequire new approaches to technologies

Need for Cyber Security TechnologyICS: Industrial Control System | IEC: International Electrotechnical Commission

Business Units Standards and regulationse.g. IEC 62443 Security LevelsCyber Security technology to

use for my future products/solutions?

How to secure existing installations?

How to securely connect to the cloud fordigital services?

What is the technology to drivesecurity services business?

How to scale effort in CyberSecurity?

SL4 Protection against intentional violationusing sophisticated means, extendedresources, ICS specific skills, highmotivation

SL3 Protection against intentionalviolation using sophisticated means,moderate resources, ICS specificskills, moderate motivation

SL2 Protection against intentional violationusing simple means, low resources,generic skills, low motivation

SL1 Protection against casualor coincidental violation

DigitalizationConnected Industrial Control Systemsoffer new levels of efficiencyand productivity …

but they also create new possibilities tocyber attacks


Products &SolutionsSecurity

SecurityCustomerServices

InternalCyberSecurity

Scoping of CCT Cyber Security –Five action fields derived from business needs

Cyber Security Action Fields

ReusableCyber SecurityComponents

SecurityAutomation

Technologiesfor SecurityServices

Cloud Security forIndustrial Applications

Long term Security for LifeCycle (Brownfield)

Cloud security for industrial applications

Security for a lifecycle in the field


Cyber SecurityProtecting industrial infrastructure along their entire lifecycle

Security automation inR&D, e.g.

• Automated penetrationtesting

• Automated hardening andsecure configuration

Security Components, e.g.

• One-way gateway

• IoT public key infra-structure, identity andaccess management

• Small footprint IoTcryptography

Technologies forsecurity services inoperations, e.g.

• Security analyticsplatform

• Artificial intelligence forsecurity

• Automatic response –malware containment

Cloud security for industrial applications

Security for a lifecycle in the field


Automated penetration testing andsmall footprint crypto enabled PKI

Automated Penetration Testing• Accelerates and improves SW development• Uses state-of-the-art security scanners and

automatically updates with new attack patterns out ofa central database

• Extended with automated hardening and supportsecurity standard for industrial control systems (IEC62443)

Security Tester

System under Test

Test execution…

Test configuration Result evaluation

Appliance

PKI = Public Key Infrastructure; HW = Hardware; SW = Software; FW = Firmware

Keys Certificates

Trust anchor and small footprint cryptography• Central PKI service in secure environment• Central signature service• Secure key generation and storage using small

footprint Elliptic Curve Cryptography• Support of various platforms: crypto controller, FPGA,

Software• Tool kit for easy integration into products


Cyber Security – long term research topics

Self-SecuringSystems Design

HomomorphicEncryption

Post QuantumCrypto

Security for Co-operative Autonom-ous Systems

Automated Forensicsand Malware Analysis

Secure Cloud basedRealtime Control

Supply ChainSecurity …

NextGen PatchingSecurity Validationon Digital Twin


Post Quantum Crypto – Siemens productsneed to be protected from Quantum Computer attacks

QC: Quantum Computer | RSA: Rivest-Shamir-Adleman algorithm | SHA: Secure Hash Algorithm | AES: Advanced Encryption Standard

Effects on Siemens• Public key crypto has advantages (e.g. key negotiation, digital

signatures) and is therefore used in many Siermens products• Industrial products life-cycle is 20+ years Þ might become

vulnerable to future QC attacks

Research Priorities• Upcoming quantum secure crypto algorithms for usage within

critical infrastructure, e.g. memory, realtime• Design for crypto agility: ability to upgrade to crypto algorithms

Challenges• Quantum Computers are able to break classical public

key crypto (e.g. RSA) used for key distribution and signatures• Current used hash functions (e.g. SHA family) and symmetric

algorithms (e.g. AES encryption) are resistant against QCattacks

• Estimation: >1,000,000 qubits required to break current publickeys, needing ~8 – 30 years of technology progress

• IBM: 50 qubits (2017), Google announced 72 qubits for 2018


Cyber Security –Technology to secure Siemens

Cyber Security Action FieldsProducts &SolutionsSecurity

SecurityServices

InternalCyberSecurity

Reusable Cyber SecurityComponents

SecurityAutomation

Technologyfor SecurityServices

Cloud Security forIndustrial Applications

Long term Security for LifeCycle (Brownfield)

… protect our customers infrastructure

… automate and scale solutions to systematicallyaddress Cyber Security needs

… provide innovativeand future-proof technology

Cyber Security as THE Key Enabler for Digitalization · Cyber Security as THE Key Enabler for...

Documents

Transcript of Cyber Security as THE Key Enabler for Digitalization · Cyber Security as THE Key Enabler for...