Today’s news from the ARC Forum concerns AspenTech and Emerson as we focus on process systems and asset optimization.
Only a few years ago it appeared that AspenTech was destined for some sort of demise—sold for parts or something. It has rebounded nicely since and last week announced enhancements to its production optimization solution and this partnership with Emerson. Collaboration being one of the sub-themes of the conference.
Emerson and AspenTech have teamed up to deliver asset optimization software solutions along with global automation technologies and operational consulting services.
AspenTech’s asset optimization supports Emerson’s Project Certainty and Operational Certainty initiatives. “Emerson’s global footprint, automation engineering services and software, extensive large-scale project execution and consulting capabilities complement AspenTech’s technology footprint. Collectively, these capabilities can be deployed as solutions in both conventional and cloud-based architectures.”
“Emerson and AspenTech are both highly focused on digital technologies and services that deliver measurable improvements and value to our customers’ bottom line,” says David N. Farr, chairman and CEO of Emerson. “Together, we are well positioned to help our customers navigate the best path in this era of digital transformation and achieve Top Quartile performance.” Top Quartile is defined as achieving operations and capital performance in the top 25 percent of peer companies.
The alliance will initially focus on three key areas: engineering software, including high-fidelity simulation to help validate project design and train operators before start-up; manufacturing and supply chain software, including advanced process control software designed for highly complex operations; and asset performance management software to improve plant reliability.
“Working with Emerson, we will help more organizations drive higher total shareholder returns with a relentless focus on operational excellence,” says Antonio Pietri, president and CEO of AspenTech. “We look forward to helping make the best companies even better by optimizing the design, operation and maintenance lifecycle with software and insight to run assets faster, safer, longer and greener.”
Meanwhile, Emerson hits themes of security, close to the edge (of the network), and OPC UA among many updates to its process automation system. It is expanding its Plantweb digital ecosystem with the launch of DeltaV version 14, a cybersecurity-certified control system designed to deliver new value in capital projects and make plant operations more connected and productive. The latest release provides significant innovations to the entire DeltaV architecture and was built with customers’ digital transformation initiatives in mind.
This major update to the DeltaV automation system includes several enhancements to eliminate costs and reduce complexity in capital projects, plus improve productivity during operations through enhanced access to production and equipment data, improved usability and greater security.
“More than ever, an integrated plant data environment is essential to achieve digital transformation. With DeltaV, we’re reducing the engineering effort required to securely connect plant, operational and information systems,” said Jamie Froedge, president of Process Systems and Solutions, Emerson Automation Solutions. “Our customers will have more capabilities in their distributed control and safety systems to help them successfully execute capital projects and optimize operations.”
Capital Project Flexibility
Continuing to advance the impact of DeltaV Electronic Marshalling with CHARMs on capital project engineering, CHARM I/O Block takes CHARMs—which achieved more than one million deployments at more than 1100 sites in only five years—closer to the field. Small enclosures with up to 12 CHARMs can now be installed closer to field devices, significantly reducing wiring and overall installation costs by as much as 60 percent and providing more engineering flexibility.
Smart Commissioning, launched in 2016, took one of most engineering intensive operations off a project’s critical path. Traditionally, commissioning has been a manual task that requires more than two hours per device for thousands of devices. Smart Commissioning reduced commissioning time to 25 minutes. Emerson is now expanding these capabilities and reducing device commissioning time to as little as 10 minutes, a nearly 93 percent reduction in costly commissioning time that could save several hundred-thousand dollars in engineering costs.
Mobility and User Experience
DeltaV Live Operator Interface is a modern, built-for-purpose operations experience that is easy to understand and modify. The HMI comes pre-engineered with the industry’s best practices for user experience including ISA 101.01 and is based on research with the Center for Operator Performance, a consortium of vendors and academia focused on human factors engineering. The HTML5 interface enables scalable graphics and gives operators the flexibility to adjust their displays to focus on process data that is most important for each situation. The new operator interface helps improve overall situational awareness and decision-making speed. Emerson is helping companies prepare for the shift to mobility with DeltaV Live by building a foundation for graphics to be transferrable across desktops, laptops, and mobile devices—all without additional engineering or custom scripting.
