Secure by design

Being product security officer makes me part of a team with a pretty weighty responsibility. Cybersecurity has long been a critical concern for the process industry, and its importance is growing daily. Smart sensors confer major benefits – they enable process plant connectivity all the way down to the lowest field level, so plant operators have better visibility into their processes and hence broader perspectives for optimization. But these advancements have a dark side in that they present a larger attack surface for cybercriminals, who are getting more devious all the time. That’s why we have cybersecurity experts – to make certain of delivering maximum security to our customers.

This extends to sensors, because every one with a digital interface is a potential entry point for cyberattacks. To prevent such attacks, we practice security by design – meaning that we at Endress+Hauser build security into our software and hardware starting right from the initial development stage, and uphold that security throughout the product life cycle. In addition, we continually provide software and firmware updates to maintain state-of-the-art protection for our products.

Our strategy starting from the product design phase is to apply a risk lens to the question of who should have access to which functions. Think of a brewery equipped with our sensors: The master brewers need to know the beer’s sugar and alcohol content, so they must be allowed to view the instruments’ measurement readings. But they don’t require full access that would allow them to change sensor settings. That kind of capability is rightly restricted to the maintenance personnel.

By using role-based access control in this way, we can reduce the risk of attacks. Write protection against unauthorized changes needn’t only be digital. With many instruments, it can also be implemented via a hardware lock – a manually operated switch. During product development, we also conduct penetration tests where we think like hackers and try to breach our products’ security. These simulated cyberattacks allow us to identify potential vulnerabilities and improve our security measures.

The European Union’s Cyber Resilience Act entered into force last December. Under this regulation, products with digital elements must meet certain cybersecurity standards. Businesses have a three-year transition period for bringing their products into compliance with these new requirements.

We are well prepared for this regulation. Our product development processes achieved IEC 62443-4-1 certification from the independent certifier TÜV Rheinland back in 2021 and were recertified last year. The great thing here is that our certification already covers many of the Cyber Resilience Act’s requirements. Our early start on this journey and our active engagement in standardization and industry association initiatives have proved well worthwhile. We need 360-degree security solutions for the process industry, and the only way to develop them is by working in partnership with our customers.

Solutions we devised are already setting standards. For example, Endress+Hauser has developed an additional layer of security for Bluetooth using the CPace protocol as its core component. In 2020, a research group from the internet standardization body IETF named our solution as the winner of a cryptography competition. And separately from that, in 2016 the Munich-based Fraunhofer Institute AISEC classified the protection level of the Endress+Hauser Bluetooth security extension as ‘high.’ That gives us a certain amount of pride. It’s what inspires my team and me to constantly improve our products’ cybersecurity.