Litmus Expands Enterprise-Grade Smart Manufacturing at the Edge

Many innovations and partnerships occur at the edge of the network today. Edge-to-Cloud is a term often replacing IoT for marketers. Litmus, a relatively new company, focuses on developing an innovative edge platform. I introduced Litmus here and I touched on this announcement here.

These hardware/software/platform edge partnerships constituted the trends of the times. This one links Litmus and Dell Technologies.

Litmus, the Intelligent Edge Platform for Industrial IoT, announced a new validated, end-to-end solution with Dell Technologies to simplify smart manufacturing at the edge. The offering combines Dell Technologies hardware and software with the Litmus Industrial IoT Edge platform for a resilient, scalable edge compute infrastructure that allows manufacturers to rapidly collect, analyze and act on time-critical data to improve operations.

The Dell Technologies Validated Design for Manufacturing Edge with Litmus uses Dell EMC VxRail and Dell EMC PowerEdge servers, which provide high-availability, AI and machine learning and high-speed connectivity for manufacturing edge applications. Litmus adds edge data collection, machine analytics, enterprise data integration and application and ML deployment at the edge. Scale is enabled via a centralized edge management platform that manages all IoT devices and services across all locations from a single point of control.

The Dell Technologies Validated Design for Manufacturing Edge with Litmus offers out-of-the-box connectivity to any industrial asset with more than 250 pre-loaded drivers. Pre-built and custom data visualizations, analytics and KPIs provide immediate insights at the edge, and data can be integrated to any cloud or enterprise system to power applications and feed machine learning models. The solution is integrated with the Dell EMC Streaming Data Platform, which allows customers to use high-speed data persistence and unconstrained data storage at the edge to train machine learning models without needing to send data to the public cloud.

Rockwell Automation News and Updates

The first business trip involving airplane and car in 18 months took me to Houston in November to Automation Fair, the Rockwell Automation user conference and trade show. They offered five press conferences via remote conferencing. I felt the urge to visit with people in person. Several thousand visitors wandered the show floor along with me. And I sat in the press conferences in person with a couple of editors from Control, a couple of analysts from ARC Advisory Group, an editor I didn’t know for one session, and an editor from Automation World for one other session. It felt good to be back, but this was hardly like old times. I was not rushed from appointment to appointment—I had no appointments.

The content was not like old times. No motor control or programmable controllers, although I did look up a PLC product person on the show floor to dive into a couple of things. The press conferences were somewhat IT oriented with cybersecurity and cloud, workforce issues around culture and diversity, and sustainability. Following are summaries of the press conferences and of three news items released at the show.

Cybersecurity Steps Needed for 2022

No discussion of industrial technology can begin without considering cybersecurity. Angela Rapko (Regional Vice President, Lifecycle Services, Rockwell Automation), Shoshana Wodzisz (Manager, Product Security, Rockwell Automation), and Theodore Haschke (Manager, Business Development, Functional Safety & Cybersecurity, TUV Rheinland) talked standards with us. High-profile cyber and ransomware attacks rocked the manufacturing industry in 2021 and raised government attention to the need for stronger oversight to protect businesses worldwide. Global cybersecurity standards have been established based on guidance from industry leaders for both the IT and OT level, but adoption still wanes. We’ll share how businesses can utilize standards to improve security in 2022, and why OT can’t be left behind when updating best practices.

Leveraging Culture and DEI as a Competitive Advantage

Bobby Griffin (Chief Diversity, Equity & Inclusion Officer, Rockwell Automation) and Becky House (Senior Vice President & Chief People & Legal Officer, Rockwell Automation) discussed how many companies have put a more intentional focus on company culture and DEI – but how do you know you’re having the right impact? Diversity, equity, and inclusion are core principles at Rockwell. This has a KPI associated and manager’s compensation is tied to it. Among other things, check out the senior leadership page on the Rockwell website. There are women on it. And a couple of other faces that are not old white men. There is a refreshing mix of ages, genders, ethnicities.

