Claroty has been busy. Following the news of investments and partnership with Rockwell Automation, Claroty and Siemens announced a global partnership. Siemens will leverage Claroty’s advanced behavioral analysis technology in Siemens’ recently announced Industrial Anomaly Detection solution.
Siemens, through its global venture firm Next47, also invested in Claroty, joining a global syndicate of industrial giants that invested $60 million in the company’s Series B round, bringing the company’s total investment to date to $93 million.
Siemens initiated the Charter of Trust in February 2018, gaining the support of other giant companies in the global fight against the rising cybersecurity threat to industrial systems. Siemens also continues to expand its cybersecurity portfolio, debuting at the 2018 Hannover Messe industrial automation conference a new Industrial Anomaly Detection solution, which will deliver significant value for both operations and cybersecurity teams. Operations teams receive a detailed inventory of industrial assets and changes to the network. Cybersecurity teams can continuously monitor these critical networks for vulnerabilities, malicious activity, and high-risk changes, across distributed industrial sites.
Claroty was selected by Siemens following an intensive technical evaluation. “In selecting our security partner for Industrial Anomaly Detection, we reviewed the market, conducted a detailed evaluation, and rigorously tested possible technology in our industrial lab environment,” said Dr. Thomas Moser, CEO of the Siemens Customer Services business unit. “Claroty’s advanced behavioral analysis provides a significant advantage to our customers in reducing risk to their OT environment.”
“Our mission is to help our customers secure industrial networks so they can avoid costly operations downtime, and maintain the safety of people and expensive assets,” said Amir Zilberstein, Claroty Co-founder and CEO. “Siemens’ selection of Claroty as a strategic partner and their investment in our company is further validation of our technology, our team, and our ability to deliver world-class, enterprise-level protection.”
Siemens uses Claroty in a pre-packaged offering enabling customers to quickly and safely deploy anomaly detection in their operations. Siemens brings the offering to the market based on pre-installed packages on Siemens IPC. In the future, it is planned to also offer this based on Siemens switches with an Application Processing engine provided by the Ruggedcom RX1500 series.
Siemens, as owner and operator of nearly 300 factories, heavily leverages digitalizing for efficiency gains. Responsible digitalization must go hand in hand with cybersecurity. Therefore, Siemens is implementing a defense-in-depth security concept in its factories. Industrial Anomaly Detection is an important element of this concept.
The Claroty Platform is comprised of multiple integrated products, built on Claroty’s advanced CoreX technology. The products provide the full range of cybersecurity protection, control, detection, and response. Claroty has received multiple industry awards in recent months. It was recently named an Energy Innovation Pioneer at CERAWeek 2018, and the company’s flagship Continuous Threat Detection product won the ICS Detection Challenge during the S4x18 conference in Miami.
This story is all about partnerships and collaboration. I started to write it yesterday morning, but then I saw a tweet, no not from the “big guy” but from PTC about the Rockwell Automation investment. I wanted to talk about the current trend of partnering.
It begins Roy Kok and DreamReports. We’ve chatted a little about how a company with a somewhat narrowly defined product and market can grow. He’s out in San Diego this week at the Rockwell Automation TechEd event. Rockwell is an important partner. All that data from IoT and analytics isn’t worth the storage if the information can’t be parsed and displayed. Enter Dream Reports. Kok assures me that there will be more partnerships in the future. It’s no doubt his best potential.
Another Rockwell Investment
Meanwhile, I had the opportunity to speak with Patrick McBride the CMO of Claroty about another Rockwell Automation investment. Once again a somewhat narrowly defined market—cyber security—using partnerships to grow. In this case, Claroty attracted $60M of Series B investment, bringing its total funding to $93 Million. He told me that the investment funds will be used to make the appropriate hires to expand sales and projects globally and to support its new partners.
The round was led by Temasek and included Rockwell Automation, Aster Capital (born out of Schneider Electric Ventures), Next47 (Siemens-backed global venture firm), Envision Ventures, and Tekfen Ventures. Original Claroty investors Bessemer Venture Partners, Team8, Innovation Endeavors, and ICV all participated in the round.
Founded in 2014 and exiting stealth mode in late 2016, this investment comes on the heels of a breakout year for Claroty capped by a 300% year-over-year growth in bookings and customer base. Claroty now has large-scale customers with production installations across six continents in nine market segments, including electric utilities, oil and gas, chemical, water, manufacturing, food and beverage, mining, and real estate (building management systems, data centers, warehouses).
