ISG Provider Lens™ Manufacturing Security Solutions - OT Security Solutions - Global 2022

OT security and mobility security solutions witness soaring demand.

OT SECURITY SOLUTIONS

Advances in machine-to-machine (M2M) technology and machine learning have led to radical changes in operational technology (OT). Factories with inherent automation are realizing its benefits in the form of predictive maintenance and improvements in machine life, quality and volume throughput. However, many enterprises depend on a complex mix of legacy OT and connected technologies, which has created gaps in security. This has also led to factories retrofitting solutions into legacy systems. With increasing adoption of industrial IoT (IIoT) and connected IoT devices, companies are in a growing need for security that would not only ensure seamless operations but also avoid the risks of cyber breaches. This means that legacy OT systems must be fortified with security extensions to ensure continuity of operations and prevent downtime that results from security attacks.

The adoption of OT security technologies in some companies in the manufacturing industry is higher than others, and they are actively working to mitigate vulnerabilities. Healthcare, utilities and manufacturing companies being a few of them. Attacks on COVID vaccine manufacturers, wherein attackers tried to fabricate the vaccine formula, prompted the life science market to address such vulnerabilities by setting up a dedicated security operations center (SOC) for OT. In the past, automotive and other heavy industries have stayed away from OT security implementations and, as a result, have fallen prey to malicious attacks.

For instance, a Japanese automotive company faced a cyberattack a few months ago, causing several of its plants to go offline and resulting in millions of dollars in losses. Nowadays, several advanced attack tools are freely available, which can be used to launch cyber-physical attacks against infrastructure systems. Such cyberattacks are compelling heavy industries to invest heavily in OT security across their manufacturing facilities.

Enterprises usually prefer security solutions that can be scaled and applied to their on-premises cloud and specialized networks, such as a fuel sensor network in an oil refinery. Two main types of security solutions for OT are gaining interest, namely, (1) accurate detection and proactive derailment of threats and (2) decoy and deception of attackers. The first kind represents OT security solutions that can manage and secure all types of devices via an open platform. They proactively address issues such as resetting passwords, changing configurations, reverting to original settings and upgrading firmware. On the other hand, advanced deception technologies prevent attacks by firstly disrupting the discovery activity of attackers and providing them with fake information that leads to their derailment. They then raise an alert along with the information required for fast remediation.

In a typical plant, these two technologies operate in tandem, with comparatively limited decoy-based deployment. Most enterprises today are opting for visibility and monitoring solutions, while some segments have started exploring solutions with managed deception. Some other trends witnessed by ISG are as presented below.

ISG witnesses a rapid shift toward adoption of digital technologies in the OT segment. Manufacturing environments with heavy OT equipment and other legacy infrastructure have started adding digital components. Similarly, factories, oil platforms and refineries are also introducing digitization, AI and cloud. Therefore, customer requirements in the OT space have changed over time, and end-to-end OT solutions are gaining traction. ISG predicts that the next level of evolution in the OT security space will be around big data. Technology suppliers are anticipated to work extensively with enterprises with a stable cloud infrastructure to collect information. Similar information from multiple customers, especially in the manufacturing sector, will be used to create a data lake, on which machine learning algorithms can be applied to provide additional insights and recommendations.

MOBILITY SECURITY SOLUTIONS

An exponential rise in the number of reported automotive cyberattacks indicates that mobility security is critical to counter threats in connected cars. A successful attack can cause irreversible damage to the OEM’s reputation. Many lean technology suppliers have emerged globally that want to leverage the cybersecurity-related disruption in the automotive industry. Thus, multinational OEMs and Tier-1s support these technology providers and use their services to help protect millions of vehicles. The launch of security regulations, such as WP.29 by The United Nations Economic Commission for Europe (UNECE) and ISO 21434 in 2020, has been a major driver for these businesses. The OEMs and Tier-1s are seeking solutions to comply with this regulation. Several companies (such as Upstre0am Security) not only monitor and protect vehicles but also maintain intelligence analyst teams to research and stay updated on the latest incidences and vulnerabilities.

Companies such as Regulus Cyber conducted several R&D exercises across mobility industries (for e.g., automotive and aerospace) with widely available tools, such as free online software. These companies imitated the attacks on global positioning system (GPS), which were taking place globally and proved that any system can be hacked; this highlighted the severity of the problem. For instance, Regulus Cyber did an experiment on a Tesla, where it used a global navigation satellite system (GNSS) spoofing to take control of a vehicle steering and speed and managed to divert the vehicle into incoming traffic. Several vulnerabilities concerning the use of satellite-based navigation and timing across GNSS receivers, which are embedded in high-end systems, have been exposed by these companies. Teams conducting these tests were able to take control of timing systems using traditional spoofing methods and used this to control drones that were trying to enter certain parameters. Global Tier-1s, such as Harman, are integrating products from these emerging players (such as Pyramid GNSS from Regulus Cyber) as a part of their cybersecurity offering to provide an end-to-end security solution, spanning GNSS spoofing and connected threats.

In the automotive cybersecurity segment, ISG witnessed developments in two main categories, which are the two ways to enter a vehicle’s decision-making system — connected threats (through the Internet) and sensor threats (attacks that exploit the use of sensors on smart vehicles). A few emerging companies, such as Argus Cyber Security, offer solutions and services that protect the electronic control units (ECUs) or door control units (DCUs), vehicle communication model, telematics, etc., from connected threats. GNSS, which consists of the U.S. GPS, the Russian GLONASS, the European Galileo and the Chinese BeiDou systems, is prone to sensor threats. GNSS is at the core of multiple technologies, and approximately 70 percent of the world’s GPS depend on the timing and location of GNSS. Thus, if the GNSS signal is interrupted, it can lead to catastrophic failure of different systems, such as malfunctioning of force positioning and guided ammunitions in the defense sector. Some automobiles use all four of these constellations simultaneously and, thus, fall prey to GNSS spoofing and jamming — the most serious threats on satellite-based navigation and timing. Jamming involves ways of blocking the signal, and spoofing corresponds to manipulating the signal. The world has faced GNSS spoofing and jamming incidents across industries, such as aviation, automotive and maritime, as well as in consumer electronics such as mobile phones.

From a market evolution perspective, the involvement of new players can be expected. Orolia, InfiniDome and Javad are a few other GNSS interference specialists, which, however, do not focus on automotive. Their involvement in the mobility cybersecurity segment and a greater level of integration between GNSS service providers, such as u-blox and Furuno, and security solution providers can be expected in the future.

Access to the full report requires a subscription to ISG Research. Please contact us for subscription inquiries.