MARCH 2017
Inside: Profile of a predictive analytics platform p12 Current state of industrial cybersecurity p22
Supplement to Periodicals Publication
EtherNet/IP
™
Modbus TCP ®
Built-in Diagnostics and Encryption
Multiprotocol Support
Secure Boot Future-Proof
Error-Correcting Memory
TSN-Ready
IIoT and Industry 4.0 Enabled
Linux, QNX, VxWorks
Our IoT-Ready netX Chip Gets Your Automation Devices Talking.
System on Chip, Dual Processors
OPC UA and MQTT ®
Built-in Cloud Support: IBM, SAP, Microsoft, Amazon, more
One Chip, One Driver, All Protocol Stacks
IO-Link EtherCAT
®
Connectivity LeaderChip Future-Proof your solutions! Our next-gen netX chips have everything you need to put your devices on the Industrial Internet of Things. All networks; All software stacks; All security features; All clouds. With netX, your solutions have Connectivity LeaderChip. Learn more from Hilscher, call 1.630.505.5301, email: info@hilscher.us or visit www.hilscher.com ©2017 Hilscher North America, Inc. All trademarks are the properties of their respective companies.
input #100 at www.controleng.com/information
PROFINET
®
input #101 at www.controleng.com/information
The Industrial Internet of Things: It’s Here, It Works, It’s Ignition There is only one unified SCADA and IIoT platform that can turn the promise of the IIoT into a reality. Ignition empowers your enterprise to rapidly develop, deploy, upgrade, scale, and improve solutions in any way you need.
Discover the world’s first universal industrial application platform: IIoT & SCADA on One Platform:
Streamline Your Data:
Ignition is the only IIoT platform with full-featured SCADA functionalities built right in.
Create one efficient data pipeline for all your IIoT data – any type of data from any device.
Unlimited Licensing:
Web-Based Deployment:
Add unlimited clients, screens, tags, connections, and devices.
Launch Ignition on any webenabled desktop or mobile device.
End-to-End IIoT Solution: Ignition can live on your local site, field devices, and in the cloud, connecting eveything into one unified IIoT solution.
Put the IIoT to work for you at: inductiveautomation.com input #102 at www.controleng.com/information
MARCH 2017
IIoT technologies can be seen as an alternative to the traditional automation triangle comprising control, execution, and enterprise levels.
EDITORIAL
4 The information experience Augmented reality presents ideas and facts in just a look. EVENTS
5 An Internet of Things as seen at ARC Industry Forum Expertise for IT-driven automation gains gathers here annually.
FEATURES
8 Pervasive sensing solves Saltigo steam problems
8
Cover photo courtesy: Emerson Process Management
In operation, steam traps don’t reveal much about themselves; software helps.
12 What industrial-analytics platforms offer manufacturers Challenges and benefits of analytics applications discussed.
18 How an IIoT-enabled maintenance-maturity model works
5
Six actions that set the stage for better asset management.
22 Current issues in industrial cybersecurity Ransomware is as loathsome as it sounds, and it’s growing fast. NEWS
26 IIoT reference architecture updated Ways to prepare for the proliferation of cyberphysical systems.
www.controleng.com/IIoT
12 IIoT For Engineers
MARCH 2017
| 3
PRODUCTIVITY & BEST PRACTICES: EDITOR’S COLUMN Kevin Parker Senior Contributing Editor
The information experience Augmented reality captures ideas and facts in just a glance
A
ugmented reality (AR) applies measure to matter, right before our eyes. It does so by overlaying “augmentations” onto the visual plenums of users wearing smart glasses. Users see the dimensions and specifications of the modelled object being looked at. In terms of industrial application possibilities, it’s more interesting than complete-untothemselves virtual realities. “Augmented reality brings physical worlds and cyber worlds into close conjunction,” said Mike Campbell, an executive vice president at PTC, which has assembled an Industrial Internet of Things (IIoT) platform, called ThingWorx. It combines industrial connectivity, application development, and predictive analytics and works with PTC computer-aided design (CAD) and other of its product solutions. These solutions include an augmented-reality authoring tool used to develop AR experiences. IIoT is used to make those experiences meaningful.
Golden opportunities “IIoT is for operations optimization,” said Campbell, “but it’s also important to design and to services provision. Augmented reality will be how the ‘digital-twin’ becomes a concept of power. For a viewer, a digital-twin resident in the cloud overlays design information onto the viewed object. This type of capability is equally attractive to owner-operators and OEMs.” AR’s power may be hard to over-estimate. Simply think of all the types of skilled and semi-skilled labor to which it could be applied. More generally, this digital information—including text, image, and videos—can be presented in the realtime context of the physical world through any cameraenabled device such as a smartphone or tablet. Displays
4
|
MARCH 2017
IIoT For Engineers
can be fixed on the object, or floating. For industry, smart glasses and other digital eyewear will prove especially attractive because they allow hands-free use. Much as the smart phone has changed daily life, AR could quickly and significantly change how all sorts of work is done. At the same time the technology and human challenges involved seem significant. “The challenge with AR is that it is difficult, requiring development and training skills,” said Campbell. “We are attacking the problem using the Internet of Things and by forging ways to quickly develop applications.”
Machine identities For one, PTC has a universal browser optimized for viewing modelled objects. Users select an augmented experience to view, whether that includes sensor, analytic, or enterprise data. Of course, a machine identification may be of a kind of a machine or of a particular machine. PTC’s IIoT platform connectivity makes available the sensor data, real-time services, and CAD data to make different types of identifications that result in what PTC and Campbell call a “connected augmented reality.” “It’s a way to contextualize and experience information,” concluded Campbell, who believes AR will soon be a primary computing paradigm in the IIoT world. To quicken that day’s arrival, PTC is running the ThingWorx pilot program, which allows companies to build their own augmented experiences. So far, 1,500 companies have created more than 60,000 experiences. IIoT
MORE
INFORMATION For more information, go to www.thingworx.com/platform/thingworxs/studio/ pilot/ www.controleng.com/IIoT
INDUSTRY NEWS AND EVENTS
An Internet of Things as seen at ARC Industry Forum Where to find the technologies and expertise for IT-driven automation gains
T
he digital enterprise was the theme of the 21st annual ARC Industry Forum held in Orlando in February. As such, content and solutions related to the Industrial Internet of Things (IIoT) abounded. Each year at the ARC Forum, the day prior to the full event, about a half-dozen technology solution providers participate in a series of press conferences with the industry-trade journalists present. At least several make product-solution and other type announcements. Below please find background on some of the announcements made this year.
