Cyber security for plant operators
INNOVATION WELCOME – A SURE THING!


AT A GLANCE:
Cloud connection and networking via the Internet of Things (IoT) create entirely new analytical and practical opportunities for your plant operation – but also new risks.
In 2022 alone, ransomware attacks on operational technology (OT) systems in production and infrastructure increased by 87%.
Protect your system and data with professional and lasting vulnerability management – in other words, detecting and rectifying vulnerabilities. We’re here to help.
Your motivation:
With the rapid advances in networking of production systems and critical infrastructure, one key component is still far too often under-represented: Cyber security. That’s why Germany’s IT Security Act 2.0, the forthcoming EU Cyber Resilience Act, and the new EU Machinery Regulation 2023/1230 require manufacturers and plant operators to put specific security procedures in place. Standards IEEE 62443 and TS 50701 are also relevant in this connection. But how can you identify and counter vulnerabilities and risks in your Operational Technology (OT) components and systems?
Cyber security for your plant technology –
ask us!
ask us!
Want to make your plant cyber-secure? Get advice from our experts: Send an email with your request or call us. Protect your OT against the dangerous consequences of software errors and vulnerabilities!
call us
+49 721 9841 4678
Email
sales@codewerk.de
What creates added value for you:
As a plant operator you can monitor operational risks and minimize potential losses with our support. We focus mainly on two points in this regard:
- We understand complex OT systems as a whole in order to reliably assess the impact of errors and establish mitigation mechanisms. Our experience shows that a comprehensive combination of system, software, and security expertise is essential. For many of our customers, this defines the “Codewerk factor.”
- We operate and maintain your security monitoring system on the basis of Security Onion. This helps you reliably detect attacks both from within the network and from hosts.
Codewerk services for
secure plant management:
Connecting your OT devices to a security monitoring solution, such as the open-source Security Onion solution
Integration of vulnerability scanners in your OT network and connecting them to Security Onion, like the open-source solution VulnWhisperer
What we do differently:
Codewerk is a partner to entities such as major industrial and rail vehicle equipment and component manufacturers, and is also active in R&D projects in the rail transport sector. Based on our understanding of complex systems and our own roots in software engineering, we can specifically target typical risks. Here are just three of many examples:
- Insecure standard configuration:
A quick and easy target for hackers, but still a widespread one. This is where our fuzzing comes in – a deliberate attempt to crash the system with randomly generated input data. Based on the insights obtained, we then apply our software expertise to optimize the source code. - Code vulnerabilities:
Most software is sourced externally – and is therefore beyond the control of the product manufacturer. Our continuous vulnerability monitoring and management reveals security loopholes – in libraries or frameworks, for example – and assesses their potential repercussions. - Insecure data validation and input checking:
If inputs are not properly validated, hackers can inject malicious code (e.g. SQL injection or cross-site scripting) into the system and execute it. Using Security by Design, we counter this risk right at the development and testing phase.
System-, Software- and Security-Know-how
To embed security comprehensively, you need to understand complex systems like process control technology or train control systems in detail.
Timon Esslinger, Cyber security expert at Codewerk
The product is ready – how about a little security on top?
Why Security by Design in accordance with IEEE 62443 pays off
In many cases, cyber security is still considered a product feature – and treated as such: Once the basic functions have been defined and programmed, security is added on top as a compulsory component.
It’s time this way of thinking was turned around: How must a function be implemented to make it secure? Errors in system design in particular – e.g. insecure fallback mechanisms or errors in key management – can be avoided only using Security by Design. Error correction right at the development stage not only makes this approach more secure but also much more cost-effective.
Which security monitoring solution must I use?
Points in favor of Open Source
We’re basically flexible – if, say, your corporate guidelines say you have to use a product from a particular manufacturer. But we believe there are clear practical benefits in using an open-source solution that gives us the freedom to tailor the code precisely to suit your requirements. We’ve had very good experience with Security Onion, a solution which our customer Wassergewinnung Essen relies on, for example.
The major benefit of Security Onion for us is the better overview of the system as a whole and the easier network hygiene. You get to know your own network better.
