Cyber Security as THE Key Enabler for Digitalization · Cyber Security as THE Key Enabler for...
Transcript of Cyber Security as THE Key Enabler for Digitalization · Cyber Security as THE Key Enabler for...
Cyber Security as THE KeyEnabler for DigitalizationDr. Norbert Gaus | July 2018
Unrestricted
Unrestricted © Siemens AG 2018July 2018Page 2 Corporate Technology RDA ITS
Digitalization is changing everything ……we address Digitalization with a holistic approach
Business modelsSmart services
Value creationprocessesSmart factory, smart plant,smart buildings
Digitally enhancedproductsSmart products and solutions
Unrestricted © Siemens AG 2018July 2018Page 3 Corporate Technology RDA ITS
Innovation with a clear focus –Siemens Company Core Technologies
AdditiveManufacturing
AutonomousRobotics
BlockchainApplications
Connected(e)Mobility
Connectivity andEdge Devices
Cybersecurity Data Analytics,Artificial Intelligence
DistributedEnergy Systems
EnergyStorage
Future ofAutomation
Materials Power Electronics Simulationand Digital Twin
Software Systemsand Processes
Unrestricted © Siemens AG 2018July 2018Page 4 Corporate Technology RDA ITS
Company Core Technologies to drive Innovation in Digitalization
Block-chain ApplicationsManaging Transactions
Connectivity and Edge DevicesDevices becomeintelligent and connected
Software Systems and ProcessesManaging theSW Life-cycle
Simulation and Digital TwinExpanding the Digital Twin
Future of AutomationFrom automated towardsautonomous systems
Connected (e)MobilityMobility is electric,connected, autonomous
Cyber Security Enabling Digitalization
Data Analytics, Artificial IntelligenceMaking automateddecisions
Autonomous RoboticsControlling pervasiverobotics
Unrestricted © Siemens AG 2018July 2018Page 5 Corporate Technology RDA ITS
Cyber Security is a key enabler to Digitalization
Block-chain ApplicationsManaging Transactions
Connectivity and Edge DevicesDevices becomeintelligent and connected
Software Systems and ProcessesManaging theSW Life-cycle
Simulation and Digital TwinExpanding the Digital Twin
Future of AutomationFrom automated towardsautonomous systems
Connected (e)MobilityMobility is electric,connected, autonomous
Cyber Security Enabling Digitalization
Data Analytics, Artificial IntelligenceMaking automateddecisions
Autonomous RoboticsControlling pervasiverobotics
Cyber Security
Enabling Digitalization
Unrestricted © Siemens AG 2018July 2018Page 6 Corporate Technology RDA ITS
Cybersecurity – An increasingly critical factorfor the success of the digital economy
Digital ConnectivityDigital Information Processing Digital Automation and Intelligence
1950s – 1960sMilitary, governments andother organizations implementcomputer systems
1980sComputers make theirway into schools, homes,business and industry
2020sInternet of Things, Smartand autonomous systems,Artificial Intelligence, Big Data
1999The globe is connectedby the internet
1970sHome computeris introduced
1991The World WideWeb becomespublicly accessible
2010sCloud computingenters the mainstream
1990sDigital enhancementof electrification andautomation
2020sIndustry 4.0
2000sMobile flexibility
Blue Boxing
CryptovirologyAOHell
Level Seven Crew hackDenial-of-service attacks
Cloudbleed
sl1nk SCADA hacksMeltdown/Spectre
Infinion/TPM
AT&T Hack
Morris WormMelissa Worm
ILOVEYOU
WannaCry
NotPetya
HeartbleedIndustroyer/Chrashoverride
Stuxnet
Unrestricted © Siemens AG 2018July 2018Page 7 Corporate Technology RDA ITS
The challenges to Cyber Securityrequire new approaches to technologies
Need for Cyber Security TechnologyICS: Industrial Control System | IEC: International Electrotechnical Commission
Business Units Standards and regulationse.g. IEC 62443 Security LevelsCyber Security technology to
use for my future products/solutions?
How to secure existing installations?
How to securely connect to the cloud fordigital services?
What is the technology to drivesecurity services business?
How to scale effort in CyberSecurity?
