New standards in cybersecurity: HB-Therm integrates security by design in product development

“Security by design was a key part of our development strategy from the outset. Thanks to the support of bbv in developing the Thermo-6 series, we were able to expand our market leadership and offer our customers a state-of-the-art product experience.”

Andreas Steiner, Team Leader Software Engineering, HB-Therm AG

HB-Therm AG, based in St. Gallen, Switzerland, is one of the world’s leading manufacturers of temperature control units for the injection moulding process, which is used primarily in plastics processing. HB-Therm has been the epitome of innovative temperature control technology for the highest quality standards since 1967.

The company wanted to set new standards with the new “Thermo-6” generation of temperature control units and faced the challenge of completely overhauling not only the hardware but also the software.

One thing was clear to HB-Therm from the outset: it wanted to not only set the technical standard in the industry but also integrate the highest security standards in order to be armed against potential cyber attacks.

The time-to-market had to be met, while at the same time consistently implementing security by design.

Robust software architecture and security concept with bbv

HB-Therm needed a robust software architecture that integrates state-of-the-art industry communication standards such as OPC UA and guarantees secure processing and storage of data.

bbv supported HB-Therm from the outset in developing the software for the entire Series 6 ecosystem. The focus was on creating a clean system architecture and integrating security by design right from the first architectural diagram. That included:

• Laying the groundwork: Developing a cloud solution, a gateway and mobile applications (Android and iOS) to control and monitor the temperature control units.
• Developing a security concept: Documenting the software architecture and creating a detailed data flowchart. Holding workshops lasting several days on risk analysis (STRIDE) and assessment (DREAD) of the identified risks.
• External review: Commissioning an external penetration test to review security measures before the final release and identify and resolve vulnerabilities.

Added value for HB-Therm AG

Long-term security and market leadership: Through the close collaboration and holistic approach of bbv, HB-Therm was able to not only launch the new temperature control units on schedule and securely but to also implement long-term security strategies.

HB-Therm benefits from:

• Security guarantee: By integrating security by design and carrying out an external penetration test, HB-Therm was able to ensure that the new devices meet the highest security requirements.

• Improved planning and transparency: The detailed documentation and the risk analyses led to an improved planning and a deeper understanding of the interdependencies within the development infrastructure.

• Gain in reputation: With a secure product group, HB-Therm was able to strengthen its position as an industry leader and further develop its customers’ confidence. The security measures are advertised as an outstanding feature, which has a positive impact on the brand image.

The collaboration with bbv enabled HB-Therm to successfully meet the challenges of time-to-market and security by design. Through a carefully planned and implemented security strategy, HB-Therm was able to launch Series 6 on schedule and securely, while at the same time creating sustainable added value for its customers.

Our services in the project