Interesting about the disgruntled ex-employees. I would have guessed more on the order of industrial espionage and competitors looking for info on trade secrets. OTOH, some work I did a few years back in security showed that the biggest leaks and potential leaks were not disgruntled current employees with either improperly secured mobile devices, or those where employees turned off security because it gets in the way of operating the machines. Those mobile devices then get lost or mislaid and presto! The company has a security crisis on its hands.
Yes, it is exposed, which makes IT nervous, especially when control resists the usual overnight patches and reboots. The plant never sleeps, so you can't just reboot.
Interestingly, the perceived threat is not from malicious anonymous hacker or terrorists. What really scares them is former disgruntled employees. Those are the folks who know where all the digital levers are.
That's an excellent point about security, Rob. One of the good things about the pre-internet days was that, even if you could hack a machine based on one of those old proprietary standards, they weren't connected to the outside world. Now they are, and all that data is exposed.
Very interesting, Dave. Sounds like IT backed off once they were convinved that control got religion on the importance of security. Seems like an excellent solution. And yes, you identified another area of conflict between IT and control, the sense of time.
Over 6 years of meetings between IT and Controls, there is more emphasis on security from the Controls side now that we have a greater understanding. The controls were determined that IT be "like the cable company" and provide the infrastructure only.
The largest gap now is the issue of urgency, Controls live in a world where "real-time" is milliseconds and IT's definition is hours.
Yes, it's a widespread conflict. IT says, you need these patches to ensure your security. Control says, you can't reboot these computers until we have planned downtime. The big change is that the control network is exposed to the outside world now that the plant's control network is tied in to ERP and supply chain networks.
This kind of integration is great. The finance folks know what's being consumed and what's being produced. Suppliers know what inventory has been depleted. Customers get to know when their M&Ms have shipped. But the plant is now exposed to all the contagious ills that run on the Internet.
You raise a really important point, Rob. And with control systems becoming a more fully blended mix of traditional automation and mainstream IT technology, it's logical that the person in charge has to straddle or have some sort of oversight of both domains. Perhaps there is an emerging new position?
Even though Ethernet (the hardware) is becoming standard, the hiccup is the fact that each manufacturer maintains its own protocols. While you can buy an off-the-shelf industrial switch from anybody for your system, that's only half the battle. There is still no easy way (short of bridges or converters) to take Manufacturer A's product and put it into an existing system that used Manufacturer B. The issue gets blown out of proportion when dealing with non-automation people who can't quite grasp why interoperation is not so easy when "they are all ethernet, aren't they?"
One of the fun side effects of IT and plant control running on the same Ethernet pipeline is the question of who's in charge? That battle has been raging for years. Some smart companies have created mixed groups with personnel from both IT and control. But that's not always the case.
They have two different views of the world. IT is concerned about security and control is concerned about uptime. In the past, control was an internal network without security issues. That's changed.
Ethernet has taken a really long time to move into the control world, because of the multiple silos created by different proprietary protocols and because of the big difference in functionality between control protocols and the serial, packet-based Ethernet networking protocols. The determinism issue was a real one. That's why it's taken protocols specially designed for real-time industrial control, such as EtherCAT and Ethernet Powerlink, to make that shift possible.
The question of whether engineers could have foreseen the shortcut maintenance procedures that led to the crash of American Airlines Flight 191 in 1979 will probably linger for as long as there is an engineering profession.
More than 35 years later, the post-mortem on one of the country’s worst engineering disasters appears to be simple. A contractor asked for a change in an original design. The change was approved by engineers, later resulting in a mammoth structural collapse that killed 114 people and injured 216 more.
If you’re an embedded systems engineer whose analog capabilities are getting a little bit rusty, then you’ll want to take note of an upcoming Design News Continuing Education Center class, “Analog Design for the Digital World,” running Monday, Nov. 17 through Friday, Nov. 21.
Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.