SL4 Protection against intentional violationusing sophisticated means, extendedresources, ICS specific skills, highmotivation
SL3 Protection against intentionalviolation using sophisticated means,moderate resources, ICS specificskills, moderate motivation
SL2 Protection against intentional violationusing simple means, low resources,generic skills, low motivation
SL1 Protection against casualor coincidental violation
DigitalizationConnected Industrial Control Systemsoffer new levels of efficiencyand productivity …
but they also create new possibilities tocyber attacks
Unrestricted © Siemens AG 2018July 2018Page 8 Corporate Technology RDA ITS
Products &SolutionsSecurity
SecurityCustomerServices
InternalCyberSecurity
Scoping of CCT Cyber Security –Five action fields derived from business needs
Cyber Security Action Fields
ReusableCyber SecurityComponents
SecurityAutomation
Technologiesfor SecurityServices
Cloud Security forIndustrial Applications
Long term Security for LifeCycle (Brownfield)
Cloud security for industrial applications
Security for a lifecycle in the field
Unrestricted © Siemens AG 2018July 2018Page 9 Corporate Technology RDA ITS
Cyber SecurityProtecting industrial infrastructure along their entire lifecycle
Security automation inR&D, e.g.
• Automated penetrationtesting
• Automated hardening andsecure configuration
Security Components, e.g.
• One-way gateway
• IoT public key infra-structure, identity andaccess management
• Small footprint IoTcryptography
Technologies forsecurity services inoperations, e.g.
• Security analyticsplatform
• Artificial intelligence forsecurity
• Automatic response –malware containment
Cloud security for industrial applications
Security for a lifecycle in the field
Unrestricted © Siemens AG 2018July 2018Page 10 Corporate Technology RDA ITS
Automated penetration testing andsmall footprint crypto enabled PKI
Automated Penetration Testing• Accelerates and improves SW development• Uses state-of-the-art security scanners and
automatically updates with new attack patterns out ofa central database
• Extended with automated hardening and supportsecurity standard for industrial control systems (IEC62443)
Security Tester
System under Test
Test execution…
Test configuration Result evaluation
Appliance
PKI = Public Key Infrastructure; HW = Hardware; SW = Software; FW = Firmware
Keys Certificates
Trust anchor and small footprint cryptography• Central PKI service in secure environment• Central signature service• Secure key generation and storage using small
footprint Elliptic Curve Cryptography• Support of various platforms: crypto controller, FPGA,
Software• Tool kit for easy integration into products
Unrestricted © Siemens AG 2018July 2018Page 11 Corporate Technology RDA ITS
Cyber Security – long term research topics
Self-SecuringSystems Design
HomomorphicEncryption
Post QuantumCrypto
Security for Co-operative Autonom-ous Systems
Automated Forensicsand Malware Analysis
Secure Cloud basedRealtime Control
Supply ChainSecurity …
NextGen PatchingSecurity Validationon Digital Twin
Unrestricted © Siemens AG 2018July 2018Page 12 Corporate Technology RDA ITS
Post Quantum Crypto – Siemens productsneed to be protected from Quantum Computer attacks
QC: Quantum Computer | RSA: Rivest-Shamir-Adleman algorithm | SHA: Secure Hash Algorithm | AES: Advanced Encryption Standard
Effects on Siemens• Public key crypto has advantages (e.g. key negotiation, digital
signatures) and is therefore used in many Siermens products• Industrial products life-cycle is 20+ years Þ might become
vulnerable to future QC attacks
Research Priorities• Upcoming quantum secure crypto algorithms for usage within
critical infrastructure, e.g. memory, realtime• Design for crypto agility: ability to upgrade to crypto algorithms
Challenges• Quantum Computers are able to break classical public
key crypto (e.g. RSA) used for key distribution and signatures• Current used hash functions (e.g. SHA family) and symmetric
algorithms (e.g. AES encryption) are resistant against QCattacks
• Estimation: >1,000,000 qubits required to break current publickeys, needing ~8 – 30 years of technology progress
• IBM: 50 qubits (2017), Google announced 72 qubits for 2018
Unrestricted © Siemens AG 2018July 2018Page 13 Corporate Technology RDA ITS
Cyber Security –Technology to secure Siemens
Cyber Security Action FieldsProducts &SolutionsSecurity
SecurityServices
InternalCyberSecurity
Reusable Cyber SecurityComponents
SecurityAutomation
Technologyfor SecurityServices
Cloud Security forIndustrial Applications
Long term Security for LifeCycle (Brownfield)
… protect our customers infrastructure
… automate and scale solutions to systematicallyaddress Cyber Security needs
… provide innovativeand future-proof technology
Questions & Answerssiemens.com/innovationUnrestricted © Siemens AG 2018