2017-02-07

Who protects the Internet of Things?

Industry 4.0 adds an entirely new perspective to IT security. Once everything has connectivity, an entire set of new access gateways is now available. In the future, the responsibility for protecting a company and its assets will rest on many shoulders.

Soon, thieves will no longer need an open window to break into a factory because they will be able to wreak just as much havoc from their laptops at home or some other remote location. This the scenario for companies that use connected production processes but fail to adequately protect their networks and production systems. “If we assume that in the future an increasing number of vehicles and devices will be controlled using IT systems, then it is going to create new openings for individuals to hack,” explains Stefan Rieck, ION Group’s Chief Information Security Officer. It can also impact smart trucks or fully automated high-bay storage facilities, which could be shut down, destroyed, or even employed to cause further damage.

A merging of two worlds

At its core, the concept of Industry 4.0 is all about how an increasing amount of items are being linked together, making it possible to exchange data between machines, vehicles and employees. Or between manufacturers and customers, who can observe their products being assembled in real time, and factories can schedule the arrival of spare parts very precisely. These new possibilities are generally welcomed and even requested. “It is a merging of two worlds,” Rieck says. He is talking about the IT used in offices and production areas, computers and factory machinery. Yet it also leads to a much greater number of partners sharing individual networks. Suddenly it’s no longer enough to protect your own factory; now your customers, suppliers and building service providers also need to secure their access points. “The responsibility no longer lies with a single particular function such as your IT team.”


The actual security mechanisms are nothing new and are familiar to every traditional office IT group. They include anti-virus systems, encrypted data transfers, firewalls and authentication as well as close collaboration with certified external partners and security experts who regularly test systems and networks for weak points. In other words, it is the essentially the same measures required to protect you from network intrusion while also guaranteeing that a particular data package was really sent by a forklift truck instead of an unknown source. The essential task in the near future will be to transfer these tools from the office and adapt them to the many potential applications within the realm of production.

Can electronic control systems stop attacks?

The target for an intruder set on causing damage may not be the smart truck itself. It might just be a way of getting access to other servers to carry out industrial espionage. “In the future, manufacturers will need to be aware that their products may be open to misuse for purposes they were never intended for,” says Rieck. It requires a new approach at the planning and design stage. A trucks electronic control system was previously designed simply to operate the vehicle; it did not require having the computing power necessary to fend off hacking attacks from the internet. Will it involve the installation of additional components, or are very specific individual solutions required? The engineers at KION Group are already addressing these questions.

“IT security is definitely becoming an exciting area for creative minds,” says Rieck. It’s a broad field and a large number of teams and experts will need to work together. This certainly plays to the strength of a company such as KION. It is highly diversified: both in the traditional design of industrial trucks as well as in software and connectivity following its recent acquisition of automation expert Dematic. “The more things start to merge in the context of Industry 4.0, the more complex they become.” Rieck says it would certainly be helpful if the industry soon developed clear standards and guidelines that became widely integrated so that everyone could start pulling in the same direction.

IT security becomes a standard to achieve

Responsibility for protecting a company will rest on many shoulders. What’s the use of installing the highest level of security for a metaphorical 'house', if the tenant then leaves the keys under the front-door mat? Rieck regards customer awareness of the issue as fairly high: “Many of our customers ask us directly about the subject and they are very receptive to our advice and they are well informed.” Requests are gradually on the rise - particularly from small companies that cannot develop their own expertise - for large manufacturers such as KION to address the problems. Industry 4.0 doesn’t simply mean doing everything and connecting everything just because it is possible. “It also carries responsibilities,” Rieck emphasizes. “And we take ours very seriously, indeed.”

Inventory checking with drones

Revving up product development with virtual reality