How do you protect the beating heart of modern manufacturing—smart factories—from equally smart attackers?
That’s the question host Paul Ducklin explored with Joseph M. Saunders, CEO and Founder of RunSafe Security, in an episode of Exploited: The Cyber Truth.
From the limitations of traditional security models to the growing importance of software quality, this conversation revealed why the cybersecurity playbook for industrial automation needs a re-write for today’s threats.
The Challenge of Smart Manufacturing: Complexity Meets Connectivity
Modern factories are no longer isolated networks of robots and sensors. They’re deeply connected ecosystems, merging OT (Operational Technology) and IT, often with cloud integration and industrial IoT devices.
As Joe put it, “Connected devices bring productivity gains, but also new levels of security consideration.”
That connectivity has blurred the once-clear boundaries between factory floor systems and IT networks. Attackers can now exploit weak spots at every layer—from programmable logic controllers (PLCs) to human-machine interfaces (HMIs), SCADA systems, and even the cloud.
Why the Purdue Model Falls Short
The Purdue Security Model, long a foundation for industrial security, assumes clear segmentation between these layers. But in an era where a single sensor might communicate via Bluetooth, Wi-Fi, or cellular, those boundaries collapse.
Attackers no longer need “write access” to cause harm. Even read-only access—like viewing operational data or production schedules—can provide immense competitive or geopolitical advantage.
Example: Knowing how much of a certain alloy a manufacturer has in stock could reveal supply chain bottlenecks or production delays.
Compliance vs. Security: A Distinction that Matters
Too many organizations still approach cybersecurity as a checkbox exercise. Standards like IEC 62443, developed by the ISA and IEC, help guide secure industrial automation practices—but they’re only as good as the commitment behind them.
Joe cautioned that “checkbox compliance” misses the point. Security should be viewed as an extension of software quality and operational excellence.
Secure by Design Starts in Development
Building security into the software development lifecycle (SDLC)—from coding and testing to patching—is essential. Companies that automate and embed these processes don’t just produce safer software; they create better products, faster.
Extending the Life of Legacy Systems
Many industrial environments still rely on legacy systems with equipment that can’t easily be replaced or updated. These older devices, often running outdated firmware, represent some of the most vulnerable points in a factory’s network.
Memory Safety to the Rescue
Joe explained how memory safety protections can extend the secure life of legacy systems without requiring new software agents or hardware upgrades.
RunSafe’s Load-Time Function Randomization provides runtime protection that prevents exploitation even when patches aren’t available—adding security without disrupting operations.
“You can extend the life of legacy systems by applying memory safety protection in a way that doesn’t add software or slow them down,” Joe said.
That’s not just risk mitigation—it’s cost savings, uptime assurance, and long-term resilience.
Seeing the Whole Picture: From Software Supply Chain to Factory Floor
Securing smart factories also requires a focus on understanding the entire software supply chain. To protect devices, you need to know what software is built into each one.
Manufacturers, suppliers, and customers each play a role in ensuring the integrity of the products they build and deploy.
Joe recommends evaluating partners and suppliers based on:
- Governance and internal security policies
- Compliance with standards like IEC 62443
- Awareness of known threat actors and their tactics
- Transparency in Software Bill of Materials (SBOMs)
- Differentiation through resilient product design
RunSafe’s recent Medical Device Industry Report showed similar trends. Organizations are starting to reject insecure products altogether, even when they meet performance requirements. That mindset shift is now reaching industrial automation.
From “Good Enough” to Resilient by Design
The conversation ultimately returned to a core truth: Security isn’t about perfection—it’s about resilience.
When software is developed securely, vulnerabilities are reduced. When runtime protections are added, attackers are denied an easy path to exploit. And when organizations collaborate across the software supply chain, entire industries become more secure.
“Security isn’t a checkbox—it’s a reflection of quality,” Joe reminded listeners.
Take the Next Step: Secure Your Industrial Systems
RunSafe Security protects embedded software across critical infrastructure, delivering automated vulnerability identification and software hardening to defend the software supply chain and critical industrial systems without compromising performance or requiring code rewrites.
Learn more about how we do it in this case study: “Vertiv Enhances Critical Infrastructure Security for Embedded Systems with RunSafe Integration.”
