Analysis and reinforcement of the cybersecurity of the G-Mation P6 edge device, which integrates PLC and IIoT controllers, with the aim of ensuring high performance and cybersecurity.
Gefran S.p.A.
Aizoon
Gefran is an Italian multinational company specializing in the design and manufacture of sensors, systems, and components for industrial automation and process control.
Gefran is an Italian multinational company that specialises in designing and manufacturing sensors, systems and components for industrial automation and process control. This project aims to analyse and evaluate the cybersecurity architecture of a new edge device (the G-Mation P6), which integrates a PLC with an Industrial IoT controller.
The G-Mation architecture enables a variety of communication protocols and standards to be implemented in the field, with other controllers and in the cloud. Additionally, the PLC enables the installation of Docker-based applications for the continuous implementation of new features.
These features enable the P6 to perform tasks typically associated with industrial PCs. However, this makes it more susceptible to cybersecurity threats, necessitating a far more rigorous cybersecurity approach than that required for traditional PLCs. The CybIOTCon project has therefore focused on identifying product vulnerabilities and determining the security requirements to be applied during the development phase and subsequent updates and modernisations.
Aizoon supported and guided Gefran in verifying coverage of the controls required by IEC 62443-4.2, a standard that defines technical compliance with cybersecurity standards for individual endpoints, including PLCs and IIoT controllers.
In particular:
All components relevant to cybersecurity and all internal and external interfaces used for data exchange and system management have been identified in the G-Mation P6 product.
The threat model has been defined in order to identify all threats to which the P6 is exposed and provide as accurate an assessment as possible of any vulnerabilities.
The safety requirements to be applied to the product have been defined.
The coverage of the controls required by the IEC62443 standard has been identified to determine the target security level (SL) for the product. The target SL has been defined based on market requirements for the industrial applications intended for the P6.
Interconnected factory: Integrating cybersecurity features into the G-Mation platform enables the secure and efficient management of automation systems, enhancing the effectiveness of turnkey projects and facilitating the development of new digital services. These features facilitate the implementation of apps for predictive monitoring and intelligent control, positively impacting efficiency, operational continuity and data valorisation.
The potential long-term industrial benefits of the initiative are:
Availability of apps with a positive impact on sustainability aspects, such as energy efficiency.
Increase in turnover from products included in the G-Mation architecture.
Percentage of G-Motion systems delivered by Gefran compared to the total number of systems delivered.
Increase in the number of docker apps implemented on Gefran’s G-Mation platform.
