Cybersecurity Updates for Industrial Control

Cybersecurity Updates for Industrial Control

Discussing industrial technology while ignoring cybersecurity is impossible these days. I just saw a survey that contends CEOs are more worried about cybersecurity than recession.

Note—I have been traveling for meetings and finally got my schedule together to post something. I’m also compiling my schedule for the annual ARC Advisory Group Industry Forum in a couple of weeks. If you’re going, I’d love to meet you. Send a note or a text. Maybe we can have coffee.

Schneider Electric Partners with Nozomi Networks

Schneider Electric has signed a global partnership agreement with Nozomi Networks to collaborate with Nozomi to provide customers in the industrial manufacturing and critical infrastructure segments advanced anomaly detection, vulnerability assessment, and other cybersecurity solutions and services, helping them to control, prevent and mitigate risks to their operations and business performance.

“The industry-wide transformation taking place today enables our customers to improve their business performance in ways they never imagined, but it requires them to expand connectivity across their operations, so they can extract, contextualize and apply new levels of rich data,” said Nathalie Marcotte, senior vice president, Industry Services and Cybersecurity, Schneider Electric. “However, extending connectivity also extends the attack surface for would-be cyber criminals. Therefore, cybersecurity can no longer be an afterthought. There’s too much at stake, financially and operationally. By adding Nozomi Networks to our family of partners, we strengthen our ability to help customers understand and eliminate risks and threats to their operations and assets, while reducing potential impact on their business success.”

The partnership enables Schneider Electric to respond more aggressively to immediate demand for effective, operational technology cybersecurity services, solutions and expertise in oil and gas, power, building automation and other industrial sectors. Schneider Electric will offer Nozomi Networks’ advanced solutions for industrial control system cyber resiliency and real-time operational visibility to customers worldwide. Schneider Electric will combine its EcoStruxure IIoT process automation and industrial control solutions with Nozomi’s SCADAguardian platform for real-time operations visibility, including:

  • Advanced ICS Cybersecurity Solutions: The bundled solution will deliver the deep network visibility and OT cybersecurity industry operators require in one, comprehensive and highly scalable solution.
  • Nozomi Networks SCADAguardian solution provides accurate asset discovery, superior threat detection and flexible and scalable deployment options to Schneider Electric customers.
  • Nozomi Networks Certified Consultants: Schneider Electric consultants around the world will continue to be trained as certified Nozomi Networks engineers, scaling to support clients throughout their cybersecurity solution implementation, and providing expert OT threat hunting and forensic analysis.
  • SCADAguardian Live in Schneider Electric Sites: Schneider Electric customers can experience Nozomi Networks’ real-time operational visibility and cybersecurity solutions via live threat scenarios running in Schneider Electric sites around the world.

EcoStruxure is Schneider Electric’s open, interoperable, IoT-enabled system architecture and platform.

“Years of multi-industry experience discerning the complexities of industrial control system networks, continuous innovation and expertise in artificial intelligence and machine learning have made Nozomi Networks SCADAguardian the most comprehensive, scalable and mature product in its category,” said Edgard Capdevielle, chief executive officer, Nozomi Networks. “Our partnership with Schneider Electric accelerates our joint efforts to further protect global infrastructure while helping to improve the safety, efficiency, reliability and profitability of the world’s most critical operations.”

“The digital enterprise requires a holistic security approach that not only provides safeguards, but continually assesses, manages and monitors business and operating systems, which Nozomi Networks’ solutions do seamlessly,” Marcotte said. “Addressing cybersecurity head on can’t be limited to a single company, segment or region. That is why we are committed to being open, transparent and collaborative when it comes to helping global industry prevent and respond to cyberattacks. As this partnership shows, we will continue to collaborate with industry leaders who have the technology, expertise and unique skills required to secure and protect our customers’ people, production and profits.”

