by Gary Mintchell | Jul 20, 2021 | Automation, Business, News, Sensors
Funding isn’t my primary interest, but this one has interest because of all the hype around artificial intelligence (AI). I continue to see articles in major media that imply that AI is a sort of Star Trek technology rather than something we’ve been using for 30 years or so. However, Neurala has been feeding me a lot of news this year about advances in its vision AI software. Now it has more money to further its development.
Neurala, the leader in vision AI software, announced that it has raised $12 million in funding to advance the development of vision AI for manufacturing. The round, led by Zebra Ventures and Pelion Venture Partners, with participation from Draper Associates, Friulia, AddValue, 360 Capital Partners, Idinvest Partners, Cougar Capital, and industrial investors IMA and Antares Vision, brings the total invested in Neurala to $26 million.
The funding will enable Neurala to evolve and accelerate adoption of its vision AI in the industrial and manufacturing sectors on a global scale, as manufacturers increasingly prioritize automation as part of Industry 4.0 initiatives.
Neurala is a pioneer in vision AI for manufacturing. Built on the company’s deep AI expertise, Neurala’s VIA software delivers an integrated solution designed to help manufacturers improve quality inspection on the production line. With VIA, manufacturers are empowered to answer the call for increased productivity, accuracy and speed.
In the last twelve months, the company has increased its capacity to identify and resolve problems in manufacturing facilities through expert system integrator partners and well-entrenched suppliers. In addition to expanding its work with system integrators threefold, Neurala has also worked with an ever-growing number of OEMs, including investors IMA, IHI Logistics & Machinery and FLIR, to deliver easy-to-use AI solutions that will improve the speed and efficiency of inspections at a price point that makes them affordable for a wide range of customers.
The funding comes at a time when manufacturers are increasingly focused on AI and automation as a key tool in their ability to adapt to new realities established by the pandemic. With this funding, Neurala will be able to evolve VIA to make it more efficient for a wider range of applications and use cases.
“This past year we were able to turn a global crisis into an opportunity to both completely transform our business and to catalyze much-needed innovation in the AI space,” said Max Versace, CEO and co-founder of Neurala. “There was always an opportunity for AI and automation to improve manufacturing, but the pandemic really accelerated the industry’s willingness to embrace the technology. Our team has worked relentlessly over the last year to introduce VIA to partners and customers across the globe, and now that the world is ready to embrace it, we are ready to deliver it. The funding will enable us to do that at a much greater scale that meets the demand we’re seeing in the space.”
This funding comes on the heels of the launch of Neurala’s subsidiary, Neurala Europe, based in Trieste, Italy. The new capital represents the next phase of growth for Neurala as it will be used to expand upon its newfound global presence as the company continues to help manufacturers around the world harness the power of vision AI.
“Today’s manufacturers are leveraging AI and automation to address challenges such as production constraints, supply chain disruptions, and imperfect workforce availability,” said Tony Palcheck, managing director of Zebra Ventures. “Zebra Technologies is proud to invest in Neurala as it commercializes VIA software to enable faster, more cost-effective, easy-to-deploy solutions for customers looking to improve their decision making and productivity on the production line.”
“As a long-time investor in Neurala, we have always recognized the power of its technology to enable smarter, autonomous decision-making in real-world scenarios,” said Ben Lambert, General Partner at Pelion Venture Partners. “Now we’re seeing a significant impact as Neurala has focused on applications in industrial and manufacturing. There’s a big opportunity for Neurala to grow that presence, not only in the US, but in Europe, Asia and beyond. We are excited to support the Neurala team in that journey as we know that it has the right team, the cutting-edge technology, and the global reach to capitalize on this significant market opportunity. “
by Gary Mintchell | Jul 19, 2021 | Automation, Marketing, Robots
I guess we have entered the post-pandemic era. Universal Robots is taking its latest technology on tour this summer. By the time I got to this news item, the first date was passed. If you are close to one of these areas, check out this cool technology.
Automating machine loading traditionally means integrating conveyors, bowl feeders, custom trays, shaker tables or various other components and processes. These approaches can lead to a range of obstacles and challenges, including complex programming and setup, poorly-utilized manpower, inefficient machine utilization and decreased output.
ActiNav changes all that, combining intelligent vision and sensor software with the autonomous motion control of Universal Robots’ world-leading cobots in one seamless Application Kit that solves the random bin picking challenge in machine tending applications. To give manufacturers an opportunity to experience ActiNav hands-on, Universal Robots and its partners are now hosting live demos, inviting attendees to bring their parts to be picked, experiencing how easy it is to set up a sophisticated machine loading system.
