As Jaguar Land Rover slowly begins its phased restart of vehicle production processes, the boardrooms of many global automakers must evaluate what they would do if they faced such a catastrophe, experts say.
The British marque saw a total global shutdown in vehicle production for nearly 40 days after hackers broke into its computer systems, ultimately costing the automaker an estimated £2 billion ($2.67 billion) in lost revenues.
That sort of loss would force any automaker’s board of directors to worry about an area few have so far taken very seriously, according to Yoav Levy, co-founder and CEO of the cybersecurity firm Upstream Security.
He is convinced board members must now devote time to exploring potential weaknesses in their computer systems and working out ways to mitigate potential losses — and, vitally, protecting the core vehicle production processes.
“Firstly, securing all this very complex network and architecture is something that needs to be first built in with security in place but, the problem is that, they could have a lot of legacy systems there,” said Levy. “I know some 20 years old legacy systems that are running in their factories and in their assembly lines in different places,” he added.
According to Jon Connet, chief product officer at Aeris, who is an expert on computer-run automated factory floor production processes, the JLR hack is a wake-up call for automakers to think about how they can transition from being cyber-reactive to cyber-resilient — especially where information technology (IT) and operational technology (OT) converge into a linked system.
His take is that the problem stems from how companies manage these two systems — with IT often centered in the “carpeted” offices and the OT operating on the “uncarpeted” factory floor.
Even with this divide, modern factory systems are always linked to the internet. IP addresses provide efficiencies and reduce the costs of production, Connet said, whether that’s by connecting a conveyor belt in a factory, an industrial robot or what’s commonly called a programmable logic controller.
However, when the same IP address links multiple devices, the jump from hacking the “carpeted” part of the business to the “uncarpeted” factory floor is much easier for the cybercriminal, said Connet.
Upstream’s Levy said automakers must use more aggressive monitoring systems to detect abnormalities in factory systems that block access to mission-critical production processes.
“Monitoring will analyze and detect threats coming from the devices themselves,” he said. “It will then investigate these alerts and anomalies and, in case these are like real cybersecurity threats, help to mitigate them and to close them down.”
However, Connet pointed out that in the absence of such monitoring, which risks multiple small disruptions to vehicle production, these systems are controlled by executives with different interests and concerns.
Case in point: the need for uninterrupted vehicle production, even when engineers want to implement changes to the vehicle being assembled.
“You've got engineers, that are actually designing the car, wanting to change the design parameters while the cars are in production,” Connet explained. “Now, with IP connectivity, I can go from my engineering workstation in my office in Dearborn, and I can immediately reach out to the PLC [programmable logic controller] in the factory in River Rouge and adjust the parameters for the construction of that vehicle in real time, which is a huge unlock from a productivity and efficiency standpoint.”
In other words, the plant manager is incentivized to maintain uninterrupted vehicle production while the IT department chiefs are focused on preventing system hacks, Connet said.
In truth, no cybersecurity system is ever hack-proof, said Levy.
He believes that automakers should take a leaf out of Tesla’s playbook in designing computer architecture that integrates cybersecurity across the board.
“They need to invest in security monitoring solutions, which means that on every network or siloed group, there are security monitoring systems that will detect, and they will be able to investigate and remediate threats in real time,” he said.
It’s an uncomfortable lesson for automakers that may need to get used to multiple minor hold-ups in vehicle production to avoid the sort of catastrophic shutdown JLR just experienced.
