Industrial Internet Consortium Releases Endpoint Security Best Practices White Paper

Industrial Internet Consortium Releases Endpoint Security Best Practices White Paper

Security comes first to mind whenever we begin discussing connecting things in an industrial setting. And, of course, nothing connects things like the Industrial Internet of Things (IIoT). One place we often fail to consider in our security planning is at the endpoint of the network. Organizations and companies have been providing valuable assistance to developers by releasing best practices white papers. Here is one from a leading Industrial Internet organization.

The Industrial Internet Consortium (IIC) announced publication of the Endpoint Security Best Practices white paper. It is a concise document that equipment manufacturers, critical infrastructure operators, integrators and others can reference to implement the countermeasures and controls they need to ensure the safety, security and reliability of IoT endpoint devices. Endpoints include edge devices such as sensors, actuators, pumps, flow meters, controllers and drives in industrial systems, embedded medical devices, electronic control units vehicle controls systems, as well as communications infrastructure and gateways.

“The number of attacks on industrial endpoints has grown rapidly in the last few years and has severe effects. Unreliable equipment can cause safety problems, customer dissatisfaction, liability and reduced profits,” said Steve Hanna, IIC white paper co-author, and Senior Principal, Infineon Technologies. “The Endpoint Security Best Practices white paper moves beyond general guidelines, providing specific recommendations by security level. Thus, equipment manufacturers, owners, operators and integrators are educated on how to apply existing best practices to achieve the needed security levels for their endpoints.”

The paper explores one of the six functional building blocks from the IIC Industrial Internet Security Framework (IISF): Endpoint Protection. The 13-page white paper distills key information about endpoint device security from industrial guidance and compliance frameworks, such as IEC 62443, NIST SP 800-53, and the IIC IISF.

Equipment manufacturers, industrial operators and integrators can use the Endpoint Security Best Practices document to understand how countermeasures or controls can be applied to achieve a particular security level (basic, enhanced, or critical) when building or upgrading industrial IoT endpoint systems, which they can determine through risk modeling and threat analysis.

“By describing best practices for implementing industrial security that are appropriate for agreed-upon security levels, we’re empowering industrial ecosystem participants to define and request the security they need,” said Dean Weber, IIC white paper co-author, and CTO, Mocana. “Integrators can build systems that meet customer security needs and equipment manufacturers can build products that provide necessary security features efficiently.”

While the white paper is primarily targeted at improving the security of new endpoints, the concepts can be used with legacy endpoints by employing gateways, network security, and security monitoring.

The full Endpoint Security Best Practices white paper and a list of IIC members who contributed can be found on the IIC website.

Industrial Internet of Things Integral Part of Industry of Things Conference

Industrial Internet of Things Integral Part of Industry of Things Conference

The Industry of Things World USA conference in San Diego in its third year is becoming a premier Internet of Things (IoT) event in the US. Organized by weConnect in Berlin, Germany, it attracts a few hundred attendees, excellent speakers, and me (of course). The organizers leverage worldwide contacts–organizing similar events in Berlin and Singapore. They also have similar events in other technology areas.

Topics cover a range of IT and OT subjects. I make sure to get to the OT people who are here. This is a quick recap of what I’ve seen so far.

Charlie Gifford spoke at a breakout session on ISA95. He updated us on the latest changes proposed to the standard. His other focus was to promote event-driven architecture. He suggested that we build a library of operations events such that when an event occurs information about the change with the updated data is broadcast to subscribers. This is a great bandwidth saving over continuous point-to-point connections. He is also concerned with how to interconnect the many existing databases within a plant or production location.

Jagannath Rao, SVP of IoT and MindSphere for Siemens, discussed the evolution of MindSphere and its latest incarnation. Key point–Siemens has committed to openness–providing for open APIs especially in its MindSphere platform and adoption of open technologies such as OPC UA.

MindSphere v 2 enabled people to go out and do Proof of Concept (PoC) projects. From these Siemens could determine what customers were interested in and what the problems were that they were trying to solve. This all fed back into the product development process leading to the recent release of v 3.

