Mentor Becomes Siemens EDA

I received this email after I’d shut the computer down for the evening yesterday.

Following the acquisition of Mentor Graphics by Siemens in 2017, Mentor will now officially become Siemens EDA, a part of Siemens Digital Industries Software, effective January 2021.

Our combined and integrated technologies now establish Siemens as the global leader in industrial software, positioning us to not only offer a comprehensive portfolio of EDA tools but also pioneer new technologies that we believe will redefine EDA to help you deliver IC and systems innovations to market faster.

Look for upcoming announcements with a new look and feel over the next few months as we transition our website and content from Mentor to Siemens EDA.

Thank you for your support and continued interest in our broad portfolio of EDA tools, now strengthened by Siemens’ world-class products and services.

Best regards,
Siemens EDA

CIP Security Updated to Support User Level Authentication

This release has been sitting in my Dropbox for a month or so. It’s still worth noting especially since security became news a couple of times in the past few weeks.

ODVA announces that user level authentication has been added to CIP Security, the cybersecurity network extension for EtherNet/IP. Previous publications of the specifications for CIP Security included key security properties including a broad trust domain across a group of devices, data confidentiality, device authentication, device identity, and device integrity. CIP Security now adds a narrow trust domain by user and role, an improved device identity including the user, and user authentication. 

As IT and OT converge in industrial automation, the ability for controls engineers, IT administrators, and maintenance operators to securely access and modify device parameters grows even more critical. Device level security is a building block requirement of IIoT to protect critical assets and people from potential physical and increasingly likely financial harm. To meet this requirement, the robust CIP Security User Authentication Profile will provide user level authentication with a fixed user access policy based on well-defined roles and basic authorization via both local and central user authentication. CIP Security’s ability to authenticate via the device or through a central server allows for simplicity in smaller, simple systems and efficiency in large, complicated installations.

CIP Security already included robust, proven, and open security technologies including TLS (Transport Layer Security) and DTLS (Datagram Transport Layer Security); cryptographic protocols used to provide secure transport of EtherNet/IP traffic, hashes or HMAC (keyed-Hash Message Authentication Code) as a cryptographic method of providing data integrity and message authentication to EtherNet/IP traffic; and encryption as a means of encoding messages or information in such a way as to prevent reading or viewing of EtherNet/IP data by unauthorized parties. The new CIPTM User Authentication Profile provides user-level authentication for CIP communication at the application layer. In the future, CIP Security may make use of a CIP authorization profile that will enhance CIP to provide additional security properties such as general, flexible authorization where access policy can be based on any attribute of the user and/or system and potentially extending CIP Security to support other non-EtherNet/IP networks.

The new User Authentication Profile makes use of several open, common, ubiquitous technologies, including OAuth 2.0 and OpenID Connect for cryptographically protected token-based user authentication, JSON Web Tokens (JWT) as proof of authentication, usernames and passwords, and already existing X.509 certificates to provide cryptographically secure identities to users and devices. It uses a cryptographically secure user authentication session ID, generated by the target on presentation of a valid JWT by the user, to map between an authentication event and the messages sent by a user for CIP communications. The user authentication session ID is transmitted over EtherNet/IP using (D)TLS and a confidentiality-enabled cipher suite per CIP Security’s EtherNet/IP confidentiality profile.

“User authentication is another critical step in the development of CIP Security, a key network extension that is a part of the complete EtherNet/IP industrial communication ecosystem. CIP Security, as a part of a defense in depth approach, is designed as an effective deterrence to malicious cyber attackers who are looking for targets to disrupt plant operations,” stated Jack Visoky, EtherNet/IP System Architecture Special Interest Group (SIG) vice-chair. “With connected infrastructure and automation systems, CIP Security is more critical than ever before to protect valuable investments and production of essential products around the world from malicious cybersecurity attacks” said Dr. Al Beydoun, President and Executive Director of ODVA. “ODVA will continue to invest in the future development of CIP Security and EtherNet/IP to ensure that end users are protected from physical and financial harm perpetrated by bad actors.”

Through this update, CIP Security now offers even stronger device level security with a narrow trust domain by user and role, an improved device identity including the user, and fixed user authentication. ODVA continues to work to make sure that CIP Security stays on the cutting edge of device defense to best protect critical industrial automation assets to make sure that the promise of IIoT and Industry 4.0 can be fully achieved. Visit odva.org to obtain the latest version of The EtherNet/IP Specification including CIP Security.

OPC Foundation In The News

OPC Foundation has released a lot of news at the end of 2020. Its working groups have been busy.

