Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
ZF Friedrichshafen AG
OPS
Dr. Nils Macke / Rainer Rodler
MOTION AND MOBILITY
Production IT Security as a precondition to Industry 4.0
IoT Tech Expo Europe 2017 Berlin 2017-06-01
© ZF Friedrichshafen AG, 20162 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
Agenda
1.
2.
3.
4.
5.
6.
Industry 4.0 @ ZF
The Project PITS
Organization
Guidelines
Technical Solution
Introduction ZF Friedrichshafen AG
© ZF Friedrichshafen AG, 20163 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
Corporate Structure ZF Friedrichshafen AG Shareholders: 93.8%
Zeppelin Foundation and 6.2% Dr. Jürgen and Irmgard Ulderup Foundation
Automatic Transmissions
Manual Transmissions/Dual
Clutch Transmissions
Axle Drives
Powertrain Modules
Division
Car Powertrain Technology
Bernd Stockmann
Chassis Systems
Chassis Components
Suspension Technology
Division
Car Chassis Technology
Uwe Coßmann
Truck & Van Driveline
Technology
Axle & Transmission Systems
for Buses & Coaches
CV Chassis Modules
CV Damper Technology
CV Powertrain Modules
Division Commercial
Vehicle Technology
Fredrik Staedtler
Off-Highway Systems
Industrial Drives
Marine Propulsion Systems
Test Systems
Aviation Technology
Wind Power Technology
Special Driveline Technology
Division
Industrial Technology
Dr. Klaus Geißdörfer
Braking Systems
Steering Systems
Commercial Steering Systems
Occupant Safety Systems
Electronics
Body Control Systems
Parts & Service
Division Active & Passive
Safety Technology
Dr. Franz Kleiner
Dr. Stefan Sommer – Chief Executive Officer / R&D / ZF Services
Dr. Konstantin Sauer – Finance, IT, M&A | Jürgen Holeksa – Human Resources / Governance | Michael Hankel – Production / Car Powertrain Technology / Car Chassis
Technology / E-Mobility | Wilhelm Rehm – Materials Management / Industrial Technology | Rolf Lutz – Quality / Commercial Vehicle Technology / Region of South America | Dr.
Franz Kleiner – Active & Passive Safety Technology / Region of North America | Peter Lake Corporate Market / Region Asia-Pacific
Board of Management, ZF Friedrichshafen AG
ZF Services
Central Functions / Regions
Corporate Functions
Electronic Systems
Electric Traction Drive
System House
Division
E-Mobility
Jörg Grotendorst
© ZF Friedrichshafen AG, 20164 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
ZF GroupKey Figures 2015
The ZF Group – An OverviewThe ZF Group – An Overview
2015
Sales* € 29,154 million
Employees (end of the year) 138,269
Investments in property, plant and equipment € 1,290 million
Research and development € 1,390 million
230 locations in 40 countries
77 service companies and more than 650 service partners
*incl. ZF TRW sales as of May 15, 2015
© ZF Friedrichshafen AG, 20165 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
Key FiguresLocations
230 Locations
17Main development
locations
77 Service companies
Over 650 service partners
worldwide
Worldwide Presence – Production, Development, Sales and Service*
Countries with ZF Services locations are marked in a darker shade *Status: December 2015
© ZF Friedrichshafen AG, 20166 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
Sounds great, but how do you protect your production?
© ZF Friedrichshafen AG, 20167 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
Fields of action according to the final report BMBF Industry 4.0
Standardization and open standards for a reference architecture
Mastery of complexsystems
Widespread broadband infrastructure for industry
IT Security as a critical success factor forindustry 4.0
Work organization and job design in digital industrial age
Education and Training for Industry 4.0
Legal framework Resource efficiency Quelle: BMBF Umsetzungsempfehlungen für das
Zukunftsprojekt Industrie 4.0
http://www.bmbf.de/pubRD/Umsetzungsempfehlung
en_Industrie4_0.pdf
© ZF Friedrichshafen AG, 20168 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
Requirements vs. Standard Solutions
Perimeter Protection does not work for cities
anymore
What about the IT protection of your company?
L
e
a
n
Big Data
Intersite
production
CloudJ
i
S
Remote Support
Collaborative Engineering
M
E
S
P
L
M
Predictive maintenance
communicationbandwith
© ZF Friedrichshafen AG, 20169 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
Situation
Fast-growing virus lists require a lot of memory
Recent malware attacks and machine control (PLC, NCU, SCADA)
t2006
n
Quelle: Dr. Johann Fichtner,
Siemens CERT 20142003
160.000
9
2006
n
t2014
© ZF Friedrichshafen AG, 201610 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
Live cycle gap
Planning
t~ 2 years ~ 10-30 years
Machine lifecycle
Order
Production
Commissioning
2000
ME
Software lifecycle e.g. Windows
1990 1995 2005 2010 2015
NT3.x NT4
95 983.x
2k XP VISTA 7 8.x
t
Support
no
limited
yes
10
Why do proven protective measures not work in the production?