V3, now a product, builds on open technologies–open being the key word. The platform moved from SAP Leonardo to Amazon Web Services (AWS) providing a more robust cloud experience. AWS is a Infrastructure as a Service, while MindSphere is Platform as a Service containing open APIs and data models. The next step on the journey is for Siemens to build out an ecosystem of 3rd party applications.

When asked about TSN, Rao also brought up 5G, both of which point out the importance of the Edge for initial processing of IoT data. Siemens is preparing for this next step, for example its Sinumeric Edge contains much analytics power, then ability to communicate information not just vast streams of data.

OPC vice president of marketing Stefan Hoppe, during his breakout session, discussed the acceptance of OPC UA in industry and the power of the release of publish/subscribe with OPC UA. His strong discussion point was to emphasize that OPC UA is not a protocol. It is an information model. It uses protocols—AMQP, MQTT, DDS, JavaScript, whatever to communicate the information from one device to another (or many). Proponents of a protocol who suggest that a protocol is superior to OPC UA miss the point that it’s not a protocol but actually an information model.

One key potential misunderstanding…Hoppe’s presentation made OPC appear to be German-centric and tied to the German Industrie 4.0. We need to keep in mind that the OPC Foundation Board is only 33% German, and that OPC UA lends itself to the digitalization efforts of any of the countries developing standards. It has become the official communication technology for many standardization efforts including the Open Process Automation Forum. It is truly global.

Lin Nease, IoT technologist at Hewlett Packard Enterprise, chatted with me at a one-on-one meeting about the edge and the power of Xeon server technology in its edge devices as well as software-defined control. I think I’ll be seeing more from HPE as it builds out its IoT infrastructure.

Industrial Internet of Things Becoming a Reality According to Survey

Industrial Internet of Things Becoming a Reality According to Survey

Industrial Internet of Things and Augmented Reality technologies and applications have progressed from curiosity and exploration into the realm of maturing applications. At least, a snapshot of PTC’s customer base alludes to this.

PTC has released its bi-annual “State of Industrial Innovation” research report series.

“As the technologies and business models surrounding the Industrial IoT and AR continue to mature, there are sure to be sequential trends in adoption,” said Mike Campbell, EVP, ThingWorx Platform, PTC. “PTC’s combination of market experience and access to an extensive volume of adoption data enable a truly comprehensive view of the state of these rapidly evolving markets.”

As cited in “The State of the Industrial Internet of Things” and “The State of Industrial Augmented Reality” reports, Industrial IoT and AR are no longer just emerging technologies to watch. Investing in these technologies has become the critical strategy for many organizations in 2018, particularly those in industries that have complex manufacturing and operational processes. Of PTC customers that have adopted Industrial IoT or AR technologies, 83 percent using Industrial IoT and 85 percent using AR had already transitioned, or plan to transition, their deployments to full-scale production environments within the next 12 months.

Highlights from the reports include:

The State of the Industrial Internet of Things

1. Industrial IoT adoption is currently dominated by large product manufacturers in industries such as industrial products (25 percent), electronic and high-tech (22 percent) automotive (13 percent), and aerospace and defense (11 percent).

2. The economic potential of the Industrial IoT has garnered the attention of the international communities and led to global initiatives aimed at fostering the growth of Industrial IoT worldwide.

3. A majority of applications in use today apply to manufacturing and operations (48 percent), where the data collected can be used to refine processes, predict maintenance requirements, and increase overall operational effectiveness.

4. The Industrial IoT is no longer an emerging technology – it has arrived. Industrial IoT deployments are in production today, across functions from product development through manufacturing and service.

The State of Industrial Augmented Reality

1. Industries such as industrial products (21 percent), automotive (11 percent), and aerospace and defense (8 percent) are leading the way in early AR adoption.

2. AR has broad applicability to all functions of the value chain, and especially service (19 percent) and manufacturing (18 percent).

