Rockwell Automation, Cisco Partnership Extends Ethernet to Industrial IoT

Rockwell Automation, Cisco Partnership Extends Ethernet to Industrial IoT

The Cisco and Rockwell Automation partnership continues its step-by-step extension strengthening Rockwell’s “Connected Enterprise” strategy. This strategy builds on the foundation of EtherNet/IP and CIP (common industrial protocol). Now that all the magazines and newspapers and bloggers are writing about the Internet of Things and the Industrial Internet of Things, supplier communications managers cannot keep themselves from applying IoT to everything their companies do.

The two companies have issued two press releases recently. One concerns enhanced training couched in the strategy of bringing IT and OT together (the once and future kingdom). The other relates to extensions and additions to the partners’ reference architecture.

First, let’s see how many buzz words a marketing manager can fit into one sentence:

“The expansion of the Industrial Internet of Things (IoT) and convergence of operations technology (OT) and information technology (IT) systems into The Connected Enterprise raises questions of who within industrial organizations should design and oversee unified network infrastructures. Rockwell Automation, in collaboration with its Strategic Alliance partner Cisco, is helping address this workforce challenge with the new training and certification offerings.”

Last year, the companies jointly rolled out the Managing Industrial Networks with Cisco Networking Technologies (IMINS) training course and Cisco Industrial Networking Specialist certification. This first-of-its-kind course provided foundational skills needed to manage and administer networked, industrial control systems.

This year, Rockwell Automation and Cisco are unveiling the five-day, hands-on Managing Industrial Networks for Manufacturing with Cisco Technologies (IMINS2) course and CCNA Industrial certification exam. The course offers deeper analysis of EtherNet/IP architectures with industrial protocols, wireless and security technologies implementation, and advanced troubleshooting. The CCNA Industrial certification ensures that OT and IT professionals have the skillset needed to design, manage and operate converged industrial networks.

Pathways to Certification

Students who successfully complete the Industrial Networking Specialist and CCNA Industrial certification exams will earn CCNA Industrial certification. Alternatively, IT and OT professionals that already have their CCNA Routing & Switching or Cisco Certified Entry Networking Technician (CCENT) certification can enroll directly in IMINS2 and take the CCNA Industrial certification exam to receive CCNA Industrial certification. Once completed, the certification is valid for three years.

Participants in the IMINS and IMINS2 courses will receive exam vouchers for the Industrial Networking Specialist and CCNA Industrial certification exams, respectively, as part of course tuition. This offer is only available through courses offered and delivered by Rockwell Automation. The CCNA Industrial certification exam can be taken at one of any Pearson VUE testing centers located in more than 165 countries.

IMINS courses are offered on an ongoing basis. The enrollment schedule for IMINS2 will be posted in June, with classes beginning in July. As the leader in OT/IT skills development, Rockwell Automation will continue to invest in The Connected Enterprise and IoT training curriculum to address emerging skills requirements.

Converged Plantwide Ethernet Architectures (CPwE)

As industrial markets evolve to unlock the promise of the Internet of Things (IoT), Rockwell Automation and Cisco are announcing new additions to their Converged Plantwide Ethernet (CPwE) architectures to help operations technology (OT) and information technology (IT) professionals address constantly changing security practices. The latest CPwE security expansions, featuring technology from both companies, include design guidance and validated architectures to help build a more secure network across the plant and enterprise.

The Industrial IoT is elevating the need for highly flexible, secure connectivity between things, machines, work flows, databases and people, enabling new models of policy-based plant-floor access. Through these new connections, machine data on the plant floor can be analyzed and applied to determine optimal operation and supply-chain work flows for improved efficiencies and cost savings. A securely connected environment also enables organizations to mitigate risk with policy compliance, and protects intellectual property with secure sharing between global stakeholders.

Core to the new validated architectures is a focus on enabling OT and IT professionals to utilize security policies and procedures by forming multiple layers of defense. A defense-in-depth approach helps manufacturers by establishing processes and policies that identify and contain evolving threats in industrial automation and control systems. The new CPwE architectures leverage open industry standards, such as IEC 62443, and provide recommendations for more securely sharing data across an industrial demilitarized zone, as well as enforcing policies that control access to the plantwide wired or wireless network.

Rockwell Automation and Cisco have created resources to help manufacturers efficiently deploy security solutions. Each new guide is accompanied by a white paper summarizing the key design principles, as follows:

The Industrial Demilitarized Zone Design and Implementation Guide and white paper provide guidance to users on securely sharing data from the plant floor through the enterprise.