“We want manufacturers to experience in person the “wow factor” as they see ActiNav effortlessly pick their randomized parts and place them correctly in a designated place,” says Bryan Bird, Regional Sales Director for Universal Robots’ North America division. “We look forward to working with our partners in providing this unique experience.”
The ActiNav Tour dates are hosted by Universal Robots partners and systems integrators on the following dates and locations:
FPE Automation: July 13, Elk Grove Village, IL
Southwestern PTS: July 22, Coppell, TX
NEFF Wisconsin: August 3, Mequon, WI
CIMTEC: August 5, Charlotte, NC
Shaltz: August 10, Flint, MI
In addition to meeting ActiNav on tour, manufacturers can now leverage an expanded network of ActiNav Solution Providers (ASPs), a vetted and carefully selected group of systems integrators across the U.S. to deploy the next-generation machine loading solution. Joining the ASP network are:
Muratec, Charlotte, NC, PCC Robotics, Germantown, WI, Computech Manufacturing Company, Washington, MI, and PrecisionForm Inc., Lititz, PA.
Bird explains that UR’s selection process focused on integrators with expertise in both vision and robotics, that deliver superior value, and on time/on budget projects for customers.
Dan Carney, General Manager at Wisconsin-based PCC Robotics, is looking forward to sharing the benefits of Actinav with manufacturers in his region. “As a systems integrator we find parts staging to be a key component of nearly every application,” he says. “We have reviewed a number of bin picking offerings and ActiNav is simply in a different class.”
by Gary Mintchell | Jul 16, 2021 | Automation, Security
Security and industrial control system vulnerabilities spurred many news releases and PR inquiries offering quotes given the wide publicity of the latest ransomware attacks hitting industrial infrastructure. A zero day disclosure of multiple vulnerabilities in Schneider Electric’s industrial control systems (ICS) exemplifies the real-world struggles facing the critical infrastructure ecosystem.
I first met Marty Edwards when he was with Idaho National Labs. He’s now with Tenable and wrote this blog post regarding the Schneider Electric vulnerabilities. At the end of the post is a statement from Schneider Electric about its situation.
Quoting from the post:
The vulnerabilities — which affect the company’s EcoStruxure Control Expert, EcoStruxure Process Expert, SCADAPack REmoteConnect x70 and Modicon M580 and M340 control products — pose several risks, including the possibility of complete authentication bypass, arbitrary code execution and loss of confidentiality and integrity.
Tenable’s Zero Day Research is one of several vendors to have disclosed vulnerabilities to Schneider via standard disclosure practices and you can view our technical report here. Although we are strong proponents of full disclosure, in this case we have chosen to withhold certain specific technical details from our public disclosure documents. Operational Technology (OT) systems have yet to advance their security posture to be on par with their IT counterparts, and as such this is a rare situation where full disclosure shouldn’t be followed. In our view, the risk of successful in-the-wild exploitation was too great and the critical infrastructure at risk was too sensitive for us to proceed with full disclosure with patches months away from being released by the vendor.
The factors surrounding the Schneider disclosure highlight the many challenges involved in securing critical infrastructure. Industrial control systems and other technologies used in the operational technology environment are notoriously difficult to develop patches for and deploy. Why? Because systems have to be taken down and thoroughly tested each time an update is made. Yet, the existing operating models for most OT environments, such as power plants, gas pipelines, manufacturing plants, leave little margin for downtime. It’s clear that more discussion industry wide is needed to determine whether the vendor parameters used for zero day disclosures in IT environments are appropriate for critical infrastructure.
Addressing potential solutions, Edwards continues:
We believe it’s incumbent on the broad range of international stakeholders — including government bodies, law enforcement agencies, researchers, vendors and the owners and operators of critical infrastructure facilities — to prioritize global collaboration with an eye toward developing best practices for securing OT systems that can be applied regardless of geography.
We believe these discussions need to recognize that OT vendors and operators have much to learn from their IT counterparts and need to become more adept at developing and managing the software underpinning crucial systems. Make no mistake — the onus does not fall solely on the owners and operators of critical infrastructure environments. Vendors need to be held responsible for continually bug hunting and doing quality assurance on their own software, dedicating resources to effectively managing vulnerability disclosures and speeding up update release times.
Further:
In the U.S., we’ve already seen positive movement in the form of the May 12 Executive Order on Improving the Nation’s Cybersecurity from the Biden administration, which calls for software supply chain security guidance to incorporate vulnerability disclosure programs, and the May 18 White House fact sheet, which states “[c]ybersecurity is a core part of resilience and building infrastructure of the future.”
