Siemens presented on Industry 4.0 and digitalizing manufacturing through industrial networks and cloud computing. They discussed security challenges with increased connectivity and ways to implement defense in depth strategies. This includes network security zones, access control, encryption, monitoring and integrated cybersecurity solutions. Siemens' MindSphere cloud platform provides an open IoT operating system for connectivity, applications and analytics to gain insights from manufacturing equipment and processes.

1. CLASS 2018 - 17.05.2018
Industry 4.0
Digitalizing the shop floor in a safe way, using industrial networks and cloud computing
Márcio Santos / Murilo Morais
SIEMENS

2. Who we are

3. Unrestricted © Siemens AG 2018
May 2018Page 3
Global presence
Close to customers all over the world
3
29%
21%
Share
of total
worldwide
€21.7 billion
73,500
Americas
36%
28%
Share
of total
worldwide
€27.6 billion
98,800
Europe (excluding Germany), CIS,
Africa, Middle East15%
33%
Share
of total
worldwide
€11.2 billion
114,000
Germany
20%
18%
Share
of total
worldwide
€15.1 billion
61,500
Asia, Australia
Revenue by customer location Employees as of September 30, 2015
All figures refer to continuing operations. CIS: Commonwealth of Independent States
Today Mid term – 2020
Electrification
Automation
Digitalization
Market development (illustrative)

4. Unrestricted © Siemens AG 2018
May 2018Page 4
168 years of innovation
Milestones
2015
Somatom Force
2010
Biograph
mMR
2013
PLM Software
1881
Electric streetcar
1985
ICE –
top speed
300 km/h
1988
Megabit
chip
1962
Thyristors
for energy
transmission
1974
Computed
tomography
scanner
1847
Werner von Siemens
founds the company
1847
Pointer
telegraph
1879
Electric train
1866
Dynamo
1840
1881
Telephone
switchboard
1850 1860 1870 1880 1890 1900 1910 1920 1930 1940 1950 1960 1970 1980 1990 2000 2010 2020
1959
Simatic (electronic
automation)
1953
High-purity
silicon
1965
Integrated circuit
1958
Heart
pacemaker
1935
Coaxial
cable
1924
Traffic
light
2009
World record
gas turbine,
370 MW
2000
Wind turbine
rotor blades
in one cast
2000
syngo
user interface
1939
Electron
microscope
4

5. Unrestricted © Siemens AG 2018
May 2018Page 5
110 years of innovations
Milestones
1867 1905 1922 1939 1955 1983 2005 2007 2009 2012 2013 2015 2016 2020
1867
Supply and installation of
a telegraph line between
Rio de Janeiro and Rio
Grande do Sul.
1905
Founding of Cia.
Brazileira de
Eletricidade Siemens-
Schuckertwerke,
in Rio de Janeiro.
1922
Installation of Brazil's 1st
automatic telephone
office in Porto Alegre.
1939
Siemens inaugurates in
São Paulo the 1st
transformer plant in Brazil.
1955
Installation of Brazil's
1st automatic
telephone office in
Porto Alegre.
1983
Installation of the first
of 18 generator rotors
at the Itaipu
Hydroelectric Power
Plant/
2005
Siemens celebrates its
100th anniversary in
Brazil.
2007
Siemens inaugurates the
largest Latin American
energy equipment plant in
Jundiai (São Paulo).
2009
Siemens’ first train
modernization and
assembly center of
Latin America, in
Cabreúva (São
Paulo).
2012
Siemens inaugurates its
diagnostic imaging
equipment plant in
Joinville
2013
Production and
installation of
Siemens' first wind
turbines in Brazil
(Trairi, Ceará).
2015
Siemens celebrates its 110th
anniversary in Brazil
2016
Siemens Foundation
celebrates its 30th
anniversary
5

6. What is Industry 4.0

7. Unrestricted © Siemens AG 2018
May 2018Page 7
Industry 4.0
The next level of manufacturing
Technologies
AutomationElectricity,
mass production
Industrial
Revolution
Industrial
Revolution
Industrial
Revolution
Industrial
Revolution
Water and steam
• Humans, devices and systems are connected along the entire value chain
• All relevant information are available in real-time –
across suppliers, manufacturers and customers
• Parts of the value chain can constantly be optimized with respect
to different criteria, e.g. cost, resource utilization, customer needs
Characteristics
Digitalization
1st
2nd
3rd
4th
Sources: BITKOM, BCG