Why Cloud? Why Now? Three Factors Driving Adoption of SAAS-Based Solutions

I could understand the discussion of cybersecurity, which can be expected given the several-year-old vision of Rockwell regarding the Connected Enterprise. The discussion of computing in the cloud would never have happened with a straight face even three years ago. Maybe two. Let us consider two very recent acquisitions of cloud-based companies—Plex and Fiix. Brian Shepherd (Senior Vice President, Software & Control, Rockwell Automation), James Novak (Chief Executive Officer, Fiix), and Bill Berutti (Chief Executive Officer, Plex) joined us for a discussion of the companies, products, and benefits of cloud. Yet another sign of a rapidly changing Rockwell Automation.

Using Data to Drive Productivity and Sustainability

Rockwell Automation has had sustainability goals and solutions for many years. This topic remains a key focus for the corporation. Tom O’Reilly (Vice President, Sustainability, Rockwell Automation) and Arvind Rao (Director, Product Management & Head of Industry Solutions, Rockwell Automation) met with us to discuss how “customers and investors are demanding that we do business in ways that are more productive and more sustainable.” Operational data and analytics can reduce waste, improve quality, and reduce energy, all while driving increased productivity and delivering results against sustainability initiatives.

Three Strategies for Creating an Agile and Flexible Workforce

Rachael Conrad (Vice President & General Manager, Customer Support & Maintenance, Rockwell Automation) and Sherman Joshua (Director, Workforce & Competency, Lifecycle Services, Rockwell Automation) revealed Rockwell’s on key strategies for creating an agile and flexible workforce post pandemic and how manufacturers can leverage their workforce as their greatest asset.

New Initiatives to Bolster Cybersecurity Offering for Customers

Rockwell Automation, Inc. announced new investments to enhance its information technology (IT) and operational technology (OT) cybersecurity offering. These initiatives include strategic partnerships with Dragos, Inc. and CrowdStrike, as well as the establishment of a new Cybersecurity Operations Center in Israel.

Rockwell and Dragos, a global leader in cybersecurity for industrial control systems (ICS)/OT environments, have announced a partnership that combines Rockwell’s global industry, application, and ICS domain expertise with Dragos’s world-class technology, professional services, and threat intelligence services. The partnership will focus on incident response services and threat intelligence.

Rockwell and CrowdStrike, a leader in cloud-delivered endpoint and workload protection, have formed a partnership to deliver end-to-end cybersecurity and network service solutions to customers. The partnership will examine initiatives for CrowdStrike’s cloud-native, AI-powered Falcon platform with Rockwell’s global deployment, network architecture, support, OT, and managed services capabilities to deliver differentiated solutions that address customer cybersecurity pain points.

Rockwell Automation Expands Supply Chain Services with Acquisition of AVATA

Rockwell Automation, Inc. has acquired AVATA, a leading services provider for supply chain management, enterprise resource planning, and enterprise performance management solutions. AVATA has significant domain expertise in enterprise applications and is a leading consultant and systems integrator for Oracle cloud software applications.

By significantly improving end-to-end supply chain visibility and management, AVATA, together with Kalypso, Rockwell’s industrial digital transformation services business, will help further unlock the value of information technology/operational technology (IT/OT) convergence that Rockwell can deliver to customers. AVATA will be integrated into Kalypso, which is a part of Rockwell’s Lifecycle Services business.

AVATA supports Rockwell’s recent cloud-native investments, building on its open architecture to extend the digital thread and enable powerful integrations with other leading technologies, now including Plex and Oracle Cloud.

Rockwell Automation and Battery Pioneer Cadenza Innovation to Explore Driving Energy Storage and Advance Sustainability

Rockwell Automation has begun collaborating with Cadenza Innovation, the award-winning provider of safe, low cost, and energy-dense Lithium-ion-based storage solutions, to define a strategic relationship including a   shared goal of building the industry’s highest performance battery cell production lines.

During 2022 the companies intend to collaborate to develop a customer cloud portal to manage deployed distributed energy resources, an end-to-end battery manufacturing execution system (MES), and equipment automation to support the expansion of Cadenza Innovation’s battery manufacturing in the US and abroad.

