SlideShare a Scribd company logo

OPC UA Security: Native and Add-on Solutions

Download as PPTX, PDF
team-WIBU
team-WIBU

The Industrial Internet of Things has set the stage for the convergence of Operations Technology (OT) and Information Technology (IT), that is, the plant floor and the higher-level IT infrastructure. One of the many aspects of this transitional journey is represented by M2M communications. OPC UA is a multi-platform, plug & play Information Exchange Standard for industrial smart automation and cloud networking. It standardizes communications within machines, between machines, and from machines to smart systems, securely networked with IoT architectures. As a member of the OPC Foundation, Wibu-Systems has been an early adopter of the OPC UA standard in Industrie 4.0 projects like IUNO, the German national reference project for IT security in Industrie 4.0, S4SmartPro, the key finder prototype production line of SmartFactoryKL, and OpSit, the optimal use of smart items technologies in healthcare. As recently pointed out in the Industrial Internet Security Framework as well, it is endpoints, i.e. the device or cloud-based components that have interfaces for network communication, that are particularly vulnerable in a world of cyber-physical systems connected to open networks. The Unified Automation ANSI C based and High Performance OPC UA SDKs, powered by CodeMeter Embedded, fully support the OPC UA defined Security Profiles and configurations and provide even stronger security for modern M2M communications. Secret information, like RSA private keys, certificates, and trust lists, is stored in a hardware secure element and protected from theft and tampering attacks. In a time when intellectual property is shifting in the value chain from hardware to software, manufacturers now also have new opportunities to capitalize on their software and offer feature-based, time-based, version-based, or pay-per-use models to scale up their offerings, expand their market share, and produce recurrent revenues. In this presentation, we are going to navigate you through a journey of exploration that will touch upon: * The elements of innovation in smart manufacturing * The connection requirements for M2M in the IIoT age * The building blocks of the OPC Unified Architecture * Use cases that are accelerating the rise of Smart Factories * The integration of CodeMeter in the OPC UA standard * The OPC UA security extension for endpoints Working with Windows, Linux, macOS, or Android? With minimal embedded controllers up to massive cloud infrastructures? OPC UA and CodeMeter are equally suited, scalable, and secure, and most of all integrated in a streamlined fashion to provide the ultimate technology in access control, authentication, and encryption. Watch the webinar: https://youtu.be/r3CHB42OJ-o

Devices & Hardware
1 of 37
The Rise of Smart Factories: Use Cases – Essentials – Security Tools Oliver Winzenried CEO WIBU-SYSTEMS AG oliver.winzenried@wibu.com OPC UA Security: Native and Add-on Solutions December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 1
Smart Factory Projects featuring Wibu-Systems  OpSIT: Smart Items Technologies in Healthcare  SesaOPC: SmartFactoryKL  Secure Plug & Work: Fraunhofer IOSB  IUNO: German reference project for Cyber Security in Industrie 4.0  Large consortium: 14 companies and 7 research institutes  Four large Use Cases (Testbeds) December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 2
OpSIT: Smart Items Technologies in Healthcare December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 3
OpSIT: Smart Items Technologies in Healthcare  OpSIT: Optimal use of smart items technologies in healthcare  Using an Intel Edison SBC as a Gateway for wireless low-power sensors  Wireless sensor data is sampled from Edison   Unprotected data is sampled and processed locally  Sampled data is provided via OPC UA in hospital network   Secure access to sensitive data  Whole system (application & cryptographic material) stored on a CodeMeter microSD card December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 4
Technology Initiative SmartFactoryKL December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 5 Cyber Physical Systems 2002 2005 2015 Smart Home Internet of Things 2011 10-year anniversary Launching: CONFIGURATION OF THE VISION INDUSTRIE 4.0 More than 10 years… www.SmartFactory.de
Technology Initiative SmartFactoryKL December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 6
Technology Initiative SmartFactoryKL December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 7 Topics and content: • Cyber-Physical Systems • Vertical integration via OPC-UA • Decentralised process control via RFID • Semantical product and object memory model • Resource protection through context-enabled M2M communication • Augmented-Reality based human-machine interaction Wibu-Systems contribution • Secure signed data in RFID • Secure key storage and certificates for OPC-UA • Security components from sensor to cloud
Project Secure Plug & Work  Plug & Work of production components using open standards  Secure authentication and configuration of production components and trusted communication  Wibu-Systems contribution CodeMeter Protection, Licensing, Security, OPC UA integration December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 8
Secure Plug and Work: Secure networking in Industry 4.0 December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 9 Firewall PC/Über- geordnete IT Ethernet Control Room MAG Specht Milling Cutter Schunk Powerball
Component Overview December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 10 Firewall Component nTool MagazineSpindle IPC (PLC) Machine Control PC/MES IT CAN Ethernet Schunk PLC ProfiNet
OPC UA Communication Added December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 11 Firewall Component nTool MagazineSpindle IPC (PLC) Machine Control OPC-UA- Server OPC-UA- Server PC/MES IT UA Server CAN Ethernet Schunk PLC OPC-UA- Server ProfiNet
Security in “Secure Plug & Work” December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 12 Gateway (Switch for secure connection, gateway for unsecured connection, aggregating UA-Server) Firewall Component nTool MagazineSpindle IPC (PLC) Machine Control OPC-UA- Server Security OPC-UA- Server Security OPC-UA- Server PC/MES IT UA Server CAN Ethernet Schunk PLC OPC-UA- Server Security ProfiNet
IUNO: Reference Project Security in Industrie 4.0 December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 13  Four large Use Cases (Testbeds)  Collect all requirements and solutions in a tool box  Implementation Transfer to Industry! Secure Connectivity Visual security control room for a production scenario Secure Processes Customer individual production Secure Services Remote access / trusted partners Secure Data Technology market place for process data
IUNO: Reference Project for Cyber Security in Industrie 4.0 December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 14
IUNO WP 1 – Customized Production (HOMAG) December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 15
IUNO WP 1 – Customized Production  Goal: Definite and secure identification throughout the production process  Identification is complicated by  Processing, production environment (e.g., dust, humidity,…), multi-domains  Examples  Painting or cutting of components  Challenges  Secure application of identification material to components  Prevention of product piracy (counterfeits)  Establishing cross-domain trust in identification process December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 16
IUNO WP 2 – Marketplace for technology data (TRUMPF) December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 17
IUNO WP 2 – Marketplace for technology data (TRUMPF)  Goal: Easy and secure tradeable technology data (machine configurations)  Status Quo  Basic technology data is included in the machine  Advanced technology data is bought on a one-time basis  Technology data is not protectet against theft at all  Challenges  Machines are not a single, easily controllable entity  Technology data need to be flexible  Industrial requirements for availablity and reliability December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 18
IUNO WP 3 – Remote maintenance (Bosch) December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 19
IUNO WP 3 – Remote maintenance (Bosch)  Goal  Unified platform for remote maintenance of machines  Status Quo  Diverse landscape of remote maintenance solutions  Challenges  Secure and unified identification of all participating parties  Platform, machines, maintainers, service providers, contracting bodies, …  Secure routing of connections  One configuration for network equipment suffices for all machines on the shop floor December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 20
How to Implement Security in Connected Products Working principles of CodeMeter December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories OPC UA typical architectures CodeMeter integration in OPC UA 21
Wibu-Systems Technologies and Solutions December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 22 Software Integration Back Office Integration Protection Suite: Ax/Ex/Ix-Protector CodeMeter License Central  CodeMeter®  Secure Key Storage (Hardware / Software)  De-/Encryption (AES, ECC, RSA)  Flexible License Models  Software Integration  Automatic Code Protection / API  Secure Boot / OPC UA  Back Office Integration  Key and Certificate Deployment  License Deployment  License Administration
OPC UA offers excellent security at protocol level  Secure Channel Authentication  X.509 certificates  RSA public/private keys  Trust management via Public Key Infrastructure  Secure Channel Encryption  Symmetric Encryption using Advanced Encryption Standard (AES) 128/256bit keys   Using OPC UA provides high security in transit December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 23 Picture: OPC Foundation
OPC UA offers excellent security  Widely supported:  Plattform Industrie 4.0 in Germany  BSI Study on OPC UA standard https://opcfoundation.org/security/  IIC support  Chinese Alliance Industrial Internet December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 24
OPC UA offers endpoint security  The IIoT Landscape: Where are Endpoints? December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 25 EP EP EP EP EP EP EP 25
OPC UA offers endpoint security  Access Control  Monitoring & Analysis  Secure Configuration & Management  Integrity Protection  Identity  Root of Trust  Physical Security (with CM)  Data Protection  Security Model and Policy December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 26
Pervasive security extends beyond the protocol layer  Security of endpoints is equally important  Vulnerabilities in operating systems  Vulnerabilities in software libraries  Vulnerabilities in applications  Consequences of a compromised endpoint can be severe  Theft of cryptographic material (authentication)  Manipulation of configuration data (trust lists, certificate revocation lists)  Manipulation of applications (producing incorrect information) December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 27
Pervasive security needs additional effort  General setup for OPC UA servers and clients  Private keys are stored on the hard disk  Trust lists and certificate revocation lists are stored on the hard disk  Applications are not protected against tampering  Successful attack to endpoints leads to  Further penetration of infrastructure  Loss of functionality or reliability  Loss of intellectual property December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 28
OPC UA SDK, CmEmbedded and CmDongle – a perfect match  CmEmbedded  Small, modular runtime for embedded systems  Portable to a variety of operating systems  Provides subset of CodeMeter API  CmDongle  Smart card chips from Infineon Technologies (EAL 5+)  Secure storage of cryptographic material  Secure execution of crypto primitives (encryption/signature)  Variety of form factors December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 29
OPC UA SDK, CmEmbedded and CmDongle – a perfect match  Integration of CodeMeter Embedded in OPC UA SDK  Storage and processing of all security sensitive information in the smart card chip  Effortless development of applications with hardware security  Seamless migration between conventional software security and hardware security  Access to protection, licensing, and security features of CodeMeter December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 30 CodeMeter Embedded Development OPC-UA Application CodeMeter Embedded
Enhancing security in OPC UA  Protection of private keys in CmDongle  Implementation of asymmetric encryption and signature algorithm according to OPC UA security profiles  Currently RSA keys up to 2048bit (ECC 224 Bit)  All processing done in CmDongle  Extraction of private keys practically impossible  Protection of security sensitive information (e.g. trust lists)  Encryption of OPC UA application prevents tampering and reverse engineering  Signatures for protected information verified in CmDongle   Verified, tamperproof trust lists, certificate revocation lists, passwords, … December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 31
OPC-UA Application CodeMeter Embedded Feature #1 Feature #2 Feature #3 Benefits of License Management in OPC UA  Flexible licensing of functionality  License access to features of OPC UA application  Full access to extensive list of CodeMeter license models (e.g. pay-per-use, rental, …) December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 32
Unified access  Update CmDongle contents via OPC UA  No physical access necessary  No extra network protocols or open ports necessary  Secure distribution through CodeMeter functions  Secure, even without OPC UA Security (Security Profile: None) December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 33 OPC-UA Application CodeMeter Embedded Feature #1 Feature #2 Feature #3 OPC UA Secure Channel
Availability  Unified Automation SDKs  ANSI C based OPC UA SDK  High Performance OPC UA SDK  Successful evaluation phase in several research projects and demonstrators December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 34
Your major takeaways  Thomas J. Burke:  IIoT, IoT, Industrie 4.0 requirements for real interoperability require security and information integration.  OPC UA provides secure reliable interoperability and information integration seamlessly.  The OPC Foundation collaborates with 30+ standard organizations providing the infrastructure for these standards organizations to have plug-and-play interoperability and information integration. December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 35
Your major takeaways  Oliver Winzenried:  Security is the enabler for IoT and Industrial Internet projects  Each device needs a tamperproof identity  Know-how is in flexible production processes, software, technology data, and production data – all needs to be protected against counterfeiting and tampering  OPC UA is more than secure communication and an open standard December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 36
Deutschland: +49-721-931720 USA: +1-425-7756900 China: +86-21-55661790 http://www.wibu.com info@wibu.com Germany: +49-721-931720 USA: +1-425-7756900 China: +86-21-55661790, 10-82961560 http://www.wibu.com info@wibu.com Questions? Contact us! December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 37

