Cyber Security The University of Queensland’s energy test lab, where businesses can collaborate to improve their cyber posture through ARM Hub.
I feel that the manufacturing industry has only recently sensed the urgency of the cyber security problem due to the fact that there are more ransomware attacks. But before that happens, most of the time many businesses don’t see it as something that will happen to them. inspection and workplace safety. Bondi Labs’ latest product is Elixar, which is a pair of smart glasses that enable remote and augmented auditing in AgriFood supply chains. “What Bondi Labs do is they allow auditors to go into food processing and meat processing plants with the smart glasses,” Ko said. “The smart glasses basically show a live feed at different plants, where the regulators and other auditors are in other locations in Australia or across the world. “This technology has proved to be really good during COVID times and for reducing carbon footprints and travel costs. But at the same time, this whole thing hinges on the integrity of the data and trust of the system.” This is where Ko comes in, as his research has always been centred on provenance and ensuring information has a high integrity. “My application in this scenario of remote auditing in a manufacturing situation is to answer this question: how can I make sure that a video, for example, that I’m looking at right now is truly from this device, at this 30 FEBRUARY 2022 Manufacturers’ Monthly
location, at this time?” he said. “If you can prove the integrity of that, then the whole auditing process is trusted. After that, the accreditation process can be sped up and it’s more efficient. In this way, we can solve a lot of doubts about whether the video is true or genuine. And all of these things will be showcased in the ARM Hub premises.”
Remote attestation To prove the authenticity of the information accessed from the hardware chip within a device, a mathematical equation known as remote attestation is used to identify the chip’s “root of trust.” “Through that root of trust, whenever the information is passed on through the Internet to the other remote auditor, the information actually contains a digital signature called a ‘chain of trust,’ and you can prove that it came from this device,” Ko said. Remote attestation can be used in applications such as Zoom calls, forensics, food manufacturing,
mining equipment, electronics manufacturing, law enforcement equipment, or auditing in dangerous environments such as nuclear plants. The University of Queensland and Bondi Labs’ new challenge is to establish a virtual root of trust in environments that do not use hardware. “In cloud computing, for example, we have a lot of virtual machines. One physical machine can create thousands of virtual machines in Amazon or Microsoft Azure Cloud,” Ko said. “Each of these presents itself as a real computer, but they’re actually virtual. The challenge is, when we virtualise these devices, how do we prove that it is indeed a virtual device?” ARM Hub is well positioned to translate this research across multiple sectors within the manufacturing landscape, Jesuadian said. “We look at manufacturing capabilities across all sectors, and remote auditing could easily be applicable in the future of medical device manufacturing, for example,” he said. “If there is a way to validate the device or the camera system that is actually taking footage of the production, remote auditing can play a key role in the future of smart manufacturing.”
Protecting your business According to Ko, manufacturers need to address several issues to protect their businesses: that cyber security is an overall business continuity problem, rather than an IT problem, and that a supply chain
certification process can cut at least 80 per cent of the risks introduced by suppliers or clients. “The executive leadership of the organisation has to take ownership of the cyber security problem and start to think about policies that view cyber security as a business risk,” Ko said. “Based on the policies, it then dictates the investment budget, procurement of technology and other processes. “Sometimes there are still risks introduced by your suppliers or your clients. The point is, how do you procure raw materials in a cyber secure way? Is there a way that you can effectively say, ‘Hey look, you are now currently at level one; I want you to be at level three because you handle a lot of my customer data.’” To remedy this, ARM Hub and its various university partners have created programs to educate manufacturers on robotics, automation, artificial intelligence and Industry 4.0. In partnership with the University of Queensland, the next program will centre on cyber security education for industry. “An awareness or Cyber literacy program is on our plate to offer for industry next year,” Jesuadian said. “I think it will help industry to understand the necessity of cyber security measures and show them the pathways to implement in their businesses. “We’re very excited to be partnered with the University of Queensland – this opens up more opportunities for industry to engage with us through a collaborative approach.” manmonthly.com.au
