You can’t isolate, so integrate

July 2019 Industrial (Industry), Integrated Solutions

As if security in this day and age weren’t complex enough, industrial sites have to contend with a barrage of health and safety risks, strike action and sabotage to machinery. As events in recent years have shown, they have also proven to be particularly prone to cyberattacks, whether through random acts of vandalism, or more targeted and profitable ransomware attacks. And then you get the really bad guys: governments.

At the risk of sounding all ‘The Commies are coming!’ paranoid, one only has to follow the news to know that many of the current diplomatic tensions between the world’s major nations are centred on their cyber-warfare activities against each other. The ability for nation states to probe, and potentially disrupt, other nations’ critical infrastructure has never been more enticing.

According to a 2019 Forrester Consulting study commissioned by Kaspersky Lab, the number of successful breaches to industrial/manufacturing organisations has risen more than 27%, from an average of 102 to 130 per organisation per year. The financial impact of cybercrime is also getting worse, averaging over $10 million for the sector in 2017.

Throw into that volatile mix the fact that many industrial plants still run on ‘brownfield’ systems that are, at their core, decades old and, at best, upgraded with modern bells and whistles, and you have a recipe for disaster. The result is that security professionals in this sector are often left scrambling to manage risks within outdated infrastructure that is not up to the job of dealing with modern threats that can emerge and evolve within a matter of days, or even hours.

One of the most exciting trends to emerge from the Industry 4.0 revolution is that technologies and hardware that were originally developed for the security market are increasingly being co-opted to enhance organisational productivity: think CCTV camera feeds being used to monitor production lines, or access control systems providing a time and attendance function.

Therein lies a further pitfall, however. The increasingly hyper-connected nature of these complex systems leaves them vulnerable to cybersecurity risks from within and without. According to a 2018 study by the research firm Gartner, whereas most threats to operational technology (OT) systems traditionally originated from internal actors with access to physically secured and unconnected components, the opening of these systems to external networks and devices has driven the need to add and integrate information security measures to counteract the growing eventuality of Internet Protocol (IP) or other network-based, external attacks.

Integration is critical

Primarily due to their size and location, industrial sites are generally difficult to protect against intrusion as perimeters may be extensive. This leads to tighter security measures being centred around main buildings and entrances more often than not, and necessitates a more holistic approach to security, in the view of Axis Communications’ Sasha Bonheim. “All stakeholders also need to be involved in the discussion from the get-go: the IT department, operations department, security and SHEQ (safety, health, environment and quality). The security deployment strategy needs to have input from all departments to ensure that there is no duplication of physical security measures, and that vital areas are not overlooked.”

As she points out, the requirements of a process manager are vastly different from those of a security manager: whereas the former wants visual confirmation that the conveyor system is operational, the latter is more interested in observing that no one is trespassing in an area. These days it is trivial to satisfy both these requirements with a single camera, but cross-collaboration across departments is vital if such solutions are to be planned and deployed properly.

Such inter-disciplinary collaboration has to be based on an integrated approach, says Bonheim. “On many industrial sites, most security solutions are standalone. Your surveillance platform, the access control and even your fire detection are on separate servers, being managed by separate departments, and there is no central control of any of these.

“All these solutions should be integrated – they should speak to each other at all times for clear control of the site, from one central point. This allows for faster response to any type of emergency or breach, and also allows for the right response. Should it be a fire in the production area, you would want the control room personnel to call the right people to respond. By having an integrated solution, there is still accessibility for each department, and they do not lose control of their own process or requirement for information.”

Putting it into practice

By way of example, Bonheim says Axis Communications has recently been involved in the upgrading of an unnamed ‘global industrial customer’ to a comprehensive IP-based system. The surveillance system in this application is required to operate in conjunction with a weighbridge, licence plate recognition and visitor access control.

High-level analytics are being employed at the site to identify unusual behaviour. “The unusual behaviour application is based on SHEQ requirements as well as process control,” Bonheim explains. “In essence the cameras have analytics that will identify if someone is on a cell phone in a dangerous area, or if they are moving/walking in an unusual area.” The analytics algorithm differentiates between normal and abnormal behaviour and alerts the control room operator via a dashboard, allowing them to react in the appropriate manner.

“If the normally moving conveyor belt stops moving, this is also deemed unusual and once again an alert is sent. The idea is to minimise the number of screens an operator is looking at, as well as diminish the number of alarms that get missed or dismissed intentionally without review. Furthermore, by utilising crowd identity applications and a PTZ camera, the site can be forewarned about any impending strike or riot action. In the bigger picture, how this helps in the long run is that the customer can now view trends in their processes, and minimise any future disruptions.

“According to Wikipedia, ‘Industry 4.0 is a name given to the current trend of automation and data exchange in manufacturing technologies’. It includes cyber-physical systems, the Internet of Things, cloud computing and cognitive computing. In terms of this description and where IP surveillance and the various subsystems intersect, security has absolutely become part of Industry 4.0. Customers are realising the benefits of having their solutions integrated, for operational processes as well as streamlining of business intelligence. By using the big data and applying rules to filter information, the customer has a much better idea of how their site is operating,” she summarises.

For more information contact Axis Communications, +27 11 548 6780,,


Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Intelligent analytics and the brains to match
September 2019, Bosch Building Technologies , CCTV, Surveillance & Remote Monitoring, Integrated Solutions
What if the brains behind our security cameras could be trained to improve their cognitive ability to pay attention, learn, and problem-solve according to specific rules and situations?

AI-powered autonomous Drone-in-a-Box
September 2019 , CCTV, Surveillance & Remote Monitoring, Integrated Solutions
Organisations in the mining, energy and industrial, oil and gas, ports and terminals sectors can optimise security and business operations, whilst reducing risks and operational costs

A platform approach to innovation and value
September 2019, Technews Publishing , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions, IT infrastructure
Moving to the platform model of doing business holds tremendous advantages for end users and smaller developers, but also for the whole technology supply chain.

Open does not always mean easy integration
September 2019, VERACITECH, Technews Publishing , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
Customers who opt for best-of-breed solutions will have to rely on their integrators to develop customised integrated solutions for them.

Video analytics and AI
September 2019, Axis Communications SA, Dallmeier Electronic Southern Africa , Hikvision South Africa, Technews Publishing, Dahua Technology South Africa , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
Artificial intelligence has the potential to deliver real benefits in the world of video analytics and many companies are already delivering customer benefits.

Cloudy with a chance of AI
September 2019 , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
One local company has developed an AI solution that can be added to existing surveillance installations, offering 24-hour intelligence.

Speak up with audio
September 2019, Axis Communications SA , Editor's Choice, CCTV, Surveillance & Remote Monitoring
Video surveillance systems are traditionally used as forensic tools, but what if you can use your surveillance system to proactively deter incidents before they happen?

Video and audio analytics
September 2019, Wisenet CCTV - Hanwha Techwin , CCTV, Surveillance & Remote Monitoring, Integrated Solutions
Viewing many monitors and cameras simultaneously can lead to an increased probability of missing critical situations due to viewing fatigue. Analytics has the answer.

Enhance video analytics with Augmented Vision
September 2019, IDEMIA , Technews Publishing , CCTV, Surveillance & Remote Monitoring, Integrated Solutions
Augmented Vision is a video analytics application from IDEMIA designed to enhance security in public and private places.

A tangible return on investment
September 2019, Bidvest Protea Coin, Technews Publishing , CCTV, Surveillance & Remote Monitoring, Integrated Solutions
The key to a successful security solution for any environment is the strategy and processes that define what you need, where, when, how and why.