  • Cloud Library with CESMII
  • Field Level Communications
  • ECLASS Standard for M2M Communication
  • Update to PLCOpen 61131-3 specification

Cloud Library

The OPC Foundation, in collaboration with CESMII, is pleased to announce the launch of the “OPC UA Cloud Library” Joint Working Group (JWG). The goal of the JWG is to specify how OPC UA information models of machines, SCADA and Manufacturing Execution Systems will be stored in and accessed from a cloud-based database.  Such a database will enable manufacturers to draw from a wide range of OPC UA information models and profiles for use in their pre-built shopfloor and business digitalization applications.

Collaboration between the OPC Foundation and the Smart Manufacturing Institute is a natural fit given their complementary efforts. On one hand, the US government-backed Smart Manufacturing Institute sets out to help accelerate the adoption of Smart Manufacturing by businesses of all sizes by enabling frictionless movement of information (data and context) between real-time operations and the people and systems that create value in their organizations. On the other hand, the OPC Foundation created a globally adopted open data interoperability standard via its OPC UA specification. The specification’s information modeling capabilities and secure, scalable communications made it a cornerstone of Industrie 4.0 and virtually every other national Industrial IoT initiative. By working together, CESMII and the OPC Foundation aim to enable the broadest range of US manufacturers and beyond to innovate and go-to-market in their digital transformation using the right data modeling foundation.

Field Level Communications

OPC Foundation announces today that its Field Level Communications Initiative has accomplished a significant milestone in the ongoing project by completing their initial release candidate with the focus on the Controller-to-Controller (C2C) use case. In addition, a technical paper has been published that explains the technical approach and the basic concepts to extend OPC UA to the field level for all use cases and requirements in Factory and Process Automation.

Peter Lutz, Director Field Level Communications of the OPC Foundation says: “We are happy about the progress that our working groups have made over the last months, despite COVID-19 and the associated restrictions. The initial release candidate is a major achievement because it is used to build prototypes and to create test specifications that will be converted to corresponding test cases for the OPC UA certification tool (CTT). Furthermore, it lays the foundation for specification enhancements to also cover the Controller-to-Device (C2D) and Device-to-Device (D2D) use cases in the next step.”

Since the start of the Field Level Communications Initiative in November 2018 more than 300 experts from over 60 OPC Foundation member companies have signed up for the various technical working groups to create the technical concepts and elaborate the specification contents for extending the OPC UA framework for field level communications, including Determinism, Motion, Instruments and Functional Safety.

Cooperation with ECLASS

An important step for interoperability in the field of M2M communication: the OPC Foundation and ECLASS e.V. signed a cooperation agreement.

The goal of this cooperation is to combine the power of the OPC UA and ECLASS standards to better enable M2M interoperability via seamless communication of data and semantics using a standardized set of interfaces. To serve as the basis for semantic interoperability across full product life cycles in an international application environment, a manufacturer and industry independent standard for product description is needed. Once created, such a standard can serve as a semantic reference for the Internet of Things. The ECLASS standard, developed by ECLASS e.V. meets these requirements in a unique way.

The OPC UA standard enables secure transmission of data and facilitates the definition and dynamic exchange of its underlying structure via robust OPC UA information modeling functionality. Standardized information models implemented using OPC UA are called OPC UA Companion Specifications, which taken together can serve as common libraries of Information Models. Products utilizing OPC UA Companion Specifications enable seamless 3rd party data interoperability in the operating phase in the product lifecycle. Today, ECLASS identifiers are already being used in various Companion Specifications. 

Update to PLCOpen OPC UA for IEC61131-3

The OPC Foundation, in collaboration with PLCopen, announced the release of v1.02 of the “OPC UA for IEC61131-3” specification. Building on the first version of the specification, the joint working group added: 

  • support for all datatypes defined in the 3rd edition of IEC61131-3
  • an optimized, machine-readable version of the information model (i.e. nodesetfile) 
  • compliance with enhanced specification templates to support the tool chain used to generate validated information models
  • inclusion in the global online searchable specification reference 
  • OPC Foundation Compliance Test Tool (CTT)  test cases for validation of vendor implementations of “OPC UA for IEC61131-3”

Founded in 2008, this joint working group has the goal of expressing IEC 61131-3 information models using OPC UA.  By doing so, an IEC6-61131-3 PLC project that is loaded onto different control platforms can be displayed in a standardized form and made available for communication via the controllers’ OPC UA servers.

“This first step harmonizes the access of the project running in the controller” says Eelco van der Wal, Managing Director of the PLCopen organization. “With this an unprecedented transparency is created in the communication in industrial automation, enabling the configuration of the communication much faster and independent of the network and suppliers. For this reason, many suppliers have implemented this, providing their users with the ease of use in communication.”

