Cybersecurity for ports and terminals: Secure by design

"Secure by Design" is a principle of cybersecurity and engineering that treats the security of the system as a core business requirement instead of a feature that is added on to the solution. Utilizing Secure by Design means that cybersecurity must be addressed in the entire design process of the product, and not just the finished software.

As covered in part 2 of this series, the Secure Development Lifecycle concept that is defined in industry standards such as IEC 62443-4-1 is intended to facilitate precisely this kind of development work. When solution providers certify their product development for compliance with the standard – as Kalmar has done for the Kalmar One and MyKalmar INSIGHT solutions – all stakeholders can have confidence that the development of the software has been carried out with the industry's best practices for cybersecurity.

"For us, the Secure Development Lifecycle concept is very much an everyday practical tool," says Henri Kettunen, Cybersecurity Lead, Kalmar. "Working through the Secure by Design principle means that we take cybersecurity into account at every stage of our software development. This involves continuous security testing and code analysis of not only the software components that we are working on, but also of the code libraries that are used in our products."

Working through the Secure by Design principle means that we take cybersecurity into account at every stage of our software development.

Secure the connections

On a practical level, one of the key requirements for designing a cybersecure automation system for ports and terminals is to document carefully all the application interfaces in the system.

"An automation system will always need connections to external systems such as the Terminal Operating System," says Jani Mäntytörmä, Chief Cybersecurity Engineer, Kalmar. "So, we need to be very systematic about documenting these interfaces as well as their security controls. However, beyond specific software components, we also need to be thinking about the entire architecture of the system and to build in multiple levels of security in depth, from the very beginning of the design process.

We need to be very systematic about documenting these interfaces as well as their security controls.

Code, test, audit, repeat

Another key part of the design philosophy outlined in IEC 62443-4-1 is to minimise potential attack surfaces on the system through systematic user and credential management. "To put it simply, the default should always be that users in the system only have the access and rights that they need, and no more," says Jani Mäntytörmä.

"Alongside the testing of new software, another core aspect of the process is to model various threats and carry out continuous testing for existing systems," adds Henri Kettunen. "We have regular external audits for our solutions, and typically customers will also have their own independent auditors evaluating them as part of the cybersecurity testing of their entire IT infrastructure. It's all about ensuring that our customers stay secure, from day one of development to as long as our software is used."

It's all about ensuring that our customers stay secure, from day one of development to as long as our software is used.