For many companies, the weakest security link the company is the manufacturing network. A recently published  blog post in Embedded Computing Design (http://embedded-computing.com/guest-blogs/securing-a-factorys-ot-network-and-the-role-of-trust/#) by TCG expert Stacy Cannady notes, “…trusted and secure manufacturing must include protection of both the IT and OT networks with IoT, ICS, SCADA and related environments being the most vulnerable.”

The blog examines the differences between OT and IT networks, including that OT networks are not often, if ever patched; security suites are not installed; and there are significant safety and latency issues compared to IT networks. How do TCG specifications and standards apply here? In short, “…(to) establish trustworthiness for enclaves and conduits, TCG uses dedicated security hardware to protect secrets and integrity information (hash values). This includes the Trusted Platform Module (TPM) and self-encrypting drives (SEDs). With this technology, devices can police each other and authenticate credentials before any communication occurs.

For legacy products that do not support TCG-compliant hardware, TCG’s Trusted Network Communications (TNC) can be used to create trust evidence.”

Learn more about this topic in the complete article, http://embedded-computing.com/guest-blogs/securing-a-factorys-ot-network-and-the-role-of-trust/#). Additional resources can be found on TCG’s website, www.trustedcomputinggroup.org.