小程序
传感搜
传感圈

Digital Twins Are the Future, Here Are 5 Ways to Keep Them Secure While Manufacturing Innovation

2022-08-05
关注

As technology continues to revamp existing business models, novel methods of manufacturing and projection are increasingly being used. Digital twins are perhaps the best example of how companies marry technology with the natural world to create innovative solutions. A digital twin is an electronic version of a real-work entity. It allows companies to model business conditions and predict the impact of their choices.

Research by Capgemini reveals that digital twin usage is bound to increase by 36 percent over the next five years. Increased adoption will certainly help enterprises create better products. However, increased use often brings significant security risks.

Related: Why Blockchain and Digital Twins Are Good Partners

Data freely flows between the real-world entity and the digital twin. For instance, manufacturers create data flows between a real-world assembly line and its digital twin. This situation makes digital twins prime targets for malicious hackers who can wreak havoc on enterprise systems.

Here are five ways your company can secure its digital twins while ensuring peak productivity.

Evaluate all security practices

One of the most significant risks to digital twins is the prospect of hacking real-world security lines. For instance, a malicious actor might tap into the data stream between a real-world manufacturing line and its digital twin, damaging any IoT or mechanical elements significantly. To mitigate this risk, companies must review every security process in detail, including access protocols. Companies must analyze who accesses the digital twin and why.

Access management is central to a company's cybersecurity posture. Organizations must take the time to review everything related to it thoroughly, along with checking server security.

The data a digital twin generates will be stored on physical servers. Companies must examine their data pipeline as well. How well are they secured, and are there any gaps in that infrastructure? Connecting the pipeline to prevent rogue access in a malware attack is critical.

Related: Into the Metaverse: How Digital Twins Can Change the Business Landscape

Examine IoT security

Digital twins rely on IoT sensors and other devices in process chains to gather, transmit and analyze data. IoT offers several benefits, but these devices can act as a loophole in security infrastructure. Most IoT devices are not designed with a bigger picture in mind.

For instance, a single IoT device can secure the data it gathers very well. However, manufacturers cannot anticipate how this data will be used and the devices the product will interact with. Thus, they cannot configure the device for network security and leave it up to the user to do so.

Companies must check whether their IoT devices' configurations align with network security practices. Using devices with hardcoded security settings and pre-configured network passwords exposes them to significant risk.

Model security using twins

An under-appreciated area when speaking of digital twin usage is security modeling. While securing the digital twin to prevent real-world impact gains a lot of attention, companies must recognize that they can model attacks on digital twins to assess the impact on real-world systems.

Organizations must run scenarios that model different threats. They'll learn more about their network and its vulnerabilities. Standard cybersecurity measures such as penetration tests and continuous security monitoring allow organizations to attack their systems in a controlled environment.

Related: Five Ways To Protect Your Company Against Cyber Attacks

Companies must follow these tests with a detailed analysis of what happened. Creating a change management plan based on findings is essential to improving a digital twin's security and that of its real-world counterpart.

Check network security

Digital twins are a relatively new concept despite their growing popularity. Many manufacturing networks have not adjusted to their presence, leading to confusing security protocols. For instance, most manufacturers struggle to define where their twin will live on the web and how it will communicate with its real-world counterpart.

Should the twin use communication networks beyond the manufacturer's network when gathering data? How will those communication lines be secured? Answering these questions will reveal gaps in network security processes.

Default security architecture houses twins behind networks following Purdue Enterprise Reference Architecture (PERA) standards. However, as technology has evolved, PERA is not changing fast enough to secure data. PERA places sensors at level zero, barring all network connectivity. This model is unsuited for modern manufacturers.

Another solution is using the air-gap method, where sensors are housed in particular network sections. This keeps network traffic isolated from outside communication channels. However, the result is manual data uploads for analysis, and inevitably, the digital twin falls behind real-world conditions.

Developing network architecture that accounts for modern needs is of the essence. Companies must collaborate with design experts and brainstorm better ways to secure network data.

Related: Why Your Business Growth Depends on IT Infrastructure

Embrace zero trust

One way of solving the network security problem is to embrace zero-trust solutions. As more significant portions of cybersecurity infrastructure move towards automation, zero-trust is quickly emerging as the best solution for sophisticated networks.

A zero-trust system allows devices on a network to communicate seamlessly while validating each other's identities. Zero-trust also helps organizations define activity levels and the degree of data shared. For instance, they can specify the degree of a machine's privileges on a network, preventing unwanted data sharing.

The result is a data footprint that can be controlled, along with risk-based access management. By managing the degree of communication between systems, companies can prevent the spread of malware should any component of a digital twin become infected.

Innovative solutions need robust security

There's no doubt that digital twins can create better manufacturing processes. However, companies must secure data and access before realizing those benefits. Cybersecurity is a business pillar, and it is essential when speaking of digital twins.

