Protecting Your Industrial IoT: Secure Systems for Critical Infrastructure

Protect Your Daily Operations From Being Compromised

In today's data-driven society, connectivity offers efficiencies but also introduces new vulnerabilities in control and monitoring systems, extending from the control room to mobile devices in the field. The rise of wireless Machine-to-Machine (M2M) technologies further complicates this. While increased data collection from sensors enhances decision-making and resource utilization, the expanded integration and access across field technologies, communication networks, devices, applications, and personnel create new attack vectors and increase vulnerability.

Key statistics highlight the growing threat:

100% increase in attacks against Industrial Control Systems from 2013 to 2014.
42.8 million cybersecurity attacks in 2014.
85% of breaches take approximately 5 months to discover.

Secure the Industrial IoT Across Your Enterprise

The Industrial Internet of Things (Industrial IoT) is transforming critical infrastructure industries by enabling proactive decision-making, enhancing personnel safety, and facilitating real-time information flow for improved work processes and productivity. However, aging infrastructure and operational technologies often have inherent security gaps, making them easy to bypass or provide open access. It is crucial to fortify operations against cyber attacks across the entire enterprise, ensuring that data at rest and in transit remains protected.

Industry sentiment reflects the urgency:

83% of organizations state cyber attacks are among their top 3 threats.
38% of organizations report being prepared for a cyber attack.

Tighten Security with the Right Network, Devices and Services

Achieve virtually tamperproof operations with a highly secure, end-to-end Industrial IoT solution.

ASTRO® 25 NETWORK: Trusted by millions for its always-available, interoperable communications in mission-critical environments. This IP-based virtualized network is secure, scalable, and flexible.

ACE3600 SCADA REMOTE TERMINAL UNITS: These units handle large data volumes for critical infrastructure automation and monitoring. With high processing power and enhanced security features, they improve safety and productivity while enabling seamless data communication across the enterprise.

MOTOROLA SOLUTIONS CYBERSECURITY SERVICES: Professionals collaborate to assess risk posture, develop prioritized plans for operational integrity, and identify the right tools and services to address ongoing threats and vulnerabilities.

Insulate the Intelligence at the Heart of Your Operations: The Control Room

The control center is the core of critical infrastructure and a prime target for malicious actors, both external and internal. The convergence of IT and operational technology means any risk to the control room can endanger the entire organization, jeopardizing operational integrity and continuity.

Motorola Solutions' Industrial IoT solutions provide critical layers of protection for all points of entry between computers, system servers, communication networks, and the outside world, including:

Windows Hardening: Securing and locking down Windows-based operating systems to minimize threats and meet government standards like FISMA certification.
Service Access Architecture: Implementing secured communication lines between the ASTRO 25 network and other enterprise IT systems for efficient connectivity.
Demilitarized Zone (DMZ): Regulating traffic to system servers (like control centers) using firewalls and intrusion prevention systems to eliminate common communication ports between external and internal zones.
Anti-Virus Software: Detecting, preventing, and removing malicious code (worms, viruses, Trojans). Workstations and servers supporting system applications require installed anti-virus software, with special care for online signature updates.
Application Control Software (Whitelisting): Blocking unauthorized applications on servers, workstations, and field devices by allowing only pre-identified programs. The ACE3600 RTU and Gateway utilize mechanisms tested with McAfee™ Solidifier.

Strengthen Your Communications Bridge: ASTRO® 25 Mission-Critical Network

ASTRO 25 is the world's leading mission-critical communication network, providing IP-based voice and small packet data. It's a trusted platform for public safety, government agencies, the U.S. military, and many other entities, ensuring secure, interoperable, and always-available communications. Protection is built-in for the people and technologies connected by the ASTRO 25 network.

Protect Your ASTRO 25 Communications Network with Security Solutions for Proactive Threat Detection, Real-Time Response and Correction

Zone Core Protection: Secures the ASTRO 25 core, allowing only valid traffic and alerting on suspicious activity.
Secure Partitioning: Ensures exclusive database protection when sharing resources.
Device Authentication: Controls access to the digital radio network, preventing illegitimate users and safeguarding data.
Centralized Logging: Logs security events (log-in failures, configuration changes, security element failures) for system activity visibility.
Firewalls: Ensure only legitimate traffic from external networks accesses the ASTRO 25 system.
Log Correlation Audit Management: Monitors system activity by indexing and correlating log information in real-time, providing administrators with easy access to critical data.
Integrated Data Encryption: Protects data traffic from eavesdropping for integrated data applications on the ASTRO 25 trunked network.
Intrusion Detection Sensing: Monitors inbound and outbound network traffic to proactively identify suspicious activity.

Extend Protection to the Edge: ACE3600 SCADA Remote Terminal Units

The ACE3600 RTU is designed for mission-critical control systems, handling large data volumes for complex process automation and monitoring. Positioned at the edge of the Industrial IoT, it controls and manages operational technologies remotely, with robust security integrated from the start.

Protect all points of entry, limit vulnerabilities, and prevent compromise with these proven security methodologies:

Security Policy Enforcement: Ensures users, devices, and software tools adhere to security policy settings.
Firewall: Permits or denies data transmissions based on rules, blocking messages not meeting specified security criteria.
Access Control: Verifies legitimate access to an RTU via authentication (name, password, IP address). The ACE3600 RTU can use a remote authority/authentication server or rely on the device itself. User accounts are required for system access.
Role-Based Access Control: Assigns specific roles and permissions for operations, allowing administrators to define roles and user permissions accordingly.
Intrusion Detection System: Monitors control system events for malicious activities or policy violations, reacting in real-time to block unauthorized activity and logging it for reporting.
Application Control Software (Whitelisting): Blocks unauthorized applications on RTUs by allowing only pre-identified programs.
Encryption: Makes data unreadable without a specific key. It prevents eavesdropping and spoofing, encrypting data stored in devices and applications using the FIPS-140-2 certified, 256-bit AES algorithm.

