Cyber security for plant operators
INNOVATION WELCOME – A SURE THING!
AT A GLANCE:
Cloud connection and networking via the Internet of Things (IoT) create entirely new analytical and practical opportunities for your plant operation – but also new risks.
In 2022 alone, ransomware attacks on operational technology (OT) systems in production and infrastructure increased by 87%.
Protect your system and data with professional and lasting vulnerability management – in other words, detecting and rectifying vulnerabilities. We’re here to help.
Your motivation:
With the rapid advances in networking of production systems and critical infrastructure, one key component is still far too often under-represented: Cyber security. That’s why Germany’s IT Security Act 2.0, the forthcoming EU Cyber Resilience Act, and the new EU Machinery Regulation 2023/1230 require manufacturers and plant operators to put specific security procedures in place. Standards IEEE 62443 and TS 50701 are also relevant in this connection. But how can you identify and counter vulnerabilities and risks in your Operational Technology (OT) components and systems?
Cyber security for your plant technology –
ask us!
ask us!
Want to make your plant cyber-secure? Get advice from our experts: Send an email with your request or call us. Protect your OT against the dangerous consequences of software errors and vulnerabilities!
call us
+49 721 9841 4678
Email
sales@codewerk.de
What creates added value for you:
As a plant operator you can monitor operational risks and minimize potential losses with our support. We focus mainly on two points in this regard:
- We understand complex OT systems as a whole in order to reliably assess the impact of errors and establish mitigation mechanisms. Our experience shows that a comprehensive combination of system, software, and security expertise is essential. For many of our customers, this defines the “Codewerk factor.”
- We operate and maintain your security monitoring system on the basis of Security Onion. This helps you reliably detect attacks both from within the network and from hosts.
Codewerk services for
secure plant management:
Connecting your OT devices to a security monitoring solution, such as the open-source Security Onion solution
Integration of vulnerability scanners in your OT network and connecting them to Security Onion, like the open-source solution VulnWhisperer
What we do differently:
Codewerk is a partner to entities such as major industrial and rail vehicle equipment and component manufacturers, and is also active in R&D projects in the rail transport sector. Based on our understanding of complex systems and our own roots in software engineering, we can specifically target typical risks. Here are just three of many examples:
- Insecure standard configuration:
A quick and easy target for hackers, but still a widespread one. This is where our fuzzing comes in – a deliberate attempt to crash the system with randomly generated input data. Based on the insights obtained, we then apply our software expertise to optimize the source code. - Code vulnerabilities:
Most software is sourced externally – and is therefore beyond the control of the product manufacturer. Our continuous vulnerability monitoring and management reveals security loopholes – in libraries or frameworks, for example – and assesses their potential repercussions. - Insecure data validation and input checking:
If inputs are not properly validated, hackers can inject malicious code (e.g. SQL injection or cross-site scripting) into the system and execute it. Using Security by Design, we counter this risk right at the development and testing phase.
System-, Software- and Security-Know-how
To embed security comprehensively, you need to understand complex systems like process control technology or train control systems in detail.
Timon Esslinger, Cyber security expert at Codewerk
The product is ready – how about a little security on top?
Why Security by Design in accordance with IEEE 62443 pays off
In many cases, cyber security is still considered a product feature – and treated as such: Once the basic functions have been defined and programmed, security is added on top as a compulsory component.
It’s time this way of thinking was turned around: How must a function be implemented to make it secure? Errors in system design in particular – e.g. insecure fallback mechanisms or errors in key management – can be avoided only using Security by Design. Error correction right at the development stage not only makes this approach more secure but also much more cost-effective.
Which security monitoring solution must I use?
Points in favor of Open Source
We’re basically flexible – if, say, your corporate guidelines say you have to use a product from a particular manufacturer. But we believe there are clear practical benefits in using an open-source solution that gives us the freedom to tailor the code precisely to suit your requirements. We’ve had very good experience with Security Onion, a solution which our customer Wassergewinnung Essen relies on, for example.
The major benefit of Security Onion for us is the better overview of the system as a whole and the easier network hygiene. You get to know your own network better.
Detlef Stein, Wassergewinnung Essen (WGE)
See also:
“Head in the sand” no longer applies
How companies should respond to the EU’s Cyber Resilience Act
Standards-compliant cyber security for your OT –
ask us!
ask us!
Want to protect your OT against the consequences of software errors and vulnerabilities? Contact our experts!