Figure 1: Bedrock Automation says it has rethought the industrial control system in
“Only with Siemens could we so purposefully advance beyond merely linking the ‘Industrial Internet of Things’ to ultimately leverage digital engineering models for visual operations and connected infrastructure asset performance,” said Bentley Systems CEO Greg Bentley. Founded in 1984, Bentley has more than 3,000 colleagues in over 50 countries, more than $600 million in annual revenues, and since 2009 has invested more than $1 billion in research, development, and acquisitions. Additional information about Bentley is available at www.bentley.com.
light of the latest technology advances.
Digital engineering models make common cause
Courtesy: Bedrock Automation
Consultants plus simulation put eyes on projects
Siemens and Bentley Systems have formalized a strategic-alliance agreement to accelerate digitalization in infrastructure project delivery and asset performance. The companies will initially invest at least €50 million in developing joint solutions that, among other things, will use cloud services to support engineeringmodel convergence. In addition, about €70 million of secondary shares of Bentley’s common stock were acquired by Siemens, under a program that will continue until Bentley Systems’ stock is publicly traded. Siemens and Bentley Systems previously licensed each other’s technology in areas including the Digital Fac-
tory, process industries, and drives. Their respective software offerings are integrated. For example, Bentley’s reality modeling is integrated into Siemens Process Simulate to use laser-scanned point clouds in modeling the in-situ context of brownfield industrial environments. Siemens’ solutions benefit from Bentley’s complementary applications for design, analytical, construction, and asset-performance modeling. For example, Bentley’s applications for the 3-D modeling and structural analysis of industrial and infrastructure assets complement Siemens’ solutions and unparalleled domain expertise in electrification and automation.
The KBC Co-Pilot Program brings together KBC Advanced Technologies (KBC) strategic and technical consultants with Petro-SIM simulation technology. The simulation platform connects to a cloudbased Industrial Internet of Things (IIoT), data-as-a-service solution to remotely monitor and improve process operations. KBC, a wholly owned subsidiary of Yokogawa Electric Corp., announced the launch of the KBC Co-Pilot Program. The KBC Production Core vision “sees” automation of all aspects of production operations using integrated technology and consulting best practices that leverage the
www.controleng.com/IIoT
IIoT For Engineers
MARCH 2017
| 5
INDUSTRY NEWS AND EVENTS
cloud. The KBC Co-Pilot Program assures asset owners and operators simulation and planning tools are up-to-date, and that actions taken by operators result in the best possible process performance and safe operation. The KBC Co-Pilot Program is suited to process operations where one or more of the following is true: An inexperienced work force causes the operation to miss plan. The plant is not confident that their operating plan is always realistic and achievable. Engineers do not always have the tools and knowledge to maximize profit or reduce risk. Operators do not always know when they are deviating from plan. The first KBC Co-Pilot solution is for remote performance monitoring of oil refinery facilities such as crude distillation units, fluid catalytic crackers, and catalytic reformers. Key elements of this solution are: Automatic LP vector updates from recalibrated model. Regular health check of unit performance versus plan and versus potential. Consulting and assistance to implement recommended changes. Reset of baseline operating plan due to major changes in external impacts such as economics, demand, or asset capabilities. KBC Co-Pilot Programs related to production and supply-chain optimization, energy management, operator effectiveness, and automation will be released shortly.
6
|
MARCH 2017
IIoT For Engineers
WirelessHART gas detector has five-year battery life United Electric Controls, a producer of safety, alarm, and shutdown technology, announced availability of a WirelessHART gas detector that monitors presence of harmful gases for more than five years FIGURE 2: Methane detection is a safety and regulatory issue in the oil and gas and other industries. Courtesy: United Electric Controls
without a battery replacement. The Vanguard WirelessHART gas detector reduces monitoring costs and increases safety by eliminating fixed wiring. “The cost of adding just one new gas-measurement point, including obtaining ‘hot’ work permits, running conduits for wires, burying them, and so on, can be in the neighborhood of $10,000 for land-based systems and as much as five times that for offshore applications. Wireless technology can reduce the cost of adding a monitoring point by up to 90%,” said Wil Chin, an United Electric Controls vice president.
‘
Actions taken by operators should result in safe operation and the best possible process performance.
’
United Electric says it developed the Vanguard detector in response to the market need for a cost-effective way to add multiple gas measurement points. Fieldinterchangeable gas sensor modules detect and record hydrogen sulfide or methane gas in parts per million or percent of lower explosive limits respectively, along with network and battery status. WirelessHART 7.2 technology carries signals to local 128 x 64 pixel digital displays or other IEC 62591 compatible connections—all of which integrate seamlessly with existing supervisory control and data acquisition (SCADA) or asset management systems (AMS). The Vanguard detector has been designed and tested to interoperate with Emerson Smart Wireless Gateway 1410 and 1420. Once on a wireless network, the detector serves gas-monitoring functions, including the following: Wireless remote and local gas detection, such as at tank farms, oiland-gas production facilities, refineries, pipelines, abandoned wells, and waste-treatment plants. Temporary situations in which the cost of setting up a wired solution is completely unfeasible, such as a maintenance turnaround, natural disaster, security breach, or plant expansion. Asset-management initiatives, where trending of emissions over time through the deployment of multiple wireless sensors can initiate the necessary predictive and preventive maintenance or pollution-control monitoring. For information about wireless gas-detection technology and applications, download the white paper, Wireless Gas Monitoring, at www.ueonline.com/vanguard. www.controleng.com/IIoT
Cost of wireless solutions continues to decline Wireless industrial networks (WIN) announced availability of costeffective wireless process sensing and condition-based monitoring solutions with significant benefits and value for the industrial, factory, and commercial markets. The wireless products include a gateway, universal transmitter, and selection of measurement sensors. The communication transmission is industry-standard 900 MHz, licensefree and has a range of 5,280 feet. The self-configuring communication network is “plug and play,” works in minutes rather than hours, and requires no prior wireless experience. The price for a single measurement starts at $1,300. The wireless solution consists of four items: Wireless gateway—a small, light-weight, 900 MHz communication gateway with standard Ethernet output, supports 200+ transmitters located 5,280 feet away. Universal wireless transmitter— battery (replaceable) powered transmitter accepts up to three universal sensor inputs, mix of any sensor measurement types, 900 MHz, IEEE 802.15.4 standard radio, frequency-hopping, auto configure, and AES 128-bit industry standard encryption in a small lightweight NEMA 4x enclosure. Sensors—line of measurement sensors using V-Bus patented technology uniquely characterizes each sensor with a pre-programing calibration curve eliminating the need for on-site calibration. Sensors include temperature, pressure, 4-20 mA, current voltage, humidity/temperature, dual temperature, vibration, discrete, and proximity. Data manager and web dashboard—PC-based software applications provide status of all network www.controleng.com/IIoT
sensors and an intuitive navigation tool to access sensor details and measurement history. Common applications include: motor temperature and current draw, pump vibration, bearing vibration or temperature monitoring, conveyor
‘
The goal is to
leverage digital engineering modes for
’
visual operations.
vibration monitoring, exhaust and cooling tower fan monitoring, filter monitoring, and many more. The products are flexible and reliable. For more information go to www.wirelessindustrialnetworks.com.
