With increasing networking and digitalization in industry, there’s an increasing need for cyber security. The passwords "123456" and "password" are still among the most common in Germany and in 2022 the damage caused by ransomware attacks was over 200 billion euros. STW offers concepts to help protect mobile machines from unauthorized digital access.
If security precautions are inadequate, networked machines and components can be a gateway for manipulation and an open door for attacks on the hardware and software. The data processed on the machine, the control system and the machine must be secured against unauthorized access. This is particularly important in modern agricultural technology, as agricultural processes are highly digitalized and closely interlinked with cloud interfaces of farm management systems. Thus, the potential threat level at this point is high and the consequences can be critical. Worst-case scenarios range from the paralysis of central processes and machines in critical harvest phases to irrevocable damage to the arable land due to excessive application of fertilizers or pesticides from manipulated implements.
Particularly at risk is the automation structures of agricultural machinery. Since users often use passwords that are too short, simple or the same several times, IT structures protected in this way are vulnerable to hacker attacks or phishing attempts. That is why STW relies on certificate authentication based on cryptographic principles, which is many times more secure than relying on passwords assigned by humans.
Specifically, this security measure protects the 4th generation AURIX platform based ESX controllers from unauthorized access to the boot loader and thereby from changes to the application software, to the parameterization data or access to the logged data. This is achieved with certificate based authentication between the openSYDE development software platform and the corresponding target controllers. The authentication effectively prevents unauthorized people from flashing or manipulating the software.
This certificate based authentication eliminates the risk of insecure user generated passwords. Certificate authorization between the STW software and hardware is automated. The end user does not have to take any action and can be sure, as can the machine manufacturer, that the machine is protected against unauthorized access. This system nevertheless allows a user to authenticate themselves automatically on several machines or an entire fleet of machines in parallel. How strict the security level is can be determined by the machine manufacturer or fleet operator. For example, whether one certificate is issued per machine or across a fleet. Another security plus: users are automatically logged out after 5 seconds if there is no communication and are automatically re-authenticated when they interact again.
STW will present this solution and a preview of future security concepts, such as the Secure Boot System that ensures a secure boot process, to Agritechnica visitors.