by Gary Mintchell | Jan 27, 2014 | Operations Management
A couple of Invensys (now Schneider, I’ll wait for the official announcement about how to name it) executives have been blogging some thoughtful pieces. Here is another one from Tim Sowell, VP and Invensys Fellow on Collaborative Manufacturing.
We’ve been discussing this topic for years as the ease of digital communications just keeps improving. Tim steps back and looks at the requirements:
“An effective Collaborative Manufacturing strategy requires business processes to include more inputs and interactions than most traditional processes. To support Collaborative Manufacturing, information systems must integrate and aggregate information from across the manufacturing business and from its suppliers, trading partners, and customers. It must also provide the means to intelligently distribute that information across various business entities.”
So how can small enterprises now leverage the technology previously available only available to larger enterprises?
“Key to me is that fact that small enterprises can now leverage “Managed service” in the cloud that deliver the rich operational business capability of inventory management, operational process and manufacturing, and specification management which was only available to much larger companies. Now an end to end product chain can be developed with aligned a process and enable a product manufacturer to divided up over multiple operations, each operation executed by a small manufacturing entity.”
Sowell concludes:
“A Collaborative Manufacturing strategy can help a company maximizes the effectiveness of its value chain in order to better control profits and address changing market demands.
Is this real, my answer is yes, I was on a plane last week, and two fellow travelers talked about the alliance and the seeking out others to make this ecosystem, combined with the agility of 3D printing, and then assemble these two expected to grow and had a good pipeline due to satisfy the ‘pay on delivery, with small order sizes’ also the ability to have local final assembly close to distribution centers and significant retailers make them more desirable to occupy the ‘shelf space’. Both agree the reality is only now that the tracking and management are common across the plants in a hosted ‘managed service’.”
by Gary Mintchell | Jan 15, 2014 | Automation, Security
Cybersecurity experts, and especially the media that reports on cybersecurity vulnerabilities, often love to just point fingers at companies. Seldom do they acknowledge a good response. Here is an item I picked up from a security services company, IOActive.
The company announced Jan. 9 that it has uncovered multiple vulnerabilities in Siemens’ SCALANCE X-200 Switch Family. These Ethernet switches are used to connect to Industrial Control Systems (ICS) components like Programmable Logic Controllers (PLCs) and Human Machine Interfaces (HMIs). The switches enable remote diagnostics and simplified configuration through a common web browser.
Senior security consultant for IOActive, Eireann Leverett, discovered two vulnerabilities in the switches. Both vulnerabilities were discovered in the web server authentication of the product. The first vulnerability could allow an attacker to perform administrative operations over the network without authentication, gaining access to critical services. The second vulnerability could allow an attacker to hijack web sessions over the network without authentication.
“Siemens ProductCERT were professional, courteous, and did not adopt an adversarial attitude when I contacted them about the vulnerabilities. Consequently, we were able to clarify the vulnerabilities quickly, and they produced a patch within three months,” said Eireann Leverett, senior security consultant for IOActive. “I challenge other ICS vendors to match this timeline for security patching in the future.”
Speedy Response
As soon as IOActive notified the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) of the vulnerabilities, Siemens ProductCERT wasted little time resolving the issue.
Leverett added, “The speed at which Siemens ProductCERT responded to the notification of these two vulnerabilities is something to be applauded. IOActive has always pushed vendors to respond when they receive notifications on vulnerabilities in their products. Siemens is the perfect example of how companies should respond when addressing these issues.”
Siemens ProductCERT is a team dedicated to accepting and handling security issues and vulnerabilities within their products. They co-ordinate with external and internal security researchers and work closely with the company’s product teams to develop fixes. ProductCERT publish the fixes as soon as they have been tested and credits the researchers who discovered the issues. The very existence of this team illustrates Siemens serious commitment to handling security issues smoothly and quickly.
Siemens has addressed both issues by providing a firmware update for the affected products.
by Gary Mintchell | Jan 8, 2014 | Automation, Operations Management, Security
Ernest Hayden, one of the contributors to the Tofino Security blog, posted some notes on Nov. 25, 2013 about the latest Cybersecurity Framework draft from NIST–the US National Institute of Standards and Technology. If you have any interest at all in security, this is a good read.
Writes Hayden, “Regardless of where one lives in the world, we all know that our country’s national infrastructures are very important to our economies and our national defense. And with incidents like the attacks on the gas pipeline industry and the details revealed in the Madiant Report, nowhere has this point been driven home more than in the US.
So due to the growing concerns over continued cyber attacks on US national infrastructure – such as the electric grid, water systems, transportation networks, banks/financial institutions, critical manufacturing, etc. – President Obama issued Framework draft.
“A key aspect of the Framework is that it is not intended to replace an organization’s existing business or cybersecurity risk management process and cybersecurity program,” concludes Hayden. “Instead, the organization can use its current processes and leverage the Framework to identify areas to improve its cybersecurity risk management. Also, the Framework can be helpful to a company that does not have a currently existing cybersecurity program so they can build in key elements raised by the Framework.”
by Gary Mintchell | Jan 7, 2014 | News, Operations Management, Software
Dassault Systèmes unveiled DELMIA’s Apriso Quality Solution, which includes enterprise quality management software (EQMS) and professional services that expands the reach of traditional Quality Management Systems (QMS) to the global shop floor, across the supply chain, and up to executives. By extending visibility and control into global operations, this new DELMIA solution addresses the challenge of achieving higher quality across the enterprise and product supply network at a lower total cost.
“There’s a gap in many organizations’ ability to effectively deliver quality products and processes, and our research over the past several years has revealed that enterprise quality management software (EQMS) is the bridge. EQMS transforms many of the traditionally siloed quality efforts that are causing roadblocks to improvement today,” stated Matt Littlefield, President and Principal Analyst at LNS Research, in “What’s Stopping You from Achieving Quality Excellence?” on September 11, 2013.
Specific attributes of this solution include:
- Vertically aligned, from in-line SPC and quality inspections, to enterprise-wide quality planning, to out-of-the-box quality dashboards and analytics
- Global in its ability to create corporate standards and quality processes, enforce them across locations and suppliers, all within a closed loop system that supports continuous improvement
- Detailed with complete track and trace for both as built and as maintained, for better root cause analysis and initiation of preventive and corrective actions, ultimately leading to improved brand protection
“Globally distributing manufacturing operations has exposed weakness in disparate quality systems, which can cause data inconsistency, delayed response times and additional cost,” explained John Fishell, Vice President of DELMIA Apriso Product Management, Dassault Systèmes. “Apriso Quality Solution can improve global quality performance in such a way that complements an enterprise’s manufacturing operations management strategy.”
by Gary Mintchell | Dec 23, 2013 | Automation, Data Management, Operations Management, Technology
The TED Talks began as exclusive talks about “Ideas Worth Spreading” that attendees paid 5-figure fees to attend. Talks must be less than 20 minutes, and in many cases around 10 minutes. Growing from one location that met annually, the franchise has spread across the globe and now there are thousands.
Industry, or manufacturing, seldom is a topic. So when I heard this one from the chief economist of GE, I thought it was worth sharing. The official TED blurb is below, but understand that “Industrial Internet” is GE’s pet term for the Internet of Things. This is a growing trend that will be significant in industry. But reading the comments on the TED page reveals how much more education we in the field need to provide to the general population.
Everyone’s talking about the “Internet of Things,” but what exactly does that mean for our future? In this thoughtful talk, economist Marco Annunziata looks at how technology is transforming the industrial sector, creating machines that can see, feel, sense and react — so they can be operated far more efficiently. Think: airplane parts that send an alert when they need to be serviced, or wind turbines that communicate with one another to generate more electricity. It’s a future with exciting implications for us all.