Discrete output module for secure electronic fusing, latching Bedrock Automation announced release of a cybersecure 20-channel discrete-output (DO) module for its Bedrock Open Secure Automation (OSA) system. The SIO8.20 DO enables software-selectable electronic fusing, latching, and fail-safe shutdown for each 24 VDC output at 1 A max current per channel. It features galvanically isolated output switching in a rugged, all-metal enclosure and one of the smallest footprints in the industry. Delivering programmable electrical capability within the cybersecure control platform reduces external electrical connector visibility. The SIO8.20 cybersecurity capabilities and benefits exceed those of typical DCS or PLC offerings, including: Reduced footprint, via 20 galvanically isolated DO channels, for high
possible density of channels-per-inch for rack-space optimization. Programmable electronic fusing— each of its 20 channels are electronically fused to a programmable threshold up to 1 amp per channel. Overcurrent retry—enables programming a channel to latch off and retry during overcurrent. Failsafe output—protects the module if communication with the controller fails, directing output to a configured fail-safe value or holding it at last known value. Extreme hardening and long life—thanks to a pin-less backplane interconnection and sealed all-metal construction that protects against extreme temperature. Scalable redundancy—user-selectable single/dual/triple redundancy. Extreme digital performance— 32-bit Secure ARM and an additional microcontroller on each of the 20 DO channels. Integrated support of IEEE 1588—time precision protocol enables SOE synchronization with +/- 0.5 mSec accuracy on all channels. Control application developers can integrate all, such features for discrete, hybrid, and continuous control applications using the Bedrock IEC 61131-3 compatible engineering environment, downloadable at www.bedrockautomation.com. “The SIO8-20 DO module complements our other high-density AI and DI to deliver on PLC or DCS applications with up to 400 I/O per rack and thousands of I/O per cabinet,” said Albert Rooyakkers, a Bedrock Automation company vice president. IIoT
MORE
INFORMATION For more information, visit www.bedrockautomation.com. IIoT For Engineers
MARCH 2017
| 7
SENSING & CONTROLS: EQUIPMENT OPTIMIZATION
Pervasive sensing solves Saltigo steam problems In operation, steam traps don’t reveal much about themselves; software helps them speak.
P
ervasive sensing technology means to monitor everything, everywhere. Wireless sensors make it economically feasible to monitor devices that previously were too remote or too expensive to monitor with wired instruments. However, when a plant monitors everything, it generates ubiquitous and huge amounts of real-time data that must be dealt with expeditiously. Combining pervasive sensing with PC-based specialty software allows a plant to obtain data, analyze it for equipment problems, diagnose problems, and inform maintenance personnel, all without involving the main control system. This is sometimes called “computing at the edge.”And that’s exactly what Saltigo, a chemical plant in Germany, accomplished with its steam traps. Saltigo GmbH in Leverkusen and Dormagen, Germany (Photo 1) is one of the leading chemical manufacturing companies in the field of exclusive synthesis. It produces pharmaceuticals, fine chemicals, agrochemicals, and products for crop protection. Saltigo determined that defective steam traps were causing loss of PHOTO 1: The Saltigo chemical plant in Leverkusen, Germany. Courtesy: Emerson Process Management
8
|
MARCH 2017
IIoT For Engineers
www.controleng.com/IIoT
PHOTO 2: Getting to steam traps can be difficult and hazardous in some process areas. Courtesy: Emerson Process Management
steam and inefficient heat transfer, and therefore wasting energy. If they could identify failed steam traps as early as possible, they would save a considerable amount of energy. The plant had been using WirelessHART transmitters for several years to monitor pumps, heat exchangers, and other process equipment in three of its plants. Because the wireless infrastructure was already in place, it was no problem to install Emerson Rosemount 708 wireless steam trap monitors on critical steam traps. The results from the first installation were so good, they recently ordered more of the transmitters to monitor the remainder of their steam traps.
Surveying the situation Saltigo had sent technicians into the plants to perform tests and inspect the steam traps, but the www.controleng.com/IIoT
manual rounds weren’t always sufficient to find traps that failed open, failed closed, or were leaking. Sometimes the only visual clue of a leak or failure was a vent with steam escaping, but the vent might be attached to several steam traps, making it very difficult to identify the leaking trap. In addition to visual inspections, Saltigo also used acoustic diagnostic tools and temperature sensors to identify and locate failed traps. One problem had been that a steam trap had to be in operation at the time of a manual test. A typical test took only a few minutes, and if a failed trap wasn’t leaking or failing during the short test because it wasn’t in operation, or due to some other reason, the technician would simply move on to the next steam trap. Manual steam trap testing can be difficult because steam traps often are in areas that are difficult to reach
PHOTO 3: Wireless acoustic transmitters were installed in three plant areas at Saltigo. This transmitter is installed on a steam pipe near the steam trap. Courtesy: Emerson Process Management IIoT For Engineers
MARCH 2017
| 9
SENSING & CONTROLS: EQUIPMENT OPTIMIZATION
(Photo 2), and testing can be hazardous to the technician because of high temperatures. With many hundreds of traps in three areas at the Leverkusen plant, it was difficult to test them all on a regular basis. They might test each trap once a year. Because of this, Saltigo was only able to identify traps that had failed catastrophically—that is, those venting steam continuously, shutting down processes, or failing to provide enough steam to bring a process up to temperature. Because Identifying failed steam traps was so difficult using various manual inspection techniques, the plant knew it needed a better method. Saltigo first conducted a study to identify high risk and critical
‘
Pervasive sensing combines with PC-based software to obtain data and diagnose problems.
’
steam traps. This included steam traps that were known to fail on a regular basis, and traps that were critical to the successful operation of a process. They already had several Emerson WirelessHART pressure, flow, temperature, and vibration transmitters installed in the plants, so Saltigo
asked Emerson Process to do a site survey to assess where they would need to place antennas and gateways to accommodate wireless steam trap monitors.
