Representative End User Clients
Representative Automation Clients
Representative Software Clients
The importance of safety formed the staple of many discussions at the ARC Industry Forum in Orlando. Alexander Horch, Vice President R&D and Product Management, HIMA Group, spoke to ARC’s Peter Reynolds, Contributing Analyst, about the company’s focus on safety. This blog captures the key points and quotes of their conversation. You can watch it here and/or on YouTube.
Safety and Security are Two Sides of the Same Coin
“For the third year in a row, HIMA has been talking about security. Is HIMA becoming a security company?” asked Peter.
Alexander explained that for the last 50 years the company’s focus has been on safety. “This is where we come from, and this is where we stay. However, safety and security are two sides of the same coin, and in a way, the company has always been doing that. Because if you deal with safety, you have to protect your systems against unintended use, people making errors,” he said.
The norms for safety and security require separate systems. So, HIMA’s focus has been on the safety aspect. However, over the years, the company realized that what has been done for safety makes a lot of sense for security. Now, that is being amplified. At the ARC Industry Forum two years ago, HIMA presented its comprehensive Security Environment for Functional Safety. This explains the company’s approach and philosophy to security and product safety.
Last year, HIMA presented the smart safety platform, which means that all products run on the same “security philosophy,” he said. This year the company is announcing ways of securing the periphery of its products.
Portfolio for Safety and Security for Risk Management
Safety and security are continuous processes, which evolve based on customer needs and regulatory norms. Hence, “it’s never complete and never will be,” said Alexander. The company has well-defined roadmaps for both the safety and security developments being planned. But the race to keep ahead of the attackers has to continue.
Currently, the company’s focus is on two aspects.
- Old systems in the market, which have not been designed for security. So, those systems have to be made as secure as possible to help customers.
- Core of HIMA’s portfolio – securing the periphery. “Data needs to get into the safety environment and to get out of the safety environment,” he explained. For this, data diodes, firewalls, remote access systems, etc. must be deployed. HIMA demonstrated how to access safety systems remotely at this year's ARC Industry Forum. Two years ago, the company would’ve responded that this isn’t possible, but now they have a partner that has reliable systems that have been tested on, or are used actively in, military applications and a lot of governmental applications.
Importance of Security for Risk Management
“We talked about safety and security, but what it boils down to actually is risk management,” said Alexander. Both the standards for safety and security deal with reducing risk to a level that is tolerated. So, measures must be taken to reduce that risk to a level that we can live with. At the HIMA Workshop at the Forum, the engineering-related aspect of safety and security was highlighted. Alexander explained that there are norms of how the lifecycle of the safety system has to evolve, and this has to be done according to the standards. Similarly, the security system needs to be efficient, because the safety lifecycle requires a lot of documentation and testing.
“What we strive to do with our customers is to offer them possibilities to automate the documentation and testing. That means it's more efficient, and it's better quality, because it's systematically correct,” explained Alexander. The workshop at this year’s Forum showed how efficiency can be enhanced, while maintaining standards and security levels.