Mr. Pilz, why does Pilz differentiate between IT security and industrial security?

Thomas Pilz: IT security is about security in office IT, while industrial security is about securing machine networks in factory halls. A machine network is structured differently to an office network. There are printers, computers and servers; here, the machine, host computer, PLC controller, sensor and actuator are interconnected. Nevertheless, we have computers that also have to communicate with the office IT in some way. The machine is protected by operational technology, while the computer is protected by IT. There is a lot of movement in this separation of responsibilities. Ultimately, the top priority of industrial security is to ensure the availability of machines and systems as well as the integrity and confidentiality of data and processes.

Is the topic of security already receiving the necessary attention in automation technology?

Thomas Pilz (laughs): At Pilz, at least since the cyber attack in October. But joking aside, we joined the CERT@VDE IT security platform two years ago. Since then, we have been revising development processes to ensure that we offer systems and components on the market that meet the increasing - and changing - requirements for safety and security. You could say that we have restructured our development process for this purpose. We have acquired the necessary knowledge ourselves. In our new and further developments, we meet security requirements in a TÜV-certified process in accordance with IEC 62443-4-1. Aspects such as threat scenarios, strengths and weaknesses of protocols or encryption methods are taken into account from the outset.
I have noticed that other automation providers are taking a similar approach. In this respect, I would say that the topic has arrived in the industry.

"If the security is breached, the attacker ultimately decides what damage he wants to cause to the machine"

Is the growing threat of cyber attacks having an impact on
automation technology?

Thomas Pilz: For both safety and security, there are usually a large number of different solutions for one and the same problem. It therefore always depends on the situation as to which solutions are used and which make sense. The most sustainable and efficient solutions are those in which the issue of safety is already considered and discussed during the design phase. This also applied to safety, but unfortunately it is still not a matter of course. Here, the end user is required to enter into the discussion so that the machine can ultimately be operated and maintained in line with their expectations.

What does that mean in concrete terms?

Thomas Pilz: As we know, security is a moving target. So the measures against cyber threats need to be constantly updated: As with safety, I can carry out a security assessment, which is then used as a basis for implementation.
The difference, however, is that with safety, once a presumption of conformity has been created for an installed solution, it can be valid for 20 years. With security, the half-life is a maximum of two years. After that, the technologies and strategies used have to be redesigned. This is because, regardless of the fact that the threat situation may be stable, attack strategies are evolving rapidly.

Will IT security and industrial security merge?

Thomas Pilz: I wouldn't dare make a prediction in this regard. However, every company should work out how the interaction between IT and OT should be organized for the store floor. Because there is no one-size-fits-all solution. Every company is set up and organized differently, has its own history and needs to develop.

Will safety and security then merge?

Thomas Pilz: No, they won't. Safety is always about protecting people from machines and security is about protecting machines from people. What is new, however, is that security has more and more influence on safety. This means that functional safety alone is not enough for networked systems; security solutions must also be implemented that equally protect machines and functional safety mechanisms as a shield. After all, if security is breached, the attacker ultimately decides what damage he wants to cause to the machine.

What challenges do you see for safety and security in the future?

Thomas Pilz: In the future, I see security as a new challenge for safety when networking takes place via network technology, as well as in the areas of trusted user and multi-factor authentication. But also as a challenge for the operator, who, in addition to dealing with static functional safety, must learn to produce efficiently with cyber defense in the background - keyword: availability of the systems during security updates.

Your company has itself been the victim of a cyber attack. What lessons has Pilz learned from the cyber attack?

Thomas Pilz: In general, we can say that the economy has become the target of cybercrime. These blackmailers have built up a business model that mainly targets companies located in the West.
And then you have to acknowledge that any static cybersecurity can be overcome, but that with dynamic concepts the consequences of a so-called 'successful' attack can be minimized. However, we have also realized that there will never be one hundred percent protection.

Read the accompanying technical report "Machines need our protection" here