Installing wireless transmitters Acting on the study results, Saltigo installed Rosemount 708 wireless steam trap monitoring transmitters (Photo 3) and three gateways—one in each of three plant areas. The gateways connect to the transmitters through the mesh network, and they connect to the control system via hard wiring. Installation by supplier personnel and Saltigo technicians consisted of mounting each transmitter on a pipe, manifold, or relief valve. No cutting or entry into the piping was
PHOTO 4: Depending on the exact area classification, battery-powered transmitters can be installed in potentially hazardous areas without any need for additional protective methods. Courtesy: Emerson Process Management
10
|
MARCH 2017
IIoT For Engineers
www.controleng.com/IIoT
required as the acoustic transmitters are non-contact instruments and are easy to clamp on the outside of the steam pipe in front of the steam trap. Because the transmitters are wireless, no wiring, cable, conduit, or other infrastructure was needed that would have been required with conventional wired transmitters. And because the transmitters are battery-powered, no power wiring was required, resulting in additional savings. The transmitters are certified for use in classified areas, so they are perfectly safe to use in hazardous areas, without any need for protective enclosures or other protection methods (Photo 4). Installation took about 10 minutes per transmitter. Once the team mounted each transmitter, they installed the battery, powered up the transmitter, then entered the Network ID and Join Key. In about five minutes, the transmitter had joined the WirelessHART mesh network, was recognized by the gateway, and was transmitting data. As the initial study predicted, they experienced no obstructions or distance problems, a fact revealed after testing for connectivity and performance. The team also installed Emerson SteamLogic software on a PC. The gateways connect to the PC via an Ethernet cable. The SteamLogic software (Figure 1) analyzes real-time data from the steam trap monitors. The Rosemount 708s measure the ultrasonic acoustic behavior and temperature of steam traps, and the software uses this data to identify existing and potential problems. The left side of Figure 1 shows a low acoustic level with some peaks where the steam trap opens to let the condensate out. When the www.controleng.com/IIoT
FIGURE 1: Software analyzes steam trap data in real time. Here, the software detected an upcoming failure. Courtesy: Emerson Process Management
acoustic level is high, such as at the right side of the picture, the steam trap doesn’t close and is losing steam.
Quantifiable results The transmitters and software were initially installed for a threemonth test. The system immediately found several failed steam traps, all of which were repaired or replaced. During the three-month test the system also detected undersized traps, which were attended to by the maintenance department. By repairing or replacing failed steam traps, the three plant areas immediately began to see substantial reductions in energy costs. Failed traps were no longer venting valuable steam, resulting in lower energy consumption to produce steam. Saltigo also reduced the number of process shutdowns because of steam-trap failures, and eliminated the need for maintenance technicians to make regular rounds, resulting in further substantial savings. Now, when Saltigo sends a technician to a plant to check a critical
steam trap, he or she knows exactly which trap to service, and what the software has detected. This not only guides the technician to the exact trap needing attention, but also provides information leading to quicker maintenance and repairs. Saltigo’s experience with the steam-trap monitoring system was so good, they ordered additional transmitters for the remainder of the steam traps in the plant. Saltigo also recognized that trap failures could be predicted early by noisy stats, before they turned into a full leaking failure. That gave Saltigo the chance to improve its preventive maintenance and change traps before they negatively impacted production. IIoT Ralf Kueper is business development manager for wireless and pervasive sensing at Emerson Process Management, Haan, Germany.
MORE
INFORMATION For more information, please go to www.emerson.com. IIoT For Engineers
MARCH 2017
| 11
ENTERPRISE ANALYTICS: INTELLIGENT OPERATIONS
What industrial-analytics platforms offer manufacturers Challenges and benefits of analytics applications discussed
F
ound at the core of the Industrial Internet of Things (IIoT) transformation, industrial analytics is the engine that turns machine data into actionable insights, driving intelligent industrial operations and business processes. Whether applied to discrete manufacturing or process production, an industrial analytics platform can be a solid foundation to build this powerful engine and ease the convergence of operations technology (OT) and information technologies (IT) by adapting requisite information technologies and innovating based on operational requirements. IIoT seeks to connect machines, equipment, and industrial-control systems (ICS) to enterprise-information systems, business processes, and people. By applying analytics to the large volume of data collected from connected machines, we gain insights into operations and the ability to use these insights to drive intelligent operations of the machines and business processes. Data, analytics, and applications are key elements in the intelligent lifecycles that turn data into insights, and insights into actions (Figure 1). They are applicable to the control, operations, and business loops. At its core, analytics is the engine that powers each of these intelligent loops and drives value-creation in IIoT.
12
|
MARCH 2017
IIoT For Engineers
The value of analytics Manufacturing equipment in a typical production-industry environment today can be best described as digital-control automation systems– built with microcontrollers (MCU) and programmable logic controllers (PLC). Many of them are connected to supervisory control and data acquisition (SCADA) or distributed control systems (DCS), and are monitored and controlled remotely.
‘
Conventional statistical analysis of machine data summarizes results over temporal, spatial, and logical spans.
’
Equipment-operational states are monitored by human operators, who in some cases are aided by simple analytic algorithms such as thresholdbased alerts. By and large, most of these systems have not benefited from advanced analytics capabilities developed over the past decade. On the other hand, these industrialcontrol systems connect to many sensors and have sophisticated datacollection capabilities that provide a wealth of information about their instant operational states. There is
substantial value hidden in these data. By connecting to the manufacturing equipment, SCADA and DCS are able to collect data from them and then apply advanced analytics, to gain valuable insights into their operations. This will enable us to: Detect anomalies, diagnose faults, raise alerts, and prescribe actions for speedy repair of machine failures, thereby increasing uptime; Perform smart-monitoring of machine-usage patterns to optimize work plans and increase utilization; Improve quality-control and correlate it with the manufacturingprocess metrics to optimize operation parameters; Predict needs for maintenance actions to repair machines before unexpected breakdowns, thereby avoiding interruptions and reducing unnecessary routine services; Detect and eliminate wastefulusage patterns to reduce energy and material consumption; and Perform optimization on a fleet of machines by dynamically adjusting the operation level of individual devices based on resource availability, operation cost, and production demand. By integrating with the enterpriseinformation systems, operational intelligence from machine-data analytics can be combined with business insights to enhance business processes and planning in supply chain and www.controleng.com/IIoT
Intelligent industrial operation lifecycle
Figure 1: Analytics is the engine that powers each of the intelligent loops and drives value-creation in IIoT. Courtesy: Thingswise
resource planning, work scheduling, and customer relation management, as well as for engineering design and processes. All these increase productivity and operational efficiency, enhance customer experience, improve worker safety and even facilitate the emergence of new applications, products, and services. They ultimately strengthen competitiveness, create new business value, and potentially bring transformational business outcome. The use of analytics in the production environment will reduce the reliance and burden on human operators in detecting data patterns and anomalies. Equipped with advanced analytic algorithms and techniques, a solution can monitor and detect patterns in the live streaming data more effectively and often more reliably. This is especially true for complex pattern-recognition requiring www.controleng.com/IIoT
correlations of high-dimensional data over long spans of time. These kinds of patterns may not be easily detectable by a human eye. With the latest machine-learning technologies, analytic models even can improve themselves by learning from their accumulated experience. In fact, analytics platforms automate effectively automate around-theclock equipment monitoring. Human operators will be informed via alerts only when important patterns are detected, especially those requiring human input or intervention. This would make human operators responsible for mission control and to monitor quality and productivity, freeing them from repetitive tasks.