“Our unparalleled investor syndicate, which includes some of the most important industrial companies in the world, is a ringing endorsement of Claroty’s technology and the progress our team has made,” said Amir Zilberstein, Claroty Co-founder and CEO. “Our mission is to protect the most critical networks on the planet and our comprehensive platform provides our customers with the capabilities they need to accomplish this vitally important task.”
This rapidly expanding cybersecurity market segment is the result of a “perfect storm” that has placed industrial networks running critical global infrastructures in the spotlight. Old and insecure industrial control networks, which used to be “air-gapped,” are now being rapidly connected to networks and exposed to a range of risks. Because of their criticality, these networks are increasingly targeted by advanced nation-state adversaries who are determined to harvest information and gain a persistent presence for potential future attacks. In 2017, industrial networks also became collateral damage in ransomware attacks like WannaCry and NotPetya costing companies billions in losses.
“A perimeter defense to cybersecurity in today’s connected world is not enough. An end-to-end approach, with solutions that provide deep visibility into operational technology and industrial control systems, is critical for the security of heavy processing environments,” said Hervé Coureil, Chief Digital Officer at Schneider Electric. “Leading the digital transformation of energy management and automation, Schneider Electric takes cybersecurity very seriously and the partnership with Claroty complements the cybersecurity layer of our IoT-enabled EcoStruxure architecture.”
“Protecting the critical automation systems our customers operate against cyberattacks remains a top priority for the company,” said Frank Kulaszewicz, SVP, Architecture & Software at Rockwell Automation. “Claroty has been a partner since 2016 and their advanced technology is a key element of our real-time threat detection and monitoring service. Our investment in Claroty is a logical extension of our ongoing strategic partnership.”
Claroty’s comprehensive cybersecurity platform provides extreme visibility into industrial networks and combines secure remote access with continuous monitoring for threats and vulnerabilities – enabling industrial control system operators to protect these important networks. The company will use investment proceeds to grow the Claroty brand globally, extend its sales and customer support footprint, and continue its rapid pace of product innovation.
T.J. Rylander, Partner at Next47, the Siemens-backed global venture firm said, “The recent increase in scale, scope, and frequency of cyberattacks on critical infrastructure has led to an uptick in demand for new solutions from companies around the world. Claroty has the team, technology, and market traction to deliver the kind of lasting impact that we are looking for at Next47.”
Security comes first to mind whenever we begin discussing connecting things in an industrial setting. And, of course, nothing connects things like the Industrial Internet of Things (IIoT). One place we often fail to consider in our security planning is at the endpoint of the network. Organizations and companies have been providing valuable assistance to developers by releasing best practices white papers. Here is one from a leading Industrial Internet organization.
The Industrial Internet Consortium (IIC) announced publication of the Endpoint Security Best Practices white paper. It is a concise document that equipment manufacturers, critical infrastructure operators, integrators and others can reference to implement the countermeasures and controls they need to ensure the safety, security and reliability of IoT endpoint devices. Endpoints include edge devices such as sensors, actuators, pumps, flow meters, controllers and drives in industrial systems, embedded medical devices, electronic control units vehicle controls systems, as well as communications infrastructure and gateways.
“The number of attacks on industrial endpoints has grown rapidly in the last few years and has severe effects. Unreliable equipment can cause safety problems, customer dissatisfaction, liability and reduced profits,” said Steve Hanna, IIC white paper co-author, and Senior Principal, Infineon Technologies. “The Endpoint Security Best Practices white paper moves beyond general guidelines, providing specific recommendations by security level. Thus, equipment manufacturers, owners, operators and integrators are educated on how to apply existing best practices to achieve the needed security levels for their endpoints.”
The paper explores one of the six functional building blocks from the IIC Industrial Internet Security Framework (IISF): Endpoint Protection. The 13-page white paper distills key information about endpoint device security from industrial guidance and compliance frameworks, such as IEC 62443, NIST SP 800-53, and the IIC IISF.
Equipment manufacturers, industrial operators and integrators can use the Endpoint Security Best Practices document to understand how countermeasures or controls can be applied to achieve a particular security level (basic, enhanced, or critical) when building or upgrading industrial IoT endpoint systems, which they can determine through risk modeling and threat analysis.
“By describing best practices for implementing industrial security that are appropriate for agreed-upon security levels, we’re empowering industrial ecosystem participants to define and request the security they need,” said Dean Weber, IIC white paper co-author, and CTO, Mocana. “Integrators can build systems that meet customer security needs and equipment manufacturers can build products that provide necessary security features efficiently.”
While the white paper is primarily targeted at improving the security of new endpoints, the concepts can be used with legacy endpoints by employing gateways, network security, and security monitoring.
The full Endpoint Security Best Practices white paper and a list of IIC members who contributed can be found on the IIC website.
