by Gary Mintchell | Dec 16, 2022 | Automation, Manufacturing IT, Operations Management, Security
I reported on a cybersecurity company new to me at the time last month—Mission Secure. With our schedules finally meshing, I recently talked with Jens Meggers, executive chairman. My pre-interview research further revealed that long-time contact Chet Mroz is company president. Other people I’ve know for years are also affiliated.
Publicity people fill my inbox with news from security companies. The latest trend concerns research the various companies have done. Studies invariably show that company executives lag in efforts to mitigate potential cybersecurity risks.
Most of the security firms I talk with either perform network packet sniffing looking for anomalies or they are hardware firewalls. Many are IT technologies loosely adapted to operations. Mission Secure adds capabilities including that and beyond.
Meggers told me there are new demands on the operations space. Threats have quadrupled recently and the landscape is broadening. Actors have gone from individuals to state-sponsored actors or even states themselves. The dark web contains exploits, information and technology for those bad actors who know where to look. Not to mention that the attackers are automating their activities.
Mission Secure has the capability to scan assets of its customers. Many companies can do that in order to see what devices need patches. Operations personnel find themselves swamped with patch requirement at a volume they cannot keep up with. Mission Secure takes a methodical approach.
1. Find out what you have and identify risks
2. Who and what have access rights and why
3. Process for continuous validation, rules, define policy
I’m a fan of this process—mostly because it aligns with my training from when I first became involved with digital technology in manufacturing thanks to a VP I reported to. It fits with ideas such as those advocated by gurus such as W. Edwards Deming about process.
Here is a bit more description of Mission Secure:
Mission Secure delivers the only OT cybersecurity platform that enables complete control over your environment, including visibility, anomaly and threat detection, policy enforcement, and Level 0 signal validation.
Discover and visualize every asset and every network connection in your OT environment.
Identify unexpected or unauthorized activity, from Level 0 signals to cloud connections.
Segment your network and enforce granular policies for true Zero Trust cybersecurity.
Monitor physical process signals to detect threats and prevent system damage.
by Gary Mintchell | Dec 12, 2022 | Automation, Embedded Control, Motion Control, Networking, Safety, Security, Technology
The Rockwell Automation PR team must have worked overtime following November’s Automation Fair. Here are a number of releases on new products and services. These cover a spectrum of technology areas that further reveal the breadth of Rockwell’s reach.
- Smart Machine Development
- GuardLink with EtherNet/IP
- FactoryTalk Logix Echo
- Cyber Endpoint Protection Services
Simplify Smart Machine Development with Improved Micro800 Controllers and Design Software
Machine builders can save engineering time and costs with the enhanced Allen-Bradley Micro850 and Micro870 2080-Lx0E controllers using the latest Connected Components Workbench software from Rockwell Automation.
- Class 1 implicit messaging capability up to eight EtherNet/IP devices support
- Streamline integration of controller to drives, supporting PowerFlex 520 series and Kinetix 5100 drives over EtherNet/IP with pre-defined tags and pre-developed user-defined function block (UDFB) instructions.
- Connected Components Workbench software version 21 required.
GuardLink 2.0 with new EtherNet/IP Interface
- GuardLink 2.0 offers advanced diagnostics by way of the new Allen-Bradley 432ES GuardLink EtherNet/IP On-Machine Interface or a combination of Dual GuardLink Relay and EtherNet/IP Interface.
- GuardLink 2.0 protocol also enables safety-rated control device status reporting and automatic diagnostic reporting to an HMI using CIP Safety over EtherNet/IP.
- Connect up to 96 safety devices via three independent safety channels.
- The interface can cascade power to additional interfaces and can keep track of timing and frequency of events to improve maintenance and create process efficiencies.
- The 432ES supports linear, star and Device Level Ring topologies while meeting safety ratings up to SIL 3, Cat 4 PLe.
New Capabilities in Emulation and Support with First expansion of FactoryTalk Logix Echo
- Attention was dedicated to improving testing, giving users access to more than 20 variations of the 5580 ControlLogix platform at their disposal.
