Outsmart hackers and solve problems before they happenOn a wall covered with industrial controls, a warning light suddenly flashes, indicating a network intrusion. It’s a cyber-storm attack. But in reality, it’s a simulation of a hacker attack, a sophisticated test carried out by Dr. Tang and his team.
It may only be a test, but the conditions it simulates are all too real and commonplace. A customer survey commissioned by Siemens China Digital Factories shows that, from petrochemical manufacturers to automakers, over 70 percent of industrial enterprises in China have experienced an actual or threatened viral or similar attack. The consequences can be devastating, extending far beyond a production disruption.
Dr. Tang works in IT Security, Corporate Technology, Siemens Ltd. China. His team uses cutting-edge methods to help industrial customers rebuff security threats. To better understand the possible attacks, they often play the role of “white hat hacker” in the Siemens Industrial Security Lab – using the latest intruder technologies to simulate attacks. They identify potential security risks in products and systems, and then inform the relevant product unit to eliminate the threats. This approach also guides development of next-generation risk-reduction methods. Dr. Tang’s vision is to use technology innovatively to create an “invisible wall” against network attacks. This virtual wall can protect industrial information and keep production safe and secure.
“Safety is central to industrial production, and you have to begin with the right frame of mind to maximize it. Back in 2005, we were one of the first to invest in industrial safety research and innovation. Our IT Security unit is the first in China set up by a global corporation. We’ve been at the forefront of this field right up to the present. Today, China is accelerating its Industry 4.0 transformation. Information and network safety will continue to be integral to achieving this vision.”
Securing industrial information is a big problem facing China and the global market. Solving it is key to gaining a competitive advantage.
Always one step ahead
“To win the race, you can’t fall behind. This adage applies just as much to information security. We have to stay one step ahead of the hackers. We need to constantly strengthen our safety and infiltration testing, identify potential risks well in advance, and predict possible methods of attack. This is the only way for us to comprehensively enhance the safety of Siemens products, systems, and solutions.”
Building a virtual fortress for our products
“Think of industrial controls as an apple tree. The low-hanging fruit is the first to be grabbed by the hackers. Our job is to ensure that the valuable assets are high up on the tree, and far from the hackers’ grasp.”
Know the enemy and know yourself: then you can fight a hundred battles and win them all. This saying applies equally to the battlefield of industrial information and safety. The best path to victory is to know our adversaries and build the most appropriate and sophisticated defenses.Dr. Tang Wen, Senior Technologist and Lead Security Architect
To stay out in front, Dr. Tang and his team foster a spirit of innovation. They’re constantly learning, researching, discovering, and imagining lines of attack. They never underestimate their adversaries. The key to success lies in always staying one or more steps ahead. Building new technologies and approaches to identify and overcome threats as early as possible requires being at the top of your game. Dr. Tang sees continuous innovation as the key to success, and also one of the most fulfilling parts of the job.
Dr. Tang and his team invented a safety-testing tool called Styx. Styx is constantly being updated to stay cutting-edge. It can simulate hundreds of possible methods of hacker attacks, and can thus comprehensively test the safety of industrial control systems. Styx has is already a successful part of system-testing at Siemens’ production units.
As network attacks gain in sophistication, the threats to security are more serious than ever. This year, Siemens set up its China Cyber Defense Center (CDC) in Suzhou. CDC can carry out comprehensive safety monitoring of digital factories, and protect our clients’ industrial assets and production processes. Dr. Tang is the CDC’s Lead Architect, and oversees its system architecture, innovation research, and data analysis.
Dr. Tang believes that industrial information is the final frontier in the war over data security. Keeping industrial information safe is vital to keep production safe, indeed to safeguard our very way of life. Whatever the field - medicine, transport, water, power, and infrastructure - securing industrial information is the basis to fulfilling all the promises of the world of tomorrow.