Blog postInfrastructureIoT & IIoT securityManufacturingTelecom

Industry 4.0 and private 5G networks

PrimeKey Tech Sales on 5G Security

Industry 4.0 in combination with 5G private mobile networks comes with a big promise to increase productivity by using extensive automation and management. However, the fully automated systems running perhaps 24/7 must be secured in a very controlled way to avoid disturbances and, even worse, deliberate attacks. PrimeKey can offer multiple solutions to secure your success moving into the future with Industry 4.0.

Industry 4.0 in combination with 5G private mobile networks comes with a big promise to increase productivity by using extensive automation and management. However, the fully automated systems running perhaps 24/7 must be secured in a very controlled way to avoid disturbances and, even worse, deliberate attacks. PrimeKey can offer multiple solutions to secure your success moving into the future with Industry 4.0. Successful manufacturing requires the ability to monitor, control and track your entire manufacturing operations. Manufacturing Operations Management (MOM) may seem complicated, but with integrated manufacturing systems you can take control of your production and maximize production efficiency. This is where a Manufacturing Execution System (MES) can help.

Introduction to manufacturing execution systems

Manufacturing execution systems (MES) are dynamic information systems that monitor and control manufacturing operations and information flows on your shop floor. In other words, an MES system helps to track and record the transformation of raw materials to finished goods on the shop floor. This allows manufacturers to control all activities and operations on their shop floor. The goal of an MES system is to ensure effective execution of production operations and improve output production. The key functions of a manufacturing execution system include:

  1. Data Collection: Collect valuable information on your production lines, so you can improve your manufacturing processes. This probably include sensors measuring perhaps temperature, pressure, speed etc
  2. Product Traceability: Effortlessly track your production progress and see the status of operations in real-time. This probably include sensors for measuring number of produced equipment, number of moved goods to storage etc
  3. Quality Control: MES systems allow you to perform quality checks, which will help with address production variations and enhance product quality. This probably include cameras for video control, measuring weight, measuring dimensions, etc
  4. Performance Analysis: As you can see the entire production process, you can easily see in which areas of your production where productivity is lacking. This probably include sensors for queue lengths, produced equipment per minute etc
  5. Maintenance Management: Perform predictive maintenance to avoid hindering or stopping your production flow. This probably include sensors for abnormal vibrations, abnormal temperature, abnormal pressure etc

As you can understand, an MES system is dependent on a large number of sensors that correctly collect and transmit data for processing. Collectively the sensors or “Things” are input/output devices and might be connected over the Internet. The term Internet of Things (IoT) is used as a generic term to describe the connected different types of devices. As the produced products might represent a high economical value, it becomes important the collected data from the different IoT devices is trustworthy. As the owner of the production system, you should demand:

  1. The used IoT devices should have a reliable and trustworthy connection with MES
  2. The IoT devices should be able to authenticate themselves so no fake IoT devices can pop up
  3. The data delivered should be integrity protected so it cannot be modified intentionally or unintentionally
  4. If the data delivered is sensitive in some aspect, it should be encrypted to achieve confidentiality.

 

Reliable and trustworthy connection for the connected factory

Let us take a look at the different factors and see what solutions are attractive today and how to solve the demands and build a reliable factory for the future. To get a reliable and trustworthy connection of IoT devices the usage of a private or dedicated 5G network becomes very attractive. In contrast to a WiFi network a mobile network is centrally controlled from intelligent base stations. The mobile radio signal is supervised and adapts to the different transmission conditions resulting in an excellent transmission quality. WiFi has more of a best effort transmission strategy and supports a limited number of stations until the network gets congested. WiFi works great in a home environment with few devices and short distances but quickly degrades when it is scaled up in a factory with larger distances and higher density of sensors.

The security aspects of mobile networks are controlled due to the mandatory usage of SIM cards. The SIM card can be prepared either by the operator or the customer himself making it possible to store customer unique credentials into the SIM card. With help of a customer-controlled PKI from PrimeKey the factory owner can tailor credentials to fit the necessary needs of applications used at the factory. The SIM card can be an ordinary, physical SIM card or embedded/integrated into the IoT device.

One feature of 5G networks are the new design paradigms of zero trust and service-based architecture. The service-based architecture is based on logical services and not physical nodes performing a service. As an example, the User Plane Function, UPF, in the mobile core network can now be distributed down to a private mobile network covering a factory. The zero-trust paradigm forces every connection attempt to authenticate the involved parties, integrity protect the data in transit and eventually encrypt data in transit to achieve confidentiality. The credentials stored at the SIM cards by a PrimeKey PKI system ensures security aspects can be fulfilled. A private or dedicated 5G mobile network covering only the factory area in combination with local processing of collected data in Mobile/Multi-access Edge Computing (MEC) opens up applications like Artificial Intelligence (AI) and Augmented Reality (AR). MEC creates cloud environments at the edge of the network or on customer premises, which minimizes latency and optimizes bandwidth performance because data and applications are processed closer to the end user devices rather than in a centralized data center. Using MEC processing a video stream could be analyzed in real time during quality control and detect faulty parts to prevent further waste in the following manufacturing process.

When MEC is distributed all the way down to the factory this means the factory gets independent of the operator’s public mobile network. All customer data is collected and processed locally at the factory resulting in a very high availability and security. An important aspect of any local processing of data is that the computing platform itself is trustworthy. There must be a hardware root of trust that boots up, for example, an MEC platform. This hardware root of trust might be implemented at the SIM card or by other means. Further on, all software should be signed to prevent illegal software to execute. The signing of software should be done as part of the development process and be performed automatically without human intervention. PrimeKey offers those kinds of code signing systems that easily can be integrated with different development environments.

private5g-illustration Fig 1: Enterprise private mobile network for Industry 4.0

Conclusion

The usage of private or dedicated 5G networks opens up new possibilities for the connected factory. With the continuous development of services, MEC can provide industrial applications, such as scheduling control of automated guided vehicle (AGV), industrial AR assisted inspection and assembly, real-time control of on-site devices, remote maintenance and control, and industrial HD image processing. In combination with local processing of data in Mobile/Multi-access Edge Computing, MEC, and PrimeKey PKI products both security aspects can be fulfilled as well as a high availability. Companies who take advantage of the new technology will be in a better position to compete in the global market.  

Learn more: Security solutions for IoT and IIoT  

primekey-expert

Author

Peter Heidenberg

Peter Heidenberg has the role of pre-sales engineer at PrimeKey, focusing on end-to-end solutions from both a technical point of view as well as a commercial point of view. Peter is based in Sweden at PrimeKey's headquarters. He has over 20 years of experience working in Telecom, where his focus was on transmission & transport, and has for the last four years been focusing on IT security/PKI.

peter.heidenberg@primekey.com