Guarantee cybersecurity with Bihl+Wiedemann in the long term

The topic of cybersecurity is more relevant than ever. In the industrial sector, the reliability of processes and production in particular is becoming increasingly important.

Like the standard ASi-5 communication, ASi-5 Safety is almost tap-proof due to the nature of the system. The reason:  the data transfer via OFDM with dynamic frequency assignment,makes it very complex to capture the exchanged messages. This requires the entire context of the connection set-up between ASi master and ASi node. Besides, the clock frequencies must be precisely synchronized just like between the ASi master and ASi node according to the ASi-5 protocol.

Cybersecurity is also enhanced by the fact that the gateway creates a logical break between TCP/IP, ASi-5, and ASi-5 Safety. This means that high safety requirements only need to be placed on the ASi-5 Master, which establishes the connection to TCP/IP. ASi-5 modules, on the other hand, are much less problematic in terms of safety, since they cannot communicate over TCP/IP networks. Those responsible for network security can thus focus on significantly fewer devices and check them more carefully.

Due to the strong networking of Industry 4.0 devices, the topic of data security is becoming enormously important, since any device with access to other devices in a network can be used as an attack platform. We enable the seamless integration of our devices into existing IT security concepts and ensure data security like this:

• All modern ASi-5/ASi-3 gateways can be updated and can meet future safety requirements long time after commissioning.

• The firmware on the update server is signed.

• Each TCP/IP-capable device receives an individual certificate for SSL communication in production.

• ASi increases security through the communicative break between TCP/IP and the field devices.

• OPC UA uses established encryption methods such as AES-256 with SHA up to 512 or RSA.

• Software updates and OPC UA can also be locked locally on the device - a reliable and absolute protection.

Devices equipped with AS-Interface (ASi) generally fall under the category “Products with digital elements”, but not under the much stricter categories “Important products with digital elements” or “Critical products with digital elements”.

This means that some fundamental risk assessments and functions must be fulfilled, which can be realized with both ASi-3 and ASi-5.
Specifically, user administration is implemented for the more complex, parameterizable Bihl+Wiedemann devices, i.e., gateways and safety gateways, which then also applies to any connected modules.
It must also be possible to update the software of these devices in the field, which is already the case with all our current gateways and safety gateways.

Furthermore, manufacturers are obliged to monitor security vulnerabilities in their software and in the libraries used, and to rectify them as necessary. Bihl+Wiedemann is aware of its responsibility and is already acting accordingly.

The update process at Bihl+Wiedemann components follows the premise: System integrity must always be guaranteed.

Data integrity is a widespread basic requirement in automation systems. However, with increasing networking of devices, this requirement is no longer sufficient. Instead, the integrity of the entire system must be guaranteed, not only the transmission, but also the software or firmware of the individual components.

ZVEI e. V., (Verband der Elektro- und Digitalindustrie -German Electrical and Electronic Manufacturers' Association), has summarized in a white paper what is important when it comes to integrity

• Updates play an important role in eliminating security-relevant vulnerabilities in components
• Updates must be checked for integrity and authenticity before they are implemented (especially to rule out changes by possible attackers)
• If the integrity is breached, the update must not be applied
• Simple checksums do not offer any protection against intentional changes by attackers, as they can also be manipulated
• Signatures or key-based cryptographic hash functions effectively protect against checksum modification

Our measures consistently take into account the specifications of ZVEI. How we reliably ensure your security in the update process:

• Certificate-based end-to-end encryption between the update server and the device to be updated
• End-to-end encryption prevents the infiltration of malware into Bihl+Wiedemann devices
• Comparison with the server ensures the detection of outdated firmware versions
• The TÜV-tested procedure is also approved for firmware in safety products

• zertifikatsbasierte Ende-zu-Ende-Verschlüsselung zwischen dem Update-Server und dem zu aktualisierenden Gerät
• Ende-zu-Ende-Verschlüsselung verhindert das Einschleusen von Schadsoftware in Bihl+Wiedemann Geräte
• Abgleich mit dem Server sorgt für die Entdeckung veralteter Firmwarestände
• Das TÜV-geprüfte Verfahren ist auch für Firmware bei Safety Produkten zugelassen

We believe that this series of standards is currently the leading standard for security in the field of Industrial Automation and Control Systems (IACS). It can be assumed that these standards will be further developed and harmonized for the CRA, i.e., accepted as state of the art according to the CRA. The series of standards provides for different security levels (SL) depending on the risk, and these differ in terms of the strength of the protective measures. It is likely that devices with a higher CRA classification (critical or important products) will then have to meet higher SLs.

Both ASi-3 and ASi-5 have specialized communication methods that are very difficult to intercept and analyze. In the case of ASi-3, this is achieved by the specific sin² pulses, whereas in the case of ASi-5, it is achieved by the adapted OFDM (Orthogonal Frequency-Division Multiplexing) method.

These methods make ASi far more secure than existing industrial Ethernet protocols, which can be intercepted with commercially available network components.