Analytics requirements To meet the needs of the production industries, an industrial-analytics solution should demonstrate a few
important capabilities. The first one is to deliver correct results and to “do-no-harm.� This requires strong analytics and safeguards in their application. Further, as we just have seen, continuous application of analytics must be possible. However, continuous analysis often requires substantial amounts of data to be transferred from the point of data collection to the point of analysis— the decision point. Therefore, the analytics solution must support distributed deployment at the edge, whether in IoT gateways next to the equipment, within a server cluster in a facility, or in a remote data center and the cloud. Different deployment tiers may be required depending on the scope of the data being analyzed. For example, analytics for comparing performance of several factories may be performed better at an enterprise data center. IIoT For Engineers
MARCH 2017
| 13
ENTERPRISE ANALYTICS: INTELLIGENT OPERATIONS
Analytics for local supervisory monitoring may be performed better at the edge, enabling higher reliability, shorter latency, smaller data transfer volumes, and better control over the data. Another often-overlooked characteristic of an analytics solution is the overall complexity. The analytics solution must be easy to set up, configure, and maintain. Reducing implementation and operating complexity of the system helps to accelerate the success of IIoT by reducing its development cost, risks, and time-to-value.
Industrial analytics platform An industrial analytics platform, compared to a custom-built solution, can simplify and optimize IIoT deployments, making them effective, reliable, and scalable. It can offer the power of machine learning, Big
Data, cloud computing, and other emergent technologies without having to directly address their complexity and demand for expertise. To meet the requirements discussed above, an industrial-analytics platform should have the following capabilities: Streaming analytics to generate continuous, near-real-time information flows from live machine data; Distributed analytics in the cloud, at the factory-floor edge, and in IoT gateways for data processing; Actionable analytics to turn data into insights and insights into actions; Multi-modal analytics with multidimensional statistical aggregation, complex-event processing (CEP) and machine-learning-based pattern recognition for powerful and efficient analysis of behavior of individual assets, as well as groups of devices;
Adaptive data flow for protocol adaptation, data normalization, policy-based validation and filtering, transformation, and data enrichment to enable easy integration; Simple customization with codeless configurations for data injection, processing, and analytics; and Security by rigorous design, implementation, and validation in accordance with security best practices. In the following sections, these key characteristics will be considered in a bit more detail.
Streaming and distributed analytics An industrial-analytics solution should handle on-the-fly live data streams from machines, equipment, and systems to generate continuous information flows at low latencies—in some cases meeting hardtiming requirements. In contrast, a
Distributed analytics
Figure 2: If the same platform is deployable in different architecture tiers, the industrial-analytics platform can enable dynamic workload orchestration and distribution of analytics across the tiers. Courtesy: Thingswise
14
|
MARCH 2017
IIoT For Engineers
www.controleng.com/IIoT
common approach taken in many IIoT-analytics solutions is based on passive queries, more suitable for generating business-intelligence reports than active analytics results. Nevertheless, traditional batch-oriented, query-based analytics are still useful for either building or improving analytic modeling or for human decision-making, which may include identifying macroscopic process patterns and trends. In complex, multi-tier distributed industrial systems, the analytics solution must be distributed as well. That means it can perform analytics close to data sources and decision points where the analytic outcome is needed. In a typical IIoT architecture (Figure 2), analytics can be deployed in IIoT gateways in the control tier, at the edge in the operations tier, in enterprise data centers, or up in the cloud.
If the same underlying platform is deployable in different architecture tiers, then the industrial-analytics platform readily can enable dynamic workload orchestration and distribution of analytics across these tiers, balancing needs for clear decision-making and for accessible data and computational and networking resources. With distributed analytics, an industrial-analytics platform enables edge analytics to: Ensure quick response by avoiding long network latency; Provide high resiliency by avoiding operations disruptions due to network interruptions or failures in a centralized system; Enforce stronger security and privacy protection by keeping data within safe domains; and Lower network costs by reducing data-transfer volume across the network.
To take full advantage of IIoT analytics, a solution must affect an automatic, dynamic, and continuous process of transforming streaming machine data into insights, converting the insights into actions, and applying the actions back to the machines, operations, and business processes. The solution analyzes data streams from the control systems, including PLCs and SCADA, and via domainspecific applications delivers continuous intelligent feedback to these systems, which means adjusting control set-points, modes, or otherwise. Operational insights derived from the analytics are available to business applications as well. Analyzing large volumes of high-fidelity data in IIoT gateways ensures more accurate and lower latency feedbacks locally to the control systems, even when network
Industrial analytics core components
Figure 3: Detecting anomalies, capturing meaningful patterns and predicting trends from live-streaming machine are among the tasks performed by industrial analytics in production environments. Courtesy: Thingswise www.controleng.com/IIoT
IIoT For Engineers
MARCH 2017
| 15
ENTERPRISE ANALYTICS: INTELLIGENT OPERATIONS
connections to upper tiers become unavailable. Summary information from local analytics can be sent to the central component in the operations tier for further aggregation and other high-level analyses. This distributed streaming-analytics functionality can and should be implemented at the platform level, thus shielding the analytics application developer and user from its inherent complexity.
Platform innovation An industrial-analytics platform should provide tools to address key challenges in industrial operations, including data adaptability, analytics capability, and continuous improvement. An example of such platform (from Thingswise) is shown in Figure 3. One big challenge in IIoT engagements is data interoperability. This is especially true for deploying IIoT systems in brownfield environments where legacy controls and machines of different types and models from different manufacturers co-exist and operate. Data collected from these machines have many data types in many different formats and at various levels of quality. To meet these data interoperability challenges, an industrial analytics platform should provide a powerful yet easy-to-use data-processing engine for necessary data transformations. The configured data processing flows will complete protocol adaptation, syntactical transformation, semantical assignment, and policy-based data-quality processing, including validation, filtering, de-duplication, and others. Processing flows also will complete data enrichment (joining additional metadata with the streaming machine data) and other data-processing required for quality
16
|
MARCH 2017
IIoT For Engineers
data analytics. To meet the goal of code-less (or near code-less) design, these data-processing flows could be configured using a declarativedomain specific language (DDSL). Detecting anomalies, capturing meaningful patterns, and predicting trends from live-streaming machine
‘
To take full advantage, a solution must affect an automatic, dynamic, and continuous process of transforming streaming machine-data into insights.
