Products
OverviewIndustries
OverviewService
OverviewCompany
OverviewBuy
OverviewProduct groups
OverviewEngineering
OvervieweConfigurators and Tools
OverviewJob opportunities
OverviewEDI (Electronic Data Interchange)
OverviewIn the "Industry rethought" podcast channel from Bosch Rexroth, Klaus Mochalski, CEO of Rhebo, explains how the company uses the ctrlX CORE controller as a network sensor and what security sins he finds in the OT infrastructure
Mochalski and his colleagues specialise in security monitoring and attack detection in the OT landscape. They still see Telnet connections, Raspberry Pis from student projects and communication that has no business in the OT. As a rule, this is the first time OT operators find out what is actually happening in their OT. The Leipzigers want to change that and are using technology from Bosch Rexroth to do so. "The sensor application running on the ctrlX CORE enables seamless integration into the Rhebo Industrial Protector," they say. Mochalski and his colleagues have been analysing the weak points in OT for years. At Rhebo, the control system becomes a sensor node. This requires an app from ctrlX World and a central analysis device.
The Rhebo team sees three use case
And what dangers do the experts see in manufacturing?
Rank 5: Infections with malware. Computers with outdated operating systems are not uncommon on the shop floor. As soon as the systems are connected to the network, the malware finds its way in. "The computers feed in the malicious code and reload modern malicious code," explains Klaus Mochalski.
Rank 4: Insecure authentication methods are, for example, user names or passwords in plain text. In addition, according to Mochalski, these are still often exchanged via Telnet.
Rank 3: Load fluctuations are another problem when it comes to OT stability. This concerns remote maintenance connections.
Rank 2: Vulnerabilities in permanently installed assets. These are often already documented vulnerabilities. Patches are often not feasible. In this case, Mochalski recommends encapsulating the systems.
Rank 1: "It's not very spectacular," says Mochalski. Many users have no overview of their assets. Time and again, his colleagues find services, protocols or devices that are active on the network but no longer needed. In a steelworks, for example, several Raspberry Pis from a student project were found from the time before the hall was connected to the internet. "And suddenly the systems were connected to the network," Mochalski recalls.
The whole interview and other episodes on the factory of the future in our tech podcast channel "Industry rethought" on all known platforms or you can subscribe directly here via Podigee (only available in German).
Contact person for the Bosch Rexroth Tech Podcast: Susanne Noll
Please feel free to contact Bosch Rexroth!