| | 9CIOReviewMARCH 2022explosion of a petrochemical plant­not occur. It is likely that more attacks will follow in the future. Securing the Future for Industrial CompaniesIn view of such threat scenarios, new approaches to risk analysis and the technical inspection of installations and products must be taken. Functional safety and IT security should therefore no longer be treated as separate fields of action. Security means the security of data in terms of availability, confidentiality, and integrity. Safety refers to the safety of people and the environment, for example in terms of functionality, electrical, and constructional safety. The merger of safety and security into one approach came with the development of smart manufacturing. For years now, networking of sensors and actuators has been indispensable in the process and manufacturing industry. Cloud infrastructures are implemented to develop new business models. Very common today are digital twins of industrial plants­the simulation of the plant in the cloud, which in turn opens up completely new applications and potential. These trends are often part of digitisation strategies of companies or entire sectors. But their opportunities also lead to new risks.Any kind of networking and the associated opening of a systementails the risk of misuse by unauthorised persons. Every industrial company therefore needs not only a digitisation strategy, but also a strategy to safeguard its own values­the production process, the know-how of its employees,and the key elements of its business model. Such a cyber security strategy should be based on solid concepts and methods. The IEC 62443 standard was defined for industrial safety and contains an established process model for an industrial cyber security strategy.Comprehensive Security Concept for Smart ManufacturingWithin the framework of smart manufacturing, IEC 62443 has established itself as an internationally recognised standard for IT security in the process and automation industry. In addition, many other branches of industry, including critical infrastructures, are now using this standard. IEC 62443 has thus become the central standard for smart manufacturing solutions. Wherever digitalisation, networking, and automation are used in the industrial sector, this standard provides a security guide­independent of the sector. Based on the criteria and requirements, companies can ensure the reliability of their facilities and applications, prove the availability of security functions and the integrity of components and systems, with operators, integrators, and component manufacturers benefitting equally. Certification according to IEC 62443 also offers sustainable protection against cyber-attacks. Hackers and cybercriminals are also aware of the companies' rapid conversion to digital infrastructures. Any security gap not considered and closed today can turn into an existential problem tomorrow. Operators of industrial plants, for example, must ensure protection against digital threats. Otherwise unauthorised persons could, at worst, bring the plant to a standstill or even cause personal injury and environmental damage. Integrators also face ever-increasing security requirements, since today they not only provide a network for industrial plants, but also connect the plant to cloud services. The manufacturers of components face similar challenges like operators of industrial plants as their products are expected to function in an increasingly networked way. Using the Digital UpswingThe coronavirus pandemic has increased the need for digitalisation and hence the pressure on industrial companies to act. At the same time, there is an increasing necessity to secure the newly acquired digital infrastructures today in order to sustainably benefit from them also tomorrow. The IEC 62443 standard takes a holistic approach to cybersecurity. A certification proves that the company is working according to the "state of the art" and complies with its legal duties of care­important prerequisites for minimising liability risks. The IEC 62443 standard takes a holistic approach to cybersecurityMatthias Springer
< Page 8 | Page 10 >