Cyber Security got a shout-out during the Siemens Spotlight on Innovation forum in Orlando last week. Leo Simonovich, VP and Global Head, Industrial Cyber and Digital Security at Siemens Gas and Power, and Mike Wiacek, co-founder & CSO of Chronicle (an Alphabet company) took the stage discussing their newly signed cyber security agreement.
Key phrase—“customers can own their environment”. Perhaps the most interesting conversation I had during the networking event was with a Chronicle tech person who gave me a deep dive into the product. This is security unlike everything else I investigate in the OT realm. This isn’t a network monitoring app. Nor is it a device that acts as a firewall for industrial control devices. It builds a huge database and adds analytics (which is “in our DNA”). The solution has two parts—visibility and context. It bridges IT and OT worlds with the intent to “democratize security for the success of the digital economy”; that is, make it accessible to customers, simple, affordable, easy-to-use.
Through a unified approach that will leverage Chronicle’s Backstory platform and Siemens’ strength in industrial cyber security, the combined offering gives energy customers unparalleled visibility across information technology (IT) and operational technology (OT) to provide operational insights and confidentially act on threats.
The energy industry has historically been unable to centrally apply analytics to process data streams, cost-effectively store and secure data, and identify malicious threats within OT systems. Research conducted by Siemens and Ponemon Institute found that while 60 percent of energy companies want to leverage analytics, only 20 percent are utilizing any analytics to do security monitoring in the OT environment. Small and medium enterprises are particularly vulnerable to security breaches as they frequently do not have the internal expertise to manage and address increasingly sophisticated attacks.
“The innovative partnership between Siemens and Chronicle demonstrates a new frontier in applying the power of security analytics to critical infrastructure that is increasingly dependent on digital technology,” said Simonovich. “Cyber-attacks targeting energy companies have reached unprecedented speeds, and our cutting-edge managed service unlocks the analytics ecosystem offers a new level of protection from potential operational, business and safety losses.”
“Energy infrastructure is an obvious example of cyber-attacks affecting the physical world and directly impacting people’s lives,” said Ansh Patnaik, Chief Product Officer, Chronicle. “Backstory’s security telemetry processing capabilities, combined with Siemens’ deep expertise, gives customers new options for protecting their operations.”
The partnership between Siemens and Chronicle will help energy companies securely and cost-effectively leverage the cloud to store and categorize data, while applying analytics, artificial intelligence, and machine learning to OT systems that can identify patterns, anomalies, and cyber threats. Chronicle’s Backstory, a global security telemetry platform for investigation and threat hunting, will be the backbone of Siemens managed service for industrial cyber monitoring, including in both hybrid and cloud environments. This combined solution enables security across the industry’s operating environment – from energy exploration and extraction to power generation and delivery.
I flew to Orlando May 22 as a guest of Siemens along with a select few other “influencers” to be introduced to a number of innovation projects fueled by Siemens technology. We met at the Dr. Phillips Center for Performing Arts in downtown Orlando (did you even know there was a downtown?), which itself is filled with Siemens equipment. There are few companies in the industrial area which I cover that have the vision and execution that Siemens is exhibiting right now.
By the way, there is a fantastic little taco place in downtown Orlando. Email or DM on Twitter, and I’ll share the name. Greg Hale of ISSSource.com and I had dinner there Wednesday. We agreed—among the best tacos we’ve had.
Barbara Humpton, CEO Siemens USA, led with an overview. Siemens has made a greater than $1B investment in R&D in the US with 7,000 engineers churning out 700 inventions per year.
She introduced former stunt man and motorcycle racer turned CEO Mike “Mouse” McCoy, CEO & Founder of HackRod. McCoy built on a foundation of Siemens PLM and SolidEdge CAD. He added a gaming engine. He was able to use VR for design reviews, interference checking, and simulation during the design process. We followed along with design and review of a new motorcycle. A few parts required somewhat exotic materials. Oak Ridge National Labs printed the parts from the design files downloaded from HackRod. The design teams were in Ventura, CA and Princeton, NJ with input from Munich, Germany. Collaboration was not a problem.