Mocana Integrates with Unified Automation’s High Performance OPC UA SDK

Simplifies Replacement of OpenSSL with Mocana’s FIPS 140-2 Validated Cryptographic Engine

Mocana announced the integration of Mocana TrustPoint, the company’s embedded cybersecurity software, with Unified Automation’s High Performance OPC Unified Architecture (UA) Software Development Kit (SDK). This integration enables industrial manufacturers and operators to easily replace OpenSSL, an open source crypto library, with Mocana’s proven cybersecurity software solution that is FIPS 140-2 validated and compliant with leading industrial cybersecurity standards.

“Mocana’s embedded cybersecurity solutions are used by the largest industrial companies for mission critical systems,” said Uwe Steinkrauss, Executive Director at Unified Automation. “We’re committed to partnering with Mocana to provide the OPC UA community with solutions that are secure and compliant with industry standards.”

OPC UA is an open machine-to-machine communication platform for industrial automation developed by the OPC Foundation. The OPC UA standard enables industrial control system (ICS) devices across multiple platforms to communicate using a services-oriented architecture (SOA) including enhanced publish / subscribe capabilities. The standard is broadly used across many industries including pharmaceutical, oil and gas, building automation, industrial robotics, security, manufacturing, process control, and transportation.

By default, most OPC UA SDKs have been designed to use OpenSSL, open source security software, to handle security functions such as authentication and encryption. Besides the large footprint hindering implementation on the smallest embedded devices, OpenSSL has been shown to have thousands of vulnerabilities, a hard to maintain complex code base, and slow vulnerability remediation times. Additionally, the latest NIST 140-2 standards cannot be met by the current version of OpenSSL. As a result, industrial companies are migrating away from OpenSSL to meet cybersecurity compliance standards.

Mocana’s integration with Unified Automation’s OPC UA SDKs makes it easy to replace OpenSSL with Mocana’s FIPS 140-2 validated cryptographic engine and comprehensive device security lifecycle management platform. Mocana provides an OpenSSL Connector, a shim that transparently intercepts the device application’s OpenSSL API calls, changes the arguments, and passes them onto Mocana’s cryptographic engine without requiring any application code changes.

“Unified Automation has deep expertise with OPC UA and was instrumental in developing the OPC UA stacks, in particular the ANSI C stack,” said Srinivas Kumar, Vice President of Engineering at Mocana. “We are committed to making it easy to enable the highest level of security and device integrity for OPC UA-enabled industrial devices.”

Mocana’s proven device security solution facilitates compliance with cybersecurity standards, such as the NIST FIPS 140-2, IEC 62443, NIST 800-63, and CIP-007. Mocana and Unified Automation are members of the OPC Foundation.

Public Perceptions of Manufacturing

Public Perceptions of Manufacturing

Experts using scare tactics in order to drive page views and notoriety get daily publicity talking about “robots” taking manufacturing jobs away from people. They never even dig deeply enough even to find the broader “automation” that they really mean.

I’ve written a couple of recent posts about this including a response from Jeff Burnstein of the Association for Advancing Automation.

Digging deeper, here is a new survey by Leading2Lean that measured public perception and understanding of the manufacturing as a whole – from its economic impact to awareness of job opportunities. It found stark differences between older generations (Gen X, Baby Boomers) and Millennials.

Given a greater variety of jobs and careers today compared to when I (boomer) entered the workforce, I’d have to say the results are not dire. But they do reveal a failure of our leaders to get the word out about the importance of manufacturing to our society and the great careers that are available for people with many different levels of education and training.

A recent Manufacturing Index survey by Leading2Lean, a manufacturing software technology company and creator of CloudDISPATCH software, found that generation-affiliation significantly affected how Americans view manufacturing careers, the role of manufacturing in the U.S. economy, and the industry’s growth.

Respondents were asked if they agreed or disagreed that manufacturing jobs are important to the U.S. economy. Older generations, particularly those born between 1946 and 1964 (Baby Boomers), and those born between 1965 and 1980 (Generation X), appeared better informed about the significance of these jobs to the U.S.

Eighty-six percent of Baby Boomers and Gen X respondents agreed that manufacturing jobs are important to the economy, while only 68% of Millennials, those born between 1981 and 1998, agreed.

