Production IT Security as a precondition to Industry 4€¦ · ZF Friedrichshafen AG OPS Dr. Nils...

ZF Friedrichshafen AG

OPS

Dr. Nils Macke / Rainer Rodler

MOTION AND MOBILITY

Production IT Security as a precondition to Industry 4.0

IoT Tech Expo Europe 2017 Berlin 2017-06-01

© ZF Friedrichshafen AG, 20162 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public

Agenda

1.

2.

3.

4.

5.

6.

Industry 4.0 @ ZF

The Project PITS

Organization

Guidelines

Technical Solution

Introduction ZF Friedrichshafen AG


Corporate Structure ZF Friedrichshafen AG Shareholders: 93.8%

Zeppelin Foundation and 6.2% Dr. Jürgen and Irmgard Ulderup Foundation

Automatic Transmissions

Manual Transmissions/Dual

Clutch Transmissions

Axle Drives

Powertrain Modules

Division

Car Powertrain Technology

Bernd Stockmann

Chassis Systems

Chassis Components

Suspension Technology

Division

Car Chassis Technology

Uwe Coßmann

Truck & Van Driveline

Technology

Axle & Transmission Systems

for Buses & Coaches

CV Chassis Modules

CV Damper Technology

CV Powertrain Modules

Division Commercial

Vehicle Technology

Fredrik Staedtler

Off-Highway Systems

Industrial Drives

Marine Propulsion Systems

Test Systems

Aviation Technology

Wind Power Technology

Special Driveline Technology

Division

Industrial Technology

Dr. Klaus Geißdörfer

Braking Systems

Steering Systems

Commercial Steering Systems

Occupant Safety Systems

Electronics

Body Control Systems

Parts & Service

Division Active & Passive

Safety Technology

Dr. Franz Kleiner

Dr. Stefan Sommer – Chief Executive Officer / R&D / ZF Services

Dr. Konstantin Sauer – Finance, IT, M&A | Jürgen Holeksa – Human Resources / Governance | Michael Hankel – Production / Car Powertrain Technology / Car Chassis

Technology / E-Mobility | Wilhelm Rehm – Materials Management / Industrial Technology | Rolf Lutz – Quality / Commercial Vehicle Technology / Region of South America | Dr.

Franz Kleiner – Active & Passive Safety Technology / Region of North America | Peter Lake Corporate Market / Region Asia-Pacific

Board of Management, ZF Friedrichshafen AG

ZF Services

Central Functions / Regions

Corporate Functions

Electronic Systems

Electric Traction Drive

System House

Division

E-Mobility

Jörg Grotendorst


ZF GroupKey Figures 2015

The ZF Group – An OverviewThe ZF Group – An Overview

2015

Sales* € 29,154 million

Employees (end of the year) 138,269

Investments in property, plant and equipment € 1,290 million

Research and development € 1,390 million

230 locations in 40 countries

77 service companies and more than 650 service partners

*incl. ZF TRW sales as of May 15, 2015


Key FiguresLocations

230 Locations

17Main development

locations

77 Service companies

Over 650 service partners

worldwide

Worldwide Presence – Production, Development, Sales and Service*

Countries with ZF Services locations are marked in a darker shade *Status: December 2015


Sounds great, but how do you protect your production?


Fields of action according to the final report BMBF Industry 4.0

Standardization and open standards for a reference architecture

Mastery of complexsystems

Widespread broadband infrastructure for industry

IT Security as a critical success factor forindustry 4.0

Work organization and job design in digital industrial age

Education and Training for Industry 4.0

Legal framework Resource efficiency Quelle: BMBF Umsetzungsempfehlungen für das

Zukunftsprojekt Industrie 4.0

http://www.bmbf.de/pubRD/Umsetzungsempfehlung

en_Industrie4_0.pdf


Requirements vs. Standard Solutions

Perimeter Protection does not work for cities

anymore

What about the IT protection of your company?

L

e

a

n

Big Data

Intersite

production

CloudJ

i

S

Remote Support

Collaborative Engineering

M

E

S

P

L

M

Predictive maintenance

communicationbandwith


Situation

Fast-growing virus lists require a lot of memory

Recent malware attacks and machine control (PLC, NCU, SCADA)

t2006

n

Quelle: Dr. Johann Fichtner,

Siemens CERT 20142003

160.000

9

2006

n

t2014


Live cycle gap

Planning

t~ 2 years ~ 10-30 years

Machine lifecycle

Order

Production

Commissioning

2000

ME

Software lifecycle e.g. Windows

1990 1995 2005 2010 2015

NT3.x NT4

95 983.x

2k XP VISTA 7 8.x

t

Support

no

limited

yes

10

Why do proven protective measures not work in the production?