He offers these immediate actions we can take:
Three action items for securing critical infrastructure environments
There is no magic bullet for securing OT environments. Just as with IT security, it comes down to nailing the basics. And we’re well aware that the simplicity of the guidance belies the complexity of actually implementing the recommendations. Nonetheless, we believe these action items bear repeating, as they are foundational to any sound cybersecurity strategy, particularly when systems cannot be updated:
- Implement a defense-in-depth posture. Critical infrastructure environments cannot rely on the security of any given device. Organizations need to implement a robust security architecture with compensating controls to protect the devices that are most at risk.
- Develop strong governance and disaster recovery policies. These are essential for dealing with ransomware and other forms of cyberattack, and must take into account not just the technologies but also the people and processes in place in any given organization. Exercise and test your backup plans before you need them. Because the cyber skills shortage is particularly acute in OT environments, achieving this level of governance remains challenging for many organizations.
- Choose technologies wisely. Without the right people and policies in place, it’s impossible to get the full value out of any technology you purchase. At the same time, there are certain capabilities to seek out in your technology choices. For example, the OT environment requires the same level of real-time, continuous analysis as can be found in the IT world. OT operators need to implement technologies that give them the kind of detection and recovery capabilities necessary to circumvent sophisticated threat actors.
Schneider Electric has also provided the below statement about the disclosure. If you have any questions for their team, please reach out to [email protected] and Thomas Eck [email protected].
“Recently, multiple cybersecurity research firms made available to Schneider Electric the research they had performed on the cybersecurity of industrial PLC engineering software EcoStruxure Control Expert. The research intended to demonstrate the theoretical possibility of compromising industrial controllers under certain conditions, such as when an attacker has already compromised the engineering workstation or has unauthorized access to the targeted controller network.
Schneider Electric is committed to collaborating openly and transparently. In this case, we have collaborated with these researchers to validate the research and to assess its true impact. Our mutual findings demonstrate that while the discovered vulnerabilities affect Schneider Electric offers, it is possible to mitigate the potential impacts by following standard guidance, specific instructions; and in some cases, the fixes provided by Schneider Electric to remove the vulnerability.
As always, we appreciate and applaud independent cybersecurity research because, as in this case, it helps the global manufacturing industry strengthen our collective ability to prevent and respond to cyber-attacks. Working together has allowed us to improve our understanding of potential weaknesses in EcoStruxure Control Expert. It enabled us to disclose this vulnerability in a timely, responsible manner so that our customers and end-users can better protect their operations, assets, and people. Together, we continue to encourage the ecosystem of automation suppliers, cybersecurity solution providers, and end-users to collaborate to reduce cybersecurity risks; and support our customers to ensure they have implemented cybersecurity best practices across their operations and supply chains.”
by Gary Mintchell | Jul 15, 2021 | Edge, Internet of Things, Manufacturing IT, Operations Management
Jason Shepherd, Ecosystem VP, has been busy building this edge ecosystem and took time to chat with me about this news from ZEDEDA. The bullet points below summarize. First, I thought I do a reminder about “edge orchestration”, the core of ZEDEDA’s offering. Essentially edge orchestration makes it easier (on the typical engineering scale of easy) to build management and security of hardware and applications as you build out your IoT system.
Partnerships are a growing trend, and this release details several both with commercial companies and with consortia. Google Cloud makes another appearance on my blog, as well. As I’ve said, these enterprise cloud services are getting very interesting. This release focuses on the energy vertical. Look for additional focus industries coming in the future.
- Google collaboration to leverage ZEDEDA’s expertise in distributed edge computing
- Additional partnerships include Juniper Networks, Advantech, Dianomic and the IOTA Foundation
- ZEDEDA joins LF Energy, OSDU and Project Alvarium to advance open collaboration to address industry challenges
The energy industry is undergoing rapid evolution as it adjusts to sweeping changes in everything from aging infrastructure to an imbalance in traditional ways consumers use and produce energy.
To address this complex equation, ZEDEDA, the leader in orchestration for the distributed edge, today announces significant advances in three key areas—partnerships, industry consortiums and a developer program—that position open collaboration as a key enabler for the industrial market, including companies looking to address the macro trends in the energy space.
ZEDEDA will provide its zero-trust, cloud-based orchestration solution for distributed edge computing to help Google Cloud customers securely scale deployments of any edge application, including AI/ML, on choice of hardware. This is in response to the growth of cloud infrastructure in industrial markets for centralized data storage and management, cross-facility analytics and visibility, and hyperscale compute capabilities to augment workloads deployed at the edge.