A Secure, Connected Plant
DeltaV will offer its users a new level of confidence and protection from cybersecurity threats by being one of the only systems to have a top-to-bottom cybersecurity certification. DeltaV v14 will be certified ISASecure SSA Level 1 by the International Society of Automation (ISA), signifying that Emerson developers are trained to write secure code and the system as a whole is hardened against cyber threats.
Emerson is making connecting a plant’s OT systems with IT systems seamless by expanding OPC UA access in its DeltaV hardware and software offerings. DeltaV is the pathway for most plant data and now using the IIoT’s most prevalent protocol, OPC UA, DeltaV applications and servers can securely share data to cloud analytics applications, remote monitoring solutions, and third-party technologies.
Bedrock Automation, products built for security from the chips up, had a flurry of activity at the ARC Industry Forum in Orlando last week. It announced a firmware upgrade, OPC UA and partnerships for its SCADA product, and anomaly detection. Here’s a teaser—CEO and Founder Albert Rooyakkers pulled out a new piece of hardware. He didn’t have a release or specs for me, but watch for a new, lower cost, SCADA or gateway device hardened and built with security in mind from the chips up.
Bedrock and OPC UA
Bedrock Automation has published a concise, easy-to-deploy interface specification that enables users and application developers to take advantage of the security capabilities of OPC UA communications software. By following the simple procedures outlined in the Bedrock SCADA Security Platform Specification, developers can upgrade any OPC UA compliant client into a highly secure OPC UA channel, across which users can exchange data between plant floor operations and SCADA applications. Three leading SCADA software developers, Inductive Automation, ICONICS and TATSOFT, are committing and releasing support to the Bedrock interface specification.
“OPC UA provides unique cyber security advantages enabling open communications across numerous industrial devices and applications and providing the end-users options for integrating authentication keys protecting those communications. The most secure OPC level is to authenticate those keys against a known root of trust, which Bedrock supplies via a certificate authority (CA), validated against cryptographic keys built into its controller,” said Thomas J. Burke, OPC Foundation President and Executive Director, adding “Bedrock Automation is a clear leader in supporting the OPC UA standards, and provides information integration and communication that the end users have been demanding.
Bedrock designs and sources its own secure semiconductor components with encryption and authentication technologies embedded at the “birth” of their modules, assembled and tested by Bedrock in their cyber secure supply chain. The unique design then draws on the power and flexibility of public key infrastructure (PKI) and Transport Layer Security (TLS) standards similar to those used to secure ecommerce transactions and military and aerospace electronics. Bedrock Automation then uses those securely embedded keys as the basis for digital certificates that manage access and communication between SCADA applications and control systems. Bedrock Cybershield 3.0 firmware is the first control system to offer an embedded PKI for SCADA applications.
“Such a simple specification demonstrates that Open and Secure SCADA can be deployed today, and that an applications interface does not have to be thousands or even hundreds of pages. We are pleased to be working with innovative SCADA software providers such as Inductive Automation, ICONICS and TATSOFT, to help them and their customers take advantage of the secure communications capabilities of OPC UA and the intrinsic security of the Bedrock platform,” said Rooyakkers.
Bedrock Automation also announced the availability of Cybershield 3.0, a major firmware upgrade with advancements that make it easier for end users and developers to build control applications that are both open and secure. Among the six major innovations facilitated by the Cybershield 3.0 upgrade are the first public key infrastructure (PKI) built into an OPC UA server for SCADA applications; an industrial Certificate Authority (CA) for user key management; virtual crypto key locks for the controller; and a Secure Proxy server capability that can protect legacy controls systems of other vendors.
“Cybershield 3.0 is one of the most significant steps forward since the release of our Bedrock OSA platform. We now support leading SCADA companies in integrating their OPC UA client to our open security and key management tools. In addition, we start our march to converge IT cyber detection technologies into real-time OT automation with our integrated Anomaly Detection (AD) tools built into every controller. We are delivering secure SCADA and AD as intrinsic and zero-cost advancements, focused acutely on ease of use and reductions in lifecycle costs,” said Bedrock founder and CEO Albert Rooyakkers.
