by Gary Mintchell | Mar 12, 2018 | Internet of Things, News, Organizations, Security
Security comes first to mind whenever we begin discussing connecting things in an industrial setting. And, of course, nothing connects things like the Industrial Internet of Things (IIoT). One place we often fail to consider in our security planning is at the endpoint of the network. Organizations and companies have been providing valuable assistance to developers by releasing best practices white papers. Here is one from a leading Industrial Internet organization.
The Industrial Internet Consortium (IIC) announced publication of the Endpoint Security Best Practices white paper. It is a concise document that equipment manufacturers, critical infrastructure operators, integrators and others can reference to implement the countermeasures and controls they need to ensure the safety, security and reliability of IoT endpoint devices. Endpoints include edge devices such as sensors, actuators, pumps, flow meters, controllers and drives in industrial systems, embedded medical devices, electronic control units vehicle controls systems, as well as communications infrastructure and gateways.
“The number of attacks on industrial endpoints has grown rapidly in the last few years and has severe effects. Unreliable equipment can cause safety problems, customer dissatisfaction, liability and reduced profits,” said Steve Hanna, IIC white paper co-author, and Senior Principal, Infineon Technologies. “The Endpoint Security Best Practices white paper moves beyond general guidelines, providing specific recommendations by security level. Thus, equipment manufacturers, owners, operators and integrators are educated on how to apply existing best practices to achieve the needed security levels for their endpoints.”
The paper explores one of the six functional building blocks from the IIC Industrial Internet Security Framework (IISF): Endpoint Protection. The 13-page white paper distills key information about endpoint device security from industrial guidance and compliance frameworks, such as IEC 62443, NIST SP 800-53, and the IIC IISF.
Equipment manufacturers, industrial operators and integrators can use the Endpoint Security Best Practices document to understand how countermeasures or controls can be applied to achieve a particular security level (basic, enhanced, or critical) when building or upgrading industrial IoT endpoint systems, which they can determine through risk modeling and threat analysis.
“By describing best practices for implementing industrial security that are appropriate for agreed-upon security levels, we’re empowering industrial ecosystem participants to define and request the security they need,” said Dean Weber, IIC white paper co-author, and CTO, Mocana. “Integrators can build systems that meet customer security needs and equipment manufacturers can build products that provide necessary security features efficiently.”
While the white paper is primarily targeted at improving the security of new endpoints, the concepts can be used with legacy endpoints by employing gateways, network security, and security monitoring.
The full Endpoint Security Best Practices white paper and a list of IIC members who contributed can be found on the IIC website.
by Gary Mintchell | Jan 23, 2018 | Internet of Things, News
The Industrial Internet Consortium (IIC) has been busy over the past few months. I receive a steady stream of interesting news. This one concerns a joint Forum (which I cannot make) with National Institute of Standards and Technology (NIST) presenting the IIoT Energy Forum on February 9 in McLean, Virginia.
This one-day forum hosted by the MITRE Corp. will focus on the impact of IIoT on the energy industry.
This public event will showcase industrial internet technologies and IIC and NIST activities in the energy sector. It will feature experts from both the IIC and NIST and shine a spotlight on smart grids, industrial analytics, cybersecurity and standards.
“The Global Event Series is a crucial part of IIC’s industry outreach program bringing industry stakeholders and end users together,” said Wael William Diab, Chair of the IIC Global Event Series and Senior Director at Huawei. “Many industries are turning to IIoT to monitor the efficiency of their assets and the energy and utility sector is no exception.”
“IIoT-enabled assets present new vectors of vulnerability across connected systems and distributed devices in the energy and utility industry,” said Bob Martin, Senior Principal Engineer, Trust & Assurance Cyber Technologies, The MITRE Corporation. “Trustworthy IIoT will have an impact not only on cost optimization but also on energy regulations, policy and standards.”
The agenda includes:
- Guest speakers from The Department of Energy, MITRE and NIST who will discuss requirements, gaps and opportunities for leveraging the data that is building up within and around energy systems, and how to use that data to increase production and decrease costs.