The Identity Services Design and Implementation Guide and white paper introduce an approach to security policy enforcement that tightly controls access by anyone inside the plant, whether they’re trying to connect via wired or wireless access.

This announcement further extends the commitment by Rockwell Automation and Cisco to be one of the most valuable resources in the industry for helping manufacturers improve business performance by bridging the gap between plant-floor industrial automation and higher-level information systems.

Rockwell Automation, Cisco Partnership Extends Ethernet to Industrial IoT

Manufacturing Software: Connectivity and Workflow

GE set up a conference call for a conversation with Matt Wells, general manager of automation software at GE Intelligent Platforms.

The impetus for the call was to flesh out the press release about the development of the Global Discovery Server (GDS) for OPC UA and the first implementation of it into GE’s Cimplicity HMI/SCADA software.

Wells said that GE is really embracing OPC UA as a core technology. Controllers have it embedded within, and in fact, GE actually evaluated it for inter-controller communication. That latter did not work out, but OPC UA remains core to GE’s connectivity program.

But, Wells continued, OPC UA is not always the easiest to implement. So GE worked with the OPC Foundation to define global discovery server to simplify management of systems.

The first advance concerns namespace. If GDS resides on the network, it will first register clients and servers then GDS provide list of namespace. And not only this, it can say who can talk to whom and it can also restrict who talks.

Secondly, GDS acts as certificate store. It is not a traffic manager, bu it checks for a certificate for all OPC devices and it then handles handshaking among them.

GDS is available as independent software that can be installed in an application. GE did Cimplicity first, partly to show it can be done and how useful it is.

GDS Agent, not part of spec, can act as proxy for existing UA that is not GDS enabled.

Using GDS in an OPC network enhancing usability and ease of implementation. This should increase the adoption of OPC UA.

When my contact set up this conversation, she also mentioned we could discuss something called, “automated operator decision support”. This intrigued me. Turns out this is an alternative phrase for automated or digitized workflow.

I’ve only talked with a few companies that have incorporated workflow. I talked with GE several years ago for the first time. This should be an important advance for manufacturing productivity.

Here are some notes about the workflow conversation.

Overall in HMI/SCADA
1-prevent mistakes so minimize abnormal situations
2-can’t always encode everything, so give advance notification, predictive analytics
3-cant predict everything, so enable operators to quickly ID issue and solve, give corrective action procedures
4-“phone a friend”, utilize mobile techs to call SMEs; We found highest adoption enabling support staff, contact experts, decrease downtime

Digitize SOP policy, workflow; work to encode workflows, as it executes SOP solicit feedback from operator, can coordinate acts of operators and people around them. Make every operator the best operator—baked in—originally sold as risk management mitigation tool. It is popular in pharma and water, especially areas where compliance is crucial.

First step, look at compliances and improving process – process

Take written manual–>encode–>provide checklist–>maybe write directly into system for records–>then after compliance, start looking at optimizing.

It is designed to layer over existing infrastructure (HMI/SCADA, WMS, etc.).

Have seen performance improvements of up to 30%.

Rockwell Automation, Cisco Partnership Extends Ethernet to Industrial IoT

OPC Foundation Real-Time And Technology Partners

OPC Foundation LogoFor being so quiet for so long, the OPC Foundation is certainly hitting the news often lately. There was news about a couple of open-source initiatives. Then the Foundation itself opened up a little with an “open-shared” program.

Then it was announced as the communication platform of Industry 4.0 in Germany.

Now a couple European automation rivals—Beckhoff Automation (Germany) and B&R Automation (Austria)—have made OPC news.

Taken in sum, these announcements plus the earlier ones reveal the importance of OPC to industrial communication. It became a standard for moving important data from control systems to human-machine interface systems and then on to SCADA and MES systems.

With the introduction of UA built on modern software technologies including built-in security and embeddable format, the technology everyone used but also everyone dissed finds itself on the cutting edge of modern connected industrial Internet strategies.

 OPC and Beckhoff

News coming from last month’s Hannover Messe included this joint announcement from OPC and Beckhoff.

OPC UA is about scalable communication with integrated security by design up to MES / ERP systems and into the cloud, EtherCAT is about hard real-time capability in machines and factory control systems. Both technologies complement each other perfectly.

Industrie 4.0 and Internet of Things (IoT) architectures require consistent communication across all levels while using Internet technologies: both in as well as outside of the factory, for example to cloud-based services. That exactly is what the OPC Foundation and the EtherCAT Technology Group (ETG) want to account for by defining a common definition of open interfaces between their respective technologies.

