Cybersecurity level in IPS2: A case study of two industrial internet-based SME offerings

Abstract

In a case study comprising two SMEs offering Industrial Product-Service Systems (IPS2) based on the industrial internet the paper addresses the current cybersecurity level of the two SMEs and the perceived need for added cybersecurity features. Cybersecurity is of crucial importance for most IPS2-offerings if they involve data communications, data collection and storage, and are also part of the customers’ critical processes (i.e., the core processes that always need to work with a high level of availability). The case study reveals that both IPS2-offerings have a basic level of core security spanning IoT-devices, IoT-networks, cloud services and users as well as administrators. Further, of interest is that the SMEs would like to add security cloud services with advanced security functionality in order to achieve scalability and efficiency regarding security- and general management as well as lifecycle management functionality. However, most of the security cloud services are mainly aimed at larger companies and not adapted for SMEs in terms of required knowledge, time and effort required to keep the security configurations up-to-date.