- FactoryTalk Logix Echo simplifies the emulator experience by providing users the opportunity to download directly to FactoryTalk Logix Echo without modifications.
- Having the emulation of the 5580 ControlLogix Ethernet port means that to other software, FactoryTalk Logix Echo looks like another controller, offering flexibility to expand your emulation to visualization or other controllers.
- Version 2 will be the first emulation platform to support safety controllers by introducing GuardLogix 5580 controller catalogs.
- The inaugural version supported one 17 slot chassis, but the latest release now supports the creation and communication of multiple chassis with one FactoryTalk Logix Echo license.
Comprehensive Endpoint Protection Services
- For organizations to secure their operations and reduce cyber threats, a successful cybersecurity strategy requires solutions to secure endpoints – any device that is connected to a network outside of its firewall, including laptops, HMIs, switches, IoT devices, and more.
- Rockwell Automation and CrowdStrike are providing manufacturers with comprehensive Endpoint Protection Services, combining Rockwell Automation’s Industrial Cybersecurity Services and CrowdStrike Falcon platform to monitor, protect, investigate, and respond to incidents.
- Purpose-built in the cloud with a single lightweight-agent architecture, the CrowdStrike Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity, and immediate time-to-value.
- When customers choose the CrowdStrike Falcon platform through Rockwell Automation, they receive the industry-leading software coupled with OT-specific Falcon policies, developed by Rockwell Automation cybersecurity specialists, and backed by software and phone support.
- Endpoint Protection fits into the expansive Rockwell Automation portfolio of Managed Services along with Incident Response and Threat Detection to provide customers with a holistic cybersecurity solution.
by Gary Mintchell | Dec 1, 2022 | Asset Performance Management, Automation, Events, Manufacturing IT, News, Process Control, Security, Sensors, Technology
Honeywell has been an enigma to me for several years. I haven’t been confident in product direction, where different elements of process automation would fit, and would it make a transition to software. Then came Honeywell Forge. Where did that fit with Process Solutions and UOP? Then we had the pandemic and I couldn’t make the User Group this year due to many conflicts.
This is mostly my deficiency, but also I had lost track of contacts. All that is remedied, and the picture is beginning to focus. I was also able to catch some virtual conferences to gain insight from CTO Jason Urso.
Honeywell Forge is coalescing into a viable software division. Process Solutions is cranking out some interesting new products and services. Sustainability is a key strategy. Cybersecurity remains strong within the portfolio.
I’m quite late with this update. Following are major points from recent announcements. Check out the various links for more.
Manufacturing Excellence Platform
Manufacturing Excellence platform provides real-time end-to-end production visualization and dashboards for multiple user roles from operators to management, process unit timelines, detailed equipment status, and trends of critical process parameters. The Manufacturing Excellence platform, built for Life Sciences applications, puts actionable information in context in one interface. The solution digitizes paper-based batch records, work instructions, and logbooks to ensure consistent compliance with standard operating procedures.
Honeywell Forge Performance+
As part of the new Honeywell Forge Performance+ for Industrials suite, Asset Performance helps deliver asset reliability and energy efficiency through real-time monitoring of assets using predictive models embedded with deep-domain expertise. Asset Performance can help to both detect potential asset health issues and predict possible time to failure in order to proactively improve plant availability.
Enhancements to Existing Honeywell Software Solutions
- Honeywell Plantwide Optimizer – End-to-end solution that integrates planning, operations and blending in near real time.
- Honeywell Operations Management – Enhancements to the user experience designed to help industrial operations managers to better proactively monitor, document and operate their industrial processes to reduce downtime, increase throughput and yields, and standardize shift reporting.
- Honeywell Workforce Competency – Enhancements to the simulation-based experiential learning solution to develop and enhance the competency of today’s industrial workforce include persona-based dashboards and a new soft Safety Manager direct link.
Honeywell’s AMIR managed service brings increased cybersecurity capabilities to an organization’s existing Security Operation Centers (SOCs) to strengthen OT cybersecurity across the enterprise.