“We were surprised by how the responses varied by generation,” said Keith Barr, CEO and President of Leading2Lean. “We are seeing some of the highest demand for skilled manufacturing jobs in recent history, yet it seems the industry has failed to keep younger generations informed about the skills gap or availability of great jobs.”

This difference in generational perspective was also reflected in a question about whether respondents agreed that manufacturing offers fulfilling careers. Only 49% of Millennials agreed, while 59% of both Baby Boomers and Generation X agreed. This underscores that Millennials are less convinced that manufacturing offers desirable career paths.

It is estimated that approximately 3.5 million manufacturing jobs will need to be filled over the next ten years, and 2 million of those jobs will go unfilled, according to recent data from The Manufacturing Institute. Despite this urgent industry need, half of Millennials indicated that they do not believe there is a shortage of skilled workers in the U.S. In comparison, 63% of Gen X and 60% of Baby Boomers indicated that they did understand there is a current shortage of skilled workers.

“We see from this data that we need to do better as an industry to show the younger generation how the industry has changed,” said Barr. “Manufacturing is more dynamic than ever before. Jobs in the industry involve complex problem solving and interesting technology. They’re not mind-numbing jobs that take place at dilapidated factories. And they offer competitive pay, benefits and opportunities for advancement.”

Millennials may not be aware that manufacturing jobs pay on average nearly three times the federal minimum wage for production and nonsupervisory employees, according to the U.S. Bureau of Labor Statistics. For managerial roles, manufacturing offers pay competitive with tech sector jobs, according to 2018 data from Glassdoor.

Leading2Lean commissioned survey provider ENGINE to conduct the national survey at a 95% confidence level, surveying 1,002 respondents representative of U.S. demographics.

Autonomous Vehicle Technology Advances

Autonomous Vehicle Technology Advances


A couple of interesting items came my way regarding autonomous vehicle technology. Every year sees better applications and more powerful tech. Then note in the releases X-as-a-Service applications. This idea just keeps expanding into more useful areas.

AI-capable “Supercomputer”—ZF ProAI.

ZF unveiled the latest model of its automotive supercomputer ZF ProAI just before the start of this year’s Consumer Electronics Show (CES). The ZF ProAI RoboThink central control unit offers the highest performance of its kind in the industry according to the release. Vehicle manufacturers and mobility service providers additionally benefit from the system’s modularity and scalability. Today’s four models in the ZF ProAI product family can be optimally configured for any application – from a basic ADAS function right up to fully autonomous cars, commercial vehicles and industrial applications.

Customers can also specify their favorite software architecture. In the wake of booming services such as ride hailing, ZF also premiered its own software stack for new mobility concepts at the CES. This stack together with the latest ZF Pro AI and the company’s comprehensive sensor set represent a fully integrated system for driverless vehicles that can be easily adopted by the new players in the field of mobility services.

NVIDIA has named ZF one of its preferred partners for the launch of the new Level2+ NVIDIA DRIVE AutoPilot. Since ZF’s new product’s volume production starts within the next 12 months it is the only automotive grade AI capable supercomputer that can meet NIVIDIA’s ambitious timeline for the launch of their DRIVE AutoPilot from the beginning.

ZF’s CEO Wolf-Henning Scheider explained, “We are taking advantage of the fact that only ZF offers a supercomputer that is ready for volume production. Our open, flexible, modular and scalable ZF ProAI product family allows for just the right configuration of any application – for a variety of industries, and across all levels of automated driving.”

“We’re thrilled with the results of our collaboration with ZF. Their agility and system expertise has resulted in the incredibly rapid development of the ProAI platform enabling L2+ through L4/L5 robotaxi vehicles, leveraging NVIDIA’s DRIVE Xavier processors and DRIVE software,” said Rob Csongor, Vice President of Autonomous Machines, at NVIDIA. “ZF is now able to deliver to car makers advanced L2+ self-driving solutions for production starting in 2020 and the ability to quickly scale to higher levels of autonomy.”

“The unique selling proposition of the AI-capable ZF ProAI RoboThink is its modular hardware concept and open software architecture. Our aim is to provide the widest possible range of functions in the field of autonomous driving,” explained Torsten Gollewski, head of ZF Advanced Engineering and general manager of Zukunft Ventures GmbH.

