18 November 2016 | Industry
Against the backdrop of the digital transformation of industry, TÜV NORD is offering comprehensive risk management for the fourth industrial revolution under the banner of “Security4Safety”. The grand design is to merge into one the values, which are in some cases contradictory, of security (crime prevention) and safety (accident prevention). In the process, what are known as penetration tests - attacks by ‘good hackers’ - are carried out to test existing IT security measures for effectiveness.
With Industry 4.0, companies are seeking to significantly optimise production and logistics processes. Any yet, the increasing networking of individual systems and components also comes with risks: Companies are becoming more vulnerable to cyber-attacks. Business processes and corporate values are threatened by industrial espionage, sabotage and damage to equipment. The three partners, TÜV NORD, TÜViT and MESCO Engineering, have stepped up to link different levels of security (security and functional safety) and thereby to enable enterprises to protect people and systems more efficiently and economically.
Comprehensive risk management with “Security4Safety” “It no longer makes logical sense to separate industrial safety and IT security from one another. We also need crime prevention measures to contribute to accident prevention,” explains Peter Baum, Product Manager for “Functional Safety” at TÜV NORD. Prompted by this imperative, TÜV NORD has developed the comprehensive service entitled “Security4Safety”. This includes a cyber risk analysis, by means of which the cyber risks to a system are identified and measures commensurate with the need derived. “Through measures in the field of IT security it’s sometimes also possible to implement safety requirements more cheaply,” Baum summarises. If the appropriate steps are then implemented, TÜViT can carry out penetration testing at various levels of automation technology – in other words, it can try to hack into the systems. In this context one talks about ‘good hackers’. In this way, vulnerabilities caused by missing or inadequate security measures can be revealed and fixed.
Safety aspects considered right from the development stage Industrial enterprises also have a growing need for functionally safe automation components. "In the development of industrial electronics, MESCO is taking into account the requirements of functional safety in its adherence to the IEC 61508 international standard and collaborating with TÜV NORD in the areas of security and certification,” explains Peter Bernhardt, head of Sales and Marketing at MESCO Engineering. MESCO generally relies on the use of design packages as a modular technology platform. In this way, products can be developed more quickly and less expensively, and the outlay involved in certifications is falling significantly as a result of the cooperation with TÜV NORD.
About the TÜV NORD GROUP
With over 10,000 employees, TÜV NORD GROUP is one of the largest technical service providers, offering its advisory, service and inspection expertise in over 70 countries throughout the world. Areas of activity include Industrial Services, Mobility, Training and IT. TÜV NORD GROUP occupies a unique position in the sector based on its work in the fields of natural resources and aerospace and is firmly committed to its guiding principle and watchword: “Excellence for your business”.