Bedrock Cybershield 3.0 includes the following capabilities:
1) Secure Open SCADA with OPC UA. The cryptographic keys built into all the Bedrock system electronics, provide the root of trust for the Bedrock Certificate Authority (CA) that verifies the reliability of OPC UA-managed communications between SCADA and PLCs or other industrial control systems.
2) Open Certificate Authority (CA) for SCADA. This advanced SaaS key and certificate management tool is not only FREE to our customers but is simple to deploy with our Secure SCADA Interface Specification. Leading SCADA providers, including Inductive Automation, ICONICS and Tatsoft, are committing to and releasing support to this interface specification.
3) Intrusion detection. Even though the Bedrock control system has protection built into its core, users still need to know when system security is challenged. Cybershield 3.0 comes standard with intrinsic Anomaly Detection (AD) functionality that continuously monitors the controller’s network and system time to detect intrusions and anomalous behavior and report it to both SCADA and enterprise database applications for trending, alarming and historizing anomalous cyber activity.
4) Quickly Secure Legacy Automation with Secure SCADA. Companies can now use Bedrock security to help integrate open standard communications protocols with legacy PLC and DCS systems from other vendors. A Bedrock secure controller module acts as a gateway between SCADA platform workstation and the legacy controllers.
5) Cryptographic key locking. Cybershield 3.0 also includes a cryptographic controller engineering key lock that permits only users with the required credentials to change the mode of the controller.
6) Achilles and EMP compliance on power supplies. Bedrock Automation is certifying its standalone power supply and standalone uninterruptible lithium power supply to both MiL-STD-461-G, the military standard for advanced EMP hardening, and Achilles Level 2 certification, augmenting the EMP and Achilles certification achieved for its control system modules last year.
“Today’s increasingly connected environment drives the process industries to search for automation solutions that deliver the benefits of open communications with ‘baked in’ cybersecurity. By extending its secure automation technology to third-party software providers, Bedrock Automation addresses this key pain point of future automation requirements. ARC believes the intrinsic and no-cost approach of Bedrock’s cybersecurity strategy is the quintessential component missing in control systems, today,” writes ARC analyst Mark Sen Gupta in his recent report, Bedrock Automation’s Open Secure Automation a “Win” with End Users
Bedrock Open Secure Automation (OSATM) firmware will include intrinsic Anomaly Detection (AD). Bedrock OSA AD will be available as standard integrated functionality that continuously monitors the controller’s network and system time to detect intrusions and anomalous behavior.
“Preventing control system intrusion is fundamental to holistic cyber security. In addition, users need to know when the system security is being challenged. This is the role of anomaly detection. At no additional cost or complexity for the user, Bedrock’s AD delivers additional assurance that no one is tampering with your automation,” said Rooyakkers. Bedrock Anomaly Detection includes the following functionality:
• Dynamic Port Connection Monitoring, which records all attempts to connect any controller or communication point and captures identifying information on the intruder
• Network Port Scanning, which detects if hackers are scanning for open ports that might provide access to the control network
• System Time Monitoring, which detects attepts to manipulate log files to conceal malicious activity
• Cryptographic Controller Engineering Key Lock, which permits only users with valid user credentials to change the configuration and operation mode of the controller and records all access
• Intrusion Event Logging, which records all detected anomalies and reports them to SCADA software through OPC UA and standard database access for historian, alarming, and trending functions. Additionally, a tri-color status LED on the faceplate of Bedrock Controllers provides indication locally whenever an intrusion is detected.
I guess I’m on an entrepreneurial kick this week. Maybe I’m getting psyched for next week’s ARC Forum in Orlando where I will be interviewing many new companies inhabiting the cybersecurity space.