’
data is a another challenge for analytics in production environments. The analytics engine must provide multi-modal, event-driven streaming analytics to meet the demanding industrial-analytics requirements. These may include traditional statistical analysis, complex-event processing, and machine-learning-based, time-series pattern recognition and classification. Taken together these three types of analyses produce a strong synergistic effect. Conventional statistical analysis of machine data summarizes results over temporal, spatial, and logical spans. It also establishes norms by which to identify outliers in the performance of a fleet of machines. Complex-event processing correlates events captured from machine-data streams across temporal, spatial, and logical domains to identify event root-causes and trigger actions, when appropriate.
Machine-learning-based patternrecognition and classification uses trained models for machine-learning algorithms to identify specific patterns in the machine-data streams. It works well in correlating multiple physical measurements from machine sensors as they change over time in recognition of important features in machines’ behavior. A trained model can be deployed into the analytics solution to automatically detect meaningful features for hundreds of thousands of machines in near-real time. This is particularly useful for automatic machineanomaly detection, fault diagnostics, and predictive maintenance.
Simple customization A proven way to simplify configuration is to use code-less design based on declarative configurations. They can be used to customize data injection, processing, and analytics for specific use cases. This makes it easy to adapt to various data protocols, formats, and processing and analytics specificities requiring no code development. It allows quick setup of the initial analytics applications and enhances their capabilities iteratively. For example, new data streams or analytic models can be added without affecting existing operations. This also allows the developer to quickly see the outcome of the changes, thus allowing for much-needed experimentation when dealing with industrial analytics. A carefully designed configuration language allows the underlying industrial analytics platform to scale transparently when data volumes increase. An industrial analytics solution delivers substantial value in manufacturing, process, and hybrid industries by allowing smart-monitoring and www.controleng.com/IIoT
automated supervision of equipment. The insights obtained from the real-time analysis of machine data can be translated into automatic or semi-automatic actions that improve the overall efficiency of production and minimize possible losses due to breakdowns and downtime. The technical challenges outlined above may prevent many companies from following this route effectively. The role of the industrial-analytics platform is to remove major technical challenges and reduce the complexity, efforts, and risks in IIoT implementations. Such a platform, as a “turn-key� solution, built with expertise in the latest technologies and enjoying the benefits of economy of scale, clearly can be more economical than a custom-built solution, especially considering the fast pace at which the technologies are evolving. Overall, it helps to get results and create value quickly and cost-effectively. IIoT
distributed computing, enterprise software, Big Data platforms, cloud services and system security design. Before co-founding the Thingswise, he most recently was employed by Intel, where he spent more than a
decade in various software engineering positions.
MORE
INFORMATION For more information, go to www.thingswise.com.
Dr. Shi-Wan Lin brings 20+ years of broad technology and business experience from Intel, Sarvega, Lucent Technologies and Motorola to Thingswise. Prior to founding the company, he was a chief technologist in the IoT strategy and technology office at Intel. Lin co-chairs various technical groups for the Industrial Internet Consortium, the National Institute for Standards and Technology Cyber-Physical Systems Public Working Group, and the Joint Task Group between Platform Industrie 4.0 and the Industrial Internet Consortium. Dr. Alexander Lukichev has substantial software architecture and engineering expertise in such areas as network infrastructure, IIoT For Engineers
MARCH 2017
| 17
input #103 at www.controleng.com/information
CONNECTIVITY & COORDINATION: ASSET MANAGEMENT
How an IIoT-enabled maintenance-maturity model works Six actions that set the stage for better asset management
R
ather than inspect equipment manually and use paper-based systems to communicate and store the results, plant-maintenance staff can today take advantage of the Industrial Internet of Things (IIoT). IIoT-enabled remote-asset monitoring also dramatically expands the number and variety of parameters that can be monitored cost effectively. This is just one example of how IIoT use improves both the quality and quantity of the collected data.
Combined with today’s more advanced analytics, these data enable industrial organizations to implement more effective maintenance strategies to progress further along on the maturity continuum from reactive, to preventive, to condition-based, to predictive, and—ultimately—to prescriptive maintenance. With higher maintenance maturity comes broader business benefits that go beyond reducing maintenance costs. These include improved on-
Diagram 1: Asset maturity model: description, attributes and analogy PRESCRIPTIVE: Model and knowledge base identifies an issue and what to do for repair. Uses multiple equipment and process data variables (multi-variate). Complex assets requiring advanced skills for problem diagnosis. May need knowledge of process dynamics. Analogous to dealership-level diagnostic equipment. PREDICTIVE (PdM): Equipment-specific algorithms or machine learning. Multi-variate and typically uses automated data collection. Critical assets where unplanned downtime has significant business impact. Analogous to use of a battery management system in electric cars. CONDITION-BASED (CBM): Alerts for bad trends or other rules-based logic using a single data value. Includes inspections and manual data collection. Assets with a random or unpredictable failure pattern. Analogous to using oil pressure, coolant temperature and on-board diagnostic indicators. PREVENTIVE: Service in a fixed-time or cycle interval. Probability of failure increases with asset use or time. Analogous to replacing engine oil every 5,000 miles. REACTIVE: Run to failure, and then repair. Failure is unlikely, item easily fixed or replaced, or is non-critical. Analogous to a radio. NOTES: Knowledge base: underlying set of facts, assumptions, and rules to solve a problem; algorithm: a formula, process, or set of rules to be followed in calculations; machine learning: software that allows applications to “learn.” Diagram courtesy: ARC Advisory Group.
18
|
MARCH 2017
IIoT For Engineers
time shipments, revenue, customer satisfaction, quality/yield, safety, and work-in-process inventory. These benefits align with executive metrics, increasing the likelihood of obtaining both approval for projects and the resources needed for project success.
Advancing maintenance maturity To gauge IIoT impact on maintenance-related activities, it helps to revisit higher-level concepts related to maintenance maturity and associated definitions. ARC’s recent review of current maturity models uncovered many different versions of them as well as many internal inconsistencies. The industry lacks a true standard to build upon. This lack of clarity makes it difficult to compare solutions, leading to confusion among potential users and delaying the application of solutions. While industry participants generally have a good understanding of both reactive and preventive maintenance, we’ve encountered a variety of interpretations for conditionbased, predictive-maintenance, and prescriptive-maintenance approaches, and where IIoT comes into play. A clearer definition of these upper www.controleng.com/IIoT
Diagram 2: Maintenance key performance indicators (KPI) and associated executive metrics
maintenance-maturity levels is needed for users to be able to better assess the available alternatives.