Beginning of design until component parts shipped to Orlando—2 weeks. The parts arrived Tuesday. McCoy and a partner assembled the motorcycle on Tuesday evening and wheeled (not drove) it onto the stage Wednesday about 1:30. Not bad? Heck, in my early career, we couldn’t have done a foam-core mock up in that time frame.
One thought McCoy left us with. “We need to talk STEAM, not just STEM—science, technology, engineering, arts, math.” It is now possible for artists and designers to be an intimate part of the team going from art to finished product quickly. 3D printing from PLM files. Way cool.
How about a high school mechanical design student given a project to provide a lighter prosthetic foot for an Army vet? Humpton introduced 18-year-old high school student Ashley Kimbel who had undertaken just such a project. She worked with the veteran to analyze his current “foot” looking for areas where weight could be eliminated. Then she had to learn how to fabricate and manufacture the device. We saw films of the veteran running with Ashley proving out the new prosthetic.
This is a long way from projects I had as a 17-year-old senior. Education and technology have come a long way in a lifetime. Oh, and her future? She wants to work in bioengineering designing and 3D printing organs. She will be working on that during her tenure at UAB. She is going to make a difference for many people.
I have many more ideas and conversations to capture. This will serve for now.
Check out #SiemensInnovates
Hewlett Packard Enterprise (HPE) announced new HPE Edgeline Converged Edge System solutions that speed the deployment and simplify the management of edge applications, enabling customers to act on the vast amounts of data generated by machines, assets and sensors from edge to cloud.
I think this is another significant advance reflecting the utility of enterprise compute capability brought ever closer to the plant itself. If you are looking to be disruptive in your industry or are on a corporate engineering staff looking for OT alternatives, I’d suggest taking a long look at these technologies and then letting your imagination do its work.
The new solutions include:
- HPE Edgeline OT Link Platform, an open platform that automates the interplay between diverse operational technologies (OT) and standard IT-based applications at the edge to enable intelligent and autonomous decision making;
- HPE Edgeline systems management, the industry’s first systems management solutions designed specifically for the edge to ensure enterprise-grade reliability, connectivity and security;
- HPE Edgeline EL300 Converged Edge System featuring OT link and HPE Edgeline systems management, providing superior resilience against harsh edge environments for a broad range of industrial deployments; and
- HPE Edgeline Field Application Engineering Services are available from HPE Pointnext to help customers plan, build, and customize OT link-based Internet of Things (IoT) and cyber-physical systems.
To turn edge data into insight for real-time action, it must be processed close to its source to avoid the latency, bandwidth, and cost issues of sending the data to a remote data center. However, this opportunity comes with a set of unique challenges, including management of remote infrastructure, and the necessity to seamlessly connect sensors and industrial assets with IT applications at the edge.
“Deploying IoT, edge, and cyber-physical systems is a challenge requiring a fresh look at uniting the physical and digital worlds,” said Dr. Tom Bradicich, Vice President and General Manager, Converged Servers, Edge and IoT Systems, HPE. “With today’s announcements, we enable our customers to accelerate the delivery of applications that capitalize on edge data, safeguarded by enterprise-class management. And we lay the groundwork for a new ecosystem of intelligent edge solutions to drive innovation and growth across industries.”
Simplifying deployment of edge-to-cloud IoT and cyber-physical systems
Today, setting up an IoT or cyber-physical system is a laborious undertaking. It requires custom coding to orchestrate OT networks, control systems, and data flows with drivers, middleware, and applications running on IT systems. HPE Edgeline OT Link Platform is an open platform that significantly simplifies this process, reducing cost and time to market.
The solution includes:
HPE Edgeline OT Link Platform software, an open workflow engine and application catalogue, allowing customers to orchestrate components, data, and applications via a graphical drag-and-drop user interface. The HPE Edgeline OT Link Platform integrates an ecosystem of third-party applications running from edge to cloud – including AWS, Google, Microsoft, SAP, PTC, GE, and more – to make insights from the edge available across the enterprise and supply chain.