Rockwell Automation and Cadenza Innovation intend to create a full digital thread that feeds information from business systems to the factory floor and subsequently out to the field-deployed energy storage systems to ‘close the loop’ by feeding data from the field back into Cadenza Innovation’s connected operations. This, in turn, will ensure peak performance of customer systems.

Linux Foundation Open Standards Updates

Industries cannot advance without standards. Trains could not operate across a continent. I could not connect to the world from my computer through WiFi to an Internet. Standards may be recognized by governments or they may be de facto industry standards. The key benefit from standards is interoperability. At some level, competing proprietary products can interoperate. I can send a text from my iPhone to your Android phone. I support standards in the name of interoperability. I say this as preamble to three pieces of news coming from the Linux Foundation.

EdgeX Foundry Announces Jakarta, the Project’s First Long Term Support Release

EdgeX Foundry, a Linux Foundation project under the  LF Edge project umbrella, announced the release of version 2.1 of EdgeX, codenamed ‘Jakarta.’  The project’s ninth release, it follows the recent Ireland release, which was the project’s second major release (version 2.0). Jakarta is significant in that it is EdgeX’s first release to offer long term support (LTS). 

“Our Jakarta release is a stabilization release,” said Jim White, the EdgeX Foundry Technical Steering Committee  (TSC) Chairman and co-founder of the project.  “As such, it is our project community’s pledge to adopters that EdgeX offers you a stable version of the platform that you can expect the community to stand behind and support for a period of two years.  We stand with you in support of EdgeX in real world, commercial deployments of the platform.”

“Only a few open-source projects offer long term support; the rapid change of open source projects and the effort needed to LTS is significant,” said Arpit Joshipura, general manager, Networking, Edge and IoT, at the Linux Foundation. “By including LTS, EdgeX demonstrates it understands the needs of the operational technology (OT) user base, and how products in this space must work and operate over longer periods of time than traditional IT solutions,” said Arpit Joshipura. “This is a big milestone for any open source community, and we are incredibly proud of EdgeX Foundry for this achievement.”

The EdgeX long term support policy states that the community will work as quickly as possible and give “best effort and development priority to fix major flaws as soon as possible.”  Major flaws by the project are defined as 

• bugs causing the system or service to crash and where there is no work around for the function

• bugs for a feature/function that does not work and there is no work around for the function

• a security issue deemed a critical or high-level CVE (per CVSS)

The project has further stipulated in its LTS policy that “no new major functionality (at the discretion of the TSC) will be added” to the LTS version after the release happens.

The next EdgeX release, codenamed “Kamakura,” is set for Spring 2022.  The community has held its semi-annual planning session to lay out the goals and objectives of this release.  Kamakura is likely to be another dot-release that will again be backward compatible with all EdgeX 2.x releases (Ireland and Jakarta).  Major additions currently under consideration and being developed by the community include:

• Initial north to south message bus.  Improved security secrets seeding and allowing for delayed service starts.

• Metrics collection

• Dynamic device profiles.  Better (native) Windows support

• Improve testing – including real hardware testing

• A second version release of the EdgeX Command Line Interface (CLI) which,  compatible with EdgeX v2.x.

The Cyber-Investigation Analysis Standard Expression Transitions to Linux Foundation

The Linux Foundation announced the Cyber-investigation Analysis Standard Expression (CASE) is becoming a community project as part of the ​​Cyber Domain Ontology (CDO) project under the Linux Foundation. CASE is an ontology-based specification that supports automated combination and intelligent analysis of cyber-investigation information. CASE concentrates on advancing interoperability and analytics across a broad range of cyber-investigation domains, including digital forensics and incident response (DFIR). 

“Becoming part of the Linux Foundation is a major milestone for CASE that will significantly benefit the broader open source and cyber-investigation communities,” said Eoghan Casey, Presiding Director of CASE. “As an evolving standard supporting structured expression and exchange of cyber-investigation information, CASE will substantially enhance efforts to address growing challenges in the modern world, including cyberattacks, ransomware, online fraud, sexual exploitation, and terrorism. Our objective is to create a culture of common comprehension and collaborative problem solving across cyber-investigation domains.”