Several type maturity models Since first publishing the assetmanagement maturity model in an ARC report in 2015, we’ve taken a closer look at the impact of IIoT on it. We now classify maintenance maturity into five types or levels: reactive, preventive, condition-based, predictive, and prescriptive (See Diagram 1). Reactive maintenance: Reactive, or run-to-failure, maintenance is the most common approach for equipment, since most assets have a very low probability of failure and are non-critical. This approach helps control maintenance costs, but is only appropriate for non-critical assets. Preventive maintenance: Here, maintenance is performed based on either time (analogous to replacing the batteries in your household smoke detectors once a year), or usage (changing your car’s oil every 5,000 miles). Preventive maintenance applies to assets with an age-related failure-pattern, where the frequency of failure for the asset increases with age, run-time, or number of cycles. Condition-based maintenance: CBM involves monitoring a specific asset parameter. The focus tends to be the amplitude of the value, with vibration monitoring being the most common. CBM typically applies to production (rotating equipment) and automation (instruments and the control system) equipment. For stationary plant equipment, such as steam boilers, piping, and heat
MAINTENANCE KPI:
EXECUTIVE METRIC:
Uptime
Revenue
Asset longevity
Cash conservation
Cost control
Margin
Safety
Risk mitigation
Quality/yield
Customer satisfaction
Diagram courtesy: ARC Advisory Group
‘
www.controleng.com/IIoT
Potential benefits
exchangers, periodic inspections and condition evaluations are often used. Predictive maintenance: PdM uses engineered algorithms and machine learning with multiple input parameters to provide higher accuracy (fewer false positives or missed issues) and more advanced warning before failure. It combines “small data” from a device or system with
The engineered algorithm or model for predictive and prescriptive maintenance can be replicated like a template. algorithms that model that type of equipment (sometimes called virtual equipment or a “digital twin”) to monitor-condition and raise an alert when appropriate. This provides the more advanced notice needed to schedule and execute the maintenance during planned shutdowns. Prescriptive maintenance: builds on PdM with alerts that provide diagnostics and guidance for repair. Information for determining the timing and impact of failure is also included to help assess priority and urgency.
Increasing maturity typically involves more engineering investment. For specific types of equipment, one benefit of the engineered algorithm or model for predictive and prescriptive maintenance is the ability to replicate it like a template across many similar devices—like doors on a passenger train or transformers in power transmission lines. This approach provides economies of scale and a basis for financial justification of the inherently larger engineering and development costs (See Diagram 2). Users have reported that moving from preventive maintenance to predictive or prescriptive approaches provides 50-percent savings in maintenance labor and MRO materials. With predictive and prescriptive maintenance, near zero-unplanned downtime for critical equipment can be achieved. This level of equipment reliability ripples into other significant business benefits, including improvements in on-time shipments, revenue, customer satisfaction, quality/yield, safety, and workin-process inventory. Unfortunately, maintenance and operations personnel tend to focus on cost reductions for labor and MRO materials to financially justify
’
IIoT For Engineers
MARCH 2017
| 19
CONNECTIVITY & COORDINATION: ASSET MANAGEMENT
a project. A broader viewpoint with higher business impact usually gets executive attention and the resources needed to succeed.
Where to go from here IIoT allows organizations to move from manual inspections for collecting data, to automated systems. This vastly improves data quantity and quality, enabling improvements in maintenance strategies. How can you
‘
A clearer definition of these upper mainte-
nance-maturity levels
’
is needed.
best leverage this capability to improve your organization’s operating performance? ARC recommends the following actions for manufacturers and other industrial organizations:
1. Use the updated maintenance maturity chart to communicate your strategy to others. 2. Include the supplier’s IIoT services in the selection criteria for sourcing new equipment. 3. Get started with an IIoT project for critical equipment that has high visibility and has been problematic, with significant business impact or safety/environment incidents. 4. Leverage the initial success into a broader program to achieve near
zero unplanned downtime for critical assets and broader business benefits.
5. Establish a consistent set of IIoT technologies for the predictive and prescriptive maintenance applications to improve project sustainability. 6. If your organization lacks technical and/or IT resources, engage with an appropriate local, regional, national, or global service provider to support implementation. IIoT Ralph Rio is vice president, enterprise software, ARC Advisory Group.
MORE
INFORMATION For more information, go to www.arcweb.com.
2016
Industrial Internet of Things & Industrie 4.0 Turning research into insights makes for better business decisions This study was conducted by CFE Media to gauge the engineer’s understanding and current implementation of the Industrial Internet of Things (IIoT) and Industrie 4.0. Respondents to the 2016 Industrial Internet of Things & Industrie 4.0 study identified five key findings regarding their familiarity and implementation of the IIoT framework and Industrie 4.0 platform. According to the study, familiarity with the IIoT framework and the Industrie 4.0 platform has significantly increased since 2015; 79% of respondents are very/somewhat familiar with IIoT, compared to 60% last year, and 53% are very/somewhat familiar with Industrie 4.0, compared to 33% previously. More than half of respondents expect IIoT and Industrie 4.0 to improve connections between people, data, and machines at their facilities. Other expected benefits include increased information flow, increased innovations, and improved data analysis.
Access the 2016 Industrial Internet of Things & Industrie 4.0 report with additional findings and insights. www.controleng.com/2016IIoTStudy
No place to replace a battery.
PROVEN
40
YEAR OPERATING
LIFE
Highly remote locations call for Tadiran batteries. Battery replacement is costly and often dangerous work. Reduce the risk with Tadiran bobbin-type lithium thionyl chloride (LiSOCl2) batteries. With an annual self-discharge rate of just 0.7% per year, Tadiran LiSOCl2 batteries enable low power consuming wireless devices to operate for up to 40 years on a single battery, up to 4 times longer than the competition. Our batteries also feature the highest capacity, highest energy density, and widest temperature range of any lithium cell, plus a glass-to-metal hermetic seal for added ruggedness and reliability in extreme environments.
ANNUAL SELF-DISCHARGE TADIRAN
COMPETITORS
0.7%
Up to 3%
Take no chances. Take Tadiran batteries that last a lifetime.