HPE Edgeline OT Link certified modules, HPE-developed adapters that connect to a broad range of OT systems, enabling bi-directional, time-sensitive, and deterministic control and communication, including high-speed digital input/output, CAN bus, Modbus, or Profinet. APIs and SDKs for these adapters are made available to the industry to facilitate third-party designs of OT link modules. OT link will also integrate FPGA modules to give customers maximal flexibility to connect to any industrial input/output device.
Enterprise-grade manageability and security at the edge
HPE also announced the industry’s first systems management solutions specifically designed to simplify the provisioning and management of edge infrastructure and applications, providing enterprise-grade manageability and security for remote systems with limited connectivity and IT expertise.
HPE Edgeline Integrated System Manager is embedded into HPE Edgeline Converged Edge Systems and features one-click provisioning, ongoing system health management, remote updates, and management even with intermittent wired and wireless connections. It also supports advanced security functions like preventing system boot file changes and remote system disablement during a security event. HPE Edgeline Infrastructure Manager software can remotely manage thousands of Edgeline Converged Edge Systems.
The HPE Edgeline Workload Orchestrator hosts a central repository for containerized analytics, AI, business, and IoT applications that can be pushed to HPE Edgeline Converged Edge Systems at the edge
Unparalleled convergence of OT and IT
The HPE Edgeline EL300 is a fan-less, low-energy system equipped with Intel Core i5 processors, up to 32GB of memory and 3TB of storage. It will also support Intel Movidius Myriad X vision processing units to enable video analytics and AI inference at the edge. The HPE Edgeline EL300 provides enhanced resiliency against shock, vibration, humidity, and dust, including IP50 and MIL-SPEC certifications, and can operate from -30 to +70 degrees Celsius. These features make the HPE Edgeline EL300 suitable to be deployed as an embedded system – for example, in production machines or in building infrastructure.
Expertise to accelerate deployment and create competitive advantage
To support these new offerings, HPE Pointnext, the services organization of Hewlett Packard Enterprise, provides HPE Edgeline Field Application Services, which help customers plan, design, build, and run IoT, edge and cyber-physical systems to accelerate deployment and ensure reliable and secure operation. These services include the evaluation of use cases, proof of value, solution deployment, and management of ongoing operations – helping customers get the most from OT/IT integrations.
Moreover, HPE Pointnext can help customers develop their own data acquisition, industrial network, and control components for HPE Edgeline OT Link Platform to create custom solutions and competitive advantage. HPE Edgeline OT Link Platform based solutions can be delivered on-premises with a turnkey deployment service, operated by HPE Pointnext.
Finally, HPE Edgeline EL300 Converged Edge System will be added to HPE GreenLake Flex Capacity, to deliver a consumption-based experience with usage-based payment, capacity metering, and tailored support, for customers who need a cloud-like experience for systems at the edge.
News from EdgeX Foundry including an open marketplace for IoT Edge Computing. This is an interesting extension to the platform. Also, Intel has joined the consortium.
At a glance:
- EdgeX Foundry Seeds an Open Marketplace for IoT Edge Computing with New Developer Kits and Smart Building Automation
- Community Demo at IoT Solutions World Congress
- Intel, Redis Labs, ZEDEDA and five other tech influencers commit to IoT interoperability and join EdgeX’s mission to create a unified edge ecosystem
EdgeX Foundry, an open-source, vendor-neutral project that enables an ecosystem of plug-and-play components to unify the IoT edge computing marketplace, announced the availability of EdgeX-enabled developer kits and a Smart Building Automation Community Demonstrator that will debut at IoT Solutions World Congress on October 16-18 in Barcelona.
Hosted by The Linux Foundation, the EdgeX platform is architected to run on any hardware or operating system and unify components coded in any programming language to accelerate time to market and simplify the deployment of secure IoT solutions. The framework serves as a de facto standard to bring together any mix of existing connectivity protocols with an ecosystem of heterogeneous value-add applications.