参考译文
数字双胞胎是未来,这里有5种方法在制造创新时保证它们的安全
随着技术不断改进现有的商业模式,新的制造和投影方法越来越多地被使用。数字双胞胎也许是公司如何将技术与自然世界结合起来创造创新解决方案的最好例子。数字双胞胎是真实工作实体的电子版本。它允许公司模拟商业环境,并预测其选择的影响。凯捷咨询公司的研究显示,数字双胞胎的使用率在未来五年将增长36%。提高采用率肯定会帮助企业创造更好的产品。然而,使用的增加往往带来重大的安全风险。相关:为什么区块链和数字双胞胎是好伙伴数据在现实世界实体和数字双胞胎之间自由流动。例如,制造商在现实世界的装配线和它的数字双胞胎之间创建数据流。这种情况使数字双胞胎成为恶意黑客的主要目标,他们可以对企业系统造成严重破坏。这里有五种方法可以让你的公司在确保最高生产力的同时,保护它的数字双胞胎。数字双胞胎面临的最大风险之一是可能会侵入现实世界的安全线路。例如,恶意行为者可能会侵入现实世界的生产线与其数字孪生生产线之间的数据流,严重破坏任何物联网或机械元素。为了降低这种风险,公司必须详细审查每个安全流程,包括访问协议。公司必须分析谁能接触到数字双胞胎以及为什么。访问管理是公司网络安全态势的核心。组织必须花时间彻底检查与之相关的所有内容,并检查服务器安全性。数字双胞胎生成的数据将存储在物理服务器上。公司也必须检查他们的数据管道。它们的安全性如何?基础设施是否存在漏洞?连接管道以防止恶意软件攻击中的恶意访问是至关重要的。相关内容:进入超时空:数字双胞胎如何改变商业格局数字双胞胎依赖于物联网传感器和流程链中的其他设备来收集、传输和分析数据。物联网提供了一些好处,但这些设备可能成为安全基础设施的一个漏洞。大多数物联网设备在设计时都没有考虑到更大的前景。例如,一个物联网设备可以很好地保护它收集的数据。然而,制造商无法预测这些数据将如何使用,以及产品将与哪些设备进行交互。因此,他们不能为网络安全配置设备,而是让用户自己来配置。公司必须检查他们的物联网设备'配置与网络安全实践保持一致。使用具有硬编码安全设置和预先配置的网络密码的设备会使它们面临重大风险。谈到数字双胞胎的使用时,一个未被重视的领域是安全建模。虽然保护数字双胞胎以防止对现实世界的影响得到了很多关注,但公司必须认识到,他们可以对数字双胞胎进行攻击建模,以评估对现实世界系统的影响。组织必须运行模拟不同威胁的场景。他们将更多地了解他们的网络及其漏洞。标准的网络安全措施,如渗透测试和持续的安全监控,允许组织在受控环境中攻击他们的系统。相关内容:保护公司免受网络攻击的五种方法公司必须在这些测试之后详细分析发生了什么。基于发现创建一个变更管理计划对于提高数字双胞胎及其现实世界对等体的安全性至关重要。 检查网络安全数字双胞胎是一个相对较新的概念,尽管它们越来越受欢迎。许多制造网络还没有适应它们的存在,导致混乱的安全协议。例如,大多数制造商都在努力定义他们的“双胞胎”在网上的位置,以及如何与现实世界中的“双胞胎”进行通信。在收集数据时,双胞胎是否应该使用制造商网络之外的通信网络?这些通讯线路如何确保安全?回答这些问题将揭示网络安全进程中的漏洞。默认安全体系结构在遵循普渡企业参考体系结构(PERA)标准的网络之后运行。然而,随着技术的发展,PERA的变化速度不够快,无法保证数据的安全。PERA将传感器置于零级,禁止所有网络连接。这种模式不适合现代制造商。另一种解决方案是使用气隙法,传感器被安置在特定的网络部分。这使网络流量与外部通信通道隔离。然而,结果是手动上传数据进行分析,不可避免地,数字双胞胎落后于现实环境。发展符合现代需求的网络体系结构是关键。公司必须与设计专家合作,集思成想更好的方法来保护网络数据。相关内容:为什么您的业务增长依赖于IT基础设施解决网络安全问题的一种方法是采用零信任解决方案。随着越来越多的网络安全基础设施转向自动化,零信任正迅速成为复杂网络的最佳解决方案。零信任系统允许网络上的设备在验证彼此身份的同时进行无缝通信。零信任还有助于组织定义活动级别和数据共享程度。例如,它们可以指定机器在网络上的特权程度,防止不必要的数据共享。其结果是可以控制数据占用,以及基于风险的访问管理。通过管理系统之间的通信程度,公司可以防止恶意软件的传播,如果数字双胞胎的任何组件被感染。创新的解决方案需要强大的安全性,毫无疑问,数字双胞胎可以创造更好的制造过程。然而,在实现这些好处之前,公司必须确保数据和访问的安全。网络安全是一个商业支柱,当谈到数字双胞胎时,它是必不可少的。
您觉得本篇内容如何
评分

评论

您需要登录才可以回复|注册

提交评论

提取码
复制提取码
点击跳转至百度网盘