Securely sending industrial data to AWS IoT services using unidirectional gateways
Unidirectional gateways are a combination of hardware and software. Unidirectional gateway hardware is physically able to send data in only one direction, while the gateway software replicates servers and emulates devices. Since the gateway is physically able to send data in only one direction, there is no possibility of IT-based or internet-based security events pivoting into the OT networks. The gateway’s replica servers and emulated devices simplify OT/IT integration.
A typical unidirectional gateway hardware implementation consists of a network appliance containing two separate circuit boards joined by a fiberoptic cable. The “TX,” or “transmit,” board contains a fiber-optic transmitter, and the “RX,” or “receive,” board contains a fiber-optic receiver. Unlike conventional fiber-optic communication components, which are transceivers, the TX appliance does not contain a receiver and the RX appliance does not contain a transmitter. Because there is no laser in the receiver, there is no physical way for the receiving circuit board to send any information back to the transmitting board. The appliance can be used to transmit information out of the control system network into an external network, or directly to the internet, without the risk of a cyber event or another signal returning into the control system.
The Blueprint for Industrial Transformation: Building a Strong Data Foundation with AWS IoT SiteWise
AWS IoT SiteWise is a managed service that makes it easy to collect, organize, and analyze data from industrial equipment at scale, helping customers make better, data-driven decisions. Our customers such as Volkswagen Group, Coca-Cola İçecek, and Yara International have used AWS IoT SiteWise to build industrial data platforms that allow them to contextualize and analyze Operational Technology (OT) data generated across their plants, creating a global view of their operations and businesses. In addition, our AWS Partners such as Embassy of Things (EOT), Tata Consulting Services (TCS) Edge2Web, TensorIoT, and Radix Engineering have made AWS IoT SiteWise the foundation for purpose-built applications that enable use cases such as predictive maintenance and asset performance monitoring. Through these engagements with customers and partners, we have learned that the main obstacles in scaling digital transformation initiatives include project complexity, infrastructure costs, and time to value.
With newly added APIs, AWS IoT SiteWise now allows you to bulk import, export, and update industrial asset model metadata at scale from diverse systems such as data historians, other AWS accounts, or – in the case of AWS Independent Software Vendors (ISV) Partners – their own industrial data modeling tools.
To collect real-time data from equipment, AWS IoT SiteWise provides AWS IoT SiteWise Edge, software created by AWS and deployed on premises to make it easy to collect, organize, process, and monitor equipment at the edge. With SiteWise Edge, customers can securely connect to and read data from equipment using industrial protocols and standards such as OPC-UA. In collaboration with AWS Partner Domatica, we recently added support for an additional 10 industrial protocols including MQTT, Modbus, and SIMATIC S7, diversifying the type of data that can be ingested into AWS IoT SiteWise from equipment, machines, and legacy systems for processing at the edge or enriching your industrial data lake. By ingesting data to the cloud with sub-second latency, customers can use AWS IoT SiteWise to monitor hundreds of thousands of high-value assets across their industrial operations in near real time.
A Comparative Analysis of Data Modelling Standards for Smart Manufacturing
In essence, adopting data modeling standards can facilitate seamless data exchange across the entire value chain, enhancing overall efficiency and cooperation among various applications and machines. Crucial to this evolution is semantic modeling, allowing machines to deduce meaning without human intervention. Thus, the concept of information modeling, encapsulating not only data but its meaning, is paramount to facilitating intelligent, autonomous decisions.
The Digital Twin Definition Language (DTDL) language follows JSON syntax but is based on JSON-LD. JSON-LD, or JSON for Linked Data, is a method of encoding Linked Data using JSON. It is a World Wide Web Consortium (W3C) standard that provides a way to enrich your data by contextualizing it with schemas (vocabularies) that you choose. This makes it easy to define complex models and relationships between different parts of a system.
Sparkplug and OPC UA, on the other hand, provide a way to structure data and ensure interoperability. Sparkplug uses MQTT and Protocol Buffers, focusing on SCADA/IIoT solutions and efficient data encoding, while OPC UA provides a more generalized approach, offering industry-specific guidelines through companion specifications.
🔏🚗 In-Depth Analysis of Cyber Threats to Automotive Factories
We found that Ransomware-as-a-Service (RaaS) operations, such as Conti and LockBit, are active in the automotive industry. These are characterized by stealing confidential data from within the target organization before encrypting their systems, forcing automakers to face threats of halted factory operations and public exposure of intellectual property (IP). For example, Continental (a major automotive parts manufacturer) was attacked in August, with some IT systems accessed. They immediately took response measures, restoring normal operations and cooperating with external cybersecurity experts to investigate the incident. However, in November, LockBit took to its data leak website and claimed to have 40TB of Continental’s data, offering to return the data for a ransom of $40 million.
Previous studies on automotive factories mainly focus on the general issues in the OT/ICS environment, such as difficulty in executing security updates, knowledge gaps among OT personnel regarding security, and weak vulnerability management. In light of this, TXOne Networks has conducted a detailed analysis of common automotive factory digital transformation applications to explain how attackers can gain initial access and link different threats together into a multi-pronged attack to cause significant damage to automotive factories.
In the study of industrial robots, controllers sometimes enable universal remote connection services (such as FTP or Web) or APIs defined by the manufacturer to provide operators with convenient robot operation through the Control Station. However, we found that most robot controllers do not enable any authentication mechanism by default and cannot even use it. This allows attackers lurking in the factory to directly execute any operation on robots through tools released by robot manufacturers. In the case of Digital Twin applications, attackers lurking in the factory can also use vulnerabilities in simulation devices to execute malicious code attacks on their models. When a Digital Twin’s model is attacked, it means that the generated simulation environment cannot maintain congruency with the physical environment. This entails that, after the model is tampered with, there may not necessarily be obvious malicious behavior which is a serious problem because of how long this can go unchecked and unfixed. This makes it easy for engineers to continue using the damaged Digital Twin in unknown circumstances, leading to inaccurate research and development or incorrect decisions made by the factory based on false information, which can result in greater financial losses than ransomware attacks.