At the Hanover Fair Thomas J. Burke, President and Executive Director of the OPC Foundation and Martin Rostan, Executive Director of the ETG signed a Memorandum of Understanding in which both organizations agree to closely co-operate developing these interfaces.

OPC and B&R

Not to be outdone, B&R Automation issued a press release announcing it will be supporting the OPC Foundation’s new real-time technology working groups, whose goal is to add real-time capability to the OPCUA communication standard. This will involve two key additions to the OPCUA standard. The first is a publisher-subscriber model; the other is utilization of the IEEE 802.1 standard for time-sensitive networking (TSN).

B&R will be contributing its real-time expertise to the working groups. “The updates to the OPC UA standard will benefit from our years of experience in developing real-time solutions,” says Stefan Schönegger, marketing manager at B&R.

OPC UA uses a publish/subscribe network model. B&R is the main proponent of PowerLink. PowerLink uses publish/subscribe technology, too. So, B&R wants to show compatibility.

“This is a fundamental requirement for the M2M communication you find in integrated systems such as packaging lines,” explains Schönegger.

In order to fulfill real-time requirements, the OPC UA standard will make use of the IEEE 802.1 TSN standard. “At the moment, TSN is still a working title for a group of new IEEE standards designed to provide native real-time capability for the IEEE 802 Ethernet standard,” says Schönegger. This would allow for a seamless transition to substantially faster Ethernet standards such as POWERLINK for field-level communication and demanding motion control tasks.

Beyond the automation industry, TSN is currently also being evaluated by the automotive and telecommunications industries. “The first cars based on TSN are expected to hit the market in the very near future,” reports Schönegger. This would help secure the widespread availability of this technology. In addition to B&R, the new OPC working groups will be also supported by other leaders in the field of automation, as was announced by KUKA on April 13, 2015.

OPC UA already plays a central role in the IT-related areas of modern production systems. “The addition of TSN and the publisher-subscriber model will greatly expand the range of potential OPC UA applications,” says Schönegger.

Takeaway

What all this means is that OPC can now become even faster and more usable than before. The little protocol that everyone uses and everyone complains about is getting cred as it becomes more modern. These technological advances should make it more valuable. And that will be significant in this new connected enterprise era.

Technology Standards for Industrie 4.0 Include OPC

Technology Standards for Industrie 4.0 Include OPC

Thomas BurkeNews about further adoption of OPC (www.opcfoundation.org) continued to flow from the recent Hannover Fair (Messe) in Germany. Things had gone dark for a period of time from the Foundation. This has changed over the past couple of weeks as the communication technology picks up momentum.

The Platform Industrie 4.0 (I4.0) announced at Hannover Messe 2015 a reference architecture model for Industrie 4.0 (RAMI 4.0). RAMI 4.0 is a unified architecture model where use-cases, standards etc. for I4.0 are necessary. In RAMI 4.0 I4.0 components are defined in their structure and functioning. Thus it enables cross-company networking and integration across value-added networks. Where meaningful, RAMI 4.0 builds on existing and relevant standards.

The Platform Industrie 4.0 trade organizations BITKOM (IT), VDMA (Mechanical Engineering) and ZVEI (Electronics) together collected and analyzed necessary or relevant standards for RAMI 4.0 in technically oriented working groups. In the category “Communication Layer“ the OPC UA (IEC 62541) standard was thoroughly examined and deemed adequate for RAMI 4.0 as the one and only confirmed.

“Companies like ThyssenKrupp are implementing Industrie 4.0 today. The availability of established communication protocols is mission critical for such a timely implementation, OPC-UA is here the best example,” said Dr Achatz head of technology at ThyssenKrupp AG.

“We are proud the Platform Industrie 4.0 thoroughly analyzed OPC UA in the category “Communication Layer” and confirmed its relevance as the only standard for the reference architecture model for Industrie 4.0,” said Thomas J. Burke, President and Executive Director of the OPC Foundation. “This shows that the OPC Foundation is on the right track with our approach of secure, safe, manufacturer- and platform independent communication for heterogeneous systems by means of OPC UA to become a global data exchange standard for Industrie 4.0 and the Internet of Things.”

Enterprise-grade File Security for Confidential Collaboration

Enterprise-grade File Security for Confidential Collaboration

FinalCode-Screenshot-Encryption[ Updated] Wherever I go and with whomever I speak, file security in this age of Internet of Things, connected devices, collaboration, and open access is top priority. I just heard about this new company and technology who promises a higher level of file security.

