HIMA presents solution for reliable remote maintenance compliant to the newest expert recommendations

HIMA, together with their strategic partner genua GmbH, specialist in IT security, are proud to present a solution for remote maintenance in the industrial context. This remote maintenance solution fulfils the highest standards for safety and security, without any restrictions on scalability.

“When it comes to the question of ‘Remote maintenance, yes or no?’, a lot of companies still face a tough choice,” says Heiko Schween, Head of Automation Security at HIMA. “On the one hand, they can see the potential of substantial cost advantages if remote maintenance of process systems is carried out via public networks. On the other hand, though, there are substantial security risks to be reckoned with as well. If a company hasn’t established effective protection mechanisms, it only takes one weak spot to jeopardize the entire production process.”

High demands on a secure remote maintenance solution

If safety and security are put at risk, this can result in financial loss due to interruptions in production. In the worst case scenario this can even lead to far-reaching damage to personnel and to the environment. All this means it is essential to weigh the benefits against the risks. The German Federal Office for Information Security (BSI), in its recommendations regarding cyber security (BSI-CS 108 | Version 2.0 | 07.2018) provides an overview of the general requirements for remote maintenance in industrial environments. 

Secure protocols and top quality Encoding

The HIMA remote maintenance solution makes use of secure protocols such as SSH, IPsec and SSL / TLS. With a symmetrical encoding process such as AES256, for example, top quality encoding comes into use as well.

In addition to the password, authentication of a user can also be established by a unique identifier word generated with a Yubikey token in combination with RSA encoding.

All from one source and fully scalable

This means that existing HIMA clients and new customers alike can easily implement a secure remote maintenance system which conforms to BSI requirements, with hardware, software, and support all from one source. Complexity is perceptibly reduced. Investment security is assured by way of optionally extendible and complete IPv6 support and ongoing product upkeep. “This means that HIMA have a complete unitary solution to offer, which meets BSI requirements regarding safety and security,” says Heiko Schween.

There are no restrictions on the secure integration of automation solutions from third-party suppliers. And that means users do not encounter any limitations due to a proprietary solution. A central management system means that HIMA remote maintenance is easily scalable for large environments, too. From the single solution, via the complete solution, and on to the incorporation of an individual critical system, all the requirements can be fulfilled, on the foundation of really high availability.

The new HIMA solution fulfils all requirements for secure remote maintenance in the industrial environment and conforms to the recommendations of the German Federal Office for Information Security.

With the Rendezvous Server, a dedicated server is installed as the central remote maintenance gateway in a predetermined demilitarized zone (DMZ). This solution means that there can be no authorization for unilateral interventions by the remote maintenance service to client networks. Users thus retain full control of maintenance accesses to the networks. Images © HIMA Paul Hildebrandt GmbH