Recommended

OPC UA: Ready for realtime
OPC UA: Ready for realtimeOPC UA: Ready for realtime
OPC UA: Ready for realtime
Miodrag Veselic
 
Security in OPC UA ppt
Security in OPC UA pptSecurity in OPC UA ppt
Security in OPC UA ppt
Mallikarjuna Y C
 
IIB Manufacturing Pack v1001
IIB Manufacturing Pack v1001IIB Manufacturing Pack v1001
IIB Manufacturing Pack v1001
Dominic Storey
 
OPC UA Connectivity with InduSoft and the OPC Foundation
OPC UA Connectivity with InduSoft and the OPC FoundationOPC UA Connectivity with InduSoft and the OPC Foundation
OPC UA Connectivity with InduSoft and the OPC Foundation
AVEVA
 
View Page Update Presentation Close Internet of Things Cologne 2015: OPC Uni...
View Page Update Presentation Close Internet of Things Cologne 2015: OPC Uni... View Page Update Presentation Close Internet of Things Cologne 2015: OPC Uni...
View Page Update Presentation Close Internet of Things Cologne 2015: OPC Uni...
MongoDB
 
The Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
The Inside Story: How OPC UA and DDS Can Work Together in Industrial SystemsThe Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
The Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
Real-Time Innovations (RTI)
 
An Overview of OPC UA Security
An Overview of OPC UA SecurityAn Overview of OPC UA Security
An Overview of OPC UA Security
Sadatulla Zishan
 
Opc ua
Opc uaOpc ua
Opc ua
Naushad Warsi
 

Recommended

OPC UA: Ready for realtime
OPC UA: Ready for realtimeOPC UA: Ready for realtime
OPC UA: Ready for realtime
Miodrag Veselic
 
Security in OPC UA ppt
Security in OPC UA pptSecurity in OPC UA ppt
Security in OPC UA ppt
Mallikarjuna Y C
 
IIB Manufacturing Pack v1001
IIB Manufacturing Pack v1001IIB Manufacturing Pack v1001
IIB Manufacturing Pack v1001
Dominic Storey
 
OPC UA Connectivity with InduSoft and the OPC Foundation
OPC UA Connectivity with InduSoft and the OPC FoundationOPC UA Connectivity with InduSoft and the OPC Foundation
OPC UA Connectivity with InduSoft and the OPC Foundation
AVEVA
 
View Page Update Presentation Close Internet of Things Cologne 2015: OPC Uni...
View Page Update Presentation Close Internet of Things Cologne 2015: OPC Uni... View Page Update Presentation Close Internet of Things Cologne 2015: OPC Uni...
View Page Update Presentation Close Internet of Things Cologne 2015: OPC Uni...
MongoDB
 
The Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
The Inside Story: How OPC UA and DDS Can Work Together in Industrial SystemsThe Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
The Inside Story: How OPC UA and DDS Can Work Together in Industrial Systems
Real-Time Innovations (RTI)
 
An Overview of OPC UA Security
An Overview of OPC UA SecurityAn Overview of OPC UA Security
An Overview of OPC UA Security
Sadatulla Zishan
 
Opc ua
Opc uaOpc ua
Opc ua
Naushad Warsi
 
OPC Unified Architecture
OPC Unified ArchitectureOPC Unified Architecture
OPC Unified Architecture
Vishwa Mohan
 
OPC UA Inside Out Part 3 - Edge Devices
OPC UA Inside Out Part 3 - Edge DevicesOPC UA Inside Out Part 3 - Edge Devices
OPC UA Inside Out Part 3 - Edge Devices
Sadatulla Zishan
 
Authorization for Internet of Things using OAuth 2.0
Authorization for Internet of Things using OAuth 2.0Authorization for Internet of Things using OAuth 2.0
Authorization for Internet of Things using OAuth 2.0
Hannes Tschofenig
 
ISO 26262 Approval of Automotive Software Components
ISO 26262 Approval of Automotive Software ComponentsISO 26262 Approval of Automotive Software Components
ISO 26262 Approval of Automotive Software Components
Real-Time Innovations (RTI)
 
OPC PPT
OPC PPTOPC PPT
OPC PPT
Shivam Singh
 
OPC UA Inside Out, Part 1 - Introduction and Playing Field
OPC UA Inside Out, Part 1 - Introduction and Playing FieldOPC UA Inside Out, Part 1 - Introduction and Playing Field
OPC UA Inside Out, Part 1 - Introduction and Playing Field
Sadatulla Zishan
 
OPC UA Inside Out Part 5 - Cloud Connectivity
OPC UA Inside Out Part 5 - Cloud ConnectivityOPC UA Inside Out Part 5 - Cloud Connectivity
OPC UA Inside Out Part 5 - Cloud Connectivity
Sadatulla Zishan
 