Organizations involved in joint operations or intrusion investigations can efficiently and consistently exchange information in standard format with CASE, breaking down data silos and increasing visibility across all information sources. Tools that support CASE facilitate correlation of differing data sources and exploration of investigative questions, giving analysts a more comprehensive and cohesive view of available information, opening new opportunities for searching, pivoting, contextual analysis, pattern recognition, machine learning and visualization.

Development of CASE began in 2014 as a collaboration between the DoD Cyber Crime Center (DC3) and MITRE, led by Dr. Eoghan Casey and Sean Barnum, involving the National Institute of Standards and Technology (NIST). In response to international interest, this initiative became an open source evolving standard, with hundreds of participants in industry, government and academia around the globe. Early contributors include the Netherlands Forensic Institute (NFI), the Italian Institute of Legal Informatics and Judicial Systems (IGSG-CNR), FireEye, and University of Lausanne. CASE governance and community coordination were formalized with support of Harm van Beek, Rich Brown, Ryan Griffith, Cory Hall, Christopher Hargreaves, Jessica Hyde, Deborah Nichols, and Martin Westman. Growing international involvement is tracked on the CASE website.

CASE, built on the Hansken trace model developed and implemented by the NFI, aligns with and extends the Unified Cyber Ontology (UCO). This year has seen the release of UCO 0.7.0, and most recently CASE 0.5.0. CASE and UCO now both are built on SHACL constraints, providing an instance data validation capability. Currently, CASE is developing a representation for Inferences, both human formulated and computer generated, to bind investigative conclusions to supporting evidence and associated chain of custody.

Linux Foundation to Host the Cloud Hypervisor Project

The Linux Foundation announced it will host the Cloud Hypervisor project, which delivers a Virtual Machine Monitor for modern Cloud workloads. Written in Rust with a strong focus on security, features include CPU, memory and device hot plug; support for running Windows and Linux guests; device offload with vhost-user; and a minimal and compact footprint.

The project is supported by Alibaba, ARM, ByteDance, Intel and Microsoft and represented by founding member constituents that include Arjan van de Ven, Fellow at Intel; K. Y Srinivasan, Distinguished Engineer and VP at Microsoft; Michael Zhao, Staff Engineer at ARM, Gerry Liu, Senior Staff Engineer at Alibaba, and Felix Zhang, Senior Software Engineer at ByteDance. Initial focus for the Cloud Hypervisor project will be security and modern operation for Cloud. 

K.Y Srinivasan, Advisory Board member from Microsoft adds: “Cloud Hypervisor has matured to the point that moving it to the Linux Foundation is the right move at the right time. As LF continues to standardize key components of the software stack for managing/orchestrating modern workloads, we feel that the Cloud Hypervisor will be an important part of the overall stack. Being part of LF will help us accelerate development and adoption of this key technology.”

Cultural IT and OT Divide Blocks Many a Unified Cybersecurity Strategy

Cybersecurity is one place where the great divide between IT professionals and operations technology professionals has shrunk over the past several years. Proactive management and increasing technological overlap combined to promote understanding. This report is based on a survey of more than 600 professionals. I asked Dragos CISO Steve Applegate what stood out in the report. After all, some, but not all, of these items seemed common sense.

He told me he was surprised at the size of the breaches reported. And one could add in more items such as loss of sales and increase the number further. I asked about the famous IT/OT divide. He said that it appears to be more misunderstanding than hostility. For example, risk assessments. Corporate IT people may not realize what things in the plant might hold greater risk. Likewise, operations people may not have calculated the real risk of an intrusion. Collaboration between the two can result in better defenses.

One last nugget of awareness from Steve. Note that only 20% said that their company had regular reports to the Board on status of cybersecurity. That is something that management or an aware board member must take steps to remedy across the board.

Full Release

Dragos, Inc., the global leader in cybersecurity for industrial controls systems (ICS)/operational technology (OT) environments, released “The 2021 State of Industrial Cybersecurity: The Risks Created by the Cultural Divide Between the IT & OT Teams” report from the Ponemon Institute. The new annual report found only 21% of organizations have achieved full maturity of their ICS/OT cybersecurity program, in which emerging threats drive priority actions and C-level executives and the board are regularly informed about the state of their OT security.

