Protection From Coming Hardening of DCOM

[Note: If you had previously signed up to receive new posts via email, you’ve noticed that they stopped and then restarted. WordPress had notified me that this service had ended. I recently saw where it was active, but not supported. Update: I’ve received multiple messages from one post. I’ve changed the frequency to daily updates. We’ll see how that works.

You can subscribe to an occasional newsletter that I’ve been playing around with. It comes through my HEY.com email account. If you haven’t checked out Hey, give it a look. I haven’t moved my business email there, yet, but I like the new take on an email client. My email address there is [email protected]. You can check it out by clicking on the mail button at the right sidebar.]

I actually thought that the whole DCOM technology situation was over. That is an old Microsoft Windows technology long since passed by in usefulness. Except, there’s a lot of it laying around with OPC Classic. As we often say, technologies change slowly in industrial and manufacturing applications. This is a potential snafu. I first wrote about Velta Technology last September. This news is about a partnership to offer a solution to the looming hardening of DCOM.

­­Velta Technology and TXOne Networks Inc. are teaming to help organizations safeguard their industrial control systems (ICS) and avoid potential revenue disruptions ahead of an imminent Microsoft Windows Distributed Component Object Model (DCOM) hardening patch enablement. In the absence of a proper mitigation strategy, the DCOM hardening patch could potentially shut down ICS equipment impacting plant production and operations.

Beginning March 14, 2023, the Microsoft hardening patch can no longer be disabled and will trigger a forced update which strengthens authentication between DCOM clients and servers. The patch is a core component of automation software products from companies such as Rockwell Automation, GE, Honeywell, Siemens, and others.

Velta Technology and TXOne Networks have partnered to provide a cost-effective and time-efficient interim solution that will maintain operations following the patch. Velta Technology’s industrial cybersecurity experts are utilizing TXOne Networks’ Stellar endpoint protection as a stopgap to the hardening patch, providing customers ample time to develop a more manageable, long-term solution.

Rockwell Automation Smart Machine, Safety, Security Announcements

The Rockwell Automation PR team must have worked overtime following November’s Automation Fair. Here are a number of releases on new products and services. These cover a spectrum of technology areas that further reveal the breadth of Rockwell’s reach. 

  • Smart Machine Development
  • GuardLink with EtherNet/IP
  • FactoryTalk Logix Echo
  • Cyber Endpoint Protection Services

Simplify Smart Machine Development with Improved Micro800 Controllers and Design Software

Machine builders can save engineering time and costs with the enhanced Allen-Bradley Micro850 and Micro870 2080-Lx0E controllers using the latest Connected Components Workbench software from Rockwell Automation.

  • Class 1 implicit messaging capability up to eight EtherNet/IP devices support
  • Streamline integration of controller to drives, supporting PowerFlex 520 series and Kinetix 5100 drives over EtherNet/IP with pre-defined tags and pre-developed user-defined function block (UDFB) instructions.
  • Connected Components Workbench software version 21 required.

GuardLink 2.0 with new EtherNet/IP Interface

  • GuardLink 2.0 offers advanced diagnostics by way of the new Allen-Bradley 432ES GuardLink EtherNet/IP On-Machine Interface or a combination of Dual GuardLink Relay and EtherNet/IP Interface. 
  • GuardLink 2.0 protocol also enables safety-rated control device status reporting and automatic diagnostic reporting to an HMI using CIP Safety over EtherNet/IP.
  • Connect up to 96 safety devices via three independent safety channels. 
  • The interface can cascade power to additional interfaces and can keep track of timing and frequency of events to improve maintenance and create process efficiencies. 
  • The 432ES supports linear, star and Device Level Ring topologies while meeting safety ratings up to SIL 3, Cat 4 PLe.

New Capabilities in Emulation and Support with First expansion of FactoryTalk Logix Echo

  • Attention was dedicated to improving testing, giving users access to more than 20 variations of the 5580 ControlLogix platform at their disposal.
  • FactoryTalk Logix Echo simplifies the emulator experience by providing users the opportunity to download directly to FactoryTalk Logix Echo without modifications. 
  • Having the emulation of the 5580 ControlLogix Ethernet port means that to other software, FactoryTalk Logix Echo looks like another controller, offering flexibility to expand your emulation to visualization or other controllers.
  • Version 2 will be the first emulation platform to support safety controllers by introducing GuardLogix 5580 controller catalogs. 
  • The inaugural version supported one 17 slot chassis, but the latest release now supports the creation and communication of multiple chassis with one FactoryTalk Logix Echo license. 

