Power supply failures, nationwide failure of telephone networks, internet and ATMs lasting several days through to production stoppages: Cyber attacks on critical infrastructures and industry are not a question of “if” – they are a question of “when”. As the consequences of these attacks, especially with the growth in the internet of things (IoT) and Industrial Internet of Things (IIoT), could be enormous, TUV Rheinland and OpenSky have extended their portfolio of functional safety audits and certifications for critical infrastructures and industry to include extensive cyber security analyses and examinations. “With the advent of Industry 4.0, functional safety can no longer be considered in isolation,” explains Heinz Gall, expert for “Functional Safety & Security” at TUV Rheinland. “Cyber security is an essential success factor: for protect central supply systems, as an important precondition for functional safety in manufacturing processes; for secure automated data exchange between networked production systems; and for availability and reliability in production;” adds Nigel Stanley, cyber security specialist at OpenSky. “The need to regularly examine current safety and security strategies in the industry and to further develop intelligent controls and solutions will continue to rise as smart processing continues to accelerate,” the two experts are convinced.
TUV Rheinland and OpenSky have therefore developed an interdisciplinary risk management approach for component manufacturers and system integrators of industrial control systems that focuses equally on functional safety and cyber security. It is based on a solid risk analysis over an entire life cycle, starting with the development phase and the need to design in safety & security. The service includes in-depth cyber security evaluations, including vulnerability, hardness and penetration tests. In January 2017 TUV Rheinland and OpenSky are presenting their approach at S4x17 in Miami, one of the most important international conferences on the security of industrial control systems.
With its integrated offering of functional safety and cyber security, TUV Rheinland and OpenSky are combining more than 145 years of expertise in industrial safety and security with extensive experience in the field of cyber security.
Besides complying with regulatory requirements, component manufacturers and integrators of industrial systems can use the TUV Rheinland and OpenSky approach to attain more challenging security maturity levels as defined by IEC 62443, an international security standard for industrial automation and control systems.