【Interview】Industrial Grade Embedded IoT Security Solutions
Advantech cooperates with McAfee and Acronis to directly integrate active protection and backup recovery into the utilities it provides for industrial customers. Moreover, all OEM bundle software has been fully tested. Once adopted, it can be launched to provide the best possible security protection.
The semiconductor industry is not the only industry facing security issues related to production machinery. Other manufacturing industries that are heavily reliant on automation processes also have similar security issues.
- If there are not adequate safety protection programs in place, then shutdowns, improper upgrades, or human error related to a single production machine can cause serious malfunctions for the whole factory.
- It is recommended that production machinery is regularly backed up when the system is secure and included in centralized management. Additionally, the machines should be actively protected from ransomware.
The deployment of active security protection and backup recovery systems are the most obvious ones.Complete security deployment for active machinery protection can be carried out along seven key areas:
- Using the application whitelist to prevent execution of unauthorized programs.
- Ensuring proper configuration and patch management.
- Reducing attack interfaces by shutting down unneeded ports and strictly controlling untrusted network connections.
- Building a defensible environment - mainly by using the network gateway for partition isolation to avoid horizontal propagation of intrusion.
- Managing user identity and authentication processes.
- Monitoring and responding rapidly to any issues that arise.
- Deploying secure remote access measures.
- Because machine operators are not IT engineers, basic backup procedures should be fully automated and require no human intervention.
- The entire recovery process of a single machine should be achieved by one-click recovery or UI operation. It can even be achieved through automatic reply to reduce human operation. This process effectively reduces system downtime.
- Recovery of operational machines for different systems by the same SOP reduces downtime and returns the system to a normal state as soon as possible.
- Virus scan for new machines: If a virus scan is not conducted for new machines before the machines are connected to a network, what inspection operation procedures can a company carry out for new machines without involving supply chain management?
2. Perform virus scanning and application inventory management.
- Machine protection: After a new machine is turned on, viruses can automatically infect other hosts. What can a company do to immediately detect or automatically block viruses?
- Production intranet security: If a company's factories connect to the same production intranet, how can they best plan for security? By implementing an industrial firewall? Through an application whitelist?
- Disaster inventory and recovery: Regarding the inventory and recovery of the affected production machines, do you also have any solutions to help companies? What should companies do for themselves?
Advantech's WISE-PaaS/EdgeSense edge intelligence and wireless sensing integration management solution provides companies with complete verification testing. Advantech also cooperates with McAfee and Acronis to directly integrate active protection and backup recovery into the utilities it provides for industrial customers. Moreover, all OEM bundle software has been fully tested. Once adopted, it can be launched to provide the best possible security protection. The enterprises do not need to separately purchase software and hardware, or spend time and effort on integration.
The WannaCry virus incident happened in August 2018. Microsoft released correction files against this virus for the entire product line right away in March 2017. Correction files for the Embedded version (WES7/WES8) were also released in May of the same year. Regularly maintaining machine security updates can help avoid security threats, especially major information security viruses. Advantech has signed a technical support contract with Microsoft to provide the most complete support, which provides immediate assistance if anything happens. At the same time, companies can avoid threats by turning off SMB1. For the network layer, companies can turn off the necessary ports through the LAYER3 switch and firewall. In addition, built-in Windows Defender is available for the newer versions of Windows. For older version of Windows, you can purchase and install industrial-grade active protection software, like McAfee and backup recovery software Acronis, from Advantech to strengthen machine security.
Vulnerability updates should be carried out in cooperation with equipment suppliers. For older machines, such as XP/Win 2000, they can be protected by the deployment of an application whitelist. If vulnerability updates cannot be performed on the equipment, whitelist protection should be deployed. Batch backup should also be regularly scheduled. These measures allow quick resumption of production after machine failure and/or an internal malicious attack.
Whether TSMC responded quickly enough is a matter of debate. However, the external response should focus on the scope of loss and damage control measures to demonstrate competent crisis management ability to the public audience. Effective crisis management measures can turn an incident like this into an opportunity for improved performance in the future.