M. Riegler, J. Sametinger: Multi-mode Systems for Resilient Security in Industry 4.0, ISM 2020, International Conference on Industry 4.0 and Smart Manufacturing, Hagenberg, Austria, November 23-25, 2020, virtual event. Doi: 10.1016/j.procs.2021.01.167
In the era of the Internet of Things and Industry 4.0, machinesand devices are increasingly getting connected. These connectionsgo hand in hand with security vulnerabilities and potentialthreats to these devices. In regular IT systems, we typicallyprovide updates to eliminate vulnerabilities. In industrialautomation and control systems, especially in mass production,legacy systems are widespread and installing updates causesdowntime. Availability is one of the top goals; stopping a machinein case of a cyber-security threat is often too expensive. But,system integrators and asset owners should not have to wait untilproduct or component suppliers release appropriate updates. Due tosafety and warranty requirements, developing and distributingupdates can take a long time. In the meantime, attackers can posethreats by taking advantage of devices’ known vulnerabilities. Inthis paper, we propose the design of resilient systems based onmulti-modal architectures with several operational modes. Whenvulnerabilities of systems become known, or when systems get evenattacked at some point, mode switching can overcome the timebetween vulnerability disclosure or attack, and the availabilityof corresponding security patches. Therefore, system integratorsand asset owners can actively protect themselves by implicitly orexplicitly switching to modes with reduced attack surfaces and,thus, with limited ranges of activity for attackers.