The OPC Foundation was active during the recent ARC Industry Forum in Orlando as a Platinum Sponsor and presenting a press conference. With OPC UA released and in use and the publish/subscribe about to be release, OPC Foundation’s emphasis has been on companion specifications. It had a joint press conference with the FieldComm group to discuss its joint working group and then released news of a released companion specification with Ethernet Powerlink. The last release, something I was able to work on pre-release review, concerns a study with ARC Advisory Group on adoption of the UA specification.
Below are some details. More at the Foundation website.
OPC and FieldComm
The OPC Foundation and FieldComm Group announced an alliance to advance process automation system multi-vendor interoperability and simplified integration by developing a standardized process automation device information model.
A joint working group between OPC Foundation and FieldComm Group, tasked with developing a protocol independent companion specification for process automation devices, was formed in late 2017. The goal of the working group is to leverage the extensive experience of FieldComm Group with the HART and FOUNDATION Fieldbus communication protocols to standardize data, information, and methods for all process automation devices through FDI using OPC UA. The OPC UA base information model and companion Device Information (DI) specification will be extended to include the generic definition and information associated with process automation devices.
The OPC Foundation and FieldComm Group have worked together for over a decade, initially working on the development of the EDDL specification and most recently on the creation of FDI technology.
“FDI provides the new standard for device integration to deliver a protocol independent path to configuration, diagnostics and runtime operation for process devices,” states Ted Masters, President and CEO of FieldComm Group. “The partnership between OPC Foundation and FieldComm Group further builds upon the common information model of both to deliver process automation data in context which is the key to enabling value from enterprise systems and analytics. The 350+ suppliers of devices and applications that are members of FieldComm Group have an opportunity to benefit from the key initiative to develop a standard process automation information model by their adoption of FDI and OPC UA technologies.”
“I’m excited that the OPC Foundation and FieldComm Group are working together on this important initiative, and will be partnering with other organizations, end-users and suppliers to make the dream of a standardized process automation device information model a reality. This is truly a breakthrough in our industry that will provide significant operational benefits across all points of the value chain,” states Thomas J. Burke, OPC Foundation President and Executive Director.
“This important collaboration will provide a solid foundation for standardization of devices that will serve as the base infrastructure for the numerous other collaborations that the OPC Foundation is doing across international boundaries,” says Stefan Hoppe, OPC Foundation Global Vice President.
The joint working group plans to release an extensible, future-proof process automation information model specification during the first quarter of 2019.
OPC and Powerlink
An OPC UA companion specification is now available for POWERLINK according to a joint announcement by the OPC Foundation and the Ethernet POWERLINK Standardization Group (EPSG). The companion specification describes how payload data is exchanged between POWERLINK and any OPC UA platform. The result is integrated communication from the sensor to the cloud.
“As technologies, OPC UA and POWERLINK complement each other perfectly,” emphasized Thomas Burke, President of the OPC Foundation, in his announcement. “POWERLINK is among the leading real-time bus systems used in plants and machinery. Together with OPC UA, POWERLINK networks can now communicate seamlessly and securely with the IT environment and into the cloud.”
“This specification allows OPC UA and POWERLINK to fuse into a single network,” added Stefan Schönegger, Managing Director of the EPSG. “We’re then able to join devices from different manufacturers and across different levels of the automation pyramid into a single, cohesive system.”
A joint working group between the OPC Foundation and the EPSG had been working on the specification since 2016. The document can be downloaded from the OPC Foundation website.
OPC UA Adoption
OPC Foundation announced today the release of an in-depth ARC Advisory Group report on the important role the OPC data connectivity standards play in control automation today and in future IIoT and Industrie4.0 based solutions.
Key ARC report findings confirmed that with an estimated global install base of over 45 million units, OPC is the de facto standard for open data connectivity and that OPC UA is well positioned to serve as the next data connectivity foundation for control automation applications in traditional industrial settings and new ones like building automation, transportation, and others. Key contributing factors to the continued success of OPC UA included the scalability, performance, and robustness of the technology and the large community of end-users, vendors, and other standards bodies actively working with the OPC Foundation to best utilize OPC UA in their applications.
According to Thomas Burke, OPC Foundation president, “the [ARC report] findings accurately reflect what we [OPC Foundation] have been seeing from an adoption and collaboration point of view. I highly recommend reading this ARC report for a high level perspective of what OPC UA is doing in the market and the future of data connectivity”
Commenting on the popularity of the OPC UA standard, Mr.Burke explained “OPC UA has something to offer for everyone from end-users and product vendors to other standards bodies. After people look at what is really out there as far as a single standard that has the scalability, performance, and flexibility to meet the challenges of modern data connectivity and interoperability and has the reputation and a large enough adoption base needed to make it a safe investment – they come to realize OPC UA is the real deal.”