OPC UA Inside Out Part 4 - OPC Tunneller
OPC UA Inside Out Part 4 - OPC TunnellerOPC UA Inside Out Part 4 - OPC Tunneller
OPC UA Inside Out Part 4 - OPC Tunneller
Sadatulla Zishan
 
Managing Your ROI & TCO In Automation Testing | V&V Webinar PPT
Managing Your ROI & TCO In Automation Testing | V&V Webinar PPTManaging Your ROI & TCO In Automation Testing | V&V Webinar PPT
Managing Your ROI & TCO In Automation Testing | V&V Webinar PPT
Sadatulla Zishan
 
Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT Gateway
LF Events
 
Performance of State-of-the-Art Cryptography on ARM-based Microprocessors
Performance of State-of-the-Art Cryptography on ARM-based MicroprocessorsPerformance of State-of-the-Art Cryptography on ARM-based Microprocessors
Performance of State-of-the-Art Cryptography on ARM-based Microprocessors
Hannes Tschofenig
 
FDT/DTM Introduction Webinar
FDT/DTM Introduction WebinarFDT/DTM Introduction Webinar
FDT/DTM Introduction Webinar
Sadatulla Zishan
 
Digital Transformation with FDT 3.0 Webinar
Digital Transformation with FDT 3.0 WebinarDigital Transformation with FDT 3.0 Webinar
Digital Transformation with FDT 3.0 Webinar
Sadatulla Zishan
 
Crypto Performance on ARM Cortex-M Processors
Crypto Performance on ARM Cortex-M ProcessorsCrypto Performance on ARM Cortex-M Processors
Crypto Performance on ARM Cortex-M Processors
Hannes Tschofenig
 
Create New Value for You - Huawei Agile Network
Create New Value for You - Huawei Agile NetworkCreate New Value for You - Huawei Agile Network
Create New Value for You - Huawei Agile Network
Huawei Enterprise Hong Kong
 
OPC UA Inside Out Part 6 - Brownfield and Greenfield Webinar
OPC UA Inside Out Part 6 - Brownfield and Greenfield WebinarOPC UA Inside Out Part 6 - Brownfield and Greenfield Webinar
OPC UA Inside Out Part 6 - Brownfield and Greenfield Webinar
Sadatulla Zishan
 
Cisco Connect Halifax 2018 Cisco dna - deeper dive
Cisco Connect Halifax 2018 Cisco dna - deeper diveCisco Connect Halifax 2018 Cisco dna - deeper dive
Cisco Connect Halifax 2018 Cisco dna - deeper dive
Cisco Canada
 
Comparison of MQTT and DDS as M2M Protocols for the Internet of Things
Comparison of MQTT and DDS as M2M Protocols for the Internet of ThingsComparison of MQTT and DDS as M2M Protocols for the Internet of Things
Comparison of MQTT and DDS as M2M Protocols for the Internet of Things
Real-Time Innovations (RTI)
 
Leverage the Network
Leverage the NetworkLeverage the Network
Leverage the Network
Cisco Canada
 
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
Cisco Canada
 
Zertifikate für Authetizität, Authentifizierung oder beides?
Zertifikate für Authetizität, Authentifizierung oder beides?Zertifikate für Authetizität, Authentifizierung oder beides?
Zertifikate für Authetizität, Authentifizierung oder beides?
team-WIBU
 
To Bundle or To Nest? That is the Question
To Bundle or To Nest? That is the QuestionTo Bundle or To Nest? That is the Question
To Bundle or To Nest? That is the Question
team-WIBU
 

More Related Content

What's hot

OPC UA Inside Out Part 3 - Edge Devices
OPC UA Inside Out Part 3 - Edge DevicesOPC UA Inside Out Part 3 - Edge Devices
OPC UA Inside Out Part 3 - Edge Devices
Sadatulla Zishan
 
OPC UA Inside Out, Part 1 - Introduction and Playing Field
OPC UA Inside Out, Part 1 - Introduction and Playing FieldOPC UA Inside Out, Part 1 - Introduction and Playing Field
OPC UA Inside Out, Part 1 - Introduction and Playing Field
Sadatulla Zishan
 
OPC UA Inside Out Part 5 - Cloud Connectivity
OPC UA Inside Out Part 5 - Cloud ConnectivityOPC UA Inside Out Part 5 - Cloud Connectivity
OPC UA Inside Out Part 5 - Cloud Connectivity
Sadatulla Zishan
 
OPC UA Inside Out Part 4 - OPC Tunneller
OPC UA Inside Out Part 4 - OPC TunnellerOPC UA Inside Out Part 4 - OPC Tunneller
OPC UA Inside Out Part 4 - OPC Tunneller
Sadatulla Zishan
 
Managing Your ROI & TCO In Automation Testing | V&V Webinar PPT
Managing Your ROI & TCO In Automation Testing | V&V Webinar PPTManaging Your ROI & TCO In Automation Testing | V&V Webinar PPT
Managing Your ROI & TCO In Automation Testing | V&V Webinar PPT
Sadatulla Zishan
 
Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT Gateway
LF Events
 
FDT/DTM Introduction Webinar
FDT/DTM Introduction WebinarFDT/DTM Introduction Webinar
FDT/DTM Introduction Webinar
Sadatulla Zishan
 
Digital Transformation with FDT 3.0 Webinar
Digital Transformation with FDT 3.0 WebinarDigital Transformation with FDT 3.0 Webinar
Digital Transformation with FDT 3.0 Webinar
Sadatulla Zishan
 
OPC UA Inside Out Part 6 - Brownfield and Greenfield Webinar
OPC UA Inside Out Part 6 - Brownfield and Greenfield WebinarOPC UA Inside Out Part 6 - Brownfield and Greenfield Webinar
OPC UA Inside Out Part 6 - Brownfield and Greenfield Webinar
Sadatulla Zishan
 
Leverage the Network
Leverage the NetworkLeverage the Network
Leverage the Network
Cisco Canada
 

What's hot (20)

OPC Unified Architecture
OPC Unified ArchitectureOPC Unified Architecture
OPC Unified Architecture
 
OPC UA Inside Out Part 3 - Edge Devices
OPC UA Inside Out Part 3 - Edge DevicesOPC UA Inside Out Part 3 - Edge Devices
OPC UA Inside Out Part 3 - Edge Devices
 
Authorization for Internet of Things using OAuth 2.0
Authorization for Internet of Things using OAuth 2.0Authorization for Internet of Things using OAuth 2.0
Authorization for Internet of Things using OAuth 2.0
 
ISO 26262 Approval of Automotive Software Components
ISO 26262 Approval of Automotive Software ComponentsISO 26262 Approval of Automotive Software Components
ISO 26262 Approval of Automotive Software Components
 
OPC PPT
OPC PPTOPC PPT
OPC PPT
 
OPC UA Inside Out, Part 1 - Introduction and Playing Field
OPC UA Inside Out, Part 1 - Introduction and Playing FieldOPC UA Inside Out, Part 1 - Introduction and Playing Field
OPC UA Inside Out, Part 1 - Introduction and Playing Field
 
OPC UA Inside Out Part 5 - Cloud Connectivity
OPC UA Inside Out Part 5 - Cloud ConnectivityOPC UA Inside Out Part 5 - Cloud Connectivity
OPC UA Inside Out Part 5 - Cloud Connectivity
 
OPC UA Inside Out Part 4 - OPC Tunneller
OPC UA Inside Out Part 4 - OPC TunnellerOPC UA Inside Out Part 4 - OPC Tunneller
OPC UA Inside Out Part 4 - OPC Tunneller
 
Managing Your ROI & TCO In Automation Testing | V&V Webinar PPT
Managing Your ROI & TCO In Automation Testing | V&V Webinar PPTManaging Your ROI & TCO In Automation Testing | V&V Webinar PPT
Managing Your ROI & TCO In Automation Testing | V&V Webinar PPT
 
Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT Gateway
 
Performance of State-of-the-Art Cryptography on ARM-based Microprocessors
Performance of State-of-the-Art Cryptography on ARM-based MicroprocessorsPerformance of State-of-the-Art Cryptography on ARM-based Microprocessors
Performance of State-of-the-Art Cryptography on ARM-based Microprocessors
 
FDT/DTM Introduction Webinar
FDT/DTM Introduction WebinarFDT/DTM Introduction Webinar
FDT/DTM Introduction Webinar
 
