Protecting the OT world: secure infrastructure and connections

CHALLENGE

The world of manufacturing, as well as every other business area, is increasingly connected.

An Italian multinational company, a client of ours, leader in the construction of Laser Guided Vehicles (LGV), took steps in this direction when it chose Italtel as its technological partner to improve the safety aspects of its vehicles.

An effective protection of the truck's LAN network, with real-time analysis of IT and OT traffic in transit

A success story in the laser guided vehicle industry

SOLUTION


LGVs are machines able to move autonomously without any driver on board and capable of managing and improving the logistics operations within a production system, from the entry of raw materials to the complete management of the warehouse and shipments. They are technologically advanced machines, built with specialised software, and connected to the network in wireless mode. Equipped with highly customisable software, they can move at high speeds and with precision thanks to a 3D mapping system and are able to detect the presence of obstacles at 360 degrees.

However, these are also large industrial trucks that, when moving within logistics areas (warehouse and production), transport goods without any operator at the wheel. These vehicles move between people (workers, company employees, technicians) and, therefore, they can potentially become a hazard.

Working in close collaboration with the customer, Italtel has helped increase the safety levels of self-driving trucks that are now being placed on the market complete with embedded safety components.

The implementation of the secure OT solution designed with Italtel includes:

  • Robust and reliable wireless link for LGV control
  • Segmented truck LAN network for the optimisation of different IT and OT services
  • Cyber-securing the LGV truck potentially open to external attacks

By acting on the network infrastructure that is on board these machines, a solution designed specifically for use in an industrial context has been created (easy to integrate, resistant to dust and shocks, of limited size, weight and consumption).

The switch (rugged) on board the truck hosts an agent with Cisco Cyber Vision solution that makes it possible to analyse all the traffic passing to and from the truck and report the presence of abnormal traffic in real time. Therefore, any intrusion attempt is immediately detected and notified to a centralised dashboard, where the user has a summary, at any moment, in real time, of any attempted attack on each truck, enabling quick intervention and with targeted actions.

The dashboard provides a real-time, accurate map of all the IT and OT devices in the truck’s network. The centralised system allows users to collect data from all the agents installed on the switches distributed within the company and report the presence of any form of abnormal traffic. Its use allows for increasing refinement of behaviour assessment.

Safety is completed with secure operator profiling (Network Access Control):

  • Authentication of operators connecting to the truck network to ensure their identity
  • Malware protection for devices that connect to the truck (technician laptops)
  • Navigation control on operator devices through DNS (Domain Name System) analysis

BENEFITS

Prevent the truck becoming the vehicle to access the OT network of the client company
Ensure the safety of operators and employees moving close to the truck
Ensure real-time visibility of the entire network, enabling an Asset Inventory
Have a status of threat exposure in real time
Prevent unauthorised access to the truck network

THE ROLE OF ITALTEL

Italtel provided Advisory services in the field of OT security, an essential step in evaluating the network and in identifying the solution that best met its characteristics and needs. In particular, Italtel dealt with:

  • assessment of the current state of procedures and technology infrastructure and collection of security requirements
  • assessment of the adequacy of the security infrastructure common to IT and OT, defining the level of compliance and providing the appropriate recommendations on the main criticalities, as well as qualitative indications on the time horizon
  • executive and evolutionary design in which technological and architectural evolution processes are identified and best practices are implemented, in order to achieve the recommended security level.

A solution that is suitable for smaller trucks is currently under consideration.

For further information

Your browser is out-of-date!

Update your browser to view this website correctly., Update my browser now

×