- A panel of testbed experts from Xilinx, Wipro Digital, NIST and InterDigital Communications, Inc. who will discuss emerging technologies and applications based on testbed examples, including smart grids.
- Panels on Standards & Architecture and Security, moderated by IBM and Intel respectively, both with a focus on energy.
MITRE is a secure facility and pre-registration is required. Registration for non-US citizens closes on January 24 at 5pm EST and registration for US citizens closes January 31 at 5pm EST.
by Gary Mintchell | Dec 14, 2017 | Internet of Things, Networking, Operations Management
2017 marks the year of Avnu Alliance, the consortium driving standards-based deterministic networking, making its name in the industrial Internet of Things space. I’ve caught up with news from other trips, now it’s news from SPS in Nuremberg that I missed this year.
- Avnu Alliance and Edge Computing Consortium
- Avnu Alliance and OPC Foundation
- TSN Conformance Testing
Avnu Alliance and the Edge Computing Consortium
Avnu Alliance and the Edge Computing Consortium (ECC) announced a liaison agreement to partner on shared interests of advancing industrial networking and edge computing. Under the agreement, the consortia will work together with the shared goal for interoperability across the industrial control industry.
Joint activities between Avnu Alliance and the ECC will include:
- Identifying and sharing IIoT best practices
- Collaborating on test beds
- Collaborating on standardization and conformance testing
“We are very excited about the cooperation between ECC and Avnu Alliance,” said Mr. Haibin Yu, Chairman of ECC. “We believe that Time Sensitive Networking (TSN) technology will enable edge computing to better meet the industrial customers end-to-end needs and promote the global industry digitization transformation.”
“Edge computing is a key enabling technology to the industrial IoT. The liaison with the Edge Computing Consortium enables Avnu to broaden the scope for creating an interoperable foundation of Time Sensitive Networking (TSN) for the industrial IoT in alignment with our organization’s goal to build coalitions within the networking space,” said Todd Walter, Avnu Alliance Industrial Segment Chair.
Avnu Alliance and ECC conducted a joint presentation at the ECC Summit in Beijing on November 29, 2017 to announce their agreement and the opportunities ahead for Edge Computing and Time Sensitive Networking.
Avnu Alliance and OPC Foundation Combined IT-OT Leadership
Avnu Alliance (Avnu), Industrial Internet Consortium (IIC), and OPC Foundation announce their collaboration with IT-OT industry leaders to advance industrial device interoperability and to show the progress made in bringing the open, unified communication standard OPC UA over Time Sensitive Networking (TSN) to market.
Leading companies active in these groups have pledged their commitment to ensuring the interoperability of deterministic industrial devices and have made significant investments in achieving this goal. Rapid developments of these technologies have been made over the last year.
“With the rapid adoption of TSN as a foundational technology for automation, the community is increasingly relying on an interoperable set of network services and infrastructure. Today, 17 market leaders are reinforcing their commitment to complete a unified communication technology,” said Todd Walter, Avnu Alliance Industrial Segment Chair. “By leveraging the liaison agreements of Avnu, IIC and OPC Foundation, we’re creating a faster process for the creation of an open, interoperable ecosystem of devices that take advantage of secure, guaranteed latency and delivery for critical traffic. It is exciting to see the fruits of our labor in these milestones.”
The pillars of this announcement are:
Conformance testing advances: Avnu TSN conformance test plans for time synchronization of industrial devices are ready and available to test houses. At last month’s Avnu IIC Interoperability Workshop, more than 20 companies came together to demonstrate interoperability in the IIC TSN Testbed and to advance the conformance tests with the assistance of University of New Hampshire InterOperability Lab, an Avnu-recognized test facility.
Standards evolved, more vendors, more devices: The Publish Subscribe extension for OPC UA is now available in release-candidate form, enabling the exchange of OPC UA over UDP connections. This is the prerequisite for running OPC UA TSN.