Together with joint edge application partners like Dianomic, customers will be able to drive new efficiencies through insights derived from edge environments. While the solution is horizontal in nature, the partnership is placing an initial focus on the energy space with target edge assets, including wind turbines, solar farms, and more.
“We see a number of edge use cases for multiple industries, including energy, that can be addressed with this Google Cloud partnership,” said Said Ouissal, ZEDEDA founder and CEO. “Our zero-touch provisioning and simplified lifecycle management enable businesses to start realizing business value with Google Cloud together with choice of edge hardware and applications.”
“As high-speed connectivity grows, organizations with presences at the network edge stand to benefit from low-latency access to business applications and cloud capabilities that can help modernize business processes, manage data, and more,” said Tanuj Raja, Global Head, Strategic Partnerships at Google Cloud. “We’re excited that ZEDEDA will make its edge orchestration capabilities available with Google Cloud, helping enable greater access to these applications and capabilities for customers across industries.”
In addition to its recent partnership with Agora, ZEDEDA has added additional partnerships to support energy customers facing key challenges such as digitizing legacy infrastructure, remotely monitoring critical assets, and balancing the grid with unpredictable renewable energy sources. Those partnerships announced today include:
- Juniper Networks: a joint offering for secure-edge computing with Juniper’s Session Smart Router and the vSRX Virtual Firewall secure networking capabilities on top of ZEDEDA’s zero-trust edge orchestration foundation. Together, ZEDEDA and Juniper provide customers with the simplicity of cloud orchestration and the flexibility of either backhauling data to the cloud or keeping it on-prem.
- Dianomic: an edge application platform for Industrial IoT use cases. ZEDEDA’s edge orchestration solution simplifies secure deployment of Dianomic’s FogLAMP platform and management of the underlying hardware.
- IOTA Foundation: a key collaborator for Project Alvarium, focused on facilitating trust in interconnected ecosystems through its feeless Distributed Ledger Technology (DLT). IOTA is leading a number of decentralized, innovative projects in the energy space.
“We are pleased to be working with ZEDEDA to provide advanced solutions for the energy sector,” said Karen Falcone, Sr. Director of Enterprise Marketing at Juniper Networks. “Combining our broad networking experience, including software-defined capabilities with the Juniper Session Smart Router and the vSRX Virtual Firewall with ZEDEDA’s Zero Trust architecture, provides customers with a robust security foundation for any mission-critical use cases within the energy vertical and beyond.”
“Together, Dianomic, ZEDEDA and Google deliver a complete Industry 4.0 edge stack built on an open-source foundation,” said Tom Arthur, CEO at Dianomic. “The energy industry faces new challenges as its generation and storage systems become massively distributed. Combining Dianomic’s FogLAMP for edge application development and data acquisition with ZEDEDA’s secure orchestration solution and Google’s state-of-the-art ML and cloud services delivers a robust and flexible foundation for edge computing challenges in industrial use cases.”
ZEDEDA is also increasing focus with Advantech as a strategic hardware partner for the energy space due to its broad portfolio of edge computing offerings, including models with C1/D2 certification for critical environments and new NVIDIA Jetson-enabled boxes to power edge AI.
“We are always looking for new and innovative ways to make edge computing solutions easier, more efficient, and more secure for customers in an industry that is seeing tremendous change,” said Jeff Brown, Sr. Sales Director for Advantech’s Industrial IoT Group. “Working with strategic, domain-focused partners such as ZEDEDA and Dianomic allows us to do just that. Advantech has one of the broadest hardware portfolios in the market, and our expansive Class 1, Division 2 product line allows for reliable, rugged solutions in remote and hazardous locations. We are thrilled to be a part of this ground-breaking group that’s putting digital transformation into the hands of the energy industry.”
Collaboration with PVHardware
ZEDEDA continues to make great progress with energy customers, recently closing a win with PVHardware. The company is using ZEDEDA’s orchestration solution to deploy and manage edge hardware and applications that aid in tracking the sun to maximize power generation.
“As we looked to leverage edge computing to help maximize power generation, we needed a solution to securely scale deployments in solar plants, including the ability to remotely manage the overall deployment lifecycle,” said Ivan Arkitpoff, CTO at PVHardware, “ZEDEDA provided us with a solution that makes it easy to deploy hardware and applications in the field and perform fail-proof updates from the cloud without having to send a technician out to the plant.”