Comprehensive Endpoint Protection Services

  • For organizations to secure their operations and reduce cyber threats, a successful cybersecurity strategy requires solutions to secure endpoints – any device that is connected to a network outside of its firewall, including laptops, HMIs, switches, IoT devices, and more.
  • Rockwell Automation and CrowdStrike are providing manufacturers with comprehensive Endpoint Protection Services, combining Rockwell Automation’s Industrial Cybersecurity Services and CrowdStrike Falcon platform to monitor, protect, investigate, and respond to incidents. 
  • Purpose-built in the cloud with a single lightweight-agent architecture, the CrowdStrike Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity, and immediate time-to-value.
  • When customers choose the CrowdStrike Falcon platform through Rockwell Automation, they receive the industry-leading software coupled with OT-specific Falcon policies, developed by Rockwell Automation cybersecurity specialists, and backed by software and phone support. 
  • Endpoint Protection fits into the expansive Rockwell Automation portfolio of Managed Services along with Incident Response and Threat Detection to provide customers with a holistic cybersecurity solution.

Bosch Rexroth Expands ctrlX Ecosystem

  • Salesforce supports digital service concepts 
  • SICK contributes sensor data integration and sensor apps 
  • Partner world ctrlX World now includes over 60 third-party providers 

Ecosystems and partnerships are the current rage. The idea has been building for several years. I’ve seen them with software platforms and also with some hardware. Success with the execution has been spotty. It is a good way to spread the word about a new platform. Bosch Rexroth has been busy bringing partners to augment its new ctrlX control platform. They have accumulated an eclectic mix of partners. Recently Salesforce and Sick have joined up.

With ctrlX AUTOMATION, Bosch Rexroth has created a world of automation in which the specialist knowledge of companies from various domains is combined for the purpose of co-creation. The partner network, ctrlX World, is expanding the automation toolkit –adding hardware and new apps. More than 60 third-party providers have already joined the partner world – most recently Salesforce and SICK.

Why Salesforce?

“Our joint solutions with Bosch Rexroth and other ctrlX World partners enable data-based decision making and business automation in mechanical engineering and other industries. For example, manufacturers can quickly visualize and analyze all of the data coming from ctrlX AUTOMATION. Another use case is the preventive maintenance of machines or the automation of spare parts orders. Our Manufacturing Cloud enables business and service automation based on business intelligence. ctrlX AUTOMATION provides the important data for this,” said Juergen Brixel, Regional Vice President Industry Solutions & Strategy at Salesforce.

Sick is a leading sensor company. Here is an explanation of why it joined the ecosystem.

“By integrating our solutions into the ctrlX AUTOMATION partner world, we can provide sensor and application data in the easiest way possible. We do this via the ctrlX Data Layer. It offers secure, managed access to the data. Machine manufacturers for example can easily benefit from valuable data and use these data in order to meet IoT and Industry 4.0 requirements,” said Walter Reithofer, Senior Vice President R&D at SICK.

And some other partners.

Other partners that have joined the ctrlX World in recent months include: 36ZERO Vision by Deutschdata Karamat und Ziesche GmbH, Dataprophet, FANUC Deutschland GmbH, Hailo Technologies Ltd., i-flow GmbH, KEBA Industrial Automation GmbH, SIMON Modellierungen GmbH, Timecho Europe GmbH, WEPALL ROBOT EASY TOOLS, S.L. and Balluff GmbH.

Next Generation Open Control?

Bosch Rexroth held a webinar unveiling its ctrlX control platform in March 2021 that I had the pleasure of moderating. According to a press event held this week, more than 600 units have been sold.

Rexroth representative use terms like freedom, openness, next level. Preceding Rexroth down this openness path in my experience were OMAC (originally Open Modular Architecture Controller, now know for PackML), Bedrock Automation (Open Secure Automation), and OPAF (Open Process Automation Foundation). 

OMAC didn’t come up with an open controller, but it did come up with a winner for the packaging machinery market with PackML. I gave Bedrock Automation a good chance to succeed with its emphasis on security along with open automation. But as I researched for this article, I discovered its website almost stripped bare. Don’t know what happened there. OPAF has momentum building an architecture that is a “standard of standards.”

Many companies have presented revolutionary control concepts to me during my years as an editor and writer. Most are gone. Rexroth has a successful run as a motion control technology provider. I predict a solid niche for it in the machine OEM market with this technology–especially if the app ecosystem is sticky.

They call it the “smartphone of controllers” pointing to its ecosystem of apps now being provided by third-party automation companies. I’ve also seen ecosystems come and go. Perhaps one day one will find traction. Perhaps this is the one.