How you could be attacked

Internet

Office

NetworkProduktion Network

Firewall

open

Ports

M

M

M

M M

Remote

Support

Unpatched

Programs

DMZ

DMZ

Technical SupportUSB

Firewall


Measures

Production IT Security

Organization Guidelines Technical

measures

If you are thinking technology can solve your IT security problems, you don´t understand the problems and you don´t understand the

technology

(Bruce Schneier)


ISA-95

ISA-95 Business Processes

ERP

(SAP)

MES

SCADA

SPS

Sensor /

Actor

OEE

PLM

Order KPITrace-

abilityISA-95

Level 3

Management

Level 2

Operations

Level 1

Control

Level 0

Production

Level 4

Enterprise


ISA-95

ISA-95 Level:operative Responsibilities

ERP

(SAP)

MES

SCADA

SPS

Sensor /

Actor

OEE

PLM

ISA-95

Level 3

Management

Level 2

Operations

Level 1

Control

Level 0

Production

Level 4

Enterprise

IT

maintenance


OrganizationOperative Support IT Systems in the Produktion

maintenance

local

In general low IT skills

IT

Inter location

In general low production skills

Production IT

Automati-sierung

ShopfloorAdditional Spezial-Teams:

Shopfloor

Automatization

Production IT

EMEA APANA/SA

Quelle: www.mag-ias.com

PITS Consultants

Are in the regions and educate and

support local teams


+ country specific e.g. legal specifications

Guidelines

+ plant specificBehavior and contact in case

of an emergency, Maps…

usage

lokal

(Plant)

regional

(Country)

global

(ZF)

Legal binding

purchasing guideline

basic rules

…

n1

n1


Guidelines Technical delivery specifications

Without

machine procurement guideline

With

machine procurement guideline

If you install or modify software or

patches you will lose warrenty

The vendor has to ensure that the

machine is capable to update

necessary patches and to run

protection software


Antivirus program Whitelisting

operation Looks for known malware (virus definition

files)

Only known software is allowed to be

executed

advantages • Easy installation

• Easy operation

• Existing infrastructure

• Proaktive

• Easy operation

• Constant consumption of resources

• Patch management is obsolete in many

cases

disadvantages • Growing virus definition files

• growing consumption of resources

• Permanently Updates

• Reaktive

• Not so easy Installation

usage Office PCs Industrial-PCs

Technical Solutions Antivirus vs. Whitelisting

Quellen: Türsteher: : http://www.security-bbc.npage.de, Drehkreuz: http://www.zaunbau-leis.de, Einstein http://paxonbothhouses.blogspot.de/2013/11/the-thing-about-smart-people-is-that.html


Technical Solutions Image Backup


DNC

NCU / PLC

Image

Technical Solutions Backup / RestoreRestore of a CNC Machine

HDD exchange

Image Restore

Restore NCU /

SPS Data

Load NC

Programm

in running order Production Ready


Technical Solutions Remote Support Use Cases

Use

Case

Manufacturer

Support

Support

at a

Partner

Home-

office

Test at

manufac-

turer

Support

at the

customer

Inhouse

Diagnosis


Technical Solutions Remote Support

Webconference

Step 1

Internal connection to the Machine

Machine ManufacturerPC Maintenance

Step 2

Webconference with the manufacturer

hand over of the remote connection


P

Summary - main success factors

Involve Management + Staff

Start with “low hanging fruits”

Understand the customer´s requirements“walk a mile in the customer's shoes”

Backing and support

by Top Management

Go Onsite!

Communicate face to face!

point out the benefits for the customers

Generate Sustainability! Teach the onsite staff how to do it

© ZF Friedrichshafen AG, 201624 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, PublicZF Friedrichshafen AG behält sich sämtliche Rechte an den gezeigten technischen Informationen einschließlich der Rechte zur Hinterlegung von Schutzrechtsanmeldungen und an daraus entstehenden Schutzrechten im In- und Ausland vor.

ZF Friedrichshafen AG reserves all rights regarding the shown technical information including the right to file industrial property right applications and the industrial property rights resulting from these in Germany and abroad.

ZF Friedrichshafen AG behält sich sämtliche Rechte an den gezeigten technischen Informationen einschließlich der Rechte zur Hinterlegung von Schutzrechtsanmeldungen und an daraus entstehenden Schutzrechten im In- und Ausland vor.

ZF Friedrichshafen AG reserves all rights regarding the shown technical information including the right to file industrial property right applications and the industrial property rights resulting from these in Germany and abroad.

Thanks for your attention

Production IT Security as a precondition to Industry 4€¦ · ZF Friedrichshafen AG OPS Dr. Nils...

Documents

Transcript of Production IT Security as a precondition to Industry 4€¦ · ZF Friedrichshafen AG OPS Dr. Nils...