8. Unrestricted © Siemens AG 2018
May 2018Page 8
Digital Enterprise Suite
Portfolio for the digital
transformation

9. Security challenges
for Industry 4.0

10. Unrestricted © Siemens AG 2018
May 2018Page 10
Horizontal, Vertical and
Cloud Integration
• Open standards
• PC-based systems
Information technologies are
used in industrial automation
Industrial Security
Essential for secure industrial automation
Increased security threats demand action
Loss of intellectual property, recipes …
Plant standstill, e.g. due to viruses or malware
Sabotage in the production plant
Manipulation of data or application software
Unauthorized use of system functions
Compliance with standards and regulations is required
Industry 4.0 requires higher levels of industrial security
MindSphere

11. Unrestricted © Siemens AG 2018
May 2018Page 11
Encryption and
monitoring of the
communication
Communication
Access control
for networks and
automation systems
Access
Protection of
transmitted and
stored data against
unwanted changes
Integrity
Authentication of
devices and user
Identification
Basis for a continuous, reliable operation of production plants
• High Availability: Avoiding disturbances caused by attacks
• Integrity: Reduction of malfunctions, production errors and downtimes
• Confidentiality: Protection of confidential data, information and intellectual property
Industrial Security
Risk mitigation for secure operation in a digital enterprise
Secured

12. Integrated cyber
security solutions

13. Unrestricted © Siemens AG 2018
May 2018Page 13
Defense in depth
Assess
Security
Implement
Security
Manage
Security
Siemens Plant Security Services
Siemens products and systems offer integrated security
Know how and
copy protection
Firewall and VPN
(Virtual Private
Network)
Authentication
and user
management
System hardening
and continuous
monitoring
Complete Offering for Industrial Security
Concepts – Products – Services
System
integrity
Network
security
Security
threats
demand
action
Plant
security

14. Unrestricted © Siemens AG 2018
May 2018Page 14
Network Security
Essential network security use cases
MRP ring
(CU or fiber optic)
Higher reliability and
availability, and securing of
redundant network structures
Secure redundancy
Secure
zone
DMZ-
Zone
Insecure
zone
Increased protection through
data exchange via DMZ by
preventing direct access to
the automation network
DMZ
Secured remote access
via the Internet or mobile
networks preventing
espionage and sabotage
Remote access
Devices without own
network security functionality
can be protected within
the automation cells
Cell protection

15. Unrestricted © Siemens AG 2018
May 2018Page 15
System Integrity
Security use cases with automation controllers
Protection of intellectual
property of program code
Know-how protection
Controller
TIA Portal
*******
Protection against
unauthorized duplication of
runtime program code
Copy protection
Controller Controller
Storage A Storage B
A
A A
B
Detection of manipulated
communication data
Communication integrity
TIA Portal
Controller HMI
Protection against
unauthorized access and
configuration changes
Access protection
Engineering
Maintenance Operation
Remote control

16. Unrestricted © Siemens AG 2018
May 2018Page 16
Teleservice
Digitalizing the shop floor in a safe way
Using industrial networks and cloud computing
Remote Access
Secure automation cell Industrial
Firewall
Secure automation cellIndustrial
Firewall
Operation/Corporate level
Windows Domain
Certificate Authority
PLM/MES/SCADA
Engineering
Next Gen.
Firewall VPN
Edge
Computing
Next Gen.
Firewall

17. Secure Cloud
Computing

18. Unrestricted © Siemens AG 2018
May 2018Page 18
MindSphere
The cloud-based, open IoT operating system
Open IoT operating system Smartphones operating systems
Software as a
Service (SaaS)
License fee / HW
invest
Hardware and peripherals
+
MindSphere
10
01
01
11
01
00
11
10
10
01
01
11
10
01
01
11
10
01
01
00
01
00
11
10
10
01
01
11
10
01
01
11
10
01
01
11
01
00
10
01
10
01
01
11
01
10
01
01
00
01
00
11
10
01
00
11
10
01
01
11
10
01
01
11
00
10
Siemens MindSphere value and essential operating system functionalities
Plug &
Play
Highest
Security
Open application
interface (API)
Open connectivity
interface (API)
Software as a
Service (SaaS)*
Platform as a
Service (PaaS)*