As the frequency and severity of attacks increase, organizations are struggling to keep ahead of these threats, according to the survey of 603 IT, IT security, and OT security practitioners at the managerial, director, and C-level. The report finds that 63% of organizations had an ICS/OT cybersecurity incident in the past two years, and it took an average of 316 days to detect, investigate and remediate the incident. Digital transformation and trends in Industrial Internet of Things (IIoT) have greatly expanded cyber risk to the OT and ICS environment according to 61% of respondents who either agree or strongly agree.

The study reveals a cultural divide between IT and OT teams that affects the ability to secure both the IT and the ICS/OT environment. Only 43% of organizations have cybersecurity policies and procedures that are aligned with their ICS and OT security objectives. Thirty-nine percent have IT and OT teams that work together cohesively to achieve a mature security posture across both environments. Just 35% have a unified security strategy that secures both the IT and OT environments, despite the need for different controls and priorities.

“Most organizations lack the IT/OT governance framework needed to drive a unified security strategy, and that begins with the lack of OT-specific cybersecurity expertise in the organization,” said Steve Applegate, Chief Information Security Officer, Dragos, Inc. “Bridging the cultural divide between IT and OT teams is a significant challenge. But organizations must not fall into the trap of thinking that OT can just be tacked onto an existing IT program or managed under a general IT umbrella. There are fundamental differences between the problems and goals of a corporate IT environment—data safety and security—and industrial environments, where human health and safety, loss of physical production, and facility shutdowns are real risks. Deep domain expertise as well as ICS/OT-specific technologies are both required to truly safeguard industrial systems.”

“A majority of C-level executives and boards of directors are uninformed about the efficiency, effectiveness and security of their ICS/OT cybersecurity programs,” said Dr. Larry Ponemon, Chairman and Founder, Ponemon Institute. “If the board isn’t keenly aware of the impact a cybersecurity incident would have on the bottom line, securing the appropriate amount of budget for OT programs is much more difficult. As evidenced by the report, this stems from a lack of clear ownership for ICS/OT risk and who reports that to the board between engineering, IT, and CISOs.”

Cultural differences, technical barriers, and lack of clear ownership are primary challenges for OT and IT collaboration

The findings of the report suggest that misunderstanding between the groups, rather than conflict, is the significant issue. Only 32% cite competition between IT and OT for budget dollars and new security projects and only 27% have difficulty in converging security teams across IT and OT as an enterprise-wide security program.

Half of respondents state that cultural differences between engineers, security professionals, and IT staff are the main challenge.

44% say there are problematic technical differences between traditional IT-specific best practices and what is possible in OT environments, such as patch management and unique requirements of industrial automation equipment vendors.

43% of respondents say there is a lack of clear “ownership” on industrial cyber risk and uncertainty around who leads the initiative, implements the controls and supports the program.

The risks created by the cultural divide between the IT and OT teams

The level of cybersecurity maturity for ICS/OT is inadequate to meet today’s challenges. Only 21% of respondents say their ICS/OT program activities have achieved full maturity, where emerging threats drive priority actions and C-level executives and the board of directors are regularly informed about the state of their program. Half of organizations are in the early and middle stages, while the remaining 29% are late-middle stage.

C-level executives and the board of directors are not regularly informed about the efficiency, effectiveness, and security of the program. Only 35% of respondents say someone responsible for ICS and OT cybersecurity reports IT and cybersecurity initiatives to the board of directors. Of these respondents, 41% say such reporting takes place only when a security incident occurs.

Many senior managers lack awareness of the risks and threats to the OT and ICS environments, resulting in inadequate resource allocation to manage risk. Less than half (48%) of respondents say their organizations understand the unique cyber risks and have specific security processes and policies for OT and ICS environments. Only 43% of respondents say senior management understands the cyber risks and provides enough resources to defend OT and ICS environments.

