‘s drone system has been certified by the German technical inspection agency TÜV in accordance with the IEC 62443 cybersecurity industry standard. The entire system was tested, including communication between the drones and the Integrated Control Center.
The Integrated Control Center is a scalable IoT platform that enables the active, intelligent and simultaneous monitoring and management of more than 100 automated drones, autonomous mobile robots (AMR) and their tasks.
TÜV NORD certifies the excellence and well-protected system integrity of this mobile robot management solution. Both the system architecture and the multi-layered security design, its defined procedures, the software and drone hardware meet all the requirements for this cybersecurity standard.
HHLA Sky’s product development process also meets all normative requirements in each of the eight areas. These are: managing development, defining security requirements, designing security solutions, providing a secure development environment, testing security features, dealing with security vulnerabilities, creating and publishing updates, and documenting security features.
This is the first time that an industry-standard IoT drone system has been cybersecurity-certified.
“Our customers often operate in critical infrastructures. An IoT strategy that embeds security and cybersecurity from the outset is just as important to them as the efficiency gains from using automated drones. Our customers will only deploy an adequately cybersecure product that supports their business continuity – and we must ensure that the level of protection remains permanently high. We are proud that TÜV Nord has now certified the standards we have established for our Integrated Control Center as cybersecure,”
says Matthias Gronstedt, Managing Director at HHLA Sky.
“Our requirements for a cybersecure product go somewhat beyond the actual requirements for certification,” adds Lothar Müller, Managing Director at HHLA Sky: “We also see cybersecurity as a management task and therefore have a holistic approach to our own security strategy. For example, we foster a corporate culture in which it is clear to all team members that cybersecurity touches on the responsibility of each individual. This, too, enables us to design enormously resilient cyber-physical systems such as the Integrated Control Center, to provide our customers with the highest level of security.”
Real risk
“Cybercrime will cost the world 8 trillion USD in 2023”, predicts Cybercrime Magazine. “If it were measured as a country, then cybercrime would be the world’s third largest economy after the U.S. and China.” The magazine expects “global cybercrime damage costs to grow by 15 percent per year over the next three years, reaching 10.5 trillion USD annually by 2025, up from 3 trillion USD in 2015.”1
According to Bitkom, the damage to German companies last year due to cyber attacks amounts to around 223 billion euros. According to the Federal Criminal Police Office (BKA), there were 12 percent more cyberattacks in Germany in 2021 than in the previous year, with a total of around 146,000 attacks reported.2
On a global scale, Moody’s registers that risks are rising for many sectors, while at the same time remedial and defensive measures are gaining in importance.3
In a global study, the rating agency Moody’s classifies critical infrastructures such as energy, gas and water as sectors with very high cyber risk. The agency also includes the technology industry among the high-risk sectors.3
Mobile Robot Management systems for drones heighten the possibility of attack due to their complexity and interconnectivity. Intelligent firewalls must therefore be raised to meet the increasing degree of automation in drone operations and the deeper the mobile robots are networked with the production systems.
Secure UAV operation
Cybersecurity is also one of the decisive factors for the safe operation of automated UAVs and, in the future, autonomously flying UAVs: for example, during missions in critical infrastructures, generally in urban areas and in all airspaces that drones share with manned aviation.
High protection against hijacking, manipulation, data theft
HHLA Sky’s drone system is cybersecure protected. Even the transmission of often sensitive sensor data is encrypted end-to-end. Access is only granted to authorised persons. Human errors, which offer additional areas of attack, are ruled out as far as possible by standard operating procedures, such as those used in civil aviation.
As a result, the system provides companies and authorities with the highest level of protection against mobile robot hijacking, the manipulation of routes and clearances, as well as against the interception or manipulation of video streams, other sensor data or the activation of functional elements on a logistics drone, such as enabling the cable winch or the opening the holding device for transport goods.
Milestone for the drone industry
HHLA Sky’s rigorous architectural approach was fully validated by the reputable TÜV NORD and put to the test by proven experts. HHLA Sky has achieved a globally unique milestone for the UAV industry with the first cybersecurity certification for drone standards, making it a pioneer in its field.
Photo: Matthias Gronsted with the IEC62443 Cybersecurity certificate for HHLA Sky drone system
References
- https://cybersecurityventures.com/cybercrime-to-cost-the-world-8-trillion-annually-in-2023/
- https://www.bitkom.org/Presse/Presseinformation/Wirtschaftsschutz-2022
- https://www.moodys.com/researchdocumentcontentpage.aspx?docid=PBC_1261056 (Moody’s investor service, 28 March 2022: Cyber Risk – Global: Cyber risk survey of issuers finds growing investments, but gaps in preparedness)
Source: Press Release