What trends does NewTec see in cybersecurity in industry - both threats and opportunities to counter them?

Stephan Strohmeier: Above all, we are seeing a significant increase in security incidents, especially industrial espionage and spying on systems. On the manufacturer and developer side, there is a short time to market and a need to save money when developing networked machines and IIoT products. As a result, the quickest, most cost-effective route is often chosen - solutions are often purchased that do not take data security into account or only take it insufficiently into account, and attempts are made to make them cyber-secure after the fact.

If, for example, a machine that has been on the market for five years requires the option of security updates over the air, this is not possible with the hardware used. You are therefore at an impasse because additional services based on the components used cannot be implemented in a cyber-secure manner.

Security should therefore be integrated into the development process right from the start. At the end of the day, this is not only the more secure way, but also the more cost-effective one, because it allows products to be reused and expanded and also avoids unforeseen costs arising afterwards. However, this approach requires security engineering skills. Fortunately, if these are not available, companies can now obtain support from external specialists and/or use pre-qualified, secure hardware and software.

To what extent are safety and security linked, and how does NewTec intend to address this with its products and solutions?

A successful cyber attack can bring an entire production line to a standstill - and also cause damage to the health of employees and the environment.

It's absurd: we're going out of our way to make all possible functionalities function reliably, but at the same time risk them being undermined by hackers. The spying on systems that we are currently observing is possibly the first step towards cyber attacks. If hackers exploit the vulnerabilities they find, operators become vulnerable to blackmail - much like the encryption of IT resources by ransomware.

To support the development of cyber and functionally secure products in this situation, NewTec offers pre-qualified development platforms and services that take into account the requirements of both the IEC 62443 security standard and the IEC 61508 safety standard.

What applications are the solutions and platforms suitable for and what opportunities do they open up for developers?

On the one hand, NewTec offers pre-qualified development solutions and platforms, such as our NTSecureCloudSolutions with secure gateways, data acquisition platforms and cloud services, which can be used to quickly implement secure IIoT applications. This makes it possible to develop cyber-secure embedded systems without having to build up the relevant expertise yourself.

But as an engineering service provider with decades of development experience, we are also a safety and security partner throughout the entire product life cycle. This includes individual training courses, security concepts and reviews or the contract development of functional and cyber-secure systems, as well as operational concepts, audits and penetration tests.

What new products and services will NewTec be presenting at SPS?

The focus will be on our new safety engineering platform NTSafeFlex STM32 and the supplementary safety library, the NTSafetyLib. The two-channel reference design based on STMicroelectronics processors and the associated NTSafetyLib simplify and shorten the development of industrial applications with high safety requirements. And in combination with a corresponding transceiver such as a secure gateway, data-secure connections can be realized without any problems.

Supply bottlenecks and one-sided dependencies on suppliers are currently a major issue. For this reason, the NTSafeFlex reference design will soon also be available with Infineon Aurix and NXP processors. Thanks to the supplied runtime environment for safe applications, the customer-specific application can then be operated independently of the control unit or ECU.

NewTec at the SPS 2022: Hall 5, Stand 141