Reporting relationships and accountability for OT security are not properly structured and become deterrents to investing in OT and ICS. Fifty-six percent of respondents say the reason for blocking investments is that OT security is managed by the engineering department which does not have security expertise, and 53% of respondents say OT security is managed by an IT department without engineering expertise. Only 12% of respondents say the CISO is most accountable for the security of the ICS/OT program.

Consequences of an OT cybersecurity incident

The loss of confidence in the system was the number one consequence of a cybersecurity incident, reported by 54%, followed by sustained process inefficiency (49%), and loss of control availability (47%). Additional consequences include:

  • Loss of visibility in the physical process; 41%
  • Loss of revenues; 40%
  • Loss of public confidence; 32%
  • Unintended, catastrophic process failures; 30%

Despite the challenges, organizations are focused on making investments to improve the cybersecurity posture of ICS and OT environments. Investments in areas that assess weaknesses in the security posture of OT environments are the top priority according to 60% of respondents. Contributing to the security posture is gathering threat intelligence specific to their industry, ICS and OT devices, and geography, (56%), and hiring experts in OT and ICS cybersecurity (49%).

Ponemon study methodology

The Ponemon Institute surveyed 603 IT, IT security and OT security practitioners at the C-level, managerial and director level in the United States. All are familiar with cybersecurity initiatives and ICS and OT security practices in their organizations.

The full Ponemon Institute report, “2021 State of Industrial Cybersecurity: The Risks Created by the Cultural Divide Between the IT & OT Teams,” is available for download from Dragos here

Standards and Open Source News

Open source predominates in IT. One can find open source growing within OT. I expect more as the younger generation of engineers takes over from the Boomers. My generation has laid a great foundation of standards. These make things better for engineers just trying to get a job done with inadequate resources. A few news items have piled up in my queue. Here is a CESMII announcement followed by several from the Linux Foundation.

SME and CESMII Join Forces to Accelerate Smart Manufacturing Adoption

SME, a non-profit professional association dedicated to advancing manufacturing, and CESMII – The Smart Manufacturing Institute, are partnering to align their resources and educate the industry, helping companies boost productivity, build a strong talent pipeline, and reduce manufacturers’ carbon footprint.

CESMII and SME will address the “digital divide” by connecting manufacturers to technical knowledge. These efforts will especially help small and medium-size companies—a large part of the supply network—to overcome the cost and complexity of automation and digitization that has constrained productivity and growth initiatives. 

“The prospect of the Fourth Industrial Revolution catalyzing the revitalization of our manufacturing productivity in the U.S. is real, but still aspirational, and demands a unified effort to accelerate the evolution of this entire ecosystem,” said John Dyck, CEO, CESMII. “We couldn’t be happier to join with SME on this important mission to combine and align efforts with the best interest of the employers and educators in mind.”

Smart Manufacturing Executive Council

The first joint initiative is the formation of a new national Smart Manufacturing Executive Council. It will engage business and technology executives, thought leaders, and visionaries as a “think tank” advocating for the transformation of the ecosystem. It will build on each organization’s history of working with industry giants who volunteer their time and impart their knowledge to benefit the industry.

Members of the council will act as ambassadors to drive the national conversation and vision for smart manufacturing in America. Working with policy makers and others, the council will unify the ecosystem around a common set of interoperability, transparency, sustainability and resiliency goals and principles for the smart manufacturing ecosystem.

Focus on Manufacturing Workforce

The need for richer, scalable education and workforce development is more important than ever.

SME’s training organization, Tooling U-SME, is the industry’s leading learning and development solutions provider, working with thousands of companies, including more than half of all Fortune 500 manufacturers as well as 800 educational institutions across the country. CESMII has in-depth training content on smart manufacturing technology, business practices, and workforce development. Leveraging Tooling U-SME’s extensive reach into industry and academia, the synergistically combined CESMII and Tooling U-SME training portfolios and new content collaborations will expedite smart manufacturing adoption, driving progress through transformational workforce development.

Through this national collaboration, Tooling U-SME will become a key partner for CESMII for advancing education and workforce development around smart manufacturing. 

