Business & Technology

Industrial 5G Requires an Enhanced Security Model

By Ronen Shpirer | February 25, 2022

Organizations utilizing digital solutions have moved faster and further than their peers recently, in everything from production efficiency to product customization, delivering improvements in speed to market, service effectiveness, and new business-model creation. 5G can significantly enable and accelerate industrial transformation and innovation like no other communications and networking technology, enabling data-driven use cases, such as augmented reality-based maintenance, precise real-time asset tracking, mobile robots, and closed-loop process control. 

Using digital technologies such as 5G is top of mind for many, and this nascent demand is creating new 5G supply players, ecosystems, services, and business models to capitalize on this unique opportunity. And within this enterprise landscape, industrial verticals are the early adopters. The adoption of 5G technology by enterprises will support and accelerate Industry 4.0, but enhanced security considerations and architectures are required in 5G-enabled industrial environments.

When it comes to core technology in critical enterprise use cases, security is fundamental and it can be a barrier or an enabler for 5G adoption in enterprise verticals. A Verizon 5G business report places security and compliance concerns as the second challenge or barrier to 5G adoption by enterprises. Security is top of mind on the enterprise demand side, and therefore must be top of mind for the industrial 5G supply side.

Security Considerations in Industrial 5G Environments

5G is consumed by enterprises as the need dictates. A private 5G network empowers enterprises to have complete control and customization, better transparency, data privacy, and flexibility. On the other hand, private 5G can be expansive, complex, and lengthy to implement and maintain. Consuming public 5G is significantly more cost-effective and rapid but offers less control and customization. It is likely that private and hybrid (a combination of private and public 5G consumption) 5G networks will be the popular 5G enterprise consumption form. However, recent studies show that some organizations considering 5G would rather use private 5G networks than public, due to the critical and sensitive nature of industrial environments, processes, and operations.

Security in Pre-5G Industrial Environments

Historically air-gapped from the internet, OT systems now depend on information from enterprise and third-party IT systems to effectively manage operations in real time. However, this improved agility and effectiveness come at the cost of increased risk. Many of today’s OT systems face all the threats that IT systems face. Security in these environments has been mostly implemented based on the classical ISA99 Purdue model reference architecture, which outlines the key infrastructure layers used in ICS environments and the boundaries between them where security is required.

A key to a Purdue reference architecture is its hierarchical nature, whereby each layer within the segments can only interface and communicate with the layer above and below it. Therefore, the establishment of horizontal enforcement boundaries between segments and layers.

5G Introduction Mandates an Enhanced Purdue Reference Architecture

When introducing 5G in an industrial environment with 5G-capable devices and platforms within the different Purdue model layers, the hierarchical nature of data flow between the layers is no longer valid. 5G-connected devices, platforms, and applications can now send and receive data directly via flows that do not necessarily pass through the Purdue model-defined enforcement boundaries. This mandates the addition of an additional security boundary at the 5G domain with the following high-level functionalities:

  • OT/Industrial Internet of Things (IIoT) security visibility and control
  • 5G network security
  • Industrial applications security

Deploying 5G use cases in production will take time as devices, applications, 5G technology, experience, and know-how are mature and reliable enough to be deployed. It is essential that alongside this evolution of 5G deployments in enterprise verticals that the appropriate security considerations are taken and implemented throughout the industrial environment, including the 5G network, services, and overall use cases.

Figure.1 Breakdown of major enforcement boundaries

Holistic Security in 5G-enabled Industrial Environments

5G is only an enabler for many new industry vertical use cases. Delivering these use cases requires an integrated ecosystem of technologies and partners: OT/IIoT vendors, ICS vendors, 5G vendors/providers, industrial applications providers, hyperscalers, and integrators. Many organizations assume that a private 5G network will inherently keep them safe, which is not necessarily always the case. 5G private networks are rarely entirely isolated from the enterprise IT environment or external environments (partners, integrators, public cloud, etc.) and may be exposed to internal and external attacks and risks.

An increase in OT and IIoT exposure, the mobility of users and devices on the network, and the interplay among the enterprise, mobile network operators, IoT manufacturers, and OT vendors and suppliers all also contribute to 5G security challenges, whether the network is private or not.

When considering security in industry verticals, the security of such an end-to-end supply chain and ecosystem must be considered. Furthermore, organizations must consider the capacity and knowledge required to manage the rapidly expanding landscape of connected OT.

Fortinet Security Fabric Platform as an Enabler for Industrial 5G

The security of an industrial environment is only as strong as its weakest link. With the ongoing OT-IT convergence, assets digitization, and digital transformation initiatives, the introduction of 5G into industrial environments represents a complex technology that expands the industrial attack surface. The above and other security considerations should be structurally, methodologically, and proactively implemented as enablers for impactful 5G adoption in enterprise verticals. The Fortinet Security Fabric is a unique security platform that encapsulates IT, OT, IIoT, and 5G security with broad visibility, control, and value-add services, empowering 5G providers, industrial enterprises, and system integrators to secure critical traditional and 5G-enabled use cases over private, public, and hybrid 5G networks and services.

In addition to the broad portfolio of Fortinet security solutions, specialized OT and 5G solutions can be integrated seamlessly with the Fortinet Security Fabric through the ecosystem of Fortinet Fabric-Ready Partners.

Learn more about how the Fortinet Security Fabric protects 5G ecosystems.

Check out this White Paper to learn more about the Security Considerations in Industrial 5G Environments.

Subscribe to Fortinet's Cybersecurity Podcast and join Fortinet’s top experts as they discuss today’s most important cybersecurity topics.

Keep updated on the latest industry trends: Industry Perspectives