As digitalization progresses, manufacturers of automation devices must not only integrate the cyclical exchange of production data into their communication interface, but also the connection to IIoT platforms. The main challenge in the IIoT environment is to implement a communication interface that enables connection to the IIoT platform without compromising the security and performance required by the industrial application. This involves implementing new cybersecurity requirements that are also incorporated into new IEC or protocol standards, such as IEC 62443, which forms the framework for security implementations.

IIoT communication within the production plant

Two communication standards, OPC UA and MQTT, have become established for accessing data from robots, drives, sensors or I/O modules from the IT level within a production plant. Both technologies have their own focus. OPC UA focuses on the standardization of data models in devices of the same family - such as robots, image processing systems, etc. - for easy integration at the end customer. MQTT is a very lean ("lightweight") protocol that can be implemented quickly and easily in even the smallest devices, but does not offer standardized data modelling. Both technologies have their fans, but also different areas of application. Manufacturers of automation devices must therefore actually implement both protocols in order to meet the requirements of all their customers. In practice, this is complex and time-consuming.

Easy way to make devices IIoT-capable without expert knowledge

With over 30 years of experience in industrial communication, HMS can also support device manufacturers in implementing the required IIoT interfaces. The IIoT-Secure module from the Anybus CompactCom product range - a family of embedded communication interfaces - is a ready-to-install solution that supports OPC UA and MQTT in addition to fieldbus protocols. State-of-the-art security functions are implemented in the IIoT Secure module. The module features secure management of the certificates used for encrypted communication. Confidential data such as private keys are stored on a separate security chip. During secure booting, it is checked and ensured that only signed software from HMS is used. In addition, the module's security functions encrypt the IIoT data connections (OPC UA & MQTT) and also support the security requirements of the respective industrial protocols.

In addition to the modules, the interface is also available as a partially integrated version in brick format for mounting on the circuit board.

© HMS

The software interface between the module and the application program of the automation device is standardized. This means that manufacturers who already use an Anybus module for bus communication have no additional effort to transfer data via OPC UA and MQTT. Both protocols have been implemented securely and therefore also meet the necessary cybersecurity requirements. HMS therefore offers device manufacturers a quick and easy way to make their devices IIoT-capable, even without expert knowledge. In addition to the modules, the interface is also available as a partially integrated version in brick format for mounting on the circuit board.

Using cybersecurity as a competitive advantage

From HMS's point of view, there is a clear trend towards plant operators demanding higher security standards for the automation devices used in the future. This is hardly surprising, as the number of cyber attacks in this segment is also increasing in line with the growing need for communication in the industrial sector. This is why the various user organizations (e.g. Modbus Organization, ODVA, PNO) are working on new security concepts. However, the standardizations have not yet been completed and are gradually being mapped in the industrial fieldbus protocols.

However, the security of the devices themselves must also be taken into account. Secure communication is useless if unauthorized persons can read confidential device certificates or exchange them by manipulating the firmware. IEC62443-4-1 and -2 describe a framework for how component manufacturers must proceed with a secure implementation. The first part covers the development process through to the entire life cycle of the device, while the second part describes the security requirements for the devices.

HMS is certified by TÜV Rheinland in accordance with IEC 62443 and has integrated these security procedures into its development processes and implemented state-of-the-art security functions in the IIoT Secure module. For manufacturers of automation devices, this means that if they rely on the HMS solution, they can support a high level of security in their devices without extensive security expertise. And in a market where the topic of security is just getting started, this can be a decisive competitive advantage.

Optimal use of Anybus technology

HMS offers a free online seminar to ensure that you are on the right track with your development project right from the start. Our application engineers will provide you with compact and in-depth information on how to use Anybus technology optimally in your application.

Free white paper "Safety for industrial plants"

More insights into cybersecurity for manufacturers and plant operators in the free white paper.

© HMS

Would you like to delve deeper into the topic of cybersecurity? Then take a look at our free white paper. In it, we have compiled further considerations for you and answer pressing questions that are of interest to both device manufacturers and system operators.