Start Consulting Cybersecurity Testimonial: GEMÜ x INVENSITY

GEMÜ develops cyber-secure industrial control units with the support of INVENSITY

For a long time, cybersecurity was not an issue for manufacturers of industrial components – that has changed. GEMÜ has faced up to this change at an early stage and in a consistent manner. Together with INVENSITY, measures were initiated to meet current cybersecurity requirements.

IEC 62443, BSI KRITIS regulations, the Biden decree: more and more norms, standards and regulations consider the fulfilment of requirements in the field of cybersecurity not only necessary for the operators of industrial plants, but also demand this from component manufacturers as well as system integrators.

In addition, cyber warfare campaigns by so-called nation state actors and criminal groups, which are being observed more frequently, forcefully demonstrate the central importance of cybersecurity.

Successful hacker attacks on industrial plants and their components can lead to far-reaching reputational damage and the subsequent loss of trust.

INVENSITY supports GEMÜ in the implementation of standards, processes and suitable measures to safeguard products and applications.

Industry: Valves for industrial applications

Headquarters: Ingelfingen, Germany

Number of Employees: approx. 2,400 worldwide

Locations: In > 50 countries

Website: https://www.gemu-group.com/en_EN/

Protection against cyber attacks

Customized solutions

Ready for Industry 4.0

About GEMÜ

Objectives and background information

GEMÜ produces valves for industrial applications. The company, headquartered in Ingelfingen/Germany, is the world market leader in the field of valve, which is a process and control technology for sterile processes.

GEMÜ would like to give its future products the possibility of greater networking with peripheral devices via BLE (Bluetooth Low Energy) in order to thus support customers in the transition to Industry 4.0 and the automation of production.

Against this background, the central goal of the joint project between GEMÜ and INVENSITY was to develop measures to protect the interfaces of GEMÜ systems from unauthorized access. With that being said, the INVENSITY team, in close coordination with the client, created a cybersecurity concept that makes it possible to check the security analyses already created by GEMÜ for completeness and correctness. The most important questions were: Was the threat situation correctly assessed and were vulnerabilities and threat scenarios fully mapped in the analysis?

In developing the measures for a state-of-the-art cybersecurity concept, INVENSITY was able to draw on its many years of experience from other industries and client projects – an advantage that GEMÜ particularly appreciated.
Read moreRead less
“We recognized early on that cybersecurity-compliant development is not only beneficial for us, but above all for our clients. Together with INVENSITY, we have positioned ourselves well. We were particularly convinced by the approach of jointly finding a solution that was a perfect fit for us, while benefiting from best practices from other industries.”​

Arnd Wurst
Team Leader
Global R&D | Software Development

Technical cybersecurity consulting

The Procedure

The requirements of GEMÜ were at the forefront of INVENSITY’s technical cybersecurity consulting. Accordingly, it was important to understand these requirements very precisely in a first step.

The cybersecurity solution was then developed iteratively in review loops together with the client. GEMÜ was able to benefit from the experience and best practices from other industries and client projects, which INVENSITY incorporated into the development at all times.

The result is a system in which attack gaps are closed and which meets the requirements of a cybersecurity-compatible solution.

Keyfacts

Over a total of two months, GEMÜ and the INVENSITY team worked together to develop a cybersecurity solution that was precisely tailored to the client’s requirements.

In order to protect GEMÜ’s systems in the best possible way against external attacks, it was necessary to meet the requirements of

Confidentiality, Integrity and Availability:

Great care was taken to protect the intellectual property, to create the solution in such a way that it can be seamlessly integrated into GEMÜ’s systems and to ensure the availability of the systems, especially for GEMÜ’s clients.

2 months project duration

Team approach

Clear result

Cybersecurity

A reasonable investment in the near and distant future

Avoid acute risks

The main goal of the cooperation between GEMÜ and INVENSITY was to take a pioneering role in cybersecurity in the component manufacturer market and to act before it could be too late in case of doubt. The aim was therefore to secure the client’s systems against external attacks in the short and long term using effective and efficient solutions.

Setting up for the future

By taking this step, GEMÜ not only closed the attack surfaces of its systems against potential hacker attacks in the here and now, but also increased protection against future potential risks. GEMÜ is extending its lead in the market through cybersecurity-compliant development and cybersecure products, while at the same time meeting many norms and standards that could be required as standard by clients in the future.

Short-term

Effective and efficient closing of cybersecurity risks and thus of attack surfaces

Medium-term

Establishment of an internal awareness for the topic of cybersecurity and of basic processes for standard-compliant development

Long-term

Increase in value creation through positioning as an exemplary cybersecurity-compliant provider on the market

Team

Create attention for security

Creating tailor-made solutions for the customer as a team

Product

Consideration of the limited resources of the embedded systems

Digitization

Supporting the digital transformation of the industry

Clients

Acting competently towards clients and plant engineers

Do you have questions about Cybersecurity, or are you considering hiring external support?

Please feel free to contact me at any time. Click on the button below and easily choose a time slot so that we can discuss your project without obligation and free of charge.

Schedule appointment

Björn Engelhardt
Business Unit Manager Cybersecurity