“OPC UA over TSN adds additional capability to the OPC Foundation portfolio, including enhancing controller-to-controller and machine-to-machine communication and information integration. OPC UA addresses the complex requirements of initiatives like Industrie 4.0 and the IIoT, providing information integration between devices, applications and the cloud, truly providing the foundation for the much-demanded seamless communication and information integration between IT and OT networks,” said Thomas Burke, OPC Foundation President.
Demonstrated interoperability between different vendors: Interoperability testing via the IIC TSN Testbed is rapidly progressing with eight hands-on plugfests taking place in the US and Europe over the past 18 months. More than 20 companies have participated in these face-to-face events to test and demonstrate interoperability between devices from various manufacturers and vendors – both collaborative and competitive.
“Our TSN Testbed stands as a showcase for the business value of TSN. The work coming out of the TSN Testbed is already having a direct impact on suppliers and manufacturers who see the technology as a value-add for their system structures,” said Paul Didier, IIC TSN Testbed Coordinator, Cisco Solution Architect. “Companies are invited to participate in our plugfests to test their own TSN devices for interoperability, including OPC UA Pub-Sub TSN devices.”
Avnu Alliance Delivers First TSN Conformance Tests for Industrial Devices
Avnu Alliance announced the first set of Avnu TSN conformance test plans for time synchronization of industrial devices are ready and available now for test houses to implement.
Avnu Alliance has built a rich set of conformance and interoperability tests with a defined procedure for certification in various markets. Leveraging that multi-industry experience, Avnu defined a baseline certification in the industrial market that consists of robust and comprehensive test requirements based on the market requirements for industrial automation devices and silicon. These conformance tests ensure that the device or silicon conforms to the relevant IEEE standards, as well as additional requirements that Avnu has selected as necessary for proper system interoperability.
“Time Synchronization, or 802.1AS, is the foundation for all TSN devices, hence it is the first set of conformance tests that are ready and available,” said Todd Walter, Avnu Alliance Industrial Segment Chair. As the standards and networks continue to evolve, so does Avnu’s work to define and certify the standard foundation. In the future, Avnu will also be able to test and certify other traffic shaping mechanisms, frame preemption, redundancy, ingress policing, strict priority, and security. “Our work with the Industrial Internet Consortium (IIC), OPC Foundation and other industry organizations drives the industry closer toward achieving an interoperable ecosystem,” added Walter.
Avnu is committed to speeding up the path to an interoperable foundation. To this end, Avnu members have made open source code available for 802.1AS timing and synchronization in the OpenAvnu repository on GitHub.
To encourage and enable multiple industry groups, vendors and protocols to share a TSN network, Avnu has outlined the system architecture and requirements for this industrial model built on an Avnu certified foundation in a document entitled “Theory of Operation for TSN-enabled Industrial Systems,” which is available for download. This document introduces the fundamental mechanisms needed for a system architecture to build on, including time synchronization, quality of service using scheduled transmission and network configuration and walks through the requirements of several industrial use cases including how to enable and integrate non-TSN technologies where needed.
Avnu Alliance members have created this document to help designers and engineers in the industry understand the real-world application context and build a TSN network that is configured for multiple vendor and industry groups. Avnu’s defined foundation will continue to support additional capabilities, including support for multiple IEEE 1588 profiles, guidelines for scaling to very large network architectures, centralized and distributed configuration for the network, and aggregation/composition of multiple networks into a single TSN-enabled network domain.
by Gary Mintchell | Nov 1, 2017 | Internet of Things
The Industrial Internet Consortium (IIC) has published the first results of its testbed program. A major focus and activity of the IIC and its members, testbeds provide platforms for IIC member organizations to think through innovations, test new applications, processes, products, services and business models to ascertain their usefulness and viability before taking them to market.
“IIC testbeds provide a feedback loop from concept to reality and back to innovation,” said Dr. Richard Soley, Executive Director, IIC. “They help uncover the technologies, techniques and opportunities that are essential to solving important problems that benefit business and society. This is the reason member companies agree to sponsor and own their testbeds but will also share progress reports.”
Howard Kradjel, director of Testbeds, told me in an interview this week that test beds are used to prove out business cases along with usability. This release is an attempt to pull together the results so that the general technical public can see what is happening. The results focused on standards, ecosystems, and/or business models.
