The industrial sector is facing an exciting transformation towards Industry 4.0 with the digitalization of the factory, but the interconnection of machines and devices creates new risks and threats, as traditionally isolated devices now connected to IT resources become exposed to cyberattacks.
In industrial environments, the production assets must be protected to assure their availability and to avoid any impact on the actual production process and its associated cost. A production stop due to a security threat is unacceptable. Moreover, deploying a cybersecurity solution in the factory, currently requires huge amount of time and effort, and specialized expertise for industrial sector.
Factories are constantly evolving – new assets and new projects towards full digitalization –, as well as its associated cybersecurity requirements. Managing proper cybersecurity across the whole factory over time is complex, time consuming and requires expert knowledge. If not properly defined – including people, process and technology –, cybersecurity tends to relax to avoid impacting the production.
In such a scenario, our network security solution relies on simplicity, automation and intelligence to reduce the risk and security management effort.
We extend current approaches for industrial cybersecurity with smart discovery and clustering of assets and security policies to automate this process, thus reducing the time and effort needed. Based on that information, our central orchestrator interacts with all the security components spread throughout the factory to automatically deploy the resulting security policies, simplifying this process and assessing the security posture of the factory.
Moreover, we enforce a zero-trust model and implement network micro-segmentation to avoid that compromised devices affect the rest of devices and machines connected to the same trusted segment, thus limiting lateral movement. This approach, based on a whitelist model, allows the hardening of the industrial network reducing the attack surface of systems and devices that cannot be updated nor patched.
Cybersecurity in Industrial Control Systems (ICS) is essential, since cyberattacks can affect not only the production system but also the integrity of operations. This is aggravated in critical infrastructure such as Smart Grids, were the consequences of an attack may impact citizens’ lifes. Attackers are highly attracted to these kinds of attacks and numerous infrastructures have already been assaulted in recent years, such as systems for electric power grid and water treatment.
The electric power industry, which brings together much of the national critical infrastructures –generation, transmission and distribution of electric power – is a highly regulated and standardized industry. In this regard, the International Electrotechnical Commission (IEC), an international standards organization, has published the IEC 62351 standard for data and communications security in the context of power systems management and associated information exchange. This standard, developed by WG 15 of IEC TC57, includes a set of technical specifications that covers different aspects for handling the security and protection of communications in this sector, such as communication network and system security (profiles including TCP/IP and MMS), security for IEC 60870-5 and IEC 61850, role-based access control, and key management for power system equipment. It also covers more general aspects, such as security architecture guidelines, and resilience and security recommendations for power systems with distributed energy resources (DER) cyber-physical systems.
Keynetic is committed to the development of tools compliant with IEC standards to provide solutions to secure Smart Grids and protect critical infrastructure from cyberattacks. You can read more about our security solutions for smart grids.
Telco companies, both operators and manufacturers are continuously working on novel solutions to secure communications. The apparition of novel trends in networking such as Software-Defined Networking (SDN), Network Functions Virtualization (NFV) or Network Automation is making them re-think how security can be enforced in this new scenario.
SDN technology brings a new way of thinking and addressing network solutions, opening innovation to new proposals and software-based solutions that take advantage of the capabilities and performance of vendor’s hardware. The flexibility and adaptability – reducing development cycles – of this approach fits better with the changing needs of operators and data center environments.
In recent years, SDN solutions have evolved towards their automation, leading to intent-based networking. Through the appropriate abstractions, you will define what you want – intent – to achieve, not how to implement it. This approach simplifies the network management and associated security, hiding the inherent complexity.
In addition, NFV technology allows flexible deployment of network solutions, by virtualizing the functionality offered by physical appliances. Thus, the network architecture becomes flexible and allows its dynamic updating. In this way, the resources consumed are adapted to the demand, achieving elastic architectures.
Currently, Artificial Intelligence (AI/ML) is used to better understand the business, improve process efficiency and streamline decision making. In the operator sector, an autonomous solution is required, capable of simplifying management and reducing implementation, response and reaction times to anomalies that occur in the network. It is necessary to reduce human intervention and its adaptation to the changing demands.
To achieve this, first, the networks were virtualized, and their control was centralized to automate the processes using the programmability exposed by SDN/NFV. Next, adaptive networks allow to react to changes and events that come from real-time data collection. The future evolution of network intelligence is the idea of autonomous networks, in which the networks are capable of self-learning, making their own decisions and reacting autonomously by using AI/ML technology. The ultimate goal is to assist in decision-making, simplify management, minimize human-machine interaction to speed up network operation, and reduce both response times and possible errors, which provides a more robust solution and reduces operating costs.
Our team has a solid track record in R&D in this field, including participation in multiple SDN/NFV related EU-funded projects (FP7-ALIEN, FP7-UNIFY, FP7-GN3 plus and H2020-GN4).
Our prototypes, including our flagship product flowNAC, have been also demonstrated in top international conferences and major events, such as IEEE GlobeCom, IEEE NetSoft or the OpenNetworking Summit (ONS). In addition, Keynetic has been recognized by the ETSI as an outstanding contributor in the Open Source MANO (OSM) initiative as a reference in NFV security. We are ready for 5G, flowNAC can be deployed as a Virtual Network Function (VNF) over the operators’ infrastructure. Our security solution is designed as a cloud-native VNF fully integrated with ETSI OSM and has been successfully tested in several Plugtests with the major virtual infrastructure technologies (OpenStack and VMWare).