In today’s hyperconnected world, industrial plants are a constant target of cyberattacks – hydrogen production plants are no exception. Across Europe, the cybersecurity landscape demonstrates a concerning trend: according to a report by the European Union Agency for Cybersecurity (ENISA) from 2023, there were a significant number of incidents in manufacturing, including process plants, with attacks on availability (e.g., DDoS – Distributed Denial of Service) and ransomware being the most common threats.
Potential damage scenarios
DDoS attacks, aiming to disrupt system and data availability by blocking services or overloading the network, pose a major problem in cybersecurity. Similarly, ransomware, where attackers encrypt a company’s data and demand payment for its release, has increased substantially. However, the impacts of these attacks extend far beyond immediate operational disruptions: security breaches, including the potential for sabotage, pose a serious safety risk to humans and the environment. While intellectual property theft undermines competitive advantages, ransomware extortion can lead to significant financial losses. Moreover, customer trust and market position are profoundly affected by reputational damage.
Focus: risks in process plants
The vulnerability of hydrogen production plants and other industrial facilities stems from the increasingly tight integration of Operational Technology (OT) and IT systems, lifting the previous shielding of OT environments against cyberattacks. This fusion effectively removes previous physical and logical barriers. The challenge of applying conventional IT security measures to these environments is multifaceted. Firstly, many industrial control systems run on outdated legacy software and operating systems, hence not necessarily compatible with the latest security solutions. Furthermore, implementing security protocols requiring system restarts or significant changes can interrupt ongoing production processes, posing a significant operational risk. Additionally, the unique characteristics of these industrial systems often lead standard IT security updates to contribute to system instability. Tailored solutions are required to protect these systems from threats, whose development and implementation can be time-consuming and costly. This complex web of challenges underscores the need for a differentiated approach to cybersecurity in the process industry, especially in hydrogen production plants.
These face particular challenges due to their high degree of modularity. The production process consists of a multitude of units that must communicate seamlessly with each other. Unlike conventional production plants or power plants with standardized layouts and common security protocols, hydrogen plants often lack a unified security layout. Many of these plants are scaled up from pilot projects or laboratory environments, inadvertently neglecting basic cybersecurity measures during the transition. The absence of standardized plant designs and a coherent security approach makes these plants particularly vulnerable to cyber threats.
Setting security priorities: IT vs. OT perspective
The distinction between IT and OT concerning cybersecurity is primarily defined by their different protection objectives. Regarding OT, especially in production environments, the primary focus is on maintaining plant availability and ensuring that operations are not disrupted by cyberattacks. The second priority level focuses on data integrity – protecting against unauthorized alterations or manipulations due to attacks. Data privacy remains important but is considered tertiary, with the protection of sensitive information and intellectual property taking precedence. In contrast, priorities in IT cybersecurity are reversed: data privacy comes first, followed by data integrity, and finally system availability. This reversal of priorities between IT and OT systems presents a complex challenge for developing a balanced security strategy that meets the specific requirements and risks of each area.
Risk minimization: a holistic approach
A tailored cybersecurity approach is needed now, not in the future. This approach should consider the unique operational and technological landscape of hydrogen production plants. This entails developing and implementing flexible yet robust security measures that protect against current threats and can adapt to future challenges.
To protect hydrogen production plants from cyber threats, it is crucial to pursue a layered defense-in-depth strategy. This concept, recommended by the international standard IEC 62443, involves implementing multiple layers of protection to safeguard a network or system against attacks. Since no single security measure can provide complete protection, this strategy overlays diverse security mechanisms to create a multi-layered defense. An attacker must overcome multiple hurdles to compromise the system, significantly reducing the likelihood of a successful intrusion. This approach is divided into three critical levels, each tailored to specific vulnerabilities and risks: plant security, network security, and system integrity.
Plant security
Plant security encompasses a range of procedures to secure the entire facility, including both physical and digital protection mechanisms. This level focuses on preventing unauthorized physical access to critical infrastructure through conventional security measures such as secured building access and more sophisticated methods like key card systems for sensitive areas. Given the increasing demands on industrial security, plant operators face time and resource constraints that require proficient support. Siemens offers a range of tailored security services, encompassing everything from risk analysis and implementation of security measures to ongoing monitoring and regular updates. This comprehensive approach ensures optimal plant protection. Security assessments play a key role at this level, providing a thorough review of threats, vulnerabilities, and risks, along with recommendations for addressing identified security gaps. These assessments range from one-day on-site audits to comprehensive checks based on IEC 62443 standards to ensure that physical security measures such as access controls and organizational security measures such as policies and training are robust and effective.
Network security
With the growing convergence of IT and OT and the increasing need for remote access, network security becomes increasingly important. The goal of this layer is to protect automation networks from unauthorized access by closely monitoring all interfaces, whether between IT and OT networks or for remote access. Network segmentation, encrypted communication, and zero-trust principles ensure a secure architecture that separates critical areas and controls access through firewalls and secure authentication protocols. Segmenting security zones and securing communication between these segments are essential to prevent unauthorized data access and maintain system integrity. With the increase in remote work, this layer adapts to provide secure connections to development and production areas, with certificate-based, fully authenticated communication based on zero-trust principles playing a central role.
System integrity
Essentially, system integrity aims to prevent unauthorized access to automation systems, their data, and communication channels between them, as well as their manipulation. The goal is to avoid unplanned downtimes and protect intellectual property. This is achieved through integrated security features that prevent unauthorized configuration changes, secure network access, and protect configuration data from copying or manipulation. System integrity ensures that automated production processes are protected from external and internal threats, maintaining the reliability and security of the production environment.
The heart of all efforts: employees and a cybersecurity culture
In addition to the aforementioned technical measures, the human factor must not be overlooked: to enhance security in hydrogen production plants, a comprehensive approach is required, combining thorough employee training, strict access controls, and sophisticated authentication mechanisms. This strategy not only promotes a robust security culture but also minimizes the risk of human error and ensures that sensitive data and critical infrastructures are adequately protected.
Employee training, access control ...
A cornerstone of any effective security strategy is a comprehensive training program that equips employees with the tools and knowledge needed to recognize and defuse threats while fostering a company-wide awareness of cybersecurity. In conjunction with this knowledge, the principle of least privilege is applied, stating that access to sensitive data should only be granted to those whose role necessitates it (so-called role-based access control, RBAC). By limiting access to the respective function, companies can significantly reduce the likelihood of accidental or intentional data breaches. Regular audits and compliance checks strengthen this framework, ensuring that access rights are correctly assigned.
... and robust authentication mechanisms
In conjunction with training and access controls, using strong authentication is essential protection against unauthorized access. Multi-factor authentication (MFA) enhances security by requiring users to provide multiple forms of verification before granting access to resources. This can include a combination of passwords, security tokens, and biometric verification, providing an additional layer of security beyond traditional password-based methods.
Amid the digital transformation, proactive protection against cyber threats is essential, regardless of regulations such as the EU General Data Protection Regulation. Siemens leverages its expertise as a manufacturer and provider of industrial automation and communication systems to assist integrators and operators of hydrogen plants in addressing these complex challenges. With a defense-in-depth strategy and thorough employee awareness, hydrogen production plants can drastically improve their cybersecurity. Ensuring the reliability and security of operations protects against constantly evolving threats. Siemens’ comprehensive security strategies, including robust network components with effective security features and early integration of security aspects in design, engineering, and production, can drastically reduce risks. However, technology alone is not enough. Processes and organizational measures, as well as adaptation to individual requirements, are crucial. Siemens supports plant operators with Industrial Security Services to implement and continuously update a comprehensive multi-layered defense strategy.
