Manufacturing’s OT software legacy and its prevailing operations-centric approach to cybersecurity are inadequate for using and safeguarding industrial data. By Dr. Jim Davis
The economics of Smart Manufacturing1, IoT, Manufacturing 4.0, and Industry 4.0 are all about data – the ability to share manufacturing data securely from sensor-to-supply chain, machine-to-machine, and machine-to-human, at the right time and place, with the right form and technology, and the best involvement of people.
Fueled by new advanced sensor, data, control, platform, and modeling technologies, including the revival of AI and machine learning, the economic potential for drawing greater insights and expanding the use of data is significant. But only if the data can be available, managed, accessed, shared, and secured.
We say data are important, but we don’t act like it yet. In the years ahead, we can anticipate that manufacturing cybersecurity technology, practice, and training for securely sharing data for business and operational opportunity will be as important as protecting and mitigating unwanted attacks and access to data.
Next generation manufacturing is demanding radically increased end-to-end supply chain productivity across small, medium, and large manufacturers and the orchestration of operational precision and performance at each step in the value chain. Global manufacturing competitiveness, market growth, the growth in global population, and dealing with climate change are demanding higher precision materials and products in smaller lots, produced and delivered faster and cheaper, more safely, and with minimal effect on the environment, wherever on the globe. Products need to be made right the first time, without waste. Energy and material productivity must increase while overall consumption must dramatically decrease. Demand for precision validation of materials, parts and assemblies, and their traceability as inputs and outputs throughout the supply chain, are increasing, and in some segments, required. Smaller and smaller changes in upstream parts, products, and processes are having larger and larger effects on downstream process and product efficacy as precision and value-add demands increase.
There is wide agreement that end-to-end supply chain productivity, precision, and performance across manufacturers require extensive interconnectedness with secure and trusted manufacturing data sharing for operational and business interoperability. Everyone agrees that advanced sensing, and the radically extended use of data and modeling, are at the center of making these objectives a reality for manufacturing.
Data-Centric Security
But manufacturing has not yet come around to organizing for data-centric security practices, including the need to protect data so that it can be shared with confidence and trust.
Manufacturing’s 25-year legacy with operational data and production-oriented software has been all about the physical processes and the material, energy, and product flows. Understandably structured with this historical, physical operations-centric view, production software today locks down on the control and execution of discrete, continuous, or batch operations and on engineer-to-order, made-to-order, or made-to-stock work order modes. The Operational Technology (OT), and in particular the OT data that reflect and interface with the physical flows and equipment operations, are embedded, often contextualized implicitly, and vertically optimized for specific physical function, control, management execution, and/or work order models. However, the Information Technology (IT) for these production applications, including the hardware/software requirements, is further embedded in ways that are specific to the vendor equipment, software products, production types, work order types, and industry segments. In addition, IT networking, digital communications, and business and financial management systems and data are, all too often, still defined as business IT infrastructure technologies that are separate from OT functions, further creating complexity by separating business data and IT infrastructure from the OT and its embedded IT.
“Even within a single factory the escalation in maintenance requirements is out of reach or becomes impossible as the number of OT data interconnections increase.”
Freeing Up OT & Business Data
When it comes to next generation interests in expanding and freeing up OT and business data for the new productivity, precision, and performance business opportunities, manufacturing’s deployed software landscape is one of siloed approaches that have resulted in a huge proliferation of individually-deployed, vertically-optimized application solutions and IT infrastructures that trap the all important data. The OT and business data are trapped in forms that are not useful, in data stores that aren’t accessible, and IT architectures that do not easily free up the managed use of data or address the security of internal interconnections, let alone interconnectedness outside the four walls. Each software product, such as control or manufacturing execution systems, comes with its own IT infrastructure and requires on the order of 1,000 configuration and parameter settings for integration and an average 250 person hours per secure interconnection2. Even within a single factory the escalation in maintenance requirements is out of reach or becomes impossible as the number of OT data interconnections increase. Modern cloud products help the IT infrastructure but do not reduce the operational configuration, connectivity, and interconnections. Manufacturing’s deployment of cloud technologies effectively still isolates data, just like on-premise siloed applications, at a time when all manufacturers, small, medium, and large, need access.
Securing Data Sharing
Adding to the barriers to using data, manufacturing cybersecurity3 is rarely addressed in the context of data sharing. It tends to remain a separate matter from operational interconnectivity and is still largely treated as an IT problem, separating it from OT data and operations, and from the OT data that can enhance the effectiveness of the cybersecurity. As a manufacturing practice (see NIST cybersecurity framework4), manufacturing cybersecurity is already inadequate for manufacturing’s vertical software structures and it is far from oriented for a future of OT data interoperability. While the criticality of addressing cybersecurity is growing as sophisticated attacks increase and obscure device pathway attacks become dangerous, cybersecurity is still relegated largely to individual devices, machines, and products used by individual manufacturers. Quantitative risk is severely underestimated and risks with interconnectivity are yet to be systematically addressed. Small and medium manufacturers are especially vulnerable. Vendors don’t support upgrades well and cybersecurity is generally viewed as affecting someone else. Old equipment that still has operational value but uses old IT technology is a cybersecurity problem, as is how to shut down an operating factory just to do software upgrades. Manufacturers are already making impossibly difficult choices every day, weighing production continuity against the risk of security incidents.
The Importance of a Horizontal Approach
Looking forward, secure and trusted manufacturing data sharing connects and expands manufacturing horizontally across line operations, value chains, and supply chains. Data interoperability should not lead to increased cybersecurity risk. Similarly, cybersecurity methodology, organization, and practice should not impede the economic, productivity, environmental, and global competitiveness opportunities that are increasingly dependent on interoperability and greatly expanded data-driven business and operational partnerships. However, the same OT data are involved in both. A key structural change for manufacturing is expanding from its vertical-orientation with OT data and embedded IT, to a horizontal-orientation that layers the IT to accommodate OT data interconnectedness, and addresses cybersecurity with an aligned horizonal approach. Continuing manufacturing’s legacy software practices and just interconnecting vertical OT/IT software structures is not an economical, sustainable, or even viable pathway to the OT/IT convergence that facilitates and scales to the horizontally-oriented trusted data sharing and data cybersecurity needed today.
Taking a Data-Centric View
A data-centric view makes it possible to re-think OT/IT cyber convergence and how to get at desired cyber properties, while avoiding the problems of forcing new data and modeling software structures on to legacy structures not designed for horizontal data interconnectedness. It begins not only with the recognition that interconnectedness implies horizontal layering, but also that manufacturing is no longer about a single physical layer. Instead, it is about three horizontally oriented layers – Physical, Cyber, and Internet – that are linked together with OT data5. This view opens the door to focus on converged OT/IT data-centricity, unencumbered by the physical layer.
In just thinking about the data itself, there is a repeated pattern for the life of OT data, regardless of physical operation: (see Fig.1).
In Smart Manufacturing we refer to this progression as the OT Data Lifecycle.
Mindset Change
This cyber-focused view requires a mindset change. Physical models, digital twins, etc. are not the central focus here, but instead act to transform and produce data into useful forms that can be orchestrated and interfaced with the physical layer to drive operations.
OT data are thus developed in the cyber layer to be used in manufacturing operations at various stages of the data lifecycle, at various levels of contextualization, and for various control and operational execution purposes with various requirements for time and action, e.g. analysis, security, track and trace, monitoring, diagnosis, mitigation, optimization, prediction, self-interrogation, and health assessments. Secure interconnectedness and trusted data sharing involve secure data flows, cyber operations, and OT data sharing based on business agreements, service level agreements, validated protections, privacy and security for different kinds of sensitive or protected data, and the granular and carefully managed sharing of intellectual property. Security and privacy attacks, breaches, rapid recourse, and mitigation strategies are dealt with in the cyber layer as one kind of abnormal situation that requires identifying when the OT data are not as expected, not transformed or exchanged as wanted, and could affect physical operations.
IT, meanwhile, includes the data networking, streaming, storage, computation, management, security, and communications that enable data lifecycle of the OT data. These same OT data enhance IT security strategies with needed operational contextualization and expectation. It is in the cyber layer that threat intelligence data are applied.
At each Data Lifecycle stage there are security and trust technologies available that can be organized not only for the prevention of issues with trusted data sharing and cybersecurity together, but also for identification and mitigation when issues arise. Cyber property requirements can be cast as the questions that manufacturers want to ask, and to have confidence in the answers, as business interconnectedness strategies grow:
Generation ➔ Is the data source secure? Can I trust the data from that source?
Connection ➔ Is the data connection to be used secure, protected, and ready for transmission of the data in the form agreed? Have source and destination been authenticated and authorized? Can I trust the security readiness of the exchange endpoints?
Ingestion ➔ Were the right data transferred, exchanged, or exposed in the way agreed to? Were these done securely? Were the data transferred, or not, as expected? Are there indications of inappropriate activity, including inappropriate data or files?
Contextualization ➔ Do I see security or data sharing issues with data to be used in an operation? Are the machine/process data models validated? Are there any unusual excursions when data are filtered, analyzed, and normalized?
Orchestrated Transformation ➔ Do the checklists on control models, machine code parameters, and human input check out? Do I see security or data sharing issues with data and models while in operation?
Historization ➔ Do I have the right operational, business, and communications data to understand operational expectations? Do I have the OT data to build and sustain OT/IT based security models and algorithms? Do I have a store of reset operational parameters and OT data if I need to mitigate a breach or failure in data sharing by returning to past operational settings?
“The key point is that manufacturing’s vertically oriented software legacy and its current approach to cybersecurity are inadequate for the future.”
OT/IT Convergence
It is possible to see how desirable converged OT/IT cyber properties can be structured. A progressively staged and layered data centric, life cycle view addresses horizontal orientation directly and produces a more proactive security and trusted data sharing approach across operations and involving people. It is also possible to think about catching and mitigating issues before they affect the operation, as well as incorporating mitigations when operations are affected. There can be a layer-by-layer categorization and organization of methods and a more logical alignment of methods to act on the operational effects, including time. When business trust is established, the layered framework works for trusted data sharing within companies and among companies (supply chain) using agreed upon security methods and granular management of data, within and beyond factory walls or factory firewalls. The layers break down and define threat surfaces for which there can be focused methods and focused mitigations, like dealing with compromised sensors. Security and trusted data sharing methods can be more readily integrated with operational methods and slotted in and out, layer by layer, to address a diversity of security requirements.
Importantly, there is also a more organized operational historian with the right data for building OT based security models, as well as maintaining a store of reset parameters and data for mitigation. The stage is set for factory infrastructure security, organizational readiness, and trusted security data sharing expectations that each factory would need to have in place for interconnectedness (as in the NIST Framework), and for resilience strategies that are needed when data are exchanged but shouldn’t be, and when data are not exchanged but expected.
There are clearly important systems and deployment questions to be addressed. The key point, though, is that manufacturing’s vertically oriented software legacy and its current approach to cybersecurity are inadequate for the future.
Horizontal OT/IT Thinking
What got us here will not get us where the industry needs to go. Physical and cyber operations layering, and OT data lifecycle and cyber centricity, address needed horizontal thinking for supply chain productivity, precision, and performance. The mindset change has the potential to shift cyber security and trusted data sharing from an approach of many solutions, into converged OT/IT thinking so that both are leveraged and enhanced together as two sides of the same operational strategy. M
Footnotes
1 CESMII (the Clean Energy Smart Manufacturing Innovation Institute) is one of 14 national Manufacturing USA institutes, each a public-private partnership, jointly funded by government and private industry to secure America’s future through manufacturing innovation, education, and collaboration.
2 Benchmark data established by CESMII
3 MForesight, 2017 and Manufacturing Leadership Council discussions 2019
4 https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf
5 https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.1500-201.pdf