Secure networking using OPC UA

The security aspect is becoming increasingly important for the medium-sized operation of Jung Pumpen. Efficient, automatic monitoring of the status, faults and alarms of hundreds of widely distributed pumps is a major challenge for large public wastewater systems in the municipal sector. It therefore makes sense in future to connect all pumps in use to a central condition monitoring system. For this to be possible, the sensitive data from the public infrastructure must be securely recorded, transmitted and processed. The networking of the pumps must meet the highest security standards.

Over the course of four months, the project partners developed the basis for secure data transmission step by step. The first step was to determine the requirements for the information to be processed. In workshops, they identified which plant data had to be communicated and which security criteria had to be met. In a second step, threats and risks were then identified in a comprehensive threat analysis. This shows which potential threats exist in the planned communication architecture or which external attacks need to be considered. The associated risks for the pump control system were then determined for each identified threat. Appropriate protective measures were defined for these in order to reduce the risk of successful attacks.

The security concept for the future OPC UA gateway for the pump controllers was developed on the basis of this preliminary work. Among other things, authentication measures, cryptographic procedures and update mechanisms were used to secure the data exchange in the long term. In addition, an information model was created for data transmission using OPC UA. The result of the project is a flexible information model for data transfer using OPC UA as the basis for all of Jung Pumpen's systems, so that the company can transfer its data uniformly using OPC UA in the future. This is an important basis for connecting the systems to condition monitoring systems, for example.