FinalCode Inc., enterprise file security for a connected world, announced global availability of its enterprise-grade file security. By combining a patented approach to make file security processes seamless with the ability to remotely delete files on popular devices, FinalCode allows organizations to gain strong file protection to ensure sensitive information remains protected on devices, content management systems, cloud storage and collaboration channels.

According to Privacy Rights Clearinghouse, nearly 305 million records have been leaked in the U.S. for the past five years due to unintended disclosure, hacking or malware, insiders, and lost or discarded mobile and stationary computing devices. In a connected world of personal and mobile computing, cloud applications, dynamic collaboration and cyberattacks, organizations have limited means available to protect sensitive shared files inside or outside a corporate network, which presents tremendous exposure to data leakage, compliance, reputation and liability risks. One significant challenge is applying strong file security, as sensitive and regulated files are sent, shared and forwarded to unintended or unauthorized users outside trusted computing and content sharing environments. Worse are confidential files inconspicuously exfiltrated by hackers and insiders. Another challenge is how to apply file protection and usage restrictions in a persistent yet easy, seamless and scalable manner that does not impact user experience or impede workflows and collaboration.

“We used to think that even if employees handled files with care, it was impossible to keep them 100 percent safe due to threats of hackers and malware as well as unintentional mishandling – but then we found FinalCode,” said Hiroshi Wada, IT manager of Corporate Planning at Pioneer Service Network Corp. “This software solves all the issues because not only can we encrypt files, but we can easily specify permissions as to who can access the file and what they can do with the file. We also have full audit capability. Furthermore, with FinalCode, we can remotely delete distributed files whenever we want. It was exactly ‘the final’ choice for file security.”

FinalCode addresses data leakage risks by providing the first and last line of sensitive file defense. The solution allows any organization to gain comprehensive protection and granular control over what can be done with files and by whom, inside or outside the firewall perimeter. It delivers strong file security with the flexibility of being application-, device-, storage-, cloud-, content management- and collaboration-agnostic.

Users may simply define file security settings and respective recipients, or have such controls applied automatically through corporate policy. The FinalCode client encrypts the file and the FinalCode server manages keys and permissions. File recipients download a small FinalCode client after secure registration with the FinalCode server in order to have access to and use of the file according to policy.

As FinalCode-protected files are stored, shared and used within and outside collaboration platforms, protection persists with the ability to remotely delete files. In addition, the company’s patented CryptoEase technology streamlines file security and encryption processes without requiring the user to remember passwords, and by dramatically reducing key management overhead, makes FinalCode implementation rapid and scalable.

FinalCode functionality includes:

  • Security – AES-256 encryption, standards-based key management, secure key server and global user access management system and persistent protection with application whitelisting and remote file deletion
  • Flexibility – readily works with any application, popular devices, file storage, and enterprise and cloud-based content management systems, and across all communication channels: trusted, untrusted, private or public
  • Full control – granular file permission and protection settings by owner or through enterprise policy templates: authorized users, duration, open, copy, paste, edit, save, share, print, screen capture, revoke and delete
  • Intelligence – comprehensive auditing, pattern tracking, notification and governance across the file usage lifecycle with the means to modify policy settings on-demand or via recipient request
  • Rapid deployment – lightweight and efficient agent, extensive directory and infrastructure interoperability, and scalable cloud or on-premise virtual appliance

“While many of the world’s most publicized data leakages are due to access to unprotected files stolen by hackers and insiders, those are only the tip of the iceberg. Millions of business-sensitive files have been exposed by inadvertent emails, lost portable and storage devices, and undocumented transfers of files,” said Gord Boyce, CEO of FinalCode. “Given the dynamics of file sharing and cloud-based collaboration, the risk to sensitive data and intellectual property – such as corporate financials, board materials, customer lists, personally identifiable information (PII), healthcare records, designs and trade secrets – is a substantial exposure. The potential for FinalCode to help organizations extend control of their file security in today’s mobile and cloud connected world is enormous.”

FinalCode is the name for both the file security platform and the newly formed company based in the U.S. that is bringing the solution to the global market. The solution can be implemented as a SaaS, virtual appliance or hybrid, with packages designed to accommodate small-to-medium businesses, government agencies and large global enterprises. The FinalCode platform is generally available with annual subscription pricing starting at $27,000 $25,000, and the FinalCode client, used by file recipients, is available at no charge. Prospective customers and channel partners are invited to take FinalCode for a test drive by registering.

 

 

Follow this blog

Get a weekly email of all new posts.