Integrating Cybersecurity into System Design

/by

Would you build a highway up a steep mountain and then wait for cars to start falling off before installing guardrails?  That’s often how cybersecurity gets added to products and services—as an afterthought—according to a recent article in Harvard Business Review titled Cybersecurity Needs to Be Part of Your Product’s Design from the Start.

The article says that security must be intrinsically designed into new products, services, and business activities, rather than added on.  If not, those who attempt to secure the service or product later on may not fully understand how it works, leaving potential gaps that hackers can exploit.

A changing role

Like civil engineers who anticipate the risks of winding mountain roads, product and system designers need to be more proactive in their approach.  The role of cybersecurity has to change, according to the article.  It says, “To be successful, companies must ensure that their products, services, and business operations are proactively resilient to cyber attacks by changing the role of cybersecurity in digital innovation.”

Cybersecurity should become an intimate part of the innovation process.  It must be integrated into the design of each component as it is being built, as well as when these components are assembled into larger systems.  This expanded role calls for deep collaboration between design and security teams.  Designers need to share details for how the product or service is built and will function, while security experts must provide guidance on how to implement best practices at each step.

Skkynet’s approach

Product design at Skkynet has been following this model for decades.  Fully aware of the high risk of transporting mission-critical production data across insecure networks, our design and security teams collaborate continually in the development of Cogent DataHub software. For years our DHTP (DataHub Transport Protocol) has provided a solid cornerstone for secure OT/IT networking, giving access to production data without exposing the networks.

With the DataHub software as a basic component, and following our documented recommendations, process control engineers and system integrators are ready to design security into their system architectures, and implement it as they build them.  When new requirements come up, such as a need to isolate OT and IT networks using a DMZ, they are fully equipped—even able to surpass the security capabilities of major industrial protocols like OPC and MQTT.

There’s no chance of forgetting the guardrails on this highway.  They come pre-installed with each meter of pavement.  Skkynet’s tools are secure by design so that our customers can build security into their systems from start to finish.