In addition to the server specification “UA for IEC61131-3” the group also worked very successfully on the “client specification” which was originally released in 2014. The implementation of this functionality on a controller makes it possible to initiate a communication session to any other available OPC UA Server. The controller can exchange complex data structures horizontally with other controllers independent of the fieldbus system used, or vertically with other devices using an OPC UA server service oriented architecture, like an MES/ERP system in order to collect data or write new production orders to the cloud.

Manufacturing Industry Asked to Participate in Survey of Reshoring Opportunities

Sometimes when I’m considering manufacturing trends and requirements, I feel like Odysseus caught between Scylla and Charybdis. Regarding trade and manufacturing—one the one hand I’ve seen the evidence that international trade can be beneficial for everyone, while on the other, it is important that each country maintains a strong manufacturing base in order to assure survival.

Often these policies are decided by MBA-Finance types who only look at (usually incomplete) spreadsheets trying to find ways to save a dollar. Or politicians intent only on stirring up their supporters in payment for a vote.

Financial people have finally awakened to the drawbacks of having all manufacturing done at remote factories searching for the lowest possible wage. You don’t get a motivated and skilled workforce that becomes the source for much manufacturing innovation. You also don’t always win additional customers for your products in that other country. Your spreadsheets lead you to that dangerous path between Scylla and Charybdis.

Several organizations in the US have taken on the challenge to “rebuild” manufacturing in the US. These include CESMII, The Reshoring Institute, and the source for this report, AMT—The Association for Manufacturing Technology. Actually, my research so far seems to show that the US has been losing in the OEM and machine building market while it has maintained some final manufacturing, albeit with wages no higher than $15/hour. Not a good situation.

Help with the effort. Participate in this survey.

What products and components offer the biggest opportunities for reshoring? What advanced manufacturing technology is needed to enable the reshoring?  To what degree did the pandemic disrupt supply chains, and how did it affect sourcing? To answer these questions and better understand the needs of the manufacturing technology community, AMT – The  Association For Manufacturing Technology is asking industry, including OEMs, job shops, technology suppliers and distributors, to participate in an online survey to help in “Rebuilding the Supply Chain.” The survey is open through February 28, 2021.

The survey takes about five minutes to complete. Results will be published in March on the AMT website and on IMTS.com/supply-chain, a one-stop repository for supply chain information, content and guidance resources. One of the key survey questions is whether or not OEMs and job shops would value an AMT service to connect OEMs with manufacturing technology solutions for reshoring opportunities.

“Participating in this survey will provide valuable insight on sourcing issues and which processes, products and components face the most pressure from imports and which offer the biggest opportunities to reshore,” says Peter R. Eelman, Vice President & CXO at AMT, which owns and produces IMTS – The International Manufacturing Technology Show. “The input we receive helps AMT and IMTS develop resources to help companies make more detailed sourcing assessments and better-informed sourcing decisions.”

The survey is one of many activities related to AMT’s Rebuilding the Supply Chain initiative, which has gained greater visibility due to COVID-19 disruptions and shifting the emphasis of IMTS to further support the industrial base. Rebuilding the Supply Chain activities also include collaboration with the Reshoring Initiative, a not-for-profit organization dedicated to bringing manufacturing back to the United States.

Emerson Virtual Exchange Discrete and Industrial Automation Day

The conferences I have attended over the past five or six years have changed since my early days as a customer or sales engineer of industrial technology. While the automation companies have been changing with the trends in technology and application, IT companies have generated much energy and thought with advances in compute platforms, storage, memory, virtual machines, and the like.

I’ve tried to stir up, maybe not controversy, but at least conversation regarding using these powerful compute platforms for both control and data. Industrial Internet of Things (IIoT) connectivity has progressed to a point where networked I/O is not a problem.

That leads me to what I learned from today’s sessions about implementing IIoT and digital transformation and Edge Control from Emerson Virtual Exchange. This was discrete and industrial automation day. 

Emerson’ Global User Exchange went virtual this year, and thinking outside the proverbial box, stretched it out over about six months. There are sessions January 5 (which you can see on demand) and January 7, as well as next week on January 12 and 14. These are well done as the platform companies continue to improve and provide better service. Emerson has always worked hard to present professionally done sessions. Virtual did not change things.

The opening “keynote” was introduced by Hakan Erdamar, Group President for Discrete & Industrial. Zach Gustafson, VP of Business Development for Machine Automation and Derek Thomas, VP of Strategy & Marketing for Machine Automation, discussed IIoT and digital transformation, and then introduced Warren Pruitt, VP of Global Engineering Services, Colgate-Palmolive, who related the recent digital transformation journey his company has been traveling.