ZEDEDA Joins Industry Consortium Groups LF Energy, OSDU and Project Alvarium
The emerging trends that face the energy industry are so wide-ranging that they require industry collaboration to address. ZEDEDA has joined several industry consortiums to drive standards via open source:
- LF Energy, a Linux Foundation project, is seeking to accelerate the energy transition of the world’s power and transportation systems through open-source technology. As a member, ZEDEDA will work with the LF Energy community to integrate EVE-OS into its reference architecture.
- The OSDU Forum, part of the Open Group and focused on developing an open, standards-based foundation to accelerate innovation in the energy space. ZEDEDA and Dianomic are assisting in building a proof-of-concept for OSDU’s edge computing reference architecture leveraging EVE-OS and Fledge from LF Edge, with more open-source efforts to be integrated over time.
- Project Alvarium, an emerging project within the Linux Foundation, is focused on enabling data confidence through the concept of trust fabrics. ZEDEDA is collaborating with Dell, the IOTA Foundation, Intel and other industry leaders to formally launch the project, with energy being an initial focus vertical.
“ZEDEDA’s capabilities enable zero-touch deployments of IOTA and Project Alvarium, creating scalable connective fabrics at the edge,” said Mat Yarger, Head of Smart Mobility at the IOTA Foundation. “This can enable a peer-to-peer utility of data in the energy sector, which has massive implications to address critical problems with grid management and oversight. It will also allow new business models around electric vehicles and smart grids to thrive, as well as the realization of new asset structures. All with trust being ingrained in how these systems operate.”
To learn more about how ZEDEDA is partnering with Google Cloud and Dianomic on edge solutions, register for ZEDEDA Transform 2021 on August 18-19. This free online event brings together experts from across the edge computing and IoT landscape to discuss today’s trends, challenges and opportunities. (Shameless self-promotion plug, you might find me among the participants there.)
by Gary Mintchell | Jul 15, 2021 | Networking, News, Security
Chris Grove, security strategist for industrial control systems (ICS) for Nozomi Networks Labs, recently talked with me about the latest research they’ve conducted. The important takeaways concern the rise of ransomware, increased targeting of industrial control systems, and (surprisingly to me) vulnerability of networked security cameras.
The report finds attacks are driven largely by the emergence of Ransomware as a Service (RaaS) gangs that are cashing in on critical infrastructure organizations. Analysis of rising ICS vulnerabilities found critical manufacturing vulnerabilities was the most susceptible industry while a deep dive into IoT security cameras highlights how quickly the attack surface is expanding.
“Colonial Pipeline, JBS and the latest Kaseya software supply chain attack are painful lessons that the threat of ransom attacks is real,” said Nozomi Networks Co-founder and CTO Moreno Carullo. “Security professional must be armed with network security and visibility solutions that incorporate real time threat intelligence and make it possible to quickly respond with actionable recommendations and plans. Understanding how these criminal organizations work and anticipating future vulnerabilities is critical as they defend against this unfortunate new normal.”
Nozomi Networks’ latest “OT/IoT Security Report,” gives cybersecurity professionals an overview of the OT and IoT threats analyzed by Nozomi Networks Labs security research team. The report found:
- Ransomware attacks rose 116% between January and May of 2021.
- Average ransom grew 43% to $220,298 – with payments expected to reach $20 billion this year
- Analysis of DarkSide, REvil and Ryuk highlight the growing dominance of RaaS models
- REvil set a new record for ransom demands, surpassing $50 million – the infamous RaaS also successfully executed a supply chain attack – tactics typically only seen from sophisticated nation-state actors.
- ICS-CERT vulnerabilities increased 44% in the first half of 2021
- Vulnerabilities in the critical manufacturing sector rose 148%
- The top 3 industries affected included critical manufacturing, a grouping identified as multiple industries, and the energy sector
- Software supply chain-related vulnerabilities continue to surface – as do medical device vulnerabilities
- With more than a billion CCTV cameras expected to be in production globally this year, insecure IoT security cameras are a growing concern. The report includes an analysis of the Verkada breach and security vulnerabilities in Reolink cameras and ThroughTek software – discovered by Nozomi Networks Labs.
“As industrial organizations embrace digital transformation those with a wait and see mindset are learning the hard way that they weren’t prepared for an attack,” said Nozomi Networks CEO Edgard Capdevielle. “Threats may be on the rise, but technologies and practices to defeat them are available now. We encourage organizations to adopt a post-breach mindset pre-breach and strengthen their security and operational resiliency before it’s too late.”
