To ensure the data security of our customers, we work together with Amazon Web Services, one of the largest and most secure cloud services
Data security is one the most discussed topics with a high conflict potential when it comes to the integration of intelligent manufacturing solutions with the progress of industry 4.0 efforts.
Studies and whitepapers like “Sino-German Whitepaper on Functional Safety for Industrie 4.0 and Intelligent Manufacturing” and “IT Security for Industrie 4.0” which have been produced on behalf of the German Economic Affairs Ministry have pointed out that one major risk is the neglect of safety guidelines when production plants have to be started up under time pressure.
These local violations of security policies lead to a globally unsafe situation that can easily be exploited to compromise the entire security infrastructure.
In order to avoid shifting the responsibility for setting up security measures for intelligent production tools entirely onto the end customer, sensXPERT has comprehensively secured its solution and has found a partner in Amazon Web Services (AWS) to take care of the data security of our customers' stored data.
Every sensXPERT built is separately tested for its security. AWS is giving us access to the benefits they provide their customers such as physical security, redundancy, scalability and key management.
Data that is moved to long-term storage is only ever stored in an encrypted way. sensXPERT uses Amazon RDS for its Postgre Database and Amazon S3 for binary storage. For both, sensXPERT uses strong encryption. HTTPS and TLS is used for all traffic, and for the IPC communication there is the possibility to use a VPN in addition to that.
There is a clear separation of concerns and there are multiple systems / programs with clear responsibilities. All systems communicate with each other, but only over defined APIs that are also protected by applications like ClientIDs and ClientSecrets.
No end-users, even not admins, have access to the underlying storage of the sensXPERT cloud. A change is just possible via defined APIs that are protected and limit the access.