“Manufacturers are looking for a more effective, future-proof approach to upskill their workforce, and we believe that the best way to accomplish that is for CESMII and Tooling U-SME to work together,” said Conrad Leiva, Vice President of Ecosystem and Workforce Education at CESMII. “This partnership brings together the deep domain expertise and necessary skills with the know-how to package education, work with employers and schools and effectively deliver it at scale nationally.

Linux Foundation Announces NextArch Foundation

The Linux Foundation announced the NextArch Foundation. The new Foundation is a neutral home for open source developers and contributors to build next-generation architecture that can support compatibility between an increasing array of microservices. 

Cloud-native computing, Artificial Intelligence (AI), the Internet of Things (IoT), Edge computing and much more have led businesses down a path of massive opportunity and transformation. According to market research, the global digital transformation market size was valued at USD 336.14 billion in 2020 and is expected to grow at a compound annual growth rate (CAGR) of 23.6% from 2021 to 2028. But a lack of intelligent, centralized architecture is preventing enterprises and the developers who are creating innovation based on these technologies to fully realize their promise.

“Developers today have to make what feel like impossible decisions among different technical infrastructures and the proper tool for a variety of problems,” said Jim Zemlin, Executive Director of the Linux Foundation. “Every tool brings learning costs and complexities that developers don’t have the time to navigate yet there’s the expectation that they keep up with accelerated development and innovation. NextArch Foundation will improve ease of use and reduce the cost for developers to drive the evolution of next-generation technology architectures.” 

Next-generation architecture describes a variety of innovations in architecture, from data storage and heterogeneous hardware to engineering productivity, telecommunications and much more. Until now, there has been no ecosystem to address this massive challenge. NextArch will leverage infrastructure abstraction solutions through architecture and design and automate development, operations and project processes to increase the autonomy of development teams. Enterprises will gain easy to use and cost-effective tools to solve the problems of productization and commercialization in their digital transformation journey.

Linux Foundation and Graviti Announce Project OpenBytes to Make Open Data More Accessible to All

The Linux Foundation announced the new OpenBytes project spearheaded by Graviti. Project OpenBytes is dedicated to making open data more available and accessible through the creation of data standards and formats. 

Edward Cui is the founder of Graviti and a former machine learning expert within Uber’s Advanced Technologies Group. “For a long time, scores of AI projects were held up by a general lack of high-quality data from real use cases,” Cui said. “Acquiring higher quality data is paramount if AI development is to progress. To accomplish that, an open data community built on collaboration and innovation is urgently needed. Graviti believes it’s our social responsibility to play our part.”

By creating an open data standard and format, Project OpenBytes can reduce data contributors’ liability risks. Dataset holders are often reluctant to share their datasets publicly due to their lack of knowledge on various data licenses. If data contributors understand their ownership of data is well protected and their data will not be misused, more open data becomes accessible.
 
Project OpenBytes will also create a standard format of data published, shared, and exchanged on its open platform. A unified format will help data contributors and consumers easily find the relevant data they need and make collaboration easier. These OpenBytes functions will make high-quality data more available and accessible, which is significantly valuable to the whole AI community and will save a large amount of monetary and labor resources on repetitive data collecting.

The largest tech companies have already realized the potential of open data and how it can lead to novel academic machine learning breakthroughs and generate significant business value. However, there isn’t a well-established open data community with neutral and transparent governance across various organizations in a collaborative effort. Under the governance of the Linux Foundation, OpenBytes aims to create data standards and formats, enable contributions of good-quality data and, more importantly, be governed in a collaborative and transparent way.

Linux Foundation Announces Security Enhancements to its LFX Community Platform to Protect Software Supply Chain

The Linux Foundation announced it has enhanced its free LFX Security offering so open source projects can secure their code and reduce non-inclusive language.

The LFX platform hosts community tools for security, fundraising, community growth, project health, mentorship and more. It supports projects and empowers open source teams to write better, more secure code, drive engagement and grow sustainable ecosystems.