Developer kits are important tools for building new applications and solutions. A variety of dev kits are already on the market; however, the majority of these kits lock the developer into a particular back-end platform or cloud. In comparison, dev kits based on the EdgeX framework will provide developers with the freedom to choose from an ecosystem of components bound together by the EdgeX interoperability APIs.
“With the emergence of these dev kits, developers will have the opportunity to prototype with their choice of ingredients while taking advantage of plug-in components from EdgeX’s growing vendor-neutral ecosystem,” said Jason Shepherd, EdgeX Foundry Governing Board Chair and Dell Technologies IoT and Edge Computing CTO. “This allows them to focus on innovation rather than reinvention, in addition to being able to add and exchange components at any time to optimize their solution throughout the development and deployment lifecycle.”
There will be two different kinds of dev kits – community and commercial. For options in the community track, the bill of materials will be purchased independently online, the code will be downloaded straight from a special repository on the project GitHub, and questions will be answered through forums like the EdgeX Rocket Chat. The first kit is based on the Samsung Artik with Grove sensor, and options will grow through community contributions over time.
The commercial track for the dev kits will provide EdgeX members with the ability to seed the emergence of an open marketplace for IoT edge computing. These kits will offer end users with attractive options to get started with professional support so they can focus on their preferred value-add rather than supporting open source code. Commercial options will include kits based on supported versions of the EdgeX framework itself (neutral to any plug-in value add), kits based on specific IoT platforms, and microservice plug-ins for value-add such as analytics, data orchestration and security.
EdgeX Foundry is debuting a new community demo at IoT Solutions World Congress that will highlight the platform’s ability to bring together heterogeneous solution components. This first community demo showcases how EdgeX can bring together a real-world, smart flexible office space environment based on components from a variety of vendors leveraging numerous connectivity standards, operating systems and hardware types.
The growth and diversity of the EdgeX ecosystem over the last year has helped the technical community hit major milestones including the “California” release, which made the switch to Golang for the baseline reference implementation. Since the release in April, EdgeX Foundry unique code contributions from members and non-members alike have more than doubled to 70 on a regular basis.
These contributors have played a major role in the upcoming “Delhi” release, which offers major enhancements including the first management features, more security functionality such as access control and improved security bootstrapping, C and Golang-based Device Service SDKs and a reference GUI for demos and simple deployments. Projected to launch in November, the Delhi code will be well-suited for end users to begin developing commercial offers and production deployments. To find more details about Delhi or the EdgeX roadmap, visit the wiki here.
Intel joins the EdgeX Ecosystem
“Today’s announcement represents one more step in Intel’s open source journey and increased role in the advocacy, use and contribution across the ecosystem,” said Stacey Shulman, chief innovation officer for Retail Solutions at Intel. “Intel’s involvement in EdgeX Foundry will help drive scale and accessibility of solutions for both our customers and businesses of all sizes.”
Other new EdgeX Foundry project members include Basking Automation GmbH, Beijing University of Posts and Telecommunications (BUPT), DATA AHEAD, CertusNet, Redis Labs, the Federal University of Campina Grande (UFCG) /Embedded Lab, Windmill Enterprise and ZEDEDA.
“We’re standing at a critical point for digital transformation,” said Shepherd. “The massive volume of devices coming online represents a huge opportunity for innovation and is making edge computing a necessity. We need an open, cloud-native edge ecosystem enabled by EdgeX to minimize reinvention and facilitate building and deploying distributed, interoperable applications from the edge to the cloud. We’re thrilled to welcome these new member organizations into our already strong community that shares the same commitment to open collaboration and innovation.”
Two Polish software developers engage in conversation weekly on The Podcast. One wrote the original version of Nozbe the Getting Things Done app I use. Michael Sliwinski talked of using open source software to help him write his app and start his company. His Apple developer Radek Pietruszewski in episode 157 discussed how they wrote a piece of database code they dubbed WatermelonDB and released it into open source on GitHub.