ACE3600 RTU Security Features:

Auditing: Monitors devices, logs suspicious activity, and blocks unauthorized access. Security logs are encrypted and saved in FLASH memory.
Unused Port Deactivation: Disables unused ports to reduce vulnerability to unauthorized access.
Time-Window Commands: Adds a layer of defense against replay attacks by requiring subsequent action messages within a designated time window.
Secured Programming: Eliminates vulnerabilities from common programming errors by identifying and developing secure coding practices. Motorola Solutions uses techniques like code obfuscification and avoids encryption of debugging data.

Description of ACE3600 RTU Image: The image displays several rack-mounted ACE3600 SCADA Remote Terminal Units, showing their modular design with power supplies and various input/output (I/O) modules (e.g., 16 Al, 32 DI, 16 DO). It also includes a "DANGER HIGH VOLTAGE" warning label.

Safeguard Your Industrial IoT With Trusted Expertise

Motorola Solutions offers a proactive approach to cybersecurity for customers worldwide, addressing evolving threats and regulatory standards. They help achieve compliance and maintain network operations.

As a leader in mission-critical communication networks for over 85 years, Motorola Solutions provides unmatched expertise in protecting radio systems and enterprise networks. Certified security professionals stay informed about the latest security threats and compliance technologies.

Rely on their expertise to protect operations from field devices to control room servers and the networks connecting them.

Key Services Offered:

Security Update Service (SUS): Provides pre-tested anti-malware definitions and security patches for ASTRO 25 systems, available via self-installation or remote installation.
Security Monitoring: A comprehensive methodology for monitoring systems for potential intrusions and detecting malicious outbreaks, offered via remote monitoring from a Security Operations Center (SOC) or on-premise monitoring.
Cybersecurity Professional Services: A process for identifying, assessing, and managing cybersecurity risk, available through assessments conducted by experts or joint engagement with IT personnel.

Sources:

1. 2015 OAS Micro Trends Report on Cybersecurity and CIP in Americas
2. "Attacks against industrial control systems doubled last year," CSO Online, April 17, 2015
3. Raising the Bar for Cybersecurity, James Lewis, February 12, 2013
4. 2015 ISACA Global Cybersecurity Status Report

To learn more about Motorola's Cybersecurity Solutions for Industrial IoT, visit motorolasolutions.com/industrialiot.

Motorola Solutions, Inc. 1301 East Algonquin Road Schaumburg, Illinois 60196, U.S.A. 800-367-2346 motorolasolutions.com

MOTOROLA, MOTO, MOTOROLA SOLUTIONS and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property of their respective owners. © 2017 Motorola Solutions, Inc. All rights reserved.

	The Industrial Internet of Things: Enhancing Productivity and Safety with Motorola Solutions Motorola Solutions' Industrial Internet of Things (IIoT) solutions drive productivity and safety across critical infrastructure. Discover how IIoT, Industry 4.0, SCADA, and M2M technologies transform utilities, manufacturing, agriculture, and more.
	Cleveland's Video Surveillance Network: Enhancing Public Safety with Motorola Solutions A case study detailing how the City of Cleveland implemented Motorola Solutions' wireless video surveillance network to enhance public safety, prevent crime, and improve citizen security.
	York Regional Police Cybersecurity Case Study \| Motorola Solutions Discover how York Regional Police partnered with Motorola Solutions to enhance cybersecurity, modernize public safety operations, and ensure community safety through advanced managed detection and response services.
	FEMA Preparedness Grant Summaries FY 2025 \| Motorola Solutions An overview of FEMA's Fiscal Year 2025 preparedness grant programs, including EMPG, NSGP, OPSG, PSGP, SHSP, THSGP, TSGP, and UASI, detailing their objectives, eligibility, and funding priorities. Features Motorola Solutions' technology offerings that support these grant applications.
	Motorola Solutions Investor Overview August 2025 - Public Safety & Security Technology An overview of Motorola Solutions' financial performance, strategic growth drivers, and market leadership in public safety and enterprise security technology solutions, including video security, mission critical networks, and command center systems.
	KVL6K E2EE for DIMETRA Systems: Key Variable Loader for End-to-End Encryption Discover the Motorola Solutions KVL6K E2EE, a Key Variable Loader designed for secure key management and end-to-end encryption in DIMETRA TETRA systems. This data sheet details its features, security capabilities, physical characteristics, and system requirements.
	Motorola Solutions Q2 2025 Financial Results and Strategic Update Motorola Solutions reports strong Q2 2025 financial results, including record revenue and earnings, driven by demand for safety and security solutions. Highlights include the acquisition of Silvus Technologies and raised full-year guidance.
	State and Local Cybersecurity Grant Program (SLCGP) \| CISA & FEMA Funding Information on the State and Local Cybersecurity Grant Program (SLCGP) offering $91.75 Million in funding for government entities. Details eligibility, objectives, application deadlines, and how Motorola Solutions can assist.

Protecting Your Industrial Internet of Things