Cyber App Control, previously known as Application Whitelisting, is a vendor-agnostic cybersecurity solution suitable for both Honeywell and non-Honeywell control systems designed to provide an additional layer of security that allows only known and trusted applications to run on ICS assets and increases a customer’s ability to prevent known malware and zero-day attacks on OT environments that often rely on more vulnerable legacy systems with challenging maintenance schedules.
Honeywell Forge Sustainability+
• An enterprise solution that measures fugitive and process GHG emission leaks, continuously monitors sites for new or remediated emissions, reports on emissions’ status and drives emission reduction strategies and solutions.
• Innovative gas detection technologies with Honeywell Versatilis Signal Scout gas detector and Gas Cloud Imaging, interfaces with Emissions Management for continuous measuring and monitoring of emissions, enabling customers to better manage GHG emissions proactively in near real-time.
• Reporting of process emissions with site- and enterprise-level trending and visualization that allows organizations to locate methane leaks that may cause production loss or impact worker safety, as well as gain access to metrics and alarms associated with gas leaks.
• Enterprise-wide accounting, visualization and reporting that eliminates periodic manual reporting and provides a holistic, near real-time view of Scope 1 emissions for HSE professionals and executive teams.
Honeywell and Aramco JV for Business Process Software
Honeywell and Aramco have announced the signing of a joint venture (JV) agreement to provide a set of end-to-end business process automation solutions, under the Aramco Namaat Industrial Investments Program. The technology solutions can be offered to a wide range of industrial sectors to help maximize profitability, improve productivity, sustainability and operational excellence, on a global scale. The new JV offerings will leverage Aramco’s Plant.Digital platform (formerly Integrated Manufacturing Operations Management System – iMOMS) as well as Honeywell Connected Enterprise’s technology development and industrial digital solutions implementation experience.
The JV aims to equip industrial companies with the tools, processes and practices they need to run plant operations more effectively and accelerate sustainable digital transformation and operational excellence initiatives. It will emphasize the development, integration, and deployment of Operations Technology (OT) solutions and Digital Transformation consulting.
The new JV is expected to create more than 300 jobs in Saudi Arabia within five years, supporting the Aramco Namaat Industrial Investments Program, which is designed to boost Saudi economic and workforce development.
Partnership for Track and Trace Solutions
Honeywell announced that Imperial Brands, a British multinational tobacco company, has chosen Honeywell to provide the Honeywell Track & Trace solution (“Honeywell Track & Trace”) to digitalize and transform the monitoring and tracking of their supply chain operations.
In addition to the cloud-based Honeywell Track & Trace solution, Honeywell will provide a comprehensive and integrated system of support, professional services, and governance to help Imperial’s business meet critical requirements for compliance and executing its global supply chain.
by Gary Mintchell | Nov 22, 2022 | Automation, Networking, Security
Reza Eltejaein from Marvell Technology explained how deterministic Ethernet is displacing special purpose networks in several applications also describing the company’s new Ethernet switches for harsh environments and PHYs targeted to the industrial and critical infrastructure markets. This solution finally brings Time Sensitive Networking (TSN) to reality.
Ethernet is still too expensive for the sensor and other physical device layer. Achieving deterministic Ethernet for critical applications above that layer has been a target for engineering for years. Marvell Technology now offers a solution.
Marvell’s Secure Deterministic Ethernet solution, comprised of Prestera switches and Alaska PHYs, is designed for switch appliances used in often-harsh environments. By enabling the more widespread use of Ethernet in the OT environment, the new solution facilitates the adoption of modern IT tools and security methods in OT networks, enabling a common management and automation approach from the cloud to the OT network edge.
The new solution addresses deterministic networking requirements with a set of Ethernet standards known as time-sensitive networking (TSN). With TSN, virtually any kind of Ethernet traffic can share a network, allowing siloed IT and OT networks to converge, thus reducing costs and facilitating in OT networks the analytics, automation and intelligence that are transforming IT networks.
To better protect these networks, the new Prestera industrial-grade switches with TSN offer industry-first device- and link-level security, in the form of Secure Boot and MACsec.
- Integrated switching, CPU and Ethernet PHY—reduces power and footprint versus separate components.
