How Thales' Welsh cyber-centre is helping industry partners secure tomorrow's technologies

At a new "cyber-range" testing facility in Ebbw Vale, Wales, defence and aerospace giant Thales is helping industry partners secure their future technologies against the threat of cyber-attacks. Melissa Bradshaw reports.

Inside Thales' cyber-lab
Inside Thales' cyber-lab - Thales

Situated among the sprawling valleys in Ebbw Vale, South East Wales, the National Digital Exploitation Centre (NDEC) sits in the home of the town’s former steelworks site.

You could say this is a reasonably fitting location for a technology campus dedicated to protecting industry, considering its contribution to the industrial revolution. 34,000 people were employed at the Ebbw Vale Steel, Iron and Coal Company during its peak — but the steelworks suffered the hit of The Great Depression as the town’s industrial hub suffered liquidations and layoffs. Eventually, in 2002, it was closed down for good.

Instead, the site now hosts a ‘cyber range’ testing facility and education centre that serves to help secure the next-generation technologies that industry needs to thrive in an increasingly digital and automated world.

Cyber threats continue to evolve, increasing in sophistication as the ‘smart’ technologies we use in manufacturing and beyond continue to modernise. A report published last year by manufacturing industry body Make UK revealed that 47 per cent of Britain’s manufacturers had been the victim of cyber-crime in the previous 12 months, with 62 per cent revealing that cyber attacks had cost their business up to £5,000 — for 22 per cent, this rose to between £5,000 and £25,000.

Through its work alongside industry and academic institutions, NDEC wants to build a ‘cyber centre of excellence’ that can provide awareness and help implement the necessary measures to shield industry from attacks.

A £20m joint investment launched in 2019 by Thales, the Welsh government and the University of South Wales, NDEC works closely with manufacturing companies to secure automation systems used in industry, which are becoming increasingly complex and ‘intelligent’ in nature.

NDEC and Resilient Works' Ebbw Vale HQ -

Leanne Connor, business manager at Thales Ebbw Vale and NDEC explained that the centre was born out of a recognition that the cyber cluster in Wales was strong, therefore there was a big opportunity for Thales to establish a footprint as it had done in the rest of the UK.

“It started off with me as the first employee and now we’re up to about 20 people,” Connor said. She told The Engineer that cybersecurity in schools, as a career path, was low on the agenda, with very limited levels of knowledge for students.

“Our education work sets out to encourage teaching staff and students to consider the option of cybersecurity as a career path, because it cuts across such a spectrum of industries,” she said. “We’re now working with 100+ schools in South Wales and we’ve got activities [for students] from the ages of seven right the way through to PhD [level] ... we’ve got a continuum of activity to maintain that interest and build that skills and talent pipeline.

“The landscape is ever evolving and as an academic organisation, how you keep up with that I’m not sure — I think potentially more vocational learning will be required, because you’ll need to be in environments like this with real-life equipment, with the most recent threats, and it’ll have to be quite fluid in terms of industry and the cyber attacks of today. They’re becoming more and more sophisticated, we’ll need the R&D looking at the future and then how we’re dealing with the attacks now.”

The latest development to join NDEC at the site this year is the £7m ResilientWorks lab, jointly funded by Thales and the Welsh government’s Tech Valleys programme with a research contribution from Cardiff University.

ResilientWorks is aiming to provide a living laboratory where autonomous vehicle manufacturers and energy companies can test and develop their technology to strengthen its cyber ‘resilience’.

With a focus on connected autonomous vehicles (CAV) and critical national infrastructure (CNI), the development features research laboratories and an autonomous vehicle test track. Projects are exploring challenges including improving vehicle communications and location accuracy, resilience of battery management and vehicle-to-grid charging, training of artificial intelligence (AI) algorithms and simulation of Micro Grids.

Thales is working with autonomous vehicle specialists like Aurrigo to help secure the technology from hackers -

The concept of resilience is something that has always been embedded in engineering, said Kirsty Perrett, cyber network engineer at NDEC and a PhD student at the University of South Wales.

“Resilience is about the ability to adapt, evolve,” Perrett said. “Sometimes you have to be reactive to something, sometimes you have to be proactive, especially in systems engineering.

“Where things are moving so fast with digital technology and Industry 4.0, with all these interconnected assets, I think we think of it as something new. But it’s not something new, it’s something we would have done before. Resilience for me is just about moving forward.”

For manufacturing companies, this isn’t always such a big step, said Thales Ebbw Vale engineering manager Dene Yandle — often, it is the simple steps that can enable business continuity for the sector. Drawing on years of engineering and systems design experience in industries spanning automotive to nuclear, Yandle’s focus is now on how sectors such as these can become more robust in the face of threats.

“The big piece of the jigsaw that we now miss is how cyber impacts that resilience. What doors have now opened because we’ve got this massive explosion of data?”

He explained that there’s a lot of data in the manufacturing sector which ends up being forgotten about — we know what data exists in the IT sector, he pointed out, and we know that information is secured. But this information is replicated in the automation and operational technology (OT) segment, and no longer treated as securely as it is in the IT world.

“Something we’re working with companies to do is take their equipment, replicate it here physically, and then we can probe and prod it from a cybersecurity aspect,” Yandle said.

With this ‘ethical hacking’ capability, the facility can help companies prepare for the outcome of a potential cyber attack, gain awareness of what that could look like and how they can put devices and security around their technology to secure it from the outside, he explained.

One fairly recent example of how this cyber vigilance is absolutely crucial in the context of critical national infrastructure is the 2021 attack on a water treatment plant in Oldsmar, Florida. Having managed to remotely gain control of the plant’s software, a hacker with unknown motives made an attempt at increasing the levels of sodium hydroxide in the water supply from 100 parts per million to 11,100 parts per million — an increase that, had it been successful, would have been extremely dangerous to public health.

Thankfully, the attack was prevented and the action was quickly reversed by an operator who had picked up on the attempt. But news of the breach will have come as a stark reminder to engineers working in critical national infrastructure of the consequences that could arise from neglecting the security of their networks.

Rather than being a model in a simulation, as in a digital twin concept, cyber engineer Perrett explained that having that real physical connection to the company’s actual kit in a simulated capacity can allow for a higher probability of true fact — a digital twin isn’t exposed to environmental issues, she pointed out, such as an engineer plugging something into the machine without realising there’s malware on their USB.

Cybersecurity is a growing priority for manufacturers -

Without wanting to ‘scare’ people in the engineering sector, she said, the goal is simply to increase awareness of how cybersecurity practices can be embedded from the very beginning.

“We don’t want to prevent [people] from evolving or keep them behind, what we want to do is make them aware that complexity comes from interconnected systems, and the more systems you connect, the more links or possibilities you get,” she commented.

“We just need to rethink risk, to include security, not leave it out. Because security should be a friend of yours instead of the guy on the door not letting you in — it shouldn’t be an obstacle.

“Security and safety come in as friends, not seeing each other as enemies. As soon as they start working together you’ll see the digital transformation transforming better. We’ve got a real opportunity to get in now, because we’re at the forefront of digital transformation with companies willing to spend money to improve their efficiency and productivity.”