Multi-mode Systems for Resilient Security in Industry 4.0

Abstract In the era of the Internet of Things and Industry 4.0, machines and devices are increasingly getting connected. These connections go hand in hand with security vulnerabilities and potential threats to these devices. In regular IT systems, we typically provide updates to eliminate vulnerabilities. In industrial automation and control systems, especially in mass production, legacy systems are widespread and installing updates causes downtime. Availability is one of the top goals; stopping a machine in case of a cyber-security threat is often too expensive. But, system integrators and asset owners should not have to wait until product or component suppliers release appropriate updates. Due to safety and warranty requirements, developing and distributing updates can take a long time. In the meantime, attackers can pose threats by taking advantage of devices’ known vulnerabilities. In this paper, we propose the design of resilient systems based on multi-modal architectures with several operational modes. When vulnerabilities of systems become known, or when systems get even attacked at some point, mode switching can overcome the time between vulnerability disclosure or attack, and the availability of corresponding security patches. Therefore, system integrators and asset owners can actively protect themselves by implicitly or explicitly switching to modes with reduced attack surfaces and, thus, with limited ranges of activity for attackers.