© ZF Friedrichshafen AG, 201611 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
How you could be attacked
Internet
Office
NetworkProduktion Network
Firewall
open
Ports
M
M
M
M M
Remote
Support
Unpatched
Programs
DMZ
DMZ
Technical SupportUSB
Firewall
© ZF Friedrichshafen AG, 201612 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
Measures
Production IT Security
Organization Guidelines Technical
measures
If you are thinking technology can solve your IT security problems, you don´t understand the problems and you don´t understand the
technology
(Bruce Schneier)
© ZF Friedrichshafen AG, 201613 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
ISA-95
ISA-95 Business Processes
ERP
(SAP)
MES
SCADA
SPS
Sensor /
Actor
OEE
PLM
Order KPITrace-
abilityISA-95
Level 3
Management
Level 2
Operations
Level 1
Control
Level 0
Production
Level 4
Enterprise
© ZF Friedrichshafen AG, 201614 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
ISA-95
ISA-95 Level:operative Responsibilities
ERP
(SAP)
MES
SCADA
SPS
Sensor /
Actor
OEE
PLM
ISA-95
Level 3
Management
Level 2
Operations
Level 1
Control
Level 0
Production
Level 4
Enterprise
IT
maintenance
© ZF Friedrichshafen AG, 201615 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
OrganizationOperative Support IT Systems in the Produktion
maintenance
local
In general low IT skills
IT
Inter location
In general low production skills
Production IT
Automati-sierung
ShopfloorAdditional Spezial-Teams:
Shopfloor
Automatization
Production IT
EMEA APANA/SA
Quelle: www.mag-ias.com
PITS Consultants
Are in the regions and educate and
support local teams
© ZF Friedrichshafen AG, 201616 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
+ country specific e.g. legal specifications
Guidelines
+ plant specificBehavior and contact in case
of an emergency, Maps…
usage
lokal
(Plant)
regional
(Country)
global
(ZF)
Legal binding
purchasing guideline
basic rules
…
n1
n1
© ZF Friedrichshafen AG, 201617 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
Guidelines Technical delivery specifications
Without
machine procurement guideline
With
machine procurement guideline
If you install or modify software or
patches you will lose warrenty
The vendor has to ensure that the
machine is capable to update
necessary patches and to run
protection software
© ZF Friedrichshafen AG, 201618 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
Antivirus program Whitelisting
operation Looks for known malware (virus definition
files)
Only known software is allowed to be
executed
advantages • Easy installation
• Easy operation
• Existing infrastructure
• Proaktive
• Easy operation
• Constant consumption of resources
• Patch management is obsolete in many
cases
disadvantages • Growing virus definition files
• growing consumption of resources
• Permanently Updates
• Reaktive
• Not so easy Installation
usage Office PCs Industrial-PCs
Technical Solutions Antivirus vs. Whitelisting
Quellen: Türsteher: : http://www.security-bbc.npage.de, Drehkreuz: http://www.zaunbau-leis.de, Einstein http://paxonbothhouses.blogspot.de/2013/11/the-thing-about-smart-people-is-that.html
© ZF Friedrichshafen AG, 201619 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
Technical Solutions Image Backup
© ZF Friedrichshafen AG, 201620 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
DNC
NCU / PLC
Image
Technical Solutions Backup / RestoreRestore of a CNC Machine
HDD exchange
Image Restore
Restore NCU /
SPS Data
Load NC
Programm
in running order Production Ready
© ZF Friedrichshafen AG, 201621 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
Technical Solutions Remote Support Use Cases
Use
Case
Manufacturer
Support
Support
at a
Partner
Home-
office
Test at
manufac-
turer
Support
at the
customer
Inhouse
Diagnosis
© ZF Friedrichshafen AG, 201622 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
Technical Solutions Remote Support
Webconference
Step 1
Internal connection to the Machine
Machine ManufacturerPC Maintenance
Step 2
Webconference with the manufacturer
hand over of the remote connection
© ZF Friedrichshafen AG, 201623 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, Public
P
Summary - main success factors
Involve Management + Staff
Start with “low hanging fruits”
Understand the customer´s requirements“walk a mile in the customer's shoes”
Backing and support
by Top Management
Go Onsite!
Communicate face to face!
point out the benefits for the customers
Generate Sustainability! Teach the onsite staff how to do it
© ZF Friedrichshafen AG, 201624 2016-05-20 OPS, Production IT Security as a precondition to Industry 4.0, PublicZF Friedrichshafen AG behält sich sämtliche Rechte an den gezeigten technischen Informationen einschließlich der Rechte zur Hinterlegung von Schutzrechtsanmeldungen und an daraus entstehenden Schutzrechten im In- und Ausland vor.
ZF Friedrichshafen AG reserves all rights regarding the shown technical information including the right to file industrial property right applications and the industrial property rights resulting from these in Germany and abroad.
ZF Friedrichshafen AG behält sich sämtliche Rechte an den gezeigten technischen Informationen einschließlich der Rechte zur Hinterlegung von Schutzrechtsanmeldungen und an daraus entstehenden Schutzrechten im In- und Ausland vor.
ZF Friedrichshafen AG reserves all rights regarding the shown technical information including the right to file industrial property right applications and the industrial property rights resulting from these in Germany and abroad.
Thanks for your attention