The key messages include using IIoT connectivity for data, starting small with scalable components, and using local (on-prem) compute. Use cloud for longer term analysis.

The blurb you’ll see online goes like this: Zach and Derek  go beyond the obstacles of the  “new normal” that manufacturers face are the ongoing challenges of production pressure, operational efficiency, and sustainability measures. In this unique moment in industry the Industrial Internet of Things (IIoT) and the digital transformation it enables is poised to help unleash a new era of manufacturing that is more reliable, more efficient, more connected and more sustainable than ever before. Join Zach Gustafson and Derek Thomas to gain insight into how manufacturers are getting started with unlocking trapped data in individual machines and processes to identify quantifiable savings and benefit that can then quickly scale on global levels. 

Warren’s presentation promo goes, A global consumer products leader, Colgate Palmolive is leveraging the power of Digital Transformation to help meet its aggressive global sustainability and operational performance goals. Not waiting for a silver bullet solution, Colgate’s approach is to “get started” with a test an learn mindset and scale successful lessons learned across their global footprint. Warren Pruitt shares Colgate’s implementation approach and lessons learned from the Digital Transformation efforts the organization has made to achieve the company’s objectives.

Thomas took us through a data path in his presentation going through the start small and scale theme and then landing on the latest “PACSystems” edge controller. This is a compute device that runs Linux, is open, makes extended use of Node-RED, also runs PLC control in the same processor/box, has extended open connectivity, and utilizes most standard industrial protocols.

Edge control is redefining the traditional control model by bringing together OT and IT technology in a single solution capable of logic, data management and analytics. This incredible evolution and transformation of PLCs and Industrial PCs is creating new possibilities for tackling today’s IIoT and digital transformation challenges by enabling customers to start small at a machine, scale to plant-wide analytics, and make manageable investments with a single platform. Learn how Emerson’s PACSystems RX3i CPL410 Edge Controller can operate as either an IIoT-enabled PLC or an advanced supervisory controller for your manufacturing operations. This industry leading controller combines the powerful PACSystems runtime, PACEdge IoT platform and Movicon WebHMI to deliver unmatched capability and possibilities for customers. Derek Thomas, Vice President, Marketing & Strategy, Emerson.

Harting Becomes ODVA’s Latest Principal Member

I am going to be catching up on a lot of late 2020 news. There certainly seemed to be more news in a pandemic-laden year than in a typical year. It was crazy. And the proliferation of virtual conferences was amazing.

So, ODVA is heading for growth at the physical layer. It has announced that Harting has become a principal member of ODVA alongside Cisco Systems, Endress+Hauser, Honeywell, Omron, Rockwell Automation, and Schneider Electric. The primary focus of Harting’s activities in ODVA will be through Harting of North America.

Harting is working to drive the advancement of industrial Ethernet as a part of IIoT and Industry 4.0, and its increased participation in ODVA will aid efforts to identify and standardize different technologies and devices that will be needed for the automation industry to successfully implement IIoT.

Harting has worked through ODVA and with its fellow ODVA Members for many years to promote the adoption of industrial automation communications network standards, to engage in technical development and enhancement activities, and to promote conforming products. It supports both EtherNet/IP and DeviceNet technologies with cable and connector solutions. Its products include heavy duty connectors, interface/board connectors, custom cabling, and a wide portfolio of solutions for industrial communications, especially Industrial Ethernet. Key served market segments include machinery/robotics, automation, transportation, wind energy, and power generation & distribution. The company provides data, signal, and power via complete connector installation concepts for industrial infrastructures, setting new standards with connectors such as the Han series. It has helped drive the adoption of industrial Ethernet over the past years, especially with the launch of their T1 Industrial connector for Industrial Single Pair Ethernet.

“EtherNet/IP is a critical communication network for the future of discrete and process industries, especially with the advent of Industrial Single Pair Ethernet and Ethernet-APL,” stated Jon DeSouza, President and CEO of Harting Americas. “Harting is looking forward to continuing to provide enhanced smart connectivity solutions for EtherNet/IP networks to drive faster decision making and error correction as well as prevention. By joining ODVA as a principal member, HARTING is increasing its contribution to the advancement of EtherNet/IP and related ODVA technology and standards to prepare for OT and IT convergence. IIoT and Industry 4.0 continue to gain traction and drive industry advancement, making now the perfect time for Harting to increase its commitment to ODVA.” 

“ODVA welcomes the increased contribution of HARTING as a principal member as well as their expertise in smart connectivity,” said Dr. Al Beydoun, President and Executive Director of ODVA. “Their participation as a principal member will contribute to and grow ODVA’s ability to move the connectivity of the industrial enterprise forward to meet the increased demands of IIoT and Industry 4.0.”