Foundation Projects
Open-source SOC-as-a-Service for Strengthening Cybersecurity in Small and Medium Manufacturers in Thailand toward Industry 4.1
National Electronics and Computer Technology Center
Cyber attacks in manufacturing have proliferated across the globe, raising concerns about Thailand's manufacturing sector and its move toward Industry 4.0.
This Industry 4.0 transformation requires digital technologies such as cloud computing, data analytics, and the Internet of Things. Cybersecurity, though an essential component, was not addressed as much in the context of Industry 4.0. Strengthening cybersecurity in manufacturing meant securing not only the IT (information technology) infrastructure but also the OT (operational technology) components such as machines, controllers, and shop-floor facilities.
To prevent and reduce the impacts of cyber attacks in a factory setting, a complex real-time monitoring and evaluation of cyber risks are necessary. Because industrial communication protocols consist of both proprietary and open standards, typical cybersecurity software tools, which are suitable for a normal IT/enterprise environment, might not be sufficient to monitor communication and data transfer among factory machines. While large manufacturers could invest in such complex security prevention services, either internal or outsourced, small and medium manufacturers could not afford to invest in either internal or outsourced cybersecurity services. This gap in cybersecurity affordability created a kind of digital divide, which was not healthy in today’s global supply chains where large and small manufacturers must rely on one another.
This project aimed to develop a Security Operations Center (SOC) to support small and medium factories in Thailand. We tried to implement it with all open-source software to reduce development and operation costs, making this service sustainable and affordable for SMEs. In this project, we tested our SOC services with three small and medium-sized factories. These factories received standard SOC services: cybersecurity monitoring, incident response, vulnerability assessment, and threat analysis for at least three months. We fine-tuned our SOC operations and services based on feedback from these factories. The result of this project was a prototype SOC-as-a-service that could scale out to serve more factories in Thailand. Additionally, we provided cybersecurity awareness training to factory personnel as well as system integrators and developers of Industry 4.0 solutions.