For decades already, VEGA level sensors have been making it easier to monitor industrial processes. Thanks to wireless communication with Bluetooth, digitalisation has moved ahead in leaps and bounds, making process data, measured values and status displays from various industrial processes available where they are needed – for example in offices or control rooms far away from the actual production facilities.
Cyber attack: Where exactly do the dangers lie?
Due to the increased networking of computers and machines in industry, it is important to focus not only on IT security but also on OT security, i.e. security in production, or more precisely, in control technology. Because, before the data from a sensor ends up in the company network, it passes through several levels:
- The sensors first forward their measured values to gateways and controllers.
- From there, the data is sent to operable machine interfaces or control rooms.
- All the data is gathered by production and maintenance systems, which can then be further processed by IT.
Each of these processing levels has its own interface that must be protected from cyber criminals. This makes a holistic security concept necessary.
How does the security concept integrated in VEGAPULS 6X work?
The radar sensor is certified according to IEC 62443-4-2. It therefore fulfils the highest standards in cyber security, because this international standard defines security requirements for hardware as well as software. VEGAPULS 6X is protected by a “defence-in-depth” strategy, i.e. a multi-tiered security concept that comprises different IT security levels. The radar sensor is protected against, among other things,
- Data manipulation
- Denial of Service (DoS)
- Espionage
The instrument is also equipped with wide-ranging security functions:
- User authentication: Every VEGAPULS 6X is delivered with an individual device code and Bluetooth access code.
- Event memory: All locking and unlocking events are logged by the sensor – any attacks or manipulation attempts can be found in the memory.
- Firmware integrity check: The software update package is encrypted and signed. This prevents unauthorised software from being loaded into VEGAPULS 6X.
- Data backup for restoration: The parameters of VEGAPULS 6X can be saved by means of a backup.
The radar sensor VEGAPULS 6X is delivered in different security levels according to requirements in the highest levels a two-factor authentication is necessary. In the following video, Jürgen and Stefan walk through the VEGA IT department, explaining what has to be considered early in the development stage in order to build a secure sensor.
What does PSIRT mean?
PSIRT stands for Product Security Incident Response Team – it is a group of VEGA experts that looks after the cyber security of every VEGAPULS 6X after it is installed and commissioned. It finds and plugs any security gaps, checks reported problems, develops solutions, assesses new threats, provides customers with updates and information – and thus ensures that the radar sensor is continually protected against cyber attacks.