The LFX Security module now includes automatic scanning for secrets-in-code and non-inclusive language, adding to its existing comprehensive automated vulnerability detection capabilities. Software security firm BluBracket has contributed this functionality to open source software projects under LFX as part of its mission of making software safer and more secure. This functionality builds on contributions from leader in developer security, Snyk, now making LFX the leading vulnerability detection platform for the open source community.

The need for a community-supported and freely available code scanning is clear, especially in light of recent attacks on core software projects and recent the White House Executive Order calling for improved software supply chain security. LFX is the first and only community tool designed to make software projects of all kinds more secure and inclusive.

LFX Security now includes:
● Vulnerabilities Detection: Detect vulnerabilities in open source components and dependencies and provide fixes and recommendations to those vulnerabilities. LFX tracks how many known vulnerabilities have been found in open source Projects, identifies if those vulnerabilities have been fixed in code commits and then reports on the number of fixes per project through an intuitive dashboard. Fixing known open source vulnerabilities in open source projects helps cleanse software supply chains at their source and greatly enhances the quality and security of code further downstream in development pipelines. Snyk has provided this functionality for the community and helped open source software projects remediate nearly 12,000 known security vulnerabilities in their code.
● Code Secrets: Detect secrets-in-code such as passwords, credentials, keys and access tokens both pre- and post-commit. These secrets are used by hackers to gain entry into repositories and other important code infrastructure. BluBracket is the leading provider of secrets detection technology in the industry and has contributed these features to the Linux Foundation LFX community.
● Non-Inclusive Language: Detect non-inclusive language used in project code, which is a barrier in creating a welcoming and inclusive community. BluBracket worked with the Inclusive Naming Initiative on this functionality.

Digital Performance Management Tool Targets Efficiency Gains

Remember The Goal by Eli Goldratt? The plant manager began investigating constraints in the production line. In order to find the data, the IT guy had to make a special report run overnight resulting in printing reams of paper that they had to read through the next day looking for insights into the next bottleneck or constraint. Now, we can get this information almost real-time on our smart phone. That context is what I think of as I wade through the hype of PTC’s latest announcement from last week’s virtual customer event.

I wish people marketing software could just say what they do instead of phrases such as “investment accountability by validating outcomes for transformational investments with real-time production data.” And the executives quoted bemoaned that digital transformation was only incrementally improving manufacturing performance. My experience tells me that if you are looking for something like 50% or 100% boosts, then you should have been terminated long ago as a terrible manager. Incremental boosts in efficiency done consistently over time will yield a viable manufacturing company.

At any rate, I’m sure that this new product, “Digital Performance Management Solution,” will help well run manufacturing companies continue to improve. The news in brief:

  • New IIoT Offering from PTC Is a Self-Monitoring, Self-Measuring Tool for Closed-Loop Problem Solving.
  • With the New Solution, Manufacturers Are Empowered with Visibility into Current Performance, Analysis of Production Bottlenecks, and Outcome Validation for Investments.

And here is the release: PTC announced the immediate availability of the new ThingWorx Digital Performance Management Solution (DPM), a first-of-its-kind offering that represents a significant advancement in manufacturing companies’ ability to drive efficiency.

DPM provides performance insights and enables real-time, closed-loop problem solving.  It delivers one universal view of performance, communicated in an understandable business metric: hours.  This metric is easily understood across frontline workers, managers, and executives, and provides a foundation for an enterprise-scale solution.  DPM supports investment accountability by validating outcomes for transformational investments with real-time production data and easy-to-calculate financial improvements.

With DPM, companies can identify the right performance issues to drive efficiency; empower frontline workers to take corrective action; gain visibility into bottlenecks, root causes, and the most critical areas to focus on for improvement; measure results with performance data to ensure actions produce the desired outcomes; and achieve rapid time to value and scale, with initial results in as little as 90 days.

“The release of PTC’s ThingWorx DPM Solution represents a significant milestone in our IIoT business,” said Jim Heppelmann, President & CEO, PTC.  “This software marks the beginning of a new phase in PTC’s IIoT growth strategy as we evolve our positioning of ThingWorx as a suite of powerful enterprise solutions that power significant enterprise efficiency to drive business value.”