3. The application of AR to serve as a powerful instruction and guidance tool is providing an entry point for many organizations, particularly those industries that are defined by hundreds of vital processes, such as real-time monitoring and increasing overall equipment effectiveness (OEE).

4. AR adoption is reaching a critical tipping point, spurred on by massive investments into the underlying hardware and software technologies that are enabling a rapid transition of pilot projects into full production environments.

Industrial Internet of Things Think Tank

Industrial Internet of Things Think Tank

Think Tanks are an interesting type of gathering of technologists and business leaders. Dell introduced me to them when I moderated two for it. Then the end of January I heard about another one. This one organized by Optel Group—a supplier of traceability software. It was the Industry 4.0 Think Tank held in Chicago.

This was more like a conference than the smaller, focused ones I was used to. In fact, it drew perhaps 300 people or more. I developed a car problem and didn’t make the drive. I received some reports from friends who were there (and who were going to send me a “guest post”, but that idea died. Here is a report from the organizers.

Embracing Disruptive Manufacturing: A Review of Industry 4.0 ThinkTank

The event welcomed 34 expert speakers, from 6 leading industries, and 200+ C-level executives, coming together to learn how to achieve or optimize their 4.0 transformation.

The format combined case studies and open discussions, as well as the Innovation Exhibit and networking breaks.



Four hands-on workshops were led by OPTEL, Boeing, Domino and VUZIX. The diverse themes and in-depth demonstrations ranged from the latest QA innovations to automation, and from wearable technologies to manufacturing control systems.

Panels and Conferences

People appreciated the format of four panel discussions and 30-minute case-study presentations. Through real-life examples, speakers showed how they personally used new 4.0 technologies to increase their overall efficiency and solve important issues.


In addition to all the information, Industry 4.0 ThinkTank also provided ample opportunity to interact with industry peers, meet potential partners, share thoughts and learn from others’ experiences.

Feedback on My AVEVA and Schneider Electric Software Post

Feedback on My AVEVA and Schneider Electric Software Post

There were some good responses to my post on LinkedIn regarding the AVEVA software / Schneider Electric Software deal. Check out Sandy Vasser’s comments. Those remind me of a conversation I had with a Schneider executive many years ago following a small acquisition. I was actually enthused with the acquisition and explained all the cool things I thought they could do with the new technology. He responded, “Wow. I should have you talk to my product team. These are great ideas.”

The conversation went no further. 2-Evidently is was just an acquisition with no strategic thought. 3-In the end, it went nowhere. Maybe like the Citect acquisition that never really panned out.

Sandy Vasser, retired from ExxonMobil, said, “This is a significant opportunity for Schneider to make more and more project delivery, operation and maintenance activities almost “just happen”. There should be opportunities to simplify HMI development. By interfacing AVEVA Electrical with ETAP and Schneider electrical systems, there should be opportunities to automatically program protective relays and update the settings when the electrical systems change. Schneider should sit down with all of their users and brainstorm all of the possible activities that could be automated or greatly simplified.”

He is right on. This is an opportunity. But I don’t know if it will happen. When I was evangelizing MIMOSA and its non-platform platform OIIE, we had that vision of automatic interfaces of data from design to construction to operate & maintain. There is some interest in the owner/operator community, but in the end they will probably pay big money to the Accentures of the world.

Robert Zwick, Automan Controls, noted, “New alliances will be formed in response to this AVEVA reverse takeover by Schneider Electric. We have already seen Emerson align themselves with Aspen Technology. I’m sure we’ll see Intergraph start making significant alliances as well.

The reverse takeover moves the Schneider Electric Software business into UK, where there is a different taxation environment than France. Plus Schneider Electric can now begin to see a P/E multiple of a software business rather than a stodgy old electrical manufacturer. Both of these points should put dollars into this new business to accelerate the merger, consolidation, and growth. At least one can only hope.”

Yes, there has been substantial consolidation in the industry over the past five years or so. This is probably good. But this will ultimately free up space for the innovative startups that solve real customer needs–until they sell out to the big companies.


Follow this blog

Get every new post delivered right to your inbox.