Your first step toward effective cyber security!
call us
+49 721 9841 4678
Email
sales@codewerk.de
THE CODE TO YOUR SUCCESS
Codewerk
At Codewerk, we want to help improve protection for the world of OT. So cyber security is more than just another area of growth to us. We’re driving advances in this field out of a genuine passion for and identification with our customers’ world. As a long-standing software development partner to the process industry, manufacturing industry, and rail-based transport, we know how complex systems are – and how long a journey it is in order to achieve the same level of security as in IT. But there’s no time to slowly build up a culture of cyber security. The time to act is now.
At Codewerk, we want to help improve protection for the world of OT. So cyber security is more than just another area of growth to us. We’re driving advances in this field out of a genuine passion for and identification with our customers’ world.
- A decade of experience as an independent software developer and service provider
- Four locations in Germany
- Partner in national and international R&D projects and in the open Siemens Xcelerator ecosystem
- Certification to ISO Standard 27001 since 2020
Modellbasiertes Software-Engineering für die Fahrzeugsteuerung
SCHNELLER ANS ZIEL
Die Entwicklung und Validierung von Fahrzeugsteuerungssoftware beschleunigen wir auf Grundlage des modellbasierten Software-Engineerings.
IoT- und Edge-Applikationsentwicklung
FÜR SMARTEN BAHNBETRIEB
Gesundheitszustände monitoren, Optimierungsmöglichkeiten im Netz erkennen, vorausschauende Wartung ermöglichen – unsere Applikationsentwicklung macht Wissen aus Ihren Daten.
Subsystem-Integration für Fahrzeugsteuerung und Betreibernetz
DAMIT DAS GANZE FUNKTIONIERT
Multi-Vendor-Architekturen zu einem funktionierenden Ganzen zusammenzufügen – dafür übernehmen wir die volle Verantwortung bei der Subsystem-Integration für Fahrzeugsteuerung und Betreibernetz.
Innovationen
ZUKUNFT GESTALTEN
Um Schienenfahrzeugtechnik an den Herausforderungen der zukünftigen Jahrzehnte auszurichten, arbeiten wir intensiv an internationalen Forschungsprojekten mit.
Basissystem-Entwicklung
BASIS FÜR DIE ZUKUNFT
Leistungsfähig und modular erweiterbar – wir leisten in internationalen Standardisierungsprojekten unseren Beitrag zu einem künftigen Basissystem.
Geräteintegration für SIMATIC PCS 7 / SIMATIC PCS neo
IHRE KOMPONENTEN IN LEITENDER POSITION
PROFINET Stack Integration
WIR SPRECHEN FÜR SIE PROFINET
Sie wollen PROFINET in Ihre Chips oder Geräte integrieren. Wir übernehmen die Adaption des geeigneten Stacks als Sorglos-Paket für Sie – bis hin zur Zertifizierung.
Systemintegration für industrielle Kommunikation
DAMIT KEIN DATENPUNKT VERLORENGEHT
Ob PROFINET, OPC UA oder MQTT und darauf basierende Anwendungen – wir übernehmen für Sie die komplette Integration von Produkten in Ihre Systemlandschaft der industriellen Kommunikation.
IoT- und Edge-Applikationsentwicklung
AUS DATEN WERDEN ENTSCHEIDUNGSGRUNDLAGEN
Sie wollen aus Big Data Smart Data machen – wir bauen Ihre Anwendung: von der Datenerfassung (Konnektivität) über die Datenübertragung bis zur Datenevaluierung und -nutzung.
MINDSPHERE® EFFICIENCY SUITE
IO-LINK-BIBLIOTHEK FÜR SIMATIC PCS 7 / SIMATIC PCS NEO
Sichere Punkt-zu-Punkt-Verbindungen in der Industrie lassen sich relativ einfach mit den entsprechenden IO-Links realisieren. Damit die Integration systemkonform läuft, bieten wir Ihnen die passenden Treiber.
TURCK Remote IO FÜR SIMATIC PCS 7
Cyber Security für Komponentenhersteller:
VON ANFANG AN SICHER
Wie wir Ihnen helfen, mögliche Schwachstellen in Ihren Produkten zu eliminieren – von der Produktentwicklung über den gesamten Lebenszyklus hinweg.
Cyber Security für Anlagenbetreiber:
MEHR SCHUTZ FÜR IHRE WERTE
Wie Sie mit uns Risiken im Betrieb monitoren und mitigieren können – unterstützt durch unsere Kombination aus System-, Software- und Security-Know-how.