Capturing and controlling reliable production line data is the great mystery underlying the fulfillment of the promise of the Industrial Internet of Things (IIoT). Beyond storage solutions, the data that’s available on machines hasn’t been communicated correctly with business systems. Accepted solutions for data exchange create organizational conflicts and security issues that raise difficult barriers.
Security concerns about exchanging data are shared by operational technology (OT) and information technology (IT) departments, but they are different in nature. Replacing industrial PCs on the production line with an MES gateway appliance provides the end-to-end security necessary for both OT and IT approval. By isolating OT and IT systems, rather than converging them, an MES gateway appliance provides the production line data exchange that manufacturers have been wanting for so long.
You may have heard of Industry 4.0, the IIoT or smart manufacturing. These terms apply to cyber-physical systems—the so-called fourth industrial revolution. The first industrial revolution was characterized by mechanization, water power, and steam power; the second by mass production, the assembly line and electricity; and the third by computers and automation. Rather than a revolution, Industry 4.0, IIoT or smart manufacturing are merely an evolution of computers and automation.
The IIoT is not a new concept. It used to be called telemetry or data acquisition or supervisory control. Very few in industry plan on sending their proprietary sensor data to the cloud instead of to a machine’s programmable logic controller (PLC), but there is profitable opportunity in smart manufacturing. Manufacturers can use their existing technology to improve monitoring and control, and deploy manufacturing’s data communications more broadly…if it were connected correctly.
Smart manufacturing deployment is radically simplified with an MES gateway appliance. A dedicated MES gateway appliance used to connect manufacturing’s OT with administration’s IT eliminates the need for industrial PCs and OPC middleware from the factory floor—and all the complex and compromising connection issues that come with them.
We walk around with pocket-sized devices that allow us to work and play anywhere we choose. So why is it so hard for a production manager to have the same simple connection with their production floor? PCs on the production floor prevent the acquisition of the machine data needed to meet quality assurance (QA) and overall equipment effectiveness goals. Engineers responsible for OT, and IT professionals responsible for system administration, cannot take ownership of a PC on the production line because of the natural conflict between the two systems’ responsibilities and expertise.
First, the engineer’s point-of-view must be considered. The $13-million McLaren F1 supercar made the news recently. Its controls were manufactured to be totally dependent on a made-to-order CA card in a Compaq laptop from the early 1990s. To most people, this news is an absurd story of incompetence. To engineers managing process and production, tackling legacy systems are commonplace. QA is ensured through systematic methods to maintain defined control parameters. Once they’re validated and in place, processes are not to be tinkered with. All stages of a production line that are passing and failing parts rely on decades of legacy automation systems. Each device used in production is part of an interdependent system. Systematic methods maintain defined control parameters for QA. Any component to be added to the process must comply with the web of solutions for which engineers are responsible for and must not interfere with engineers’ QA responsibilities.
Now, let’s consider production line data exchange from the IT perspective. In June 2010, a tiny company in Belarus received a complaint about a software glitch. Detectives found a virus named Stuxnet. Unlike viruses and worms on the Internet, this one was not trying to steal passwords, identities or money. It crawled from computer to computer, around the world, looking for a network using a specific device, a Siemens S7 300 PLC. The virus was designed to speed up the motors past their safety limits so as to damage the centrifuges in a nuclear plant. Operators couldn’t see any damage because the virus was disguised from supervisory control—the plant’s PC-based supervisory control and data acquisition system (SCADA).
There’s an old saw among IT professionals: “System administrators have two problems: dumb users and smart users.” Any PC in an organization is a security risk. The dominant and accepted technologies for communicating with the controls and automation level (ISA-95) on the production line are proprietary PC software and OPC middleware. Either software program is a security problem for IT because they are responsible for every PC on their network. Any PC is a security risk and must be managed to avoid hacking and system errors.
Both OT and IT disciplines manage security, change management and their data differently. The expertise of one is often in direct conflict with the expertise of the other:
- Security in OT means making sure that production is always available and online. Security in IT means total and complete confidentiality.
- Changes in OT are discouraged and infrequent. When changes are required, they are scheduled a long-time in advance to plan production accordingly. IT must make constant, and immediate security patches to protect the network.
- OT’s on/off machine data is simple, but it runs at an extremely high rate to coordinate production processes in real-time. IT’s data consists of complex operating systems and updates that run at low data rates in comparison to OT’s.
