This website uses cookies primarily for visitor analytics. Certain pages will ask you to fill in contact details to receive additional information. On these pages you have the option of having the site log your details for future visits. Indicating you want the site to remember your details will place a cookie on your device. To view our full cookie policy, please click here. You can also view it at any time by going to our Contact Us page.

Hazardex 2018 Conference - 3. Safety & Security: The last line of defence is restored

30 January 2018

Dr Alexander Horch - VP Research, Development & Product Management, HIMA. 
Weds 11.30 – 12.10: Main conference room

The advancing digitalisation has an effect on almost all business processes, especially in the industrial sector. Machines communicate with people and increasingly also amongst themselves. What does this mean for security? Safety controllers have historically focused primarily on emergency shutdown requirements, not from the cyber-security perspective.

For effective Cyber-Security, it is not enough to upgrade an existing product by adding additional software functionality. Every solution for functional safety must be conceived and developed with cyber security in mind, right from the start. This applies equally to the firmware and the application software. Safety systems, which offer the fewest attack possibilities, represent the most effective defence against cyber attacks. Reduced controls on necessary security functions are protected against typical attacks on IT systems.

Safety-oriented systems are the last line of defence in a production facility. The implementation of effective cyber-security measures is particularly important. A crucial point is the minimisation of human intervention, since humans are the most frequent cause of cyber risks. These include both targeted cyber attacks to disrupt production processes or steal industrial secrets, as well as incidents caused by carelessness. An effective protection concept includes, for example, special access protection, physical security or plausibility checks on changes. In addition, users need to take organisational measures, such as periodic testing of internal networks through penetration tests or security training of their own employees. Because, when employee passwords become known, a hacker attack becomes child's play.

In addition, the intelligent use of existing data from the security network, for example for predictive maintenance or process optimisation, now also allows operators to improve the efficiency of their systems by reducing downtime.

The safety system is particularly suitable as a source of relevant information since a large amount of data is generated in safety control systems. Dr Horch will explain how this can be done.


Alexander Horch (M.Sc. Engineering Cybernetics, University of Stuttgart, 1996; PhD Automatic Control, Royal Institute of Technology Stockholm, 2000) was formerly Principal Scientist at ABB Corporate Research in Germany, focusing principally on process plant optimisation and plant asset management.

Between 2007 and 2016 he held different management roles in the areas of process control systems and automation of electrical grids, smart grids, manufacturing plants, robotics as well as Industrial Internet (Industrie 4.0) for ABB Germany and ABB Switzerland.

Alexander Horch is a Certified Project Management Professional (PMP) and a Certified Automation Professional (CAP) of the ISA. His R&D work is complemented by publications and seminars, regular lectures at the University of Stuttgart and ETH Zürich, as well as work for standardisation organisations.

Since April 2016 he has been Vice President Research, Development & Product Management at HIMA Paul Hildebrandt GmbH in Brühl, Germany, a leading supplier of safety-related automation solutions for the process, rail and logistics industries.


Contact Details and Archive...

Print this page | E-mail this page