Detlef Stein, Wassergewinnung Essen (WGE)
See also:
“Head in the sand” no longer applies
How companies should respond to the EU’s Cyber Resilience Act
Standards-compliant cyber security for your OT –
ask us!
ask us!
Want to protect your OT against the consequences of software errors and vulnerabilities? Contact our experts!
Your first step toward effective cyber security!
call us
+49 721 9841 4678
Email
sales@codewerk.de
THE CODE TO YOUR SUCCESS
Codewerk
At Codewerk, we want to help improve protection for the world of OT. So cyber security is more than just another area of growth to us. We’re driving advances in this field out of a genuine passion for and identification with our customers’ world. As a long-standing software development partner to the process industry, manufacturing industry, and rail-based transport, we know how complex systems are – and how long a journey it is in order to achieve the same level of security as in IT. But there’s no time to slowly build up a culture of cyber security. The time to act is now.
At Codewerk, we want to help improve protection for the world of OT. So cyber security is more than just another area of growth to us. We’re driving advances in this field out of a genuine passion for and identification with our customers’ world.
- A decade of experience as an independent software developer and service provider
- Four locations in Germany
- Partner in national and international R&D projects and in the open Siemens Xcelerator ecosystem
- Certification to ISO Standard 27001 since 2020
Model-based software engineering for the vehicle control unit
GETTING THERE FASTER
We speed up the development and validation of vehicle control software using model-based software engineering.
DEVELOPMENT OF IOT AND EDGE APPLICATIONS
FOR SMART RAIL OPERATIONS
By monitoring “health states,” identifying optimization potentials in the network, and enabling predictive maintenance, our application development transforms your data into knowledge.
Subsystem integration for the vehicle control unit and operator network
SO IT ALL WORKS TOGETHER
When subsystem integration is performed for the vehicle control unit and operator network, we take full responsibility for combining multivendor architectures to form a functioning whole.
Innovations
WE’RE SHAPING THE FUTURE
We play an active role in both national and international research projects that are working to prepare rail vehicle technology for the challenges of future decades.
Development of a basic system
BASIS FOR THE FUTURE
By participating in international standardization projects, we’re contributing to the creation of a highly expandable and modular basic system of the future.
Device integration for SIMATIC PCS 7 / SIMATIC PCS neo
YOUR COMPONENTS IN A LEADING POSITION
Siemens’ SIMATIC PCS 7 and SIMATIC PCS neo control systems are leaders in the process industry. We take responsibility for a seamless, system-compliant integration of your products or third-party components.
PROFINET Stack Integration
WE HELP YOU MAKE IT TO THE BIG LEAGUES
You want to integrate PROFINET into your chips or devices – we handle the modification of the relevant stacks as part of a carefree package for you – right up to certification.
System integration for industrial communication
SO THAT NO DATA-POINT IS LOST
Whether it’s PROFINET, OPC UA, MQTT, or applications based on them, we take on the complete integration of products for industrial communication into your system environment.
Development of IoT and edge applications
DATA BECOMES THE BASIS FOR DECISION-MAKING
You want to turn big data into smart data. We’ll build your application – from data acquisition (connectivity) and data transmission to data evaluation and utilization.
MINDSPHERE® EFFICIENCY SUITE
Would you like to move your entire production plant to the IoT cloud? Our specially developed MindSphere® Efficiency Suite can help. We use it to model and structure your plant in the cloud – efficiently, securely, and with much less effort than you’d expect.
IO-LINK LIBRARY FOR SIMATIC PCS 7/SIMATIC PCS NEO
Secure point-to-point connections in industry are relatively easy to implement with the right IO-Links. We offer you the right driver so that integration is in full compliance with the system.
TURCK Remote IO FOR SIMATIC PCS 7
The system-compliant connection of TURCK systems to the SIMATIC PCS 7 process control system doesn’t have to be time-consuming. Our function block library ensures maximum convenience at the user end.
Cyber security for component manufacturers
SECURE FROM THE START
How we help you eliminate potential vulnerabilities in your products – from product development throughout the entire lifecycle.
Cyber security for plant operators:
MORE PROTECTION FOR YOUR ASSETS
How we can help you monitor and mitigate risks during operation – supported by our combination of system, software, and security expertise.