Here are a few morsels from this week’s press event:

CtrlX Operating System

  • Now available for third party developers
  • Linux-based operating system
  • Available for hardware from third-party providers and virtualized environments
  • Next level of openness and freedom in automation
  • Can be used on all levels – from the field level to the cloud 
  • Hardened software stack with a high degree of cybersecurity 
  • Connection to the ctrlX Store and the ctrlX Device Portal 
  • Hardware independence also makes it possible to operate a virtual control system on hypervisor platforms, in the data center, on edge servers or in the cloud. 
  • Supports app technology, web-based engineering, secure user management and the high-performance exchanging of data via the ctrlX Data Layer. 
  • The ctrlX Device Portal allows effective device management anywhere in the world.

The next level of freedom in automation

ctrlX ecosystem with app technology

  • New third-party support
  • Salesforce supports digital service concepts 
  • SICK contributes sensor data integration and sensor apps 
  • Partner world ctrlX World now includes over 60 third-party providers 
  • Other partners that have joined the ctrlX World in recent months include: 36ZERO Vision by Deutschdata Karamat und Ziesche GmbH, Dataprophet, FANUC Deutschland GmbH, Hailo Technologies Ltd., i-flow GmbH, KEBA Industrial Automation GmbH, SIMON Modellierungen GmbH, Timecho Europe GmbH, WEPALL ROBOT EASY TOOLS, S.L. and Balluff GmbH.

The Eclipse Foundation Releases 2022 IoT & Edge Developer Survey Results

The Eclipse Foundation announced results from its 2022 IoT & Edge Developer Survey administered by the Eclipse IoT Working Group, the Eclipse Edge Native Working Group, and the Eclipse Sparkplug Working Group. Now in its eighth year, the survey is the IoT & edge industry’s leading technical survey.

“IoT and edge computing are arguably the most important technologies today, particularly for industries like industrial automation, agriculture, and automotive,” said Mike Milinkovich, executive director of the Eclipse Foundation. “The insights detailed in this survey report can help guide internal developer teams and technology decision-makers as they seek to bring the Industrial IoT to life.”

  • The online survey was conducted from April 1, 2022, to June 15, 2022, during which 910 global developers, committers, architects, and decision-makers from a broad set of industries and organizations participated.
  • Java, C, and C++ are the most widely used programming languages for constrained devices. Developers indicate that Java is the preferred language for IoT gateways and edge nodes.
  • MQTT continues to be the most widely used IIoT communication protocol, though there seems to be increased fragmentation. HTTP/HTTPS and REST show slight decreases in IIoT usage compared to 2021, while alternative communication protocols (TCP/IP, AMQP, in-house/proprietary) have seen noticeable growth. 
  • Agriculture (23%) has emerged as the leading industry for IIoT and edge computing technology, followed by industrial automation (22%), automotive (20%), and energy & smart cities (17%).
  • Concerns around security have nearly doubled in this year’s survey, making it one of the top 3 challenges developers face, along with connectivity, and data collection & analytics.
  • There is increased public cloud fragmentation, and the big three are being challenged. Despite continued dominance, Amazon AWS with 36% usage (-8% in 2022), Microsoft Azure with 18% (-11% in 2022), and Google Cloud Platform with 16% (-4% in 2022) have all lost ground against a growing competitive landscape.
  • Container images (49%) are the most frequently selected edge computing artifact.

Emerson Adds Wind Power Technolgy

Emerson sent me a number of renewable energy technology news releases and a live discussion over the past couple of months. I wrote about hydrogen a couple of months ago. These news items talk about wind power technology.

[This is also a good time to promote a new book, The Carbon Almanac, ideal for everyone to learn about what they can do to reduce carbon generation.]

Support China’s Carbon Reduction Goals

Emerson, a global technology and software company, will provide integrated wind automation solutions and services to Taiyuan Heavy Industry Co., Ltd. for three greenfield wind farms located in Shanxi Province, China, a region experiencing high growth in its renewable generation base. Emerson’s wind turbine control software and expertise combined with TYHI wind turbines will deliver green energy to over 35 million residents located in Beijing and other Northern China cities.

The technology includes Emerson’s wind turbine controls and SCADA software.

The wind farms are scheduled for commercial operation in 2023.

Emerson Acquires Mita-Teknik

Emerson announced it has acquired Mita-Teknik in an all-cash transaction. Founded in 1969, Mita-Teknik is a leader in the control automation business for wind power generation, equipping wind turbines and wind farms with technologies for performance and reliability. This acquisition is complementary to Emerson’s existing control system portfolio and supports the company’s ability to help customers in their quest to digitally transform operations and meet sustainability goals.

Follow this blog

Get a weekly email of all new posts.