At this point, how likely does it seem that production managers are going to get their dashboard reports? No administrators want the security problem of an engineer’s PC entering their IT network, and no engineers want the process and QA risk of the office’s PCs on their OT network. But why? Aren’t they both hypervigilant about the data integrity of their networks?
Smart manufacturing has been made difficult because manufacturers are trying to converge systems that should be isolated from each other. IT protects internal servers behind firewalls, double authentication, and other safety systems. Sharing data puts trade secrets at risk. The balance is between being totally locked down and being able to function. Web services next to industrial processes are open to attack the same way Web servers are. Hackers target the weakest link in the network with the “biggest bang for their buck.”
Solving the Problem
Traditionally, software applications run on top of a general-purpose operating system, which uses the hardware resources of the computer (primarily memory, disk storage, processing power, and networking bandwidth) to meet the computing needs of the user. Security vulnerabilities are inherent to industrial PCs because common applications are always running and are accessible.
An MES gateway appliance is a computing device with special hardware and firmware built for the single purpose of translating OT devices for IT databases. Computer appliances differ from general-purpose computers, such as a desktop computer or server. They are not designed to be modified by the end-user. All functionality is “sealed in” at the factory; in essence, it’s a closed architecture.
Rather than packets of data being able to go from one network to another like a router, an appliance running a single proprietary application, like an MES gateway appliance, doesn’t pass data through the physical firewall unless the specified fields are mapped in the custom application. An MES gateway appliance isolates OT and IT networks. There are two different physical Ethernet network interface controller ports. Not only are the OT and IT networks separated by languages in the application, but the two networks are physically different from each other and cannot be bridged via software. In contrast, in Windows, firewall properties can be manipulated by hackers.
Now that overcoming IT’s security protectiveness has been addressed, engineering concerns must be addressed. Using an appliance does make it easier for the production management level (ISA-95) to begin smart manufacturing efforts in earnest, but what about OT’s security concerns? The goal is end-to-end security after all, and not IIoT security for the IT department. A secure production line means quite a different thing from OT’s perspective than it does from IT’s perspective. Viruses and malware are unable to travel through an MES gateway appliance, but what does that mean for production?
The firmware on the appliance speaks the native languages of the devices and communicates directly with them—like the older practice of station addresses before the advent of Ethernet communication on the factory floor. OT’s data consists of small packets and is meant to keep up with the real-time world of manufacturing’s event-based data, as opposed to the polling nature of large IT packets used by OPC, for example.
There are two considerations inherent in reliable communication on a machine network: device languages (proprietary software) and Industrial Ethernet protocols.
An MES gateway appliance can speak in the native language of the devices. The interface of the appliance communicates in whatever language is used on the devices. Communication isn’t limited in any way because the appliance and the device are speaking in the exact same language. For an alternative example, OPC (UA) has to be added to a device for it to communicate with an OPC server and may not include all of the memory areas of a PLC. Once the machine communication is merged onto the network, IT has to write an application to work with the PLC data hosted on the OPC server.
An MES gateway appliance also uses reliable network transports. Some protocols are proprietary for machine communication (for example, DeviceNet, ProfiNet or Ethernet/IP). Others are standard, like UDP (real-time I/O control). But, what is important to understand about industrial protocols is that they don’t have the same overhead as IT network infrastructure because the network is not broadcasting when an MES gateway appliance is being used.
Because the appliance’s application translates data rather than transfers data across the OT and IT networks, end-users can design their Industrial Ethernet to suit their OT needs for real-time data, secure in the knowledge that the event-based bits of information are communicating natively and across the protocols in which they were intended.
In the past before MES gateway appliances were available for OT, the Industrial Ethernet would mirror the IT infrastructure, bringing with it latency issues, packet loss under congestion, and network security issues that interfere with the reliability of machine communication and thus, machine availability.
The final security feature for production is the quality of the data itself. The “store and forward” feature of the application buffers data, so none is lost in case of network interruptions. Data from multiple places can be combined in the appliance’s application to do calculations or stacking IP addresses, further offloading any possible network interference with the machines and simplifying network infrastructure. Stored procedures filter raw data, keeping it from being inserted directly into IT’s database or OT’s machines avoiding garbage in-garbage out scenarios.
The MES gateway appliance not only protects the confidentiality of the IT network, but simplifies the network requirements on the OT network to ensure machine availability. Organizational conflicts are satisfied so production managers are able to implement reliable data exchange with the production line, without having to depend on specialized programming.