* Tadiran LiSOCL2 batteries feature the lowest annual self-discharge rate of any competitive battery, less than 1% per year, enabling these batteries to operate over 40 years depending on device operating usage. However, this is not an expressed or implied warranty, as each application differs in terms of annual energy consumption and/or operating environment.
input #104 at www.controleng.com/information
Tadiran Batteries 2001 Marcus Ave. Suite 125E Lake Success, NY 11042 1-800-537-1368 516-621-4980 www.tadiranbat.com
*
SECURING THE INTERNET OF THINGS
Current issues in industrial cybersecurity Ransomware is as loathsome as it sounds; PLCs seen as next likely targets
A
meteoric rise in ransomware attacks in the past year is disturbing news for engineers in manufacturing and production environments. Ransomware, as you might imagine, is a kind of malicious software used by criminals to prevent access to a computing system until their demands are met. Executing a ransomware attack doesn’t take programming skills per se, as kits for committing such attacks are readily available today in some the Internet’s darker corners, either for free or for a small fee. An exponential increase in the number of ransomware threats, from nearly 4 million attack attempts
in 2015 to 638-million in 2016—a more than 167 times year-over-year increase—has taken place, per SonicWall’s recently released 2017 Annual Threat report. “The meteoric rise of ransomware in 2016 is unlike anything we’ve seen in recent years,” the report said. Want proof the threat is real? For 2015 and 2016, even though many intrusions go unreported, it is known that at least 15 major industrial incidents occurred, per the Booz Allen Hamilton Industrial Cybersecurity Threat Briefing. They include the following: In April 2016, cybercriminals delivered ransomware via phishing to the corporate network of Board of Water & Light (BWL), a Michigan-based public electric and water utility. Administrators shut down the corporate network to isolate the ransomware to prevent it from potentially moving into the operations-technology environment. In DecemFigure 1: The tremendous recent surge in ransomware attacks is ber 2015, an driven by the development of bitcoin currencies, which make illeallegedly Russiagal gains more possible. Courtesy: SonicWall.
22
|
MARCH 2017
IIoT For Engineers
backed group established remote access to SCADA systems of three electricity distributors in Ukraine after procuring valid network credentials via spearphishing. The threat actors used access to systematically open breakers, causing blackouts for 225,000 customers. In June 2015, a cybercriminal advertised the sale of SCADA access credentials on a Dark Web forum dedicated to selling stolen data. The post included a screenshot of a SCADA graphical user interface, IP addresses, and virtual-network computing passwords for a SCADA system managing a hydroelectric generator.
Hands on the problem To better understand the threat, cybersecurity researchers at the Georgia Institute of Technology recently developed a form of ransomware that was able to take over control of a simulated water treatment plant, according to a Georgia Tech Research Horizons news release. After gaining access, the researchers took command of PLCs to shut valves, increase the amount of chlorine added to water, and display false readings. The simulated attack highlights vulnerabilities in industrial-control systems (ICS) found in manufacturing and production plants, the researchers said. Believed to be the first demonstration of a ransomware compromise of real PLCs, the research was www.controleng.com/IIoT
Figure 2: Encryption tools for web connections are widely used today, both for cybersecurity and by the hackers seeking to subvert that security. Courtesy: SonicWall
presented this February at the RSA Conference in San Francisco. Per SonicWall, ransomware attacks are typically delivered by phishing campaigns and hidden from detection using secure socket layer/ transport layer security (SSL/TLS) encryption. Phishing is the malicious attempt to gain information or access by disguising as a trustworthy entity in an electronic communication. TLS and SSL are both cryptographic protocols for communications security. The rise of ransomware-as-aservice, in the form of the kits already mentioned, makes it easier than ever for cybercriminals to access and deploy ransomware, SonicWall said. Companies are struggling to protect themselves and to form a response to dilemmas raised by the emerging cyberthreat. By the end of 2016’s first quarter, $209 million in ransom had been paid by companies, and by mid-2016, www.controleng.com/IIoT
almost half of organizations reported being targeted by a ransomware attack in the prior 12 months, SonicWall said. Companies of all sizes underwent ransomware attacks last year, SonicWall said, although many were never publicized. On-record though are paid bitcoin ransoms worth more than $20,000. A total post-attack clean-up, including response, stabilization, and restoration easily runs into millions of dollars.
A brief demonstration Many ICS, lack strong security protocols. It’s therefore only a matter of time before critical industrial systems are compromised and held for ransom, as compromising the PLCs in these systems is a next logical step for these attackers, the Georgia Tech researchers said. For their demonstration, Raheem Beyah, a Motorola Foundation
professor and associate chair at the School of Electrical and Computer Engineering, and David Formby, a doctoral student in that same school, had to locate 1,400 PLCs of a single type that were directly accessible across the internet. To start, the researchers identified several common PLCs used at industrial facilities. They obtained three different devices and tested their security setup, including password protection and susceptibility to settings changes. The devices were then combined with pumps, tubes, and tanks to create a simulated water treatment facility. Most PLCs are ensconced behind business systems that to a degree protect them—until the business network is compromised. Once attackers get into a business system, the control systems may not be properly walled off, the researchers said. Too many enterprises are IIoT For Engineers
MARCH 2017
| 23
SECURING THE INTERNET OF THINGS
such that anyone on the network is authorized to make changes to the control systems. Weak password and security policies could let intruders take control of pumps, valves, and other key components of an ICS. In fact, control systems never meant to connect to the internet are connected to it today, while users persist in assuming those systems aren’t on a public network and aren’t susceptible to attack. The researchers pointed out ICS often have connections unknown to operators, including for maintenance, troubleshooting, and updates.
Sound advice The Booz Allen briefing confirms that spearphishing is the primary method of attack. It was the “initial attack vector for Operation Clandestine Wolf, one of the largest ICS attack campaigns [of 2016], as well as attacks on a German steel mill and Ukrainian electricity distributors, the two most destructive attacks disclosed [in 2015],” the report said. While there are yet no reported ransomware attacks on ICS, vulnerability has been a well-known fact for more than a decade. The difference today is that the availability of bitcoin
‘
Exploit kits facilitate a profitable buildonce, infect-many business model.
’
digital currency allows criminals to financially benefit from attacks. As businesses and other type ransomware targets become more difficult to penetrate, the Georgia Tech researchers believe attackers may turn to ICS as easier targets. In addition to improving password security and limiting connections, they said operators should install intrusion-monitoring systems to alert them if attackers are in the processcontrol networks. The penetration of control networks by way of enterprise networks is also on the rise, Booz Allen confirmed, basing its conclusions on a study by the Department of Homeland Security. While enterpriseintrusion remained low, at 12% of reported incidents in 2015, during that time the number of intrusions attempted by way of enterprise networks increased by 33%. The total
number of incidents reported by ICS operators rose by 20% in 2015. Attacks on control systems can lead to “tangible impacts,” said Booz Allen, making them choice targets for attack. Instead of simply encrypting files, as when a business is