The following IIC testbeds have shared these important first results:
- Track & Trace Testbed – Initially formed to trace process tools, the team deployed sensors that provided information about the location of tools and assets in use. It was expanded from tools to logistics equipment, specifically forklifts. Results: The testbed identified standardization opportunities in localization-technology interfaces, tightening-tool interfaces, enterprise-system interfaces, data models, data communications and device management. It also identified reusable interfaces that opened the solution to components from different vendors.
- Time Sensitive Networking Testbed – Time-sensitive networking (TSN) enhances Ethernet to bring more deterministic capabilities to the network, including time synchronization, which schedules traffic flows and manages central automated system configuration. This testbed applies TSN technology in a manufacturing system with a wide range of automation and control vendors. Results: The testbed deployed early-phase IEEE 802.1 and IEEE 802 Ethernet standards. The testbed will improve upon those standards, making the use of TSN more prevalent in industries where it can improve efficiency, such as manufacturing and energy.
- Manufacturing Quality Management Testbed –This testbed will improve manufacturing quality by retrofitting outdated factories using modern sensory networks and analytic technologies. The initial success was shown using the welding section of the air conditioner production line in a factory. Prior to the process, the quality control was based on the noise detection by an experienced examiner. Results: In March 2017, an optimized noise detection analytic engine was proven to help reduce the false detection rate by 45%. In June 2017, the analytic engine for noise detection was integrated into the production line and the accuracy of pass/fail detection was dramatically improved.
- Communication and Control for Microgrid Applications Testbed – A microgrid combines generation and storage into a local power system. It allows more reliable use of renewable sources like solar or wind power in conjunction with, or even isolated from, the rest of the power grid. Near-term uses are for limited areas, such as a campus, corporation, hospital, factory or residential area. Someday, the microgrid architecture will enable deeper use of renewables throughout the main grid. Results: This testbed proves the viability of a real-time, securely distributed control architecture for real-world microgrid applications. It leverages an Industrial Internet Reference Architecture (IIRA) pattern called the “layered databus” that federates multiple connectivity domains into a larger system. The testbed implemented the pattern with the Data Distribution Service (DDS) standard as explained in the Industrial Internet Connectivity Framework (IICF) guidance. The testbed thus validated both the pattern and its implementation, showing both efficacy and acceleration. This testbed is also contributing to the Open Field Message Bus (OpenFMB) design, now a power industry standard
- INFINITE Testbed – The INternational Future INdustrial Internet TEstbed (INFINITE) uses software-defined networking to create virtual domains so that multiple virtual domains can run securely on a single physical network. Results: This testbed enabled intelligent route planning for ambulances to improve response times, leading to better pre-hospital emergency care experiences and outcomes for patients. It also led to the improved safety and effectiveness of first responders in emergency situations, especially in harsh environments. A third use case enabled the detection of anomalies or fraudulent behavior within the power grid through machine learning algorithms, which can also be applied to other types of Operation Technology (OT).
- Condition Monitoring and Predictive Maintenance Testbed – This testbed provides insight into the health of critical assets. It leverages advanced sensors that automatically predict equipment failure and notifies a person or system so that pro-active steps can be taken to avoid equipment damage and unscheduled downtime. Results: This testbed demonstrated how to make older assets smart, collecting asset health data from four pump/motor skids used to pump chilled water from an HVAC system.
- Smart Factory Web Testbed – This testbed networks a web of smart factories to improve order fulfillment by aligning capacity across production sites. Results: Factories and their assets can be registered and searched for in the Smart Factory Web (SFW) portal. IEC standards OPC UA and AutomationML are used to achieve semantic interoperability and are applied to exchange information between engineering tools.
