Cyber Security: The safe journey towards autonomous manufacturing

Digitalization is transforming the global economy at incredible speed and with amazing intensity. For manufacturers, this spells an opportunity to take advantage of numerous benefits – including shorter order fulfilment cycles, more sustainable production processes, higher product quality and lower costs. Yet with great opportunity comes great risk. As operational networks became more digitized, they also became more exposed to cyber threats and to cyber criminals who increasingly target them.

Back in 2017, ANDRITZ understood that in order to ensure the future of digital manufacturing, all factories would have to be effectively secured from cyberattacks. At the time, there was no industry-native cybersecurity solution available on the market. This meant that the only way to protect digital networks was to use retrofitted IT tools. These tools however, were (and still are) unfit to meet factory-specific cyber security requirements. The market, therefore, was ripe for a different paradigm.

Creating a joint-venture with OT cybersecurity specialist OTORIO, ANDRITZ decided to take a new direction and develop an innovative industrial-native cyber security platform. The new solution the two companies put on the market is called RAM², short for Risk Assessment, Monitoring & Management. ANDRITZ took the relationship a step further, partnering with OTORIO’s experts to define a built-in security DNA, and ensure that each delivery will meet the market’s highest security standards.

Embedding Cybersecurity into day-to-day operations

For years embedding cybersecurity and operational technology was like mixing oil and water. Cybersecurity is traditionally an IT domain, and indeed IT-centric solutions have made huge strides in the design and implementation of advanced cybersecurity tools. For the enterprise. The OT environment is a totally different story. Yet ANDRITZ was looking for options to tackle exactly this challenge.

“For nearly a decade, ANDRITZ is taking a proactive role in driving the design and delivery of market-leading process technologies, equipment and advanced automation,” says Dr. Joachim Schönbeck, Member of the Executive Board of the ANDRITZ GROUP and responsible for Pulp & Paper Capital Systems, as well as Metals Processing.

“Early on it was clear to us that we have to couple digitalization with cybersecurity. We also understood that cybersecurity has to be embedded natively in the operational process, otherwise it would not be effective. Leveraging our joint venture with OTORIO we are able to provide our customers exactly with what they need.”

The digitalization of industrial control systems (ICS) is turning manufacturing enterprises into “digital factories”. As a result, the number of IT/OT/IoT systems connected to the internet has grown exponentially over the last decade.

“We are seeing a higher dependency on remote monitoring and remote management to better ensure business continuity,” says Klaus Glatz, ANDRITZ CDO.

“Moreover, extensive automation of the shop floor, including integration with other systems which was once “nice to have”, is now becoming essential. Lastly, our customers need to put in place automated insight generation, decision support, and control of production processes – all in real-time and driven by high-quality data.”

The Rise of Industrial Cyber Threats

From a cybersecurity point of view, the digital factory raises new challenges for managements. As more devices are connected to the internet, the organization is exposed to more cyber risks. During 2019 and 2020 the world has seen an increase in cybercriminal activity, which closely coincides with the expansion of the digitized industry. The successful ransomware attacks on production floors over the past 18 months are evidence of the rising interest cybercriminals have in the industrial sector.

“Manufacturers need to be aware of this trend and prepare in advance,” says Dr. Schönbeck. “A well-prepared industry, one that places cyber and digital security high in its list of priorities, will benefit in the long run by safe adaptation of digital programs, increasing yield while reducing production cost and insurance premiums”.

Built-In Security

While digitization is expanding rapidly, most companies do not have yet an integrated approach to operational security. As mentioned above, this has led to attempts to try and retrofit IT systems for OT security. Unfortunately, because OT follows different processes and requires different risk management than IT, these solutions often fall short of the mark.

“In a multi-generational, constantly changing threat environment, customized OT cybersecurity measures are an imperative part of the automation development process,” says Gerhard Schiefer, Head of ANDRITZ AUTOMATION.

“We are committed to the utmost safety, and this means that every technology stack ANDRITZ delivers meets the highest standard of cybersecurity. Moreover, as remote operations are becoming more prominent ANDRITZ ensures safe and governed remote connections.”

Industry Native. Cybersecurity Solutions

Back to 2017 when, understanding that safe production requires a holistic end-to-end approach, ANDRITZ partnered with former Israeli Defense Forces cyber experts in a joint venture to ensure the safety and resiliency of delivered equipment and automation to customers’ production sites. OTORIO, a company founded by former Israeli Defense Forces cyber experts with decades of nation-state experience, has developed an extensive cybersecurity program ranging from advanced assessments and consulting services to the implementation of proven, cybersecurity and risk management technologies.

“The unique ANDRITZ-OTORIO partnership, highly familiar with the industrial sector as a whole and the pulp and paper industry in particular, enables users to move forward with time, undeterred by cyber threats, utilizing digital opportunities and maximizing productivity growth,” says Daniel Bren the co-founder and CEO of OTORIO.

“OTORIO focuses on continuously and proactively evaluating the production cyber safety and resilience, hence mitigating risks (exploitation vectors) to avoid incidents. This proactive approach is new, but is also imperative to this industry.”

As already mentioned, the collaboration of ANDRITZ and OTORIO resulted in the design of RAM². The solution was designed specifically to meet the challenges of the digitized factory. Hence, RAM² is the only cybersecurity system on the market that prioritizes digital risks based on their impact on industrial processes.

RAM² key benefits include:

Accurate and automated Inventory view: RAM² uses an unprecedented amount of data sources to find every connected IT/OT/IoT asset (hardware & software) and creates a process-level inventory using industry-specific process libraries). This inventory is updated automatically when devices are added or removed.
Operationally-aware prioritization: Because it is purposely built for OT environments, RAM² enables prioritization of digital & cyber risks by understanding the importance of a connected device in your production process. Risks are calculated automatically based on the importance of the device and gathered information.
Proactive risk reduction: RAM²employs a cyber digital twin in order to analyze and detect vulnerabilities via breach and attack simulations before they can be exploited by hackers. This allows maximum preparedness with zero impact on the physical production environment.
Continuous compliance monitoring: RAM² tracks how compliant the organization is to most common cyber standards. This helps decrease risk levels and liabilities by providing compliance to-do lists for managements.
Simplified playbooks: Understanding the need for quick action and collaboration between multiple different stakeholders, RAM² delivers simplified mitigation playbooks. These includes step-by-step instructions for remediation of cyber risks.
Fully integrated with operational management systems: RAM² can be fully integrated within operational management systems such as ANDRITZ Metris, allowing operational staff to manage cybersecurity events via their daily workflows and dashboards.

In addition, OTORIO has recently introduced remOT™ - the most advanced secure, remote and privileged access management capabilities for the digitized industrial sector. Built from the ground-up for operational networks, remOT™ secures every link of the supply chain’s connectivity to industrial assets in order to eliminate risks caused by unauthorized or malicious access.

OTORIO also offers a range of industrial cybersecurity services, including risk analysis, incident response, penetration testing, cyber training and more.

“As always, ANDRITZ is here to help our customers enhance their business and grow their profitability,” concludes Dr. Schönbeck. “The only way to provide them with a real value, is to couple the most advanced digitization and automation solutions with the most powerful cybersecurity tools. Our partnership with OTORIO does just that.”