Robo-taxis and autonomous people or cargo-movers are accelerating the development of central control units with much higher computing power. This is because powerful domain computers used in Mobility-as-a-Service applications not only manage the complex calculation of the surroundings based on a fusion of camera, radar and LIDAR data, they also integrate user data via the Cloud, payment systems and above all optimal route planning and implementation. Complex algorithms calculate these from the mobility and transport requirements of people or goods and can compare them in real time with the current traffic situation.

“The computing power of central computers in robo-taxis and autonomous people or cargo-movers will be significantly higher than for automated-driving passenger cars,” says Torsten Gollewski. “The demand from ride-hailing service providers for even more computing power has arisen much sooner than predicted. Today, the autonomous-driving market is being driven more by new mobility service providers than by established vehicle manufacturers.”

Mobile Industrial Robots (MiR) Nearly Tripled Sales for the Second Year in a Row

Mobile Industrial Robots, the first mover and market leader in autonomous mobile robots (AMRs), announced a second year of 160 percent revenue growth in 2018, a target the company established after accomplishing the same growth rate in 2017. The company’s success results, in large part, from MIR’s multinational customers, including Toyota Motor Corporation that is investing in fleets of mobile robots to optimize internal logistics and to gain competitive advantages in the production and supply chain. Thirty percent of MiR’s 2018 sales come from the Americas (27 percent in the United States and 3 percent in Latin America).

“Large multinational organizations, who are happy with the benefits they’ve received after trying one of our robots, are now investing in fleets spread across more of their plants, with some purchasing as many as 15 to 25 MiR robots at a time,” said Thomas Visti, CEO of MiR. “Our robots make it easy for these companies to follow the increasing shift to a mass-customization model, where they manufacture a higher number of customized products in smaller batches, requiring an agile production facility with flexible and easily adaptable logistics. Our user-friendly technology fits this model well.”

Growth from new products and new “robots as a service” offering to help more companies benefit

In addition to increased sales of multiple robots to companies like Toyota, which already uses MiR robots to optimize logistics in plants in the U.S. and Asia, the company’s growth in 2018 also came from the launch of the MiR500. Forty percent of sales of the MiR500, which can pick-up, transport, and deliver pallets, have come from U.S. companies. The continuous growth worldwide means that MiR expects 2019 will bring even more new products, along with 100 new employees and new offices in the U.S., China, and Japan. According to Visti, the company also expects to increase revenue as much, if not more, over the next year, while expanding the types of companies that can benefit from autonomous mobile robots.

The Future of Work

The Future of Work

Mechanization, automation, and eventually digitalization have improved the labor experience of humans for millennia.

The first voices raising an alarm about the future was work was the rebellion against centralizing production–moving it from the craftsman’s shed or seamstress’s room to production lines governed by piecework and forced labor. That was in the mid-1800s.

Research I started in grad school before I got a “real” job began with an essay by the early Karl Marx complaining about the alienation of humans and the product of their labor. This was written around 1848.

People began to notice the dehumanizing capability of the Industrial Age. Check out Charlie Chaplin movies or even the famous Lucille Ball skit wrapping candy on a production line.

Today’s critics rail about automation and robots.

Those people are missing the changes that have occurred during the past 20 years with the aid of machines, robotics, and automation.

Imagine the bodies saved from chronic back problems through the use of robotics picking and placing heavy loads continuously for shift after shift.

Or, removing humans from hazardous locations–say welding lines or spray paint booths–once again through the use of robotics and automation.

Visit a modern manufacturing facility (as I have many times) and see collaborative teamwork as people use their brains as well as their hands to solve safety and production problems.

The last several years have featured advances on ways for automation to supplement humans. Collaborative robots. Exoskeleton robots. Better information and advice for troubleshooting and fixing processes before they break.

As professionals in this industry, we need to call Foul on all the misinformation masquerading as news in places like The New York Times.

Follow

Follow this blog

Get every new post delivered right to your inbox.