“OPC technology has become a de facto global standard for moving data from industrial controls to visualization up to MES/ERP and IT cloud levels”, according to Craig Resnick, Vice President, ARC Advisory Group. “The rapid expansion of OPC UA in automation, IIoT, and into new, non-industrial markets suggests that OPC will remain an important technology for multivendor secured interoperability, plant floor-to-enterprise information integration, and a host of other applications yet to be envisioned.”
Digital Transformation has generated so much news that company executives have begun ordering projects and task forces within the company to begin that transformation. The pressure on engineers and IT people increases with each new directive. To help clients deal with these new directives, ARC Advisory Group launched the Digital Transformation Council (DTC) at its 2018 Forum.
The council is a member community for industry, energy, and public-sector professionals. Membership is by invitation only and restricted to end users of digital transformation technology, such as professionals working for manufacturers, utilities, and municipalities. There is no fee to join.
“As data-driven market disruption grows, professionals across similar industries need to connect and learn from one another,” according to Jesus Flores-Cerrillo, Associated R&D Director at Praxair, one of the world’s largest providers of industrial gases. He added, “It’s becoming mission-critical to understand how to use data to develop services and products and optimize operations and assets. That can only be accomplished by understanding the possibilities provided by modern data tools such as artificial intelligence, machine learning, and digital twins.”
“We are delighted to support the Digital Transformation Council by bringing members together in person and online,” commented Greg Gorbach, Vice President at ARC Advisory Group. “This community will enable individuals and companies to get up to speed quickly on digital transformation innovations and share ideas about what provides value and what doesn’t.”
Each February, a member-only meeting, anchored to the annual ARC Industry Forum, will bring the Council together to set the focus and agenda for the coming year. Members will also gather via virtual quarterly meetings to discuss research findings, activities, and other topics.
In addition to annual in-person meetings and quarterly virtual meetings, Digital Transformation Council members will have year-round access to research and fellow members via an online community. ARC Advisory Group’s role will be to conduct research, organize meetings, provide venues, and facilitate peer-to-peer discussions. ARC will also deliver technical support for the group’s online presence.
The DTC will address topics such as analytics, industrial Internet of Things (IIoT), artificial intelligence and machine learning, cybersecurity, and additive manufacturing.
The 22nd annual ARC Industry Forum in Orlando, Florida, Feb. 12-15, 2018, will focus on the new digitally-enabled technologies, approaches, and business processes that are disrupting the way industry, infrastructure, and municipalities around the world operate and serve their respective customers.
This digital transformation impacts every aspect of business, industry, and infrastructure.
Digital Transformation Changes Everything
“We’re seeing signs of positive disruption via digital transformation everywhere we look,” said Andy Chatha, president and founder of ARC Advisory Group. “Today’s smart, connected, information-driven industrial enterprises are making better use of their assets and data to improve business and regulatory performance. We’re seeing a similar transformation across infrastructure and within municipalities.”
But Chatha also points out that challenges remain. “Without robust cybersecurity, connected enterprises are more vulnerable to hackers and other cyber-criminals. Also, today’s shortage of the skilled knowledge workers needed for successful digital transformation will become an increasing constraint.”
To help meet these and other challenges, ARC has helped organize an end user-driven Digital Transformation Council, which will convene for the first time at this year’s Forum.
Learn from Industry Leaders
Experts from industry, infrastructure, government, and academia will convene in Orlando in February to further explore these and related topics.
Keynote speakers will include Kenny Warren, Vice President of Engineering at ExxonMobil Research & Engineering, who will speak on the business goals of the company’s Open Process Automation initiative; and Jason Handley, Director of Smart Grid Emerging Technology and Operations at Duke Energy, who will speak on new technologies that are impacting the emerging Smart Grid. Mr. Warren and Mr. Handley will be joined by many other senior executive presenters at the ARC Forum.
Forum topical tracks include:
- Advanced Analytics and Machine Learning
- Asset Performance Management
- Automation Innovations (including Open Process Automation)
- Connected Smart Machines
- Cybersecurity and Safety
- Industrial Internet Platforms
- IoT Network Edge Infrastructure and End Devices
- Convergence of Information, Operational, and Engineering Technologies
Join in the Conversation
The upcoming ARC Industry Forum in Orlando offers a unique opportunity for professionals from industry and infrastructure to learn from their peers and share their own experiences and lessons learned in their respective digital transformation journeys.