Riassunto analitico
Automation is the foundation of the industrial environment. It reduces operating costs, minimizes accident risks and increases productivity and efficiency. In a warehouse, automation makes the storage safer, faster, and more efficient. When transitioning towards Industry 4.0, i.e., Industrial IoT, it is important to implement this high level of automation using fast and reliable networked components: with all the advantages brought by connectivity, risks also come into play. Therefore, the cybersecurity theme must be addressed in parallel with the advancements that are happening in automation. In contrast to the IT sector, where the cybersecurity trend is already strong, the industrial environment is often slower when dealing and investing in cybersecurity. Nowadays, companies that own, use or sell industrial automation control systems (i.e., automated warehouses, manufacturing robots, energy production systems) are working to be compliant to the latest cybersecurity standards, but the goal is far from being reached for the majority of them.
The idea behind this thesis is to create a framework that helps to analyze and assess the compliance of a given company with the most recent industrial guidelines, regulations and cybersecurity standards, in order to achieve the fulfillment of the requirements defined by customers. This work has been requested by \emph{System Logistics}, it has been implemented on a pilot project located in the company premises and the development has been carried out together with the support of university tools and knowledge. Being this theme very broad, the analysis of this work will mainly focus on secure network design with a proper choice of electrical and software components, even though management and computer science concepts have taken a large part and have also been taken into account. The pilot project is the Loghouse, i.e., the \emph{System Logistics} warehouse, where the components necessary to the machinery production are stored. The first step of this work consists in a thorough network analysis, then, the plant cybersecurity robustness has been determined through risk assessment. Lastly, countermeasures have been devised, which come with the presentation of a new architecture, compliant to the IEC 62443 standard. This work serves the purpose of providing guidelines for the design of network architectures of other commissioned projects that the company develops. Together with the technical objectives achieved, a last but not least desired outcome is to bring awareness on the cybersecurity theme, that in the following years it is expected to take huge share of the market.
|