Digital Transformation with FDT 3.0 Webinar
Digital Transformation with FDT 3.0 WebinarDigital Transformation with FDT 3.0 Webinar
Digital Transformation with FDT 3.0 Webinar
 
Crypto Performance on ARM Cortex-M Processors
Crypto Performance on ARM Cortex-M ProcessorsCrypto Performance on ARM Cortex-M Processors
Crypto Performance on ARM Cortex-M Processors
 
Create New Value for You - Huawei Agile Network
Create New Value for You - Huawei Agile NetworkCreate New Value for You - Huawei Agile Network
Create New Value for You - Huawei Agile Network
 
OPC UA Inside Out Part 6 - Brownfield and Greenfield Webinar
OPC UA Inside Out Part 6 - Brownfield and Greenfield WebinarOPC UA Inside Out Part 6 - Brownfield and Greenfield Webinar
OPC UA Inside Out Part 6 - Brownfield and Greenfield Webinar
 
Cisco Connect Halifax 2018 Cisco dna - deeper dive
Cisco Connect Halifax 2018 Cisco dna - deeper diveCisco Connect Halifax 2018 Cisco dna - deeper dive
Cisco Connect Halifax 2018 Cisco dna - deeper dive
 
Comparison of MQTT and DDS as M2M Protocols for the Internet of Things
Comparison of MQTT and DDS as M2M Protocols for the Internet of ThingsComparison of MQTT and DDS as M2M Protocols for the Internet of Things
Comparison of MQTT and DDS as M2M Protocols for the Internet of Things
 
Leverage the Network
Leverage the NetworkLeverage the Network
Leverage the Network
 
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
 

Viewers also liked

Zertifikate für Authetizität, Authentifizierung oder beides?
Zertifikate für Authetizität, Authentifizierung oder beides?Zertifikate für Authetizität, Authentifizierung oder beides?
Zertifikate für Authetizität, Authentifizierung oder beides?
team-WIBU
 
To Bundle or To Nest? That is the Question
To Bundle or To Nest? That is the QuestionTo Bundle or To Nest? That is the Question
To Bundle or To Nest? That is the Question
team-WIBU
 
Bündeln oder Schachteln? Das ist hier die Frage
Bündeln oder Schachteln? Das ist hier die FrageBündeln oder Schachteln? Das ist hier die Frage
Bündeln oder Schachteln? Das ist hier die Frage
team-WIBU
 
Extending OPC-UA through Architecture Flexibility, Performance, and Scalability
Extending OPC-UA through Architecture Flexibility, Performance, and ScalabilityExtending OPC-UA through Architecture Flexibility, Performance, and Scalability
Extending OPC-UA through Architecture Flexibility, Performance, and Scalability
Real-Time Innovations (RTI)
 
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
team-WIBU
 

Viewers also liked (7)

Zertifikate für Authetizität, Authentifizierung oder beides?
Zertifikate für Authetizität, Authentifizierung oder beides?Zertifikate für Authetizität, Authentifizierung oder beides?
Zertifikate für Authetizität, Authentifizierung oder beides?
 
To Bundle or To Nest? That is the Question
To Bundle or To Nest? That is the QuestionTo Bundle or To Nest? That is the Question
To Bundle or To Nest? That is the Question
 
Bündeln oder Schachteln? Das ist hier die Frage
Bündeln oder Schachteln? Das ist hier die FrageBündeln oder Schachteln? Das ist hier die Frage
Bündeln oder Schachteln? Das ist hier die Frage
 
Extending OPC-UA through Architecture Flexibility, Performance, and Scalability
Extending OPC-UA through Architecture Flexibility, Performance, and ScalabilityExtending OPC-UA through Architecture Flexibility, Performance, and Scalability
Extending OPC-UA through Architecture Flexibility, Performance, and Scalability
 
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
Protecting IIoT Endpoints - an inside look at the Industrial Internet Securit...
 
IIC's Top 10 Accomplishments 2016
IIC's Top 10 Accomplishments 2016IIC's Top 10 Accomplishments 2016
IIC's Top 10 Accomplishments 2016
 
Industry 4.0 - Advantech Solutions
Industry 4.0 - Advantech SolutionsIndustry 4.0 - Advantech Solutions
Industry 4.0 - Advantech Solutions
 

Similar to OPC UA Security: Native and Add-on Solutions

Perfecting the Art of Unmasking the Hackers
Perfecting the Art of Unmasking the HackersPerfecting the Art of Unmasking the Hackers
Perfecting the Art of Unmasking the Hackers
team-WIBU
 
Demystifying Industrial Security
Demystifying Industrial SecurityDemystifying Industrial Security
Demystifying Industrial Security
team-WIBU
 
Smart Factories Redefine Security Paradigms
Smart Factories Redefine Security ParadigmsSmart Factories Redefine Security Paradigms
Smart Factories Redefine Security Paradigms
team-WIBU
 
Oracle IoT Cloud Service - First practical experience
Oracle IoT Cloud Service - First practical experience Oracle IoT Cloud Service - First practical experience
Oracle IoT Cloud Service - First practical experience
OPITZ CONSULTING Deutschland
 
How the Bosch Group is making use of OSGi for IoT - Kai Hackbarth
How the Bosch Group is making use of OSGi for IoT - Kai HackbarthHow the Bosch Group is making use of OSGi for IoT - Kai Hackbarth
How the Bosch Group is making use of OSGi for IoT - Kai Hackbarth
mfrancis
 
Medtec - Cyber-security Challenges on the Horizon
Medtec - Cyber-security Challenges on the HorizonMedtec - Cyber-security Challenges on the Horizon
Medtec - Cyber-security Challenges on the Horizon
team-WIBU
 
FIWARE for OPC UA Robots (The i4Q Use Case) - Gabriele De Luca.pptx
FIWARE for OPC UA Robots (The i4Q Use Case) - Gabriele De Luca.pptxFIWARE for OPC UA Robots (The i4Q Use Case) - Gabriele De Luca.pptx
FIWARE for OPC UA Robots (The i4Q Use Case) - Gabriele De Luca.pptx
FIWARE
 
Industry 4 network design and security - Peter Brown
Industry 4 network design and security - Peter BrownIndustry 4 network design and security - Peter Brown
Industry 4 network design and security - Peter Brown
PROFIBUS and PROFINET InternationaI - PI UK
 

Similar to OPC UA Security: Native and Add-on Solutions (20)

Platform independent secure data exchange not only for RFID
Platform independent secure data exchange not only for RFIDPlatform independent secure data exchange not only for RFID
Platform independent secure data exchange not only for RFID
 
CWIN17 Toulouse / Opc ua, the de facto interoperability standard for industry...
CWIN17 Toulouse / Opc ua, the de facto interoperability standard for industry...CWIN17 Toulouse / Opc ua, the de facto interoperability standard for industry...
CWIN17 Toulouse / Opc ua, the de facto interoperability standard for industry...
 
Perfecting the Art of Unmasking the Hackers
Perfecting the Art of Unmasking the HackersPerfecting the Art of Unmasking the Hackers
Perfecting the Art of Unmasking the Hackers
 
Risks of Industry 4.0 - An Information Technology Perspective, Thomas USLÄNDER
Risks of Industry 4.0 - An Information Technology Perspective, Thomas USLÄNDERRisks of Industry 4.0 - An Information Technology Perspective, Thomas USLÄNDER
Risks of Industry 4.0 - An Information Technology Perspective, Thomas USLÄNDER
 
IIoT, Security and Ethernet Design - Peter Brown
IIoT, Security and Ethernet Design - Peter BrownIIoT, Security and Ethernet Design - Peter Brown
IIoT, Security and Ethernet Design - Peter Brown
 
Demystifying Industrial Security
Demystifying Industrial SecurityDemystifying Industrial Security
Demystifying Industrial Security
 
Bosch smart city_demo_260117_complete
Bosch smart city_demo_260117_completeBosch smart city_demo_260117_complete
Bosch smart city_demo_260117_complete
 
Businessday okt 2016 - Awingu
Businessday okt 2016 - AwinguBusinessday okt 2016 - Awingu
Businessday okt 2016 - Awingu
 
Real World IoT Architecture Use Cases
Real World IoT Architecture Use CasesReal World IoT Architecture Use Cases
Real World IoT Architecture Use Cases
 
Smart Factories Redefine Security Paradigms
Smart Factories Redefine Security ParadigmsSmart Factories Redefine Security Paradigms
Smart Factories Redefine Security Paradigms
 
Oracle IoT Cloud Service - First practical experience
Oracle IoT Cloud Service - First practical experience Oracle IoT Cloud Service - First practical experience
Oracle IoT Cloud Service - First practical experience
 