- Time-Sensitive Networking: 802.1AS, 802.1CB, 802.1Qav, 802.1Qbv, 802.1Qbu, 802.1Qci, 802.1Qat—supports reliable, low-latency Ethernet performance.
- IEC/IEEE 60802 TSN profile for Industrial Automation—enables real-time end-to-end communications with guaranteed reliable performance and data delivery.
- 802.1AE MACsec—provides Layer-2 security for data integrity and confidentiality.
- Secure Boot—allows only trusted software to execute on the system.
- Parallel Redundancy Protocol (PRP) and Highly-available Seamless Redundancy (HSR)—provide no-loss failover in case of failure of any single network element.
- TrackIQ—provides rich telemetry data for use in network analytics and observability tools.
- Ruggedized -40°C to +85°C system operation—enables reliable operation in harsh environments and an expected lifetime of at least 10 years.
The Prestera DX1500 and Alaska E1781 product families are sampling now.
by Gary Mintchell | Nov 14, 2022 | News, Security
Several times each week new (to me) cybersecurity companies find me. This through a PR professional I’ve known for maybe 20 years who picked up a new client. Mission Secure specializes in operation technology and industrial control system (OT / ICS) systems. I’ve not heard from them previously (at least, I’ve never written about them here).
Mission Secure announced the release of its Sentinel 5.0 platform Nov. 1, a milestone in enabling Zero Trust security architectures for critical infrastructure. The Sentinel 5.0 platform provides dynamic, context-aware cybersecurity policy monitoring and enforcement for operational technology systems.
“Zero Trust architectures are the most powerful and practical way to increase safety and reduce risk for industrial cyber-physical processes” says Jens Meggers, Executive Chairman of Mission Secure. “With Sentinel 5.0, we are launching a game changer that allows granular implementation of access policies from the physical signal all the way to the cloud. It is whitelisting on steroids: industrial strength, context-driven, intrusion prevention and mitigation.”
Zero Trust is a well-established IT cybersecurity principle that has yet to be widely adopted in industrial OT.
It eliminates implicit trust in the network perimeter by validating every stage of digital interaction continuously.
• Creating access control policies to define the conditions under which users or applications can send commands to an industrial device.
• Identifying firmware state and vulnerabilities, as well as limiting access to only fully-patched systems.
• Alerting and acting on anomalies in physical signals, and isolating systems that show abnormal behavior.
• Supporting root cause analysis by correlating network events with sensor outputs.
Mission Secure also announced a technology partnership with Verve Industrial, the provider of IT-OT asset inventory and vulnerability management solutions.
by Gary Mintchell | Nov 10, 2022 | Business, News, Organizations, Security
Research conduced world-wide initiated by BlueVoyant, a cyber defense company, revealed that 98% of firms surveyed have been negatively impacted by a cybersecurity breach that occurred in their supply chain. This is up slightly from 97% of respondents last year. Digital supply chains are made of the external vendors and suppliers who have network access that could be compromised.
“The survey shows that supply chain cybersecurity risk has not decreased and, in fact, more enterprises than ever have reported being negatively impacted by a cybersecurity disturbance in their supply chain,” said Adam Bixler, BlueVoyant’s global head of supply chain defense. “The good news is that across industries and regions, organizations are making supply chain defense a priority, but these organizations need to better monitor suppliers and work with them to remediate issues to reduce their supply chain risk.”
- Study finds 98% of surveyed enterprises say they have been negatively impacted by a cybersecurity breach in their supply chain, an increase from 2021.
- 40% of respondents rely on the third-party vendor or supplier to ensure adequate security.
- In 2021, 53% of companies said they audited or reported on supplier security more than twice per year; that number has improved to 67% in 2022. These numbers include enterprises monitoring in real time.
- Budgets from supply chain defense are increasing with 84% of respondents saying their budget has increased in the past 12 months.
- The top pain points reported are internal understanding across the enterprise that suppliers are part of their cybersecurity posture, meeting regulatory requirements, and working with suppliers to improve their security.
- In manufacturing, 64% of respondents say that supply chain cyber risk is on their radar and 44% say they have established an integrated enterprise risk management program.