I talk about the benefits of open source as an introduction to things I gleaned from last week’s annual trip to the Sacramento, CA area and the Inductive Automation Ignition Community Conference. Community was the operative word as the gathering of several hundred (I never heard an exact count, but the rumor was there were more than 600) integrators and users crowded into the Harris Center in Folsom for conversation, training, and updates.
On a side note, I’ve been unusually swamped with my annual project of assigning referees to high school and US Soccer youth contests. It seems as if half of the preliminary work I put in assigning before the season were washed away in an unusually wet late summer. Rescheduling is hell. Referees are tired of hearing from me. But I have only 2.5 weeks left in the high school season and two weeks beyond that will close the club season. Then I take a six-month break. Therefore, my energy level for writing has been sapped and the frequency here and on my podcast have suffered.
Founder and CEO Steve Hechtman betrayed his usual laid back demeanor talking about company growth and especially the latest release—Ignition 8—to be released in a few months. I have few details, but developers solved many platform problems caused by integrators pushing the envelop of HMI SCADA software.
Chief Strategy Officer Don Pearson told how the company has always embodied the OT/IT convergence meme with Hechtman coming from an OT background as an integrator and co-developers and now co-directors of software engineering Carl Gould and Colby Clegg were trained in IT technologies.
Pearson began the discussion of open source that continued throughout the conference. While Inductive Automation has always been a proponent of open standards—it still fully supports OPC UA, for example—it is also an open source user and contributor. The technologies strongly promoted at the conference were MQTT (a transport protocol) and Sparkplug (an information carrier in this case used to communicate Ignition tag information from source to consumer). Developer Cirrus Link has placed Sparkplug in the open source Eclipse Foundation.
Speakers talked with assurance about open source, but there was a thread of defensiveness in the discussion, too. Pearson quoted Maeterlinck, “At every crossroad on the way that leads to the future, each progressive spirit is opposed by a thousand men appointed to guard the past.” Eclipse Foundation Executive Director Mike Milinkovich proclaimed, “Software is eating the world, and open source is eating software.”
I like both open source and open standards. They both have propelled industry enabling innovation and limiting lock-in. I remember downloading the first Java JDK in the 90s and trying out the eclipse platform in early 2002. All pretty cool stuff. The Inductive Automation adoption of open source is refreshing in the industry.
Here are a few bullet points from the Carl-Colby show introducing Ignition 8:
- Building on the past, but with a new beginning
- New platform:
- Revamped tag system to reduce memory overload
- New scripting app
- Subscription and data model
- Dynamic writable UDT parameters
- Deployment architecture, true project inheritance
- Project resource management
- Ignition perspective, new mobile module, built up from ground new
I really should add that while Ignition is very good software, most of the people at the conference told me that they were enticed into the system by the pricing. From the beginning, Inductive Automation decided to upset the software pricing model prevalent in the industry. It is a growing company…
Inductive had acquired an MES company, integrated with Ignition, and has now spun it off into a separate company run by Tom Hechtman, brother to Steve. Its modular software includes many typical MES applications such as track and trace, workflow, OEE, recipe management, and more. Hechtman discussed a Lean Six Sigma tool kit. He noted the staff has doubled in the nine years since acquisition. It is an ISA 95 and B2MML solution. And also now a MESA International member.
Other notes from the conference
Table top exhibits from the conference sponsors were always packed with curious engineers seeking solutions.
Opto 22’s VP Marketing Benson Hougland told me they can’t build the Groov EPIC PLC fast enough for demand. That product combined with Ignition is a powerful control and SCADA platform—as sales attest.
Albert Rooyakkers, founder/CEO of Bedrock Automation told me that his sub-$1000 controller is selling well. Bedrock specializes in secure and hardened controllers—ideal for power, pipeline, and other such applications. He told me, “Secure SCADA with Ignition is coming.” His key word is secure.