The IIC reviews testbed proposals to identify goals, value, potential partners and commercial viability of each testbed. The testbeds must offer a solid business case for global economic impact; have relevance to IIC IIoT frameworks to help members develop IIoT systems more rapidly; pass a security review to ensure a secure industrial Internet; and provide tangible deliverables such as technologies or best practices requirements for standards. There are currently 26 approved IIC testbeds.
by Gary Mintchell | Oct 24, 2017 | Internet of Things, Operations Management
Just when I was saying last week that the The Industrial Internet Consortium (IIC) had been very busy, I interviewed Eric and Wael about this newly published the IIC Industrial IoT Analytics Framework Technical Report (IIAF). It is the first IoT-industry technical document to include a complete set of instructions that IIoT system architects and business leaders can use to deploy industrial analytics systems in their organizations.
People I talked with used to think that the Industrial Internet of Things was all about sensors, or the Internet, or Things. Actually, it is nothing without databases and analytics. And here is the IIC to provide a framework for systems architects.
From the news release:
IDC has predicted that by 2020 one tenth of the world’s data will be produced by machines. Yet without an analytics blueprint, that data could sit unused, never being analyzed and turned into useful insights. The IIAF is a first-of-its-kind blueprint for system architects and designers to map analytics to the IIoT applications they are supporting, to ensure that business leaders can realize the potential of analytics to enable more-informed decision making.
“Using analytics to provide insights is the holy grail of industrial IoT,” said Wael William Diab, IIC Industrial Analytics Task Group Chair, IIC Steering Committee Member and Senior Director at Huawei. “The IIC IIAF takes a holistic approach by developing the foundational principles of industrial analytics as well as looking at the complete picture from design considerations to creation of business value and functionality. This entire ecosystem approach is valuable to both business leaders as well as technologists, engineers and architects looking to deploy IIoT systems.”
The IIC IIAF is the first document to offer a broad scope of requirements and concerns for industrial analytics applied to IIoT systems. It shows IIoT system architects the steps involved in developing analytics for IIoT systems with state-of-the-art information, including definitions and information flows that shows how the technologies can be applied to the applications. Guidance is provided how and where to deploy industrial analytics based on the characteristics of the applications and outcome expectations. In addition, the IIAF looks at emerging technologies including artificial intelligence (AI) and big data, which are expected to play an increasingly important role in industrial analytics.
“Industrial Analytics is changing rapidly, from data lake to stream processing and machine learning. Our framework provides a common understanding and encourages interoperability across the IIoT ecosystem,” said K. Eric Harper, IIC Industrial Analytics Task Group Chair, IIC Steering Committee Member and Senior Principal Scientist at ABB. “With this foundation, it is more likely that applications will be able to adopt new technologies and techniques in the future without substantial rework.”
Analytics have been applied to other many other fields such as finance and retail to improve the customer experience and increase corporate revenue. The major differentiation in industrial settings is the physicality of the systems. For example, if IIoT systems are not configured correctly, or if their maintenance schedule is wrong, the systems can cause physical harm. Analysis and improvement of operational maintenance across multiple systems must be performed with extreme diligence, and are as important to technology leaders as they are to business leaders looking to increase profits.
“Industrial analytics are the engine that takes data from industrial systems and creates value and insight to get business results,” said Will Sobel, IIC Industrial Analytics Task Group Chair and Chief Strategy Officer at VIMANA. “The sophistication of analytical methods in other domains, such as finance and media, have been evolving at a breakneck pace, but little has been done to apply these techniques to industrial systems. The IIAF provides the special considerations one needs to consider before one uses these technologies in an industrial system.”
When analytics are applied to machine and process data, they help optimize decision-making and enable intelligent operations. These new insights and intelligence can be applied across all levels of any enterprise in any industry if the appropriate data can be collected, curated and analytics are applied correctly.
“In transforming machine raw data into actionable information, industrial analytics plays a crucial role in the industrial Internet just like refineries that turns crude oil into high energy fuel. The actionable information from the analytics is the fuel that drives the optimization of industrial operations and production, the creation of new revenue streams and the enablement of new business models,” said Shi-wan Lin, IIC Technology Working Group Chair and CEO and Co-Founder, Thingswise, LLC.
The full IIC Industrial IoT Analytics Framework Technical Report and list of IIC members who contributed can be found on the IIC website.
