Facilitating cyber security with ARM Hub

cyber security

Bondi Labs visits the ARM Hub learning factory.

ARM Hub COO, Samuel Jesuadian, and the University of Queensland chair and director of Cyber Security, Professor Ryan Ko, tells Manufacturers’ Monthly about their new formal partnership that aims to grow manufacturers’ knowledge of cyber security.

As the manufacturing industry becomes more digitised, the urgency for an increase in harnessing cyber security is revealed. Digital technologies such as this can aid greatly in enhancing productivity and business growth. The Advanced Robotics for Manufacturing Hub (ARM Hub), which focuses on accelerating industry’s digital transformation, forms working partnerships with academic institutions to solve key challenges such as this for industry.

One of these formal partnerships was recently established with the University of Queensland. Professor Ryan Ko, the chair and director of Cyber Security at the university, is well renowned in the cyber security space. His research in cyber security is internationally recognised, focusing on returning control of data to its users. Ko has received multiple conference Best Paper Awards that resulted in several technology transfers for companies like HP, open-source contributions and spin-offs. More recently, he has been researching information integrity and cyber autonomy in critical infrastructure sectors – including manufacturing.

“I feel that the manufacturing industry has only recently sensed the urgency of the cyber security problem due to the fact that there are more ransomware attacks,” Ko said. “But before that happens, most of the time many businesses don’t see it as something that will happen to them.”

Bondi Labs

Through the University of Queensland partnership, Ko is currently helping ARM Hub educate industry partners who are on the verge of digital transformation on how to deal with cyber security threats and create a more agile working environment.

“As a result of this partnership, UQ researchers can be actively engaged with ARM Hub members and bring their renowned expertise to solve industry problems,” ARM Hub COO, Samuel Jesuadian, explained. “This also provided an opportunity for UQ to bring one of their industry partners in cyber security to co-locate and showcase capabilities.

“Bondi Labs, who are already working with Ryan’s team, will be the very first initiative as part of this membership. They will co-locate with ARM Hub and showcase some simulations and other capabilities that come with it.”

Bondi Labs is an Australian computer software company that develops intelligent visual technologies to enhance and augment a workforce’s capabilities. They design and build products that address global challenges in supply chain and logistics, food processing, biosecurity inspection and workplace safety.

cyber security
The University of Queensland’s energy test lab, where businesses can collaborate to improve their cyber posture through ARM Hub.

Bondi Labs’ latest product is Elixar, which is a pair of smart glasses that enable remote and augmented auditing in AgriFood supply chains.

“What Bondi Labs do is they allow auditors to go into food processing and meat processing plants with the smart glasses,” Ko said. “The smart glasses basically show a live feed at different plants, where the regulators and other auditors are in other locations in Australia or across the world.

“This technology has proved to be really good during COVID times and for reducing carbon footprints and travel costs. But at the same time, this whole thing hinges on the integrity of the data and trust of the system.”

This is where Ko comes in, as his research has always been centred on provenance and ensuring information has a high integrity.

“My application in this scenario of remote auditing in a manufacturing situation is to answer this question: how can I make sure that a video, for example, that I’m looking at right now is truly from this device, at this location, at this time?” he said.

“If you can prove the integrity of that, then the whole auditing process is trusted. After that, the accreditation process can be sped up and it’s more efficient. In this way, we can solve a lot of doubts about whether the video is true or genuine. And all of these things will be showcased in the ARM Hub premises.”

Remote attestation

To prove the authenticity of the information accessed from the hardware chip within a device, a mathematical equation known as remote attestation is used to identify the chip’s “root of trust.”

“Through that root of trust, whenever the information is passed on through the Internet to the other remote auditor, the information actually contains a digital signature called a ‘chain of trust,’ and you can prove that it came from this device,” Ko said.

cyber security
The University of Queensland’s Agile Security Operations Centre (ASOC) can run simulations of cyber attacks to train ARM Hub’s partners in how to mitigate cyber security risks.

Remote attestation can be used in applications such as Zoom calls, forensics, food manufacturing, mining equipment, electronics manufacturing, law enforcement equipment, or auditing in dangerous environments such as nuclear plants.

The University of Queensland and Bondi Labs’ new challenge is to establish a virtual root of trust in environments that do not use hardware.

“In cloud computing, for example, we have a lot of virtual machines. One physical machine can create thousands of virtual machines in Amazon or Microsoft Azure Cloud,” Ko said. “Each of these presents itself as a real computer, but they’re actually virtual. The challenge is, when we virtualise these devices, how do we prove that it is indeed a virtual device?”

ARM Hub is well positioned to translate this research across multiple sectors within the manufacturing landscape, Jesuadian said.

“We look at manufacturing capabilities across all sectors, and remote auditing could easily be applicable in the future of medical device manufacturing, for example,” he said. “If there is a way to validate the device or the camera system that is actually taking footage of the production, remote auditing can play a key role in the future of smart manufacturing.”

Protecting your business

According to Ko, manufacturers need to address several issues to protect their businesses: that cyber security is an overall business continuity problem, rather than an IT problem, and that a supply chain certification process can cut at least 80 per cent of the risks introduced by suppliers or clients.

“The executive leadership of the organisation has to take ownership of the cyber security problem and start to think about policies that view cyber security as a business risk,” Ko said. “Based on the policies, it then dictates the investment budget, procurement of technology and other processes.

“Sometimes there are still risks introduced by your suppliers or your clients. The point is, how do you procure raw materials in a cyber secure way? Is there a way that you can effectively say, ‘Hey look, you are now currently at level one; I want you to be at level three because you handle a lot of my customer data.’”

To remedy this, ARM Hub and its various university partners have created programs to educate manufacturers on robotics, automation, artificial intelligence and Industry 4.0. In partnership with the University of Queensland, the next program will centre on cyber security education for industry.

“An awareness or Cyber literacy program is on our plate to offer for industry next year,” Jesuadian said. “I think it will help industry to understand the necessity of cyber security measures and show them the pathways to implement in their businesses.

“We’re very excited to be partnered with the University of Queensland – this opens up more opportunities for industry to engage with us through a collaborative approach.”