19. Unrestricted © Siemens AG 2018
May 2018Page 19
MindSphere
The cloud-based, open IoT operating system
MindSphere
10
01
01
11
01
00
11
10
10
01
01
11
10
01
01
11
10
01
01
00
01
00
11
10
10
01
01
11
10
01
01
11
10
01
01
11
01
00
10
01
10
01
01
11
01
10
01
01
00
01
00
11
10
01
00
11
10
01
01
11
10
01
01
11
00
10
MindApps
Asset transparency and analytical insights into
machines, plants, fleets and systems
MindSphere
Open Platform as a Service (PaaS)
for scalable, global IoT connectivity and
application development with native cloud
accessibility
MindConnect
Connecting products, plants, systems,
machines, enterprise applications and
legacy databases with secured plug and
play connection of Siemens and third-party
products and equipment

20. Unrestricted © Siemens AG 2018
May 2018Page 20
MindSphere
S7 OPC UAMindConnect
MindConnect Open gateway
Control
Systems
Devices DevicesDevices DevicesDevices
Enterprise
Systems
MindConnect
Flexible concepts to connect into MindSphere
Devices

21. Unrestricted © Siemens AG 2018
May 2018Page 21
MindSphere
Secure data access segmentation
MindAccess DevOps Plan
MindAccess Operator Plan
Operate applications on a productive system and offer
via MindSphere Store
App 1
App 2
Productive Organization
Apps from one or several developers
Operator/ provider
3
4
End user requests App in MindSphere
Store
5a
Route from acquired App
to tenant of end user established
5b
End user uses App
based on ingested data
Exemplary
user journey:
MindAccess IoT Value Plan
Use MindSphere applications based on ingested data – without development
knowhow
End user (end customer or OEM)
Productive tenant
Access to Apps
from one or several operators/
providers e.g. requested via
MindSphere Store
App 1
3
Operator/ provider uploads
App to MindSphere Store
4Data ingest
5a
MindAccess IoT Value Plan
Use MindSphere applications based on ingested data – without
development knowhow
End user (end customer or OEM)
Productive tenant
App 2
4Data ingest
Access to Apps
from one or several operators/
providers e.g. requested via
MindSphere Store
5a
5b
5b

22. References

23. Unrestricted © Siemens AG 2018
May 2018Page 23
CLASS 2018
ICS Village cloud connectivity
Automation Cell
Edge
Computing

24. Unrestricted © Siemens AG 2018
May 2018Page 24
Profile
Elektronikwerk Amberg
is a prime example of
a digital factory.
The factory uses
cutting-edge tech-
nologies to produce
approximately fifteen
million SIMATIC
products each year.
Challenge
Customer
benefit
• Highly sensitive IT-controlled processes
• Fully networked automation environment
• Comprehensive data flow and database
• Protection against industrial espionage, manipulation
and hacker activities
• Implementation of Defense in Depth with S7-1500,
SCALANCE S and MindSphere.
• Monitoring of security-relevant events
• Monthly status report on plant and system security
• Recommendations for optimizing the level of protection
• Protection of networks and TIA components according
to the defense-in-depth security concept
• Solid, in-depth security information thanks to Security
Information and Event Management (SIEM)
• Continuous optimization of the security concept
Solution
Elektronikwerk Amberg – Implementation and operation of a
Industrial Security Monitoring solution

25. Unrestricted © Siemens AG 2018
May 2018Page 25

26. Unrestricted © Siemens AG 2018
May 2018Page 26
siemens.com
Thank you
Márcio Santos
Technical Consultant
e-mail: marcio.santos@siemens.com
Murilo Morais
Head of Cloud System
e-mail: murilo.morais@siemens.com
Visit us during the CLASS 2018 and take advantage to see a real
control system in action and its protection layers provided by
different vendors from shop floor until cloud system.