Interesting about the disgruntled ex-employees. I would have guessed more on the order of industrial espionage and competitors looking for info on trade secrets. OTOH, some work I did a few years back in security showed that the biggest leaks and potential leaks were not disgruntled current employees with either improperly secured mobile devices, or those where employees turned off security because it gets in the way of operating the machines. Those mobile devices then get lost or mislaid and presto! The company has a security crisis on its hands.
Yes, it is exposed, which makes IT nervous, especially when control resists the usual overnight patches and reboots. The plant never sleeps, so you can't just reboot.
Interestingly, the perceived threat is not from malicious anonymous hacker or terrorists. What really scares them is former disgruntled employees. Those are the folks who know where all the digital levers are.
That's an excellent point about security, Rob. One of the good things about the pre-internet days was that, even if you could hack a machine based on one of those old proprietary standards, they weren't connected to the outside world. Now they are, and all that data is exposed.
Very interesting, Dave. Sounds like IT backed off once they were convinved that control got religion on the importance of security. Seems like an excellent solution. And yes, you identified another area of conflict between IT and control, the sense of time.
Over 6 years of meetings between IT and Controls, there is more emphasis on security from the Controls side now that we have a greater understanding. The controls were determined that IT be "like the cable company" and provide the infrastructure only.
The largest gap now is the issue of urgency, Controls live in a world where "real-time" is milliseconds and IT's definition is hours.
Yes, it's a widespread conflict. IT says, you need these patches to ensure your security. Control says, you can't reboot these computers until we have planned downtime. The big change is that the control network is exposed to the outside world now that the plant's control network is tied in to ERP and supply chain networks.
This kind of integration is great. The finance folks know what's being consumed and what's being produced. Suppliers know what inventory has been depleted. Customers get to know when their M&Ms have shipped. But the plant is now exposed to all the contagious ills that run on the Internet.
You raise a really important point, Rob. And with control systems becoming a more fully blended mix of traditional automation and mainstream IT technology, it's logical that the person in charge has to straddle or have some sort of oversight of both domains. Perhaps there is an emerging new position?
Even though Ethernet (the hardware) is becoming standard, the hiccup is the fact that each manufacturer maintains its own protocols. While you can buy an off-the-shelf industrial switch from anybody for your system, that's only half the battle. There is still no easy way (short of bridges or converters) to take Manufacturer A's product and put it into an existing system that used Manufacturer B. The issue gets blown out of proportion when dealing with non-automation people who can't quite grasp why interoperation is not so easy when "they are all ethernet, aren't they?"
One of the fun side effects of IT and plant control running on the same Ethernet pipeline is the question of who's in charge? That battle has been raging for years. Some smart companies have created mixed groups with personnel from both IT and control. But that's not always the case.
They have two different views of the world. IT is concerned about security and control is concerned about uptime. In the past, control was an internal network without security issues. That's changed.
Ethernet has taken a really long time to move into the control world, because of the multiple silos created by different proprietary protocols and because of the big difference in functionality between control protocols and the serial, packet-based Ethernet networking protocols. The determinism issue was a real one. That's why it's taken protocols specially designed for real-time industrial control, such as EtherCAT and Ethernet Powerlink, to make that shift possible.
For industrial control applications, or even a simple assembly line, that machine can go almost 24/7 without a break. But what happens when the task is a little more complex? That’s where the “smart” machine would come in. The smart machine is one that has some simple (or complex in some cases) processing capability to be able to adapt to changing conditions. Such machines are suited for a host of applications, including automotive, aerospace, defense, medical, computers and electronics, telecommunications, consumer goods, and so on. This discussion will examine what’s possible with smart machines, and what tradeoffs need to be made to implement such a solution.