Product Day At Rockwell Automation TechED

Product Day At Rockwell Automation TechED

Second day Rockwell Automation TechED keynote speakers drilled down into the weeds a little to flesh out the High Performance Architecture and Connected Enterprise themes from day one. Unusual for a second day general session, the room was about as packed as for day one.

There is little mention of Internet of Things at this conference—it’s sort of assumed as part of the Connected Enterprise. However, speakers went from one “standard, unmodified Ethernet” comment yesterday to many mentions today.

Product group vice presidents Fran Wlodarczyk (Control & Visualization), John Genovesi (Information & Process), and Scott Lapcewich (Customer Support & Maintenance) showed how their groups supported the company vision.

Wlodarczyk discussed controllers getting faster (leading to added yield for an automotive assembly plant), improved workflows and tighter integration with control in the visualization portfolio, and how the latest motion control products are self-aware (auto-tuning) and system-aware.

Genovesi, who has learned the languages of process automation and information systems well in his time leading the area, spoke to both.

“Rockwell Automation is uniquely positioned to drive value-based outcomes”:

  • Integrated Architecture that includes integrated software
  • Intelligent Motor Control (smart, connected assets)
  • Domain Expertise (Solution delivery)

When Rockwell finally made a real commitment to entering the process automation business, it specifically avoided the term “DCS” and used its “PAC” (programmable automation controller) terminology. A couple of years ago spokespeople made a point of saying they have a DCS. Genovesi said the Rockwell DCS brings a modern approach that established competitors cannot match. Plus, the Rockwell approach can be less expensive.

The Rockwell DCS (built on the Logix platform, but not a PLC) advantage is that it can integrate with other plant automation and control assets such as motor control.

On the Information Services side, he emphasized the partnership with OSIsoft—a company now saying it has moved from just a historian company to providing a “real-time infrastructure.” We’ve been in the Industrial Internet of Things for 35 years, the OSIsoft spokesman proclaimed.

Lapcewich listed five sets of services his group provides:

  • networks & security
  • product & application lifecycle
  • remote monitoring & cloud analytics
  • asset management & reliability
  • people & asset safety

[Note: when Rockwell discusses asset management, it refers to the types of electrical and automation assets/products it provides.]

New Products Introduced by Schneider Electric at Connect 2016

New Products Introduced by Schneider Electric at Connect 2016

Gary Freburger SchneiderSchneider Electric automation President Gary Freburger talked about living in a time of immense change in the industry. Sandy Vasser of ExxonMobil (my last report) discussed some of the disruptions his team is working on. One of the disruptions relates to configurable I/O.

At the conference, Schneider Electric announced an update to its Intelligent Marshalling solution. It now contains redundancy capabilities. Likewise the Tricon CX compact safety system has been enhanced with the addition of the 3902X TMR universal I/O module.

The Foxboro Evo FBM 248 and Tricon CX 3902X remove the dependency among control and safety system design and the installation of I/O systems. Universal I/O offerings for Foxboro Evo and Triconex enable process automation professionals to seamlessly adapt to last-minute I/O design changes and provide backup to eliminate the impact of any process downtime.

Schneider Intelligent Marshalling“Upgrading our award-winning Intelligent Marshalling solution to include redundancy and safety capabilities demonstrates our commitment to providing the connected solutions our customers need to improve the safety, reliability and efficiency of their plants and business operations,” said Chris Lyden, senior vice president of strategy, Process Automation, Schneider Electric. “Configuring control and safety systems I/O can be costly, labor-intensive and subject to change. With their additional flexibility, the Foxboro FBM 248 and Tricon CX 3902X I/O offerings allow our customers to adjust to unforeseen module changes and errors with little impact to installation time. That can drive huge savings when it comes to project execution and operations.”

With its universal I/O and software-configurable modules, Intelligent Marshalling allows users to configure I/O points from anywhere in the plant or in the world. It also enables flexible options for future expansions and upgrades, as well as significant cost savings by reducing marshalling infrastructure, increasing I/O density per cabinet, reducing field and maintenance labor costs and drastically reducing the need for onsite replacement inventory.

Modicon Finds a Home

Modicon, and factory automation in general, has been a bit like an orphan step child for years at Schneider. The group now reports into the automation group under Freburger. It’s a learning experience for the process automation people—new language, new distribution, new service options. But things seem to coalescing well.

The PlantStruxure PES hybrid control system, build on a Modicon PLC platform, received its moment in the sun at the conference. Schneider Electric has added redundant controllers to the PlantStruxure PES system. Today, 50 percent of PlantStruxure PES projects require at least one pair of redundant controllers within the configuration. PES V4.2 meets the next generation of requirements with the M580 ePAC and the ability to lock down ports within a single configuration environment. With the highest levels of cybersecurity available on the market, PES V4.2 ensures nearly 100 percent uptime for customer systems.

“As IT and OT converge, we need solutions that boost plant connectivity and security,” said Lyden. “PlantStruxure PES enhances the ability of plant operators, engineers and managers to take better advantage of process and energy management data, which better enables them to improve maintenance, increase asset reliability and uncover additional operational efficiencies, all in a more secure environment. By making our PlantStruxure PES automation system secure and future proof by design, we are meeting the needs of tomorrow’s production facilities, today.”

A core feature of the Modicon M580 ePAC is its Ethernet-based architecture. Integration into the PES solution improves system management and provides customers with a level of standard communication, guaranteeing a future-proof system. Additionally, new services will be available for engineering and commissioning, which will make navigating a control program easier, as well as improve performance when making project changes. PlantStruxure PES V4.2 is also equipped with ready-to-use application and industry libraries, allowing systems to be built more quickly and with lower engineering costs. And by integrating energy-management features from other Schneider Electric automation and power devices, such as Altivar drives, the system will help users realize higher energy cost savings.

More on Industrial Protocols and Standards

More on Industrial Protocols and Standards

John Bernadin (retired Rockwell Automation executive) posted a comment on my LinkedIn post of my blog post on Protocol Wars–Vendors versus Standards.

“From the PLC side, the Auto industry began major efforts to drive standards in the 1990’s like GM’s MAP mfg automation protocol. However, after a decade they realized that even with their leadership and size, the Big Three and their top tier suppliers couldn’t get PLC vendors to agree on a standard. So in 2000, they decided it would literally take an “Act of Congress” to get vendors to agree. Two years later, a bipartisan Congress passed the Manufacturing Enterprise Integration Act of 2002 giving NIST over $150 million to develop and drive Interoperability protocols and standards. What happened next? President Bush never approved the budget for NIST to do it because he philosophically didn’t believe that the federal government should be creating standards. Thus, 25 years later we still have nothing — because this problem is like solving world hunger or world peace. It’s too big. “

Good recap, John.

Then there were PC standards

In those days, there was a PC standard. Actually, there were a few. There was an “XT” bus that standardized PCs on what became known as the PC platform. In the late 80s, IBM thought it would get fancy and recapture some proprietary technology it lost with the XT platform. Anyone remember Microchannel?But then PCI came along driven more by chip makers, I believe, to take the backplane to another level without being vendor specific.

I actually took classes and may still have a certificate around the house having passed tests on IBM’s proprietary, or sort-of proprietary, technologies. Remember also Token Ring? Yep, that was another. The third test had something to do with finance applications on the PC.

In those days you could build cards to plug into the bus. Only Apples were locked down.

There was an “embedded” PC world dominated by VMEbus and in the mid-late 90s PCI and then CompactPCI. PLCs were generally built on a modified VME but nothing was standard.

None of these things I’m talking about were driven by government. IBM allowed its first PC bus to become an industry standard that other companies could build to–and the PC industry took off.

Allen-Bradley CompactLogix I/O

Allen-Bradley CompactLogix I/O

In the 90s the big automakers grew frustrated with what was essentially a single PLC source and tried a bunch of things. Maybe the government. Maybe they were big enough to drive a CompactPCI standard. All PLC manufacturers would build on a single CompactPCI standard. Anyone’s cards would fit in the backplane–just like the PC industry. You could load anyone’s operating system and programming software on the platform.

By driving hardware and then software to commodity, then the automakers could drive the cost dramatically down.

Innovation

Since the 80s and 90s saw tremendous innovation around the standards driven PC platform, it was logical (to users) that similar innovation advances would be seen in the industrial “PC” market.

Many things were tried. Many things failed.

Trouble is–the industrial market is much smaller than the PC market. A commodity industrial market would drive incumbents to seek other markets. Innovation would dry up. Suppliers drove to protect their turf.

And innovation exploded.

We saw many things added to the PLC platform driven by competition (although reducing interoperability):

  • PC technologies–memory, processing
  • Networking
  • Integrated motion control
  • Reduced footprint
  • Innovative development studios

But, alas, if you bought Rockwell, you were stuck with Rockwell. Same with Siemens, and everyone else.

Users did reap some price concessions. Better, they reaped technology advances because the suppliers could afford to invest in new technology.

New technology cycle

Theses curves always run their cycle.

Where are we now? Is there any reason to need a standard platform PLC? Or has that technology curve been passed?

Do we need a single protocol for moving data in this brave new IoT world? Or, will suppliers build gateways that foster inter-communication–or a bus such as the ws-ISBM? And render the argument moot?

Real-Time Cyber Attack Detection for SCADA Devices

Real-Time Cyber Attack Detection for SCADA Devices

cybersecuritySCADA devices and networks remain a prime target for cyber attacks. Everything I’ve written has approached cybersecurity from a different angle. This is the first solution that has come my way that uses a deception approach.

Attivo Networks announced Dec. 7, 2015 a release of its deception-based Attivo BOTsink solution that provides continuous threat detection on Industrial Control Systems (ICS) SCADA devices used to monitor and control most manufacturing operations as well as critical infrastructure such as natural gas, oil, water, and electric power distribution and transmission systems around the world. Cyberattacks on these targets can and have resulted in disruption of critical local, regional, and national government and commercial infrastructures. As a result, when they are breached, the impact on societies they serve stands to be catastrophic.

According to a study by the Pew Internet and American Life Project, 60 percent of the technology experts interviewed believe that a major cyberattack will happen. The damages to property and ensuing theft will amount tens of billions of dollars, and the loss of life will be significant.

Scalable SCADA protection

“We are proud to be the first in the industry to provide customers a globally scalable, deception-based threat detection solution for SCADA protection,” emphasizes Tushar Kothari, CEO of Attivo Networks. “Many of our customers from the energy industry have requested the extension of our Attivo Deception Platform into their production and manufacturing control networks so they can get real-time visibility and the ability to promptly identify and remediate infected devices. As one stated, ‘a breach on those networks can be catastrophic and Attivo wants to do everything we can to prevent a disaster or risk to lives.”

SCADA systems had originally been designed to monitor critical production processes without consideration to security consequences. Security had been generally handled by keeping the devices off the network and the Internet using “air gaps” where malware could only be transmitted by the thumb drives used by technicians. However, today vulnerable SCADA systems are increasingly being connected to the corporate IT infrastructure and Internet, making them easily accessible to a remote attacker.

Examples of this would be the Sandworm malware that attacked Telecommunications and Energy sectors, Havex malware that infected a SCADA system manufacturer, and BlackEnergy malware that attacks ICS products manufactured by GE, Siemens, and Advantech. These attacks primarily targeted the operational capabilities of these facilities. With the increased malicious and sophistication of malware, concerns are now escalating to fears of an irreversible disaster.

Situational awareness

“Industrial systems have increasingly come under scrutiny from both attackers and defenders,” said Chris Blask, Chair of the Industrial Control System Information Sharing and Analysis Center (ICS-ISAC). “Situational awareness is the focus of the ICS-ISAC and its membership, including the ability for asset owners to detect and respond to incidents on their systems.”

These devices generally have long lifecycles creating an exposed environment driven by equipment that is less hardened and patches made infrequently. Additionally, because of their critical functions, SCADA devices cannot be taken offline frequently or for any length of time. This, along with costs that can run into the millions for every hour the network is offline, has made patching very difficult, often as infrequent as once a year, leaving many industrial facilities open to attacks. These risks are quite large considering these devices are found everywhere in electrical facilities, food processing, manufacturing, on-board ships, transportations and more.

“Companies operating in critical infrastructures like energy, utilities, nuclear, oil and gas know that they are not only vulnerable to the same security issues faced by most enterprises, they have the added enticement as a rich target for cyber terrorism,” stated Tony Dao, Director Information Technology, Aspect Engineering Group. “They recognize that securing their industrial control processes is not only critical to them, but to the institutions they serve. A loss would not only have repercussions throughout their economic sector but throughout the entire economy.”

The vulnerabilities begin with the use of default passwords, hard-coded encryption keys, and a lack of firmware updates, which pave the way for attackers to gain access and take control of industrial devices. Traditional perimeter-based solutions are designed to detect attacks on these devices by looking for suspicious attack behavior based on known signature patterns. SCADA supervisory systems are computers running normal Windows operating systems and are susceptible to zero day attacks, in which there are no known signatures or software patches. Several vulnerabilities also exist in the standard and proprietary protocols within Logic Controllers. Popular protocols include MODBUS (supervision and control), DNP3 (Energy and Water), BACNET (Building Automation), and IPMI (Baseboard Management Control).

Deception technology

Attivo Networks takes a different approach to detecting cyber attacks on ICS- SCADA devices. Instead of relying on signatures or known attack patterns, Attivo uses deception technology to lure the attackers to a BOTsink engagement device.  Customers have the flexibility to install their own Open Platform Communications (OPC) software while running popular protocols and PLC devices on the BOTsink solution making it indistinguishable from production SCADA devices. This provides real-time detection of BOTs and advanced persistent threats (APTs) that are conducting reconnaissance to mount their attacks on critical facility and energy networks.  Additionally, BOTsink forensics capture information including new device connections, issued commands and connection termination, enabling administrators to study the attacker’s tools, techniques, and information on infected devices that need remediation.

The Attivo SCADA solution is provided through a custom software image that runs on its BOTsink appliance or virtual machine. SCADA BOTsink deployment and management are provided through the Attivo Central Manager, which provides global central device management and threat intelligence dashboards and reporting.

“To a significant degree, the growing security problems impacting industrial control systems have originated from the fact that ICSs are increasingly less and less isolated from outside networks and systems, and ICSs are now more susceptible and vulnerable to attacks,” comments Ruggero Contu, Research Director at Gartner in his Market Trends: Industrial Control System Security, 2015 report.  “At the heart of this change is the demand to integrate enterprise IT systems to operational technology, and for remote connectivity.”

Check out this whiter paper. Dynamic Deception for Industrial Automation and Control Systems

Software Configurable Ethernet IO Module with Embedded Cyber Security

Software Configurable Ethernet IO Module with Embedded Cyber Security

Bedrock Ethernet I/OBedrock Automation extends to the industrial Ethernet domain its commitment to deliver “Simple, Scalable and Secure” automation.  The SIO4.E Ethernet I/O module plugs into the Bedrock pinless electromagnetic backplane to receive Bedrock’s patented Black Fabric cyber security protection.

Each of the module’s five I/O channels is independently software configurable. The initial library of Ethernet protocols includes EtherNet/IP. Modbus TCP, OPC UA, and Profinet are slated for future releases on firmware updates. All channels also deliver Power over Ethernet (PoE).

Ethernet as a real-time control variable

Tightly coupling Ethernet into the process control and I/O network enables deployment of a wide range of edge device and enterprise data into real-time control logic, much in the same way an engineer incorporates more typical process sensor and actuator data. This results in real-time communication channels for the exchange of data between OT production and IT enterprise systems.

“Unlike an Ethernet switch traditionally sitting at Purdue levels 3 to 5 with the operations and business networks, the SIO4.E module delivers Ethernet as secure I/O at levels 0 and 1 with the sensor, actuator and process control logic. This collapses the legacy hierarchical ICS model into a simplified and inherently more secure automation architecture. Equally empowering is the deployment of OPC UA on any of the SIO4.E Ethernet I/O channels, opening up a world of opportunity and innovation while reducing all aspects of software lifecycle cost. This is the way of the future,” says Bedrock CTO and Engineering VP, Albert Rooyakkers.

Securing Ethernet I/O

Ethernet is becoming widely adopted for open industrial control system (ICS) applications because it builds on proven, high-speed stacks that have been enhanced for use on industrial devices such as robots, PLCs, sensors, CNCs and other industrial machines. Bedrock secures Ethernet I/O in many ways, including by connecting the FIPS compliant anti-tamper SIO4.E I/O module on a pinless electromagnetic backplane, embedding authentication logic, true random number generation (TRNG) and cryptographic keys into the semiconductor hardware, and by isolating information flow within each channel by way of separation kernel functionality in a secure real-time operating system (RTOS).

“Robust ICS cyber security is just part of the tremendous value that the new Bedrock module brings to process automation,” says Bedrock Automation President Bob Honor.  “The fact that each channel can be software configured adds new levels of flexibility and scalability. No other I/O module allows process engineers to program so much communications capability into one system component. We are especially excited about the positive impact for ICS users.  That user experience is increasingly configurable and Bedrock uniquely offers the tools and platform to shape it securely to their advantage.”

Pricing and availability

The Bedrock SIO4.E Ethernet I/O module is available at a price of $2000, about the same as a traditional Ethernet IP card.  But unlike a typical Ethernet card, the five channel SIO4.E is cyber secure, software configurable for multiple protocols, and has more bandwidth, higher computing power and additional performance advantages.

Follow this blog

Get a weekly email of all new posts.