I’m not much on “infographics” and I downloaded this one without noting its source. Note that nowhere on it does this graphic cite its source. However, I read many books, blog posts, and listen to podcasts on the subject of daily habits. This one reflects most of what I’ve learned.
However number one–create a routine–actually needs an entire infographic devoted just to it. Maybe that will be my next attempt at looking at the personal and people side of this business.
I’ve been involved in several start ups. These all make sense. Although these look pretty drawn out. Usually life happens that screws the thing up. But returning to the pattern is key.
The Industrial Internet Consortium (IIC) has been busy over the past few months. I receive a steady stream of interesting news. This one concerns a joint Forum (which I cannot make) with National Institute of Standards and Technology (NIST) presenting the IIoT Energy Forum on February 9 in McLean, Virginia.
This one-day forum hosted by the MITRE Corp. will focus on the impact of IIoT on the energy industry.
This public event will showcase industrial internet technologies and IIC and NIST activities in the energy sector. It will feature experts from both the IIC and NIST and shine a spotlight on smart grids, industrial analytics, cybersecurity and standards.
“The Global Event Series is a crucial part of IIC’s industry outreach program bringing industry stakeholders and end users together,” said Wael William Diab, Chair of the IIC Global Event Series and Senior Director at Huawei. “Many industries are turning to IIoT to monitor the efficiency of their assets and the energy and utility sector is no exception.”
“IIoT-enabled assets present new vectors of vulnerability across connected systems and distributed devices in the energy and utility industry,” said Bob Martin, Senior Principal Engineer, Trust & Assurance Cyber Technologies, The MITRE Corporation. “Trustworthy IIoT will have an impact not only on cost optimization but also on energy regulations, policy and standards.”
The agenda includes:
- Guest speakers from The Department of Energy, MITRE and NIST who will discuss requirements, gaps and opportunities for leveraging the data that is building up within and around energy systems, and how to use that data to increase production and decrease costs.
- A panel of testbed experts from Xilinx, Wipro Digital, NIST and InterDigital Communications, Inc. who will discuss emerging technologies and applications based on testbed examples, including smart grids.
- Panels on Standards & Architecture and Security, moderated by IBM and Intel respectively, both with a focus on energy.
MITRE is a secure facility and pre-registration is required. Registration for non-US citizens closes on January 24 at 5pm EST and registration for US citizens closes January 31 at 5pm EST.
The one industry conference where manufacturing industry insiders network and discuss the latest technologies, standards, and applications occurs a little later this year at the ARC Forum Orlando from Feb. 12-15.
This year’s theme is Digitizing and Securing Industry, Infrastructure, and Cities. You can meet me here as I head south for the 21st straight year. I always take away something from the event. ARC Advisory Group’s Paul Miller tells me that this year is shaping up to be one of the best.
Read about the conference from the organizer’s promotion material:
It’s happening fast. Everywhere we turn, things and processes are becoming more connected and intelligent. Streetlights, cars, gas turbines, and thermostats stream data. Buildings, refineries, oil platforms, mines, and wind turbines are optimizing asset and operating performance. Parking meters and distributed power grids deliver value to both consumers and operators. Design software can link to additive machines to print parts directly. And it’s only the beginning.
Challenges continue to grow for the industrial cybersecurity community. Broader deployment of operational technology is expanding the use cases requiring protection. Resource shortages are undermining the effectiveness of established defenses. Blurring boundaries between IT, OT, and IoT are increasing the need for more integrated, collaborative cybersecurity strategies.
How will disruptive technologies change existing products, plants, and cities? Can cybersecurity threats be overcome? When will machine learning and artificial intelligence transform operations? Will open source solutions impact traditional software and automation domains? How will a digitally-enhanced workforce stem the loss of tribal knowledge? How do connected products create opportunities in aftermarket services? What steps can organizations take to foster innovative thinking?
There are countless ways to conduct your digital transformation journey, too many technologies and suppliers to evaluate, and endless choices to make along the way. Embedded systems, networks, software platforms, augmented reality, and machine learning may play a role as you begin to improve uptime, optimize operating performance, enhance service, and re-think business models.