How the Bosch Group is making use of OSGi for IoT - Kai Hackbarth
How the Bosch Group is making use of OSGi for IoT - Kai HackbarthHow the Bosch Group is making use of OSGi for IoT - Kai Hackbarth
How the Bosch Group is making use of OSGi for IoT - Kai Hackbarth
 
Medtec - Cyber-security Challenges on the Horizon
Medtec - Cyber-security Challenges on the HorizonMedtec - Cyber-security Challenges on the Horizon
Medtec - Cyber-security Challenges on the Horizon
 
Opc e book_2021_3rd_edition_lay06
Opc e book_2021_3rd_edition_lay06Opc e book_2021_3rd_edition_lay06
Opc e book_2021_3rd_edition_lay06
 
FIWARE Global Summit - Implementing OPC‐UA with FIWARE Orion Context Broker
FIWARE Global Summit - Implementing OPC‐UA with FIWARE Orion Context BrokerFIWARE Global Summit - Implementing OPC‐UA with FIWARE Orion Context Broker
FIWARE Global Summit - Implementing OPC‐UA with FIWARE Orion Context Broker
 
Profibus system engineering and monitoring - Andy Verwer
Profibus system engineering and monitoring - Andy VerwerProfibus system engineering and monitoring - Andy Verwer
Profibus system engineering and monitoring - Andy Verwer
 
FIWARE for OPC UA Robots (The i4Q Use Case) - Gabriele De Luca.pptx
FIWARE for OPC UA Robots (The i4Q Use Case) - Gabriele De Luca.pptxFIWARE for OPC UA Robots (The i4Q Use Case) - Gabriele De Luca.pptx
FIWARE for OPC UA Robots (The i4Q Use Case) - Gabriele De Luca.pptx
 
Industry 4 network design and security - Peter Brown
Industry 4 network design and security - Peter BrownIndustry 4 network design and security - Peter Brown
Industry 4 network design and security - Peter Brown
 
CyberSecurity in Germany: Research Trends, Industrial Hub and Leading Clusters
CyberSecurity in Germany: Research Trends, Industrial Hub and Leading ClustersCyberSecurity in Germany: Research Trends, Industrial Hub and Leading Clusters
CyberSecurity in Germany: Research Trends, Industrial Hub and Leading Clusters
 
Secure Computing Core Technology - A non-NDA Teaser
Secure Computing Core Technology - A non-NDA TeaserSecure Computing Core Technology - A non-NDA Teaser
Secure Computing Core Technology - A non-NDA Teaser
 

More from team-WIBU

Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identity
team-WIBU
 
Unlocking the Future: Empowering Industrial Security
Unlocking the Future: Empowering Industrial SecurityUnlocking the Future: Empowering Industrial Security
Unlocking the Future: Empowering Industrial Security
team-WIBU
 
The Power of Partnership: Enabling Success Together
The Power of Partnership: Enabling Success TogetherThe Power of Partnership: Enabling Success Together
The Power of Partnership: Enabling Success Together
team-WIBU
 
Unleash the Power of CodeMeter - CodeMeter Basics
Unleash the Power of CodeMeter - CodeMeter BasicsUnleash the Power of CodeMeter - CodeMeter Basics
Unleash the Power of CodeMeter - CodeMeter Basics
team-WIBU
 
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für GeschäftskontinuitätKeine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
team-WIBU
 
No Time to Idle – License availability for business continuity
No Time to Idle – License availability for business continuityNo Time to Idle – License availability for business continuity
No Time to Idle – License availability for business continuity
team-WIBU
 
Cloud-Based Licensing in Offline Scenarios
Cloud-Based Licensing in Offline ScenariosCloud-Based Licensing in Offline Scenarios
Cloud-Based Licensing in Offline Scenarios
team-WIBU
 
Optimizing Cloud Licensing: Strategies and Best Practices
Optimizing Cloud Licensing: Strategies and Best PracticesOptimizing Cloud Licensing: Strategies and Best Practices
Optimizing Cloud Licensing: Strategies and Best Practices
team-WIBU
 
For a Few Licenses More
For a Few Licenses MoreFor a Few Licenses More
For a Few Licenses More
team-WIBU
 
App Management on the Edge
App Management on the EdgeApp Management on the Edge
App Management on the Edge
team-WIBU
 
Protecting and Licensing .NET Applications
Protecting and Licensing .NET ApplicationsProtecting and Licensing .NET Applications
Protecting and Licensing .NET Applications
team-WIBU
 
A Bit of License Management Magic
A Bit of License Management MagicA Bit of License Management Magic
A Bit of License Management Magic
team-WIBU
 
The first step is always the most decisive
The first step is always the most decisiveThe first step is always the most decisive
The first step is always the most decisive
team-WIBU
 
Protection and monetization of 3D printed objects in the spare parts business...
Protection and monetization of 3D printed objects in the spare parts business...Protection and monetization of 3D printed objects in the spare parts business...
Protection and monetization of 3D printed objects in the spare parts business...
team-WIBU
 
Authenticate and authorize your IIoTdevices
Authenticate and authorize your IIoTdevicesAuthenticate and authorize your IIoTdevices
Authenticate and authorize your IIoTdevices
team-WIBU
 
How and Why to Create and Sell Consumption-Based Licenses
How and Why to Create and Sell Consumption-Based LicensesHow and Why to Create and Sell Consumption-Based Licenses
How and Why to Create and Sell Consumption-Based Licenses
team-WIBU
 
Serving Up Features-on-Demand for Every Appetite
Serving Up Features-on-Demand for Every AppetiteServing Up Features-on-Demand for Every Appetite
Serving Up Features-on-Demand for Every Appetite
team-WIBU
 
Security and Protection for Machine Learning.pptx
Security and Protection for Machine Learning.pptxSecurity and Protection for Machine Learning.pptx
Security and Protection for Machine Learning.pptx
team-WIBU
 
License Portal - The DIY Solution
License Portal - The DIY SolutionLicense Portal - The DIY Solution
License Portal - The DIY Solution
team-WIBU
 
Running code in secure hardware or cloud environments
Running code in secure hardware or cloud environmentsRunning code in secure hardware or cloud environments
Running code in secure hardware or cloud environments
team-WIBU
 

More from team-WIBU (20)

Post Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on IdentityPost Quantum Cryptography – The Impact on Identity
Post Quantum Cryptography – The Impact on Identity
 
Unlocking the Future: Empowering Industrial Security
Unlocking the Future: Empowering Industrial SecurityUnlocking the Future: Empowering Industrial Security
Unlocking the Future: Empowering Industrial Security
 
The Power of Partnership: Enabling Success Together
The Power of Partnership: Enabling Success TogetherThe Power of Partnership: Enabling Success Together
The Power of Partnership: Enabling Success Together
 
Unleash the Power of CodeMeter - CodeMeter Basics
Unleash the Power of CodeMeter - CodeMeter BasicsUnleash the Power of CodeMeter - CodeMeter Basics
Unleash the Power of CodeMeter - CodeMeter Basics
 
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für GeschäftskontinuitätKeine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
Keine Zeit für Leerlauf – Lizenzverfügbarkeit für Geschäftskontinuität
 
No Time to Idle – License availability for business continuity
No Time to Idle – License availability for business continuityNo Time to Idle – License availability for business continuity
No Time to Idle – License availability for business continuity
 
Cloud-Based Licensing in Offline Scenarios
Cloud-Based Licensing in Offline ScenariosCloud-Based Licensing in Offline Scenarios
Cloud-Based Licensing in Offline Scenarios
 
Optimizing Cloud Licensing: Strategies and Best Practices
Optimizing Cloud Licensing: Strategies and Best PracticesOptimizing Cloud Licensing: Strategies and Best Practices
Optimizing Cloud Licensing: Strategies and Best Practices
 
For a Few Licenses More
For a Few Licenses MoreFor a Few Licenses More
For a Few Licenses More
 
App Management on the Edge
App Management on the EdgeApp Management on the Edge
App Management on the Edge
 
Protecting and Licensing .NET Applications
Protecting and Licensing .NET ApplicationsProtecting and Licensing .NET Applications
Protecting and Licensing .NET Applications
 
A Bit of License Management Magic
A Bit of License Management MagicA Bit of License Management Magic
A Bit of License Management Magic
 
The first step is always the most decisive
The first step is always the most decisiveThe first step is always the most decisive
The first step is always the most decisive
 
Protection and monetization of 3D printed objects in the spare parts business...
Protection and monetization of 3D printed objects in the spare parts business...Protection and monetization of 3D printed objects in the spare parts business...
Protection and monetization of 3D printed objects in the spare parts business...
 
Authenticate and authorize your IIoTdevices
Authenticate and authorize your IIoTdevicesAuthenticate and authorize your IIoTdevices
Authenticate and authorize your IIoTdevices
 
How and Why to Create and Sell Consumption-Based Licenses
How and Why to Create and Sell Consumption-Based LicensesHow and Why to Create and Sell Consumption-Based Licenses
How and Why to Create and Sell Consumption-Based Licenses
 
Serving Up Features-on-Demand for Every Appetite
Serving Up Features-on-Demand for Every AppetiteServing Up Features-on-Demand for Every Appetite
Serving Up Features-on-Demand for Every Appetite
 
Security and Protection for Machine Learning.pptx
Security and Protection for Machine Learning.pptxSecurity and Protection for Machine Learning.pptx
Security and Protection for Machine Learning.pptx
 
License Portal - The DIY Solution
License Portal - The DIY SolutionLicense Portal - The DIY Solution
License Portal - The DIY Solution
 
Running code in secure hardware or cloud environments
Running code in secure hardware or cloud environmentsRunning code in secure hardware or cloud environments
Running code in secure hardware or cloud environments
 

Recently uploaded

Vip Mumbai Call Girls Kalyan Call On 9920725232 With Body to body massage wit...
Vip Mumbai Call Girls Kalyan Call On 9920725232 With Body to body massage wit...Vip Mumbai Call Girls Kalyan Call On 9920725232 With Body to body massage wit...
Vip Mumbai Call Girls Kalyan Call On 9920725232 With Body to body massage wit...
amitlee9823
 
Escorts Service Sanjay Nagar ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Sanjay Nagar ☎ 7737669865☎ Book Your One night Stand (Bangalore)Escorts Service Sanjay Nagar ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Sanjay Nagar ☎ 7737669865☎ Book Your One night Stand (Bangalore)
amitlee9823
 
Vip Mumbai Call Girls Andheri East Call On 9920725232 With Body to body massa...
Vip Mumbai Call Girls Andheri East Call On 9920725232 With Body to body massa...Vip Mumbai Call Girls Andheri East Call On 9920725232 With Body to body massa...
Vip Mumbai Call Girls Andheri East Call On 9920725232 With Body to body massa...
amitlee9823
 
VVIP Pune Call Girls Warje (7001035870) Pune Escorts Nearby with Complete Sat...
VVIP Pune Call Girls Warje (7001035870) Pune Escorts Nearby with Complete Sat...VVIP Pune Call Girls Warje (7001035870) Pune Escorts Nearby with Complete Sat...
VVIP Pune Call Girls Warje (7001035870) Pune Escorts Nearby with Complete Sat...
Call Girls in Nagpur High Profile
 
CHEAP Call Girls in Mayapuri (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Mayapuri (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Mayapuri (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Mayapuri (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
CHEAP Call Girls in Hauz Quazi (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Hauz Quazi (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Hauz Quazi (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Hauz Quazi (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Call Girls Pimple Saudagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Pimple Saudagar Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Pimple Saudagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Pimple Saudagar Call Me 7737669865 Budget Friendly No Advance Booking
roncy bisnoi
 
Escorts Service Arekere ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Arekere ☎ 7737669865☎ Book Your One night Stand (Bangalore)Escorts Service Arekere ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Arekere ☎ 7737669865☎ Book Your One night Stand (Bangalore)
amitlee9823
 
(=Towel) Dubai Call Girls O525547819 Call Girls In Dubai (Fav0r)
(=Towel) Dubai Call Girls O525547819 Call Girls In Dubai (Fav0r)(=Towel) Dubai Call Girls O525547819 Call Girls In Dubai (Fav0r)
(=Towel) Dubai Call Girls O525547819 Call Girls In Dubai (Fav0r)
kojalkojal131
 
Call Now ≽ 9953056974 ≼🔝 Call Girls In Yusuf Sarai ≼🔝 Delhi door step delevry≼🔝
Call Now ≽ 9953056974 ≼🔝 Call Girls In Yusuf Sarai ≼🔝 Delhi door step delevry≼🔝Call Now ≽ 9953056974 ≼🔝 Call Girls In Yusuf Sarai ≼🔝 Delhi door step delevry≼🔝
Call Now ≽ 9953056974 ≼🔝 Call Girls In Yusuf Sarai ≼🔝 Delhi door step delevry≼🔝
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Call Girls Banashankari Just Call 👗 7737669865 👗 Top Class Call Girl Service ...
Call Girls Banashankari Just Call 👗 7737669865 👗 Top Class Call Girl Service ...Call Girls Banashankari Just Call 👗 7737669865 👗 Top Class Call Girl Service ...
Call Girls Banashankari Just Call 👗 7737669865 👗 Top Class Call Girl Service ...
amitlee9823
 
Shikrapur Call Girls Most Awaited Fun 6297143586 High Profiles young Beautie...
Shikrapur Call Girls Most Awaited Fun 6297143586 High Profiles young Beautie...Shikrapur Call Girls Most Awaited Fun 6297143586 High Profiles young Beautie...
Shikrapur Call Girls Most Awaited Fun 6297143586 High Profiles young Beautie...
tanu pandey
 
CALL GIRLS IN Saket 83778-77756 | Escort Service In DELHI NcR
CALL GIRLS IN Saket 83778-77756 | Escort Service In DELHI NcRCALL GIRLS IN Saket 83778-77756 | Escort Service In DELHI NcR
CALL GIRLS IN Saket 83778-77756 | Escort Service In DELHI NcR
dollysharma2066
 
Call Girls Kothrud Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Kothrud Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Kothrud Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Kothrud Call Me 7737669865 Budget Friendly No Advance Booking
roncy bisnoi
 
Call Girls Chickpet ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Call Girls Chickpet ☎ 7737669865☎ Book Your One night Stand (Bangalore)Call Girls Chickpet ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Call Girls Chickpet ☎ 7737669865☎ Book Your One night Stand (Bangalore)
amitlee9823
 
Top Rated Pune Call Girls Chakan ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
Top Rated Pune Call Girls Chakan ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...Top Rated Pune Call Girls Chakan ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
Top Rated Pune Call Girls Chakan ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
Call Girls in Nagpur High Profile
 
Top Rated Pune Call Girls Shirwal ⟟ 6297143586 ⟟ Call Me For Genuine Sex Ser...
Top Rated Pune Call Girls Shirwal ⟟ 6297143586 ⟟ Call Me For Genuine Sex Ser...Top Rated Pune Call Girls Shirwal ⟟ 6297143586 ⟟ Call Me For Genuine Sex Ser...
Top Rated Pune Call Girls Shirwal ⟟ 6297143586 ⟟ Call Me For Genuine Sex Ser...
Call Girls in Nagpur High Profile
 

Recently uploaded (20)

Vip Mumbai Call Girls Kalyan Call On 9920725232 With Body to body massage wit...
Vip Mumbai Call Girls Kalyan Call On 9920725232 With Body to body massage wit...Vip Mumbai Call Girls Kalyan Call On 9920725232 With Body to body massage wit...
Vip Mumbai Call Girls Kalyan Call On 9920725232 With Body to body massage wit...
 
Escorts Service Sanjay Nagar ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Sanjay Nagar ☎ 7737669865☎ Book Your One night Stand (Bangalore)Escorts Service Sanjay Nagar ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Sanjay Nagar ☎ 7737669865☎ Book Your One night Stand (Bangalore)
 
Vip Mumbai Call Girls Andheri East Call On 9920725232 With Body to body massa...
Vip Mumbai Call Girls Andheri East Call On 9920725232 With Body to body massa...Vip Mumbai Call Girls Andheri East Call On 9920725232 With Body to body massa...
Vip Mumbai Call Girls Andheri East Call On 9920725232 With Body to body massa...
 
VVIP Pune Call Girls Warje (7001035870) Pune Escorts Nearby with Complete Sat...
VVIP Pune Call Girls Warje (7001035870) Pune Escorts Nearby with Complete Sat...VVIP Pune Call Girls Warje (7001035870) Pune Escorts Nearby with Complete Sat...
VVIP Pune Call Girls Warje (7001035870) Pune Escorts Nearby with Complete Sat...
 
CHEAP Call Girls in Mayapuri (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Mayapuri (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Mayapuri (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Mayapuri (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
CHEAP Call Girls in Hauz Quazi (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Hauz Quazi (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Hauz Quazi (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Hauz Quazi (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
9892124323 Pooja Nehwal Call Girls Services Call Girls service in Santacruz A...
9892124323 Pooja Nehwal Call Girls Services Call Girls service in Santacruz A...9892124323 Pooja Nehwal Call Girls Services Call Girls service in Santacruz A...
9892124323 Pooja Nehwal Call Girls Services Call Girls service in Santacruz A...
 
Call Girls Pimple Saudagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Pimple Saudagar Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Pimple Saudagar Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Pimple Saudagar Call Me 7737669865 Budget Friendly No Advance Booking
 
Introduction-to-4x4-SRAM-Memory-Block.pptx
Introduction-to-4x4-SRAM-Memory-Block.pptxIntroduction-to-4x4-SRAM-Memory-Block.pptx
Introduction-to-4x4-SRAM-Memory-Block.pptx
 
HLH PPT.ppt very important topic to discuss
HLH PPT.ppt very important topic to discussHLH PPT.ppt very important topic to discuss
HLH PPT.ppt very important topic to discuss
 
Escorts Service Arekere ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Arekere ☎ 7737669865☎ Book Your One night Stand (Bangalore)Escorts Service Arekere ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Arekere ☎ 7737669865☎ Book Your One night Stand (Bangalore)
 
(=Towel) Dubai Call Girls O525547819 Call Girls In Dubai (Fav0r)
(=Towel) Dubai Call Girls O525547819 Call Girls In Dubai (Fav0r)(=Towel) Dubai Call Girls O525547819 Call Girls In Dubai (Fav0r)
(=Towel) Dubai Call Girls O525547819 Call Girls In Dubai (Fav0r)
 
Call Now ≽ 9953056974 ≼🔝 Call Girls In Yusuf Sarai ≼🔝 Delhi door step delevry≼🔝
Call Now ≽ 9953056974 ≼🔝 Call Girls In Yusuf Sarai ≼🔝 Delhi door step delevry≼🔝Call Now ≽ 9953056974 ≼🔝 Call Girls In Yusuf Sarai ≼🔝 Delhi door step delevry≼🔝
Call Now ≽ 9953056974 ≼🔝 Call Girls In Yusuf Sarai ≼🔝 Delhi door step delevry≼🔝
 
Call Girls Banashankari Just Call 👗 7737669865 👗 Top Class Call Girl Service ...
Call Girls Banashankari Just Call 👗 7737669865 👗 Top Class Call Girl Service ...Call Girls Banashankari Just Call 👗 7737669865 👗 Top Class Call Girl Service ...
Call Girls Banashankari Just Call 👗 7737669865 👗 Top Class Call Girl Service ...
 
Shikrapur Call Girls Most Awaited Fun 6297143586 High Profiles young Beautie...
Shikrapur Call Girls Most Awaited Fun 6297143586 High Profiles young Beautie...Shikrapur Call Girls Most Awaited Fun 6297143586 High Profiles young Beautie...
Shikrapur Call Girls Most Awaited Fun 6297143586 High Profiles young Beautie...
 
CALL GIRLS IN Saket 83778-77756 | Escort Service In DELHI NcR
CALL GIRLS IN Saket 83778-77756 | Escort Service In DELHI NcRCALL GIRLS IN Saket 83778-77756 | Escort Service In DELHI NcR
CALL GIRLS IN Saket 83778-77756 | Escort Service In DELHI NcR
 
Call Girls Kothrud Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Kothrud Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Kothrud Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Kothrud Call Me 7737669865 Budget Friendly No Advance Booking
 
Call Girls Chickpet ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Call Girls Chickpet ☎ 7737669865☎ Book Your One night Stand (Bangalore)Call Girls Chickpet ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Call Girls Chickpet ☎ 7737669865☎ Book Your One night Stand (Bangalore)
 
Top Rated Pune Call Girls Chakan ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
Top Rated Pune Call Girls Chakan ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...Top Rated Pune Call Girls Chakan ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
Top Rated Pune Call Girls Chakan ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
 
Top Rated Pune Call Girls Shirwal ⟟ 6297143586 ⟟ Call Me For Genuine Sex Ser...
Top Rated Pune Call Girls Shirwal ⟟ 6297143586 ⟟ Call Me For Genuine Sex Ser...Top Rated Pune Call Girls Shirwal ⟟ 6297143586 ⟟ Call Me For Genuine Sex Ser...
Top Rated Pune Call Girls Shirwal ⟟ 6297143586 ⟟ Call Me For Genuine Sex Ser...
 

OPC UA Security: Native and Add-on Solutions

  • 1. The Rise of Smart Factories: Use Cases – Essentials – Security Tools Oliver Winzenried CEO WIBU-SYSTEMS AG oliver.winzenried@wibu.com OPC UA Security: Native and Add-on Solutions December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 1
  • 2. Smart Factory Projects featuring Wibu-Systems  OpSIT: Smart Items Technologies in Healthcare  SesaOPC: SmartFactoryKL  Secure Plug & Work: Fraunhofer IOSB  IUNO: German reference project for Cyber Security in Industrie 4.0  Large consortium: 14 companies and 7 research institutes  Four large Use Cases (Testbeds) December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 2
  • 3. OpSIT: Smart Items Technologies in Healthcare December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 3
  • 4. OpSIT: Smart Items Technologies in Healthcare  OpSIT: Optimal use of smart items technologies in healthcare  Using an Intel Edison SBC as a Gateway for wireless low-power sensors  Wireless sensor data is sampled from Edison   Unprotected data is sampled and processed locally  Sampled data is provided via OPC UA in hospital network   Secure access to sensitive data  Whole system (application & cryptographic material) stored on a CodeMeter microSD card December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 4
  • 5. Technology Initiative SmartFactoryKL December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 5 Cyber Physical Systems 2002 2005 2015 Smart Home Internet of Things 2011 10-year anniversary Launching: CONFIGURATION OF THE VISION INDUSTRIE 4.0 More than 10 years… www.SmartFactory.de
  • 6. Technology Initiative SmartFactoryKL December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 6
  • 7. Technology Initiative SmartFactoryKL December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 7 Topics and content: • Cyber-Physical Systems • Vertical integration via OPC-UA • Decentralised process control via RFID • Semantical product and object memory model • Resource protection through context-enabled M2M communication • Augmented-Reality based human-machine interaction Wibu-Systems contribution • Secure signed data in RFID • Secure key storage and certificates for OPC-UA • Security components from sensor to cloud
  • 8. Project Secure Plug & Work  Plug & Work of production components using open standards  Secure authentication and configuration of production components and trusted communication  Wibu-Systems contribution CodeMeter Protection, Licensing, Security, OPC UA integration December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 8
  • 9. Secure Plug and Work: Secure networking in Industry 4.0 December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 9 Firewall PC/Über- geordnete IT Ethernet Control Room MAG Specht Milling Cutter Schunk Powerball
  • 10. Component Overview December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 10 Firewall Component nTool MagazineSpindle IPC (PLC) Machine Control PC/MES IT CAN Ethernet Schunk PLC ProfiNet
  • 11. OPC UA Communication Added December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 11 Firewall Component nTool MagazineSpindle IPC (PLC) Machine Control OPC-UA- Server OPC-UA- Server PC/MES IT UA Server CAN Ethernet Schunk PLC OPC-UA- Server ProfiNet
  • 12. Security in “Secure Plug & Work” December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 12 Gateway (Switch for secure connection, gateway for unsecured connection, aggregating UA-Server) Firewall Component nTool MagazineSpindle IPC (PLC) Machine Control OPC-UA- Server Security OPC-UA- Server Security OPC-UA- Server PC/MES IT UA Server CAN Ethernet Schunk PLC OPC-UA- Server Security ProfiNet
  • 13. IUNO: Reference Project Security in Industrie 4.0 December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 13  Four large Use Cases (Testbeds)  Collect all requirements and solutions in a tool box  Implementation Transfer to Industry! Secure Connectivity Visual security control room for a production scenario Secure Processes Customer individual production Secure Services Remote access / trusted partners Secure Data Technology market place for process data
  • 14. IUNO: Reference Project for Cyber Security in Industrie 4.0 December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 14
  • 15. IUNO WP 1 – Customized Production (HOMAG) December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 15
  • 16. IUNO WP 1 – Customized Production  Goal: Definite and secure identification throughout the production process  Identification is complicated by  Processing, production environment (e.g., dust, humidity,…), multi-domains  Examples  Painting or cutting of components  Challenges  Secure application of identification material to components  Prevention of product piracy (counterfeits)  Establishing cross-domain trust in identification process December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 16
  • 17. IUNO WP 2 – Marketplace for technology data (TRUMPF) December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 17
  • 18. IUNO WP 2 – Marketplace for technology data (TRUMPF)  Goal: Easy and secure tradeable technology data (machine configurations)  Status Quo  Basic technology data is included in the machine  Advanced technology data is bought on a one-time basis  Technology data is not protectet against theft at all  Challenges  Machines are not a single, easily controllable entity  Technology data need to be flexible  Industrial requirements for availablity and reliability December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 18
  • 19. IUNO WP 3 – Remote maintenance (Bosch) December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 19
  • 20. IUNO WP 3 – Remote maintenance (Bosch)  Goal  Unified platform for remote maintenance of machines  Status Quo  Diverse landscape of remote maintenance solutions  Challenges  Secure and unified identification of all participating parties  Platform, machines, maintainers, service providers, contracting bodies, …  Secure routing of connections  One configuration for network equipment suffices for all machines on the shop floor December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 20
  • 21. How to Implement Security in Connected Products Working principles of CodeMeter December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories OPC UA typical architectures CodeMeter integration in OPC UA 21
  • 22. Wibu-Systems Technologies and Solutions December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 22 Software Integration Back Office Integration Protection Suite: Ax/Ex/Ix-Protector CodeMeter License Central  CodeMeter®  Secure Key Storage (Hardware / Software)  De-/Encryption (AES, ECC, RSA)  Flexible License Models  Software Integration  Automatic Code Protection / API  Secure Boot / OPC UA  Back Office Integration  Key and Certificate Deployment  License Deployment  License Administration
  • 23. OPC UA offers excellent security at protocol level  Secure Channel Authentication  X.509 certificates  RSA public/private keys  Trust management via Public Key Infrastructure  Secure Channel Encryption  Symmetric Encryption using Advanced Encryption Standard (AES) 128/256bit keys   Using OPC UA provides high security in transit December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 23 Picture: OPC Foundation
  • 24. OPC UA offers excellent security  Widely supported:  Plattform Industrie 4.0 in Germany  BSI Study on OPC UA standard https://opcfoundation.org/security/  IIC support  Chinese Alliance Industrial Internet December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 24
  • 25. OPC UA offers endpoint security  The IIoT Landscape: Where are Endpoints? December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 25 EP EP EP EP EP EP EP 25
  • 26. OPC UA offers endpoint security  Access Control  Monitoring & Analysis  Secure Configuration & Management  Integrity Protection  Identity  Root of Trust  Physical Security (with CM)  Data Protection  Security Model and Policy December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 26
  • 27. Pervasive security extends beyond the protocol layer  Security of endpoints is equally important  Vulnerabilities in operating systems  Vulnerabilities in software libraries  Vulnerabilities in applications  Consequences of a compromised endpoint can be severe  Theft of cryptographic material (authentication)  Manipulation of configuration data (trust lists, certificate revocation lists)  Manipulation of applications (producing incorrect information) December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 27
  • 28. Pervasive security needs additional effort  General setup for OPC UA servers and clients  Private keys are stored on the hard disk  Trust lists and certificate revocation lists are stored on the hard disk  Applications are not protected against tampering  Successful attack to endpoints leads to  Further penetration of infrastructure  Loss of functionality or reliability  Loss of intellectual property December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 28
  • 29. OPC UA SDK, CmEmbedded and CmDongle – a perfect match  CmEmbedded  Small, modular runtime for embedded systems  Portable to a variety of operating systems  Provides subset of CodeMeter API  CmDongle  Smart card chips from Infineon Technologies (EAL 5+)  Secure storage of cryptographic material  Secure execution of crypto primitives (encryption/signature)  Variety of form factors December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 29
  • 30. OPC UA SDK, CmEmbedded and CmDongle – a perfect match  Integration of CodeMeter Embedded in OPC UA SDK  Storage and processing of all security sensitive information in the smart card chip  Effortless development of applications with hardware security  Seamless migration between conventional software security and hardware security  Access to protection, licensing, and security features of CodeMeter December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 30 CodeMeter Embedded Development OPC-UA Application CodeMeter Embedded
  • 31. Enhancing security in OPC UA  Protection of private keys in CmDongle  Implementation of asymmetric encryption and signature algorithm according to OPC UA security profiles  Currently RSA keys up to 2048bit (ECC 224 Bit)  All processing done in CmDongle  Extraction of private keys practically impossible  Protection of security sensitive information (e.g. trust lists)  Encryption of OPC UA application prevents tampering and reverse engineering  Signatures for protected information verified in CmDongle   Verified, tamperproof trust lists, certificate revocation lists, passwords, … December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 31
  • 32. OPC-UA Application CodeMeter Embedded Feature #1 Feature #2 Feature #3 Benefits of License Management in OPC UA  Flexible licensing of functionality  License access to features of OPC UA application  Full access to extensive list of CodeMeter license models (e.g. pay-per-use, rental, …) December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 32
  • 33. Unified access  Update CmDongle contents via OPC UA  No physical access necessary  No extra network protocols or open ports necessary  Secure distribution through CodeMeter functions  Secure, even without OPC UA Security (Security Profile: None) December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 33 OPC-UA Application CodeMeter Embedded Feature #1 Feature #2 Feature #3 OPC UA Secure Channel
  • 34. Availability  Unified Automation SDKs  ANSI C based OPC UA SDK  High Performance OPC UA SDK  Successful evaluation phase in several research projects and demonstrators December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 34
  • 35. Your major takeaways  Thomas J. Burke:  IIoT, IoT, Industrie 4.0 requirements for real interoperability require security and information integration.  OPC UA provides secure reliable interoperability and information integration seamlessly.  The OPC Foundation collaborates with 30+ standard organizations providing the infrastructure for these standards organizations to have plug-and-play interoperability and information integration. December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 35
  • 36. Your major takeaways  Oliver Winzenried:  Security is the enabler for IoT and Industrial Internet projects  Each device needs a tamperproof identity  Know-how is in flexible production processes, software, technology data, and production data – all needs to be protected against counterfeiting and tampering  OPC UA is more than secure communication and an open standard December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 36
  • 37. Deutschland: +49-721-931720 USA: +1-425-7756900 China: +86-21-55661790 http://www.wibu.com info@wibu.com Germany: +49-721-931720 USA: +1-425-7756900 China: +86-21-55661790, 10-82961560 http://www.wibu.com info@wibu.com Questions? Contact us! December 13, 2016 © WIBU-SYSTEMS AG 2016 - OPC UA Security: Native and Add-on Solutions for the Rise of Smart Factories 37

Editor's Notes

  1. Verschiedene Maschinen kommunizieren untereinander und mit übergeordneten Leitsystemen
  2. Der Roboterarm besteht aus einer SPS und mehreren intelligenten Gelenkservos Die Fräsmaschine besteht aus einem Steuerrechner und kann mit verschiedenen Anbauteilen ausgerüstet werden Alle Einzelkomponenten müssen bei Inbetriebnahme und im Servicefall am System softwareseitig konfiguriert werden. Beispiel: Kalibrierungsdaten des Arms, Qualitätsdaten des Kugelgewindetriebes, Motorparameter der Spindel, …
  3. Einbringen einer herstellerübergreifenden Kommunikationsschicht basierend auf OPC UA und Automation ML Anlagenmodellen. Das System konfiguriert sich jetzt softwareseitig selbst. Komponenten melden ihre eigene Konfiguration und Messdaten an ihre Steuerung. Betriebsdaten wie Betriebsstunden, Temperaturverläufe, Drehzahlen werden erfasst und über OPC UA zur Verfügung gestellt
  4. Herausforderung: Der Maschinenhersteller und der Anlagenbetreiber müssen sicherstellen, das die gemeldeten Daten aus vertrauenswürdiger Quelle kommen. Aufgezeichnete Betriebsdaten dürfen nur in befugte Hände gelangen. Wibu hat seine CodeMeter Technologie in den OPC UA Stack integriert. Dieser läuft hier auf unterschiedlichen Komponenten, stellt jedoch zusammen mit OPC UA ein durchgängiges Konzept für die Datensicherheit und gegenseitige Vertrauensstellungen zur Verfügung.
  5. Diverse landscape of remote maintenance solutions Different requirements for software, hardware and infrastructure Keeps IT busy with configuration of network equipment Conflicts with security requirements on shop floor (e.g., open ports, internet connection)