Manufacturers need to up their game in protecting the data from increasingly connected plant floor equipment. By Bob Slevin
Today’s manufacturing industry faces a constant challenge of ensuring that design and manufacturing operations are secure, as an increasing number of cyber security threats continue to impact day-to-day business operations. External third parties are exploiting weaknesses in IT infrastructures to hack into networks and gain access to sensitive design and production data. As companies explore new Industry 4.0 strategies and new sources of data grow exponentially across the enterprise, the problem of securing this data becomes even more important.
In today’s business environment, improving data security should be job number one for the CIO. However, with project teams focused on implementing new and exciting technologies such as IoT, wearable devices and artificial intelligence, quite often securing data from these new technologies becomes an afterthought.
But the manufacturing industry has been very protective of the information that it creates, so much so that a car manufacturer, for example, would be very reluctant to share sensitive design information outside the four walls of its business operations. The automotive OEMs, in particular, have been relatively slow to adopt cloud-based solutions for exchanging and archiving sensitive manufacturing information due to fear of a third-party gaining access to this information once it is in the cloud.
Up until recently, on- premise-based IT solutions, especially in the design and production functions, prevailed. However, new and exciting technologies that force manufacturers to be more collaborative with their external supplier ecosystem are causing manufacturers to think differently in their approach to managing, sharing, and securing their sensitive design and manufacturing information.
Manufacturing environments are evolving from linear-based systems to digital ecosystems where companies are forced to share information and work collaboratively in order to accelerate product design processes to get new products to market more quickly and hopefully ahead of the competition.
The Challenge of Sensor Data
The Industrial Internet of Things (IIoT) is having a profound effect on how manufacturing organizations share information. The explosion in connected industrial equipment means that companies have to think about how they archive sensor-based information coming from these devices, how they securely move this sensor data from one location to another, and how they derive insights from this data so that manufacturing and supply chain operations can be optimized.
We are seeing new terminology such as digital twins and collaborative robots enter production operations. These new sources of digital information need to connect with a digital backbone to ensure that information gets to where it needs to go in a secure and efficient manner. We are currently seeing a renaissance in the manufacturing sector with these new connected technologies helping to improve the uptime of serviceable equipment through predictive maintenance, improving the track and trace of goods as they move through the supply chain, and ensuring that factory part bins, for example, are replenished at the optimum time. This new technology is allowing manufacturing operations to run faster, smarter, and become more self-aware in terms of how production operations are managed and optimized.
To achieve this vision, some manufacturers, notably in the automotive sector, have started to establish Industrial Clouds to help collaborate not just with their respective supplier ecosystems but provide a secure way to exchange design and manufacturing information between plant operations securely. With the explosion in connected devices entering the manufacturing sector, having a secure IoT network is becoming increasingly important for these companies to fulfill their digital transformation strategies.
Since the cloud started to go mainstream in 2010, along with big data and mobile, in many industry sectors the cloud has started to become commoditized. For example, in a recent survey by IDC, over 70% of respondents said that they were using cloud- based B2B networks today1. So, it is only a matter of time before industrial clouds go mainstream as well.
Challenges in governance and integration have arisen as the result of increasing connectivity in manufacturing environments.
The Mandate for Security
The benefits realized from this latest industrial revolution are easily recognized and the fear of being left behind has accelerated interest as manufacturers seek to exploit these new connected technologies. But with this innovation arise challenges in governance and integration. Taking a good enough to get the job done posture with IIoT as it connects to mission critical operating technology is not a long-term strategy. Failing to secure IIoT devices and their data streams can expose critical operating technology to risk.
Security concerns remain a barrier to broad IoT adoption, especially in industrial organizations where 91% of manufacturers are investing in digital, but 35% say cyber vulnerabilities inhibit them from fully doing so.2 According to CSO from IDG, “The IoT environment must be secure by design, secure by default, secure in use, secure in transmission and secure at rest.” There needs to be a solution that addresses each of these security areas while enabling the transparency and scalability needed to ensure trusted integration to enterprise applications.
Establishing an industrial cloud for plant-to-plant connectivity is one thing but establishing a secure industrial cloud for plant-to-plant connectivity is another. For many years the automotive industry has been using secure, point-to-point networks for exchanging sensitive design information across their supplier ecosystem. There are many different regional networks connecting OEMs to their supply base.
Many OEM Networks Exist
For example, in North America the Automotive Network Exchange (ANX), the European Network Exchange (ENX), and the Japanese Network Exchange (JNX) all offer secure infrastructure which is proven and, more importantly, trusted. ANX, for example, relies on having a network router inside the firewall of an OEM. This router is then securely connected via a third-party vendor specializing in networking and integration to a router inside the firewall of a supplier.
What if you could connect IoT devices to this same router behind the firewall and then allow sensor information to flow securely between one point to another, potentially anywhere in the world? This completely isolated network would also leverage an identity-centric IoT platform to ensure that devices connecting to the network are who they say they are; meaning, they have a digital identity and only personnel with the correctly assigned digital identities can access the information moving across this network.
This concept of a secure IoT network is going to underpin future IIoT strategies and more importantly provide a backbone for digital transformation initiatives moving forwards. The secure IoT network provides a zero-trust framework to enable IoT device management, integration, and unified messaging and, more importantly, ensures the secure exchange of IoT sensor information between different industrial assets or plant facilities.
Managing Multiple Platforms
IDC predicts that by 2020, 70% of organizations will leverage commercial IoT platforms to develop and deploy IoT applications, and more than 50% will have multi-vendor IoT platform environments3. With initial IoT deployments solving a specific, tactical use case (e.g. machine monitoring or fleet management) many organizations are finding themselves with multiple IoT platforms.
As we’ve mentioned in a previous article, managing these complex industrial IoT ecosystems is not for the faint of heart. It will take an identity-centric, zero-trust approach to ensure critical IIoT devices and their associated data streams are protected from tampering or misuse. A little paranoia can be a good thing, especially when the threat vector for industrial IoT is growing exponentially. So, if your organization’s industrial IoT deployments are beginning to resemble a three-ring circus, find a big enough platform to corral and govern them all.
Even the strongest security measures can be undone by ill-timed or untrained activity. And bombarding personnel with data that is unrelated to their role can be equally damaging. As industrial IoT deployments move from simple monitoring and failure alerts to more complex and sophisticated solutions, such as digital twins, organizations need to adopt an identity-first approach to ensure the data and devices they are extending are not at risk. Failure to adequately attest and verify the IoT device could lead to too much or too little access, hampering integration or possibly exposing data or the device to cyberattacks. Utilizing the principle of least privilege, clearly defining each person, system and thing’s role, purpose, and lifecycle within the connected ecosystem prevents unqualified access and does not permit interaction with the uncaring.
So the industrial cloud is now upon us, an environment that will allow manufacturing plants to be connected securely and sensor information from connected industrial assets accessed only by users with the correct permissions. Companies can begin to build an identity-centric digital ecosystem that will foster improved collaboration, build trust across a supplier community, and, most importantly, provide a distinct competitive advantage in the market.
1. IDC Digital Transformation Drives Supply Chain Restructuring Imperative (2017)
2. MAKE UK and AIG, Cyber Security for Manufacturing (2018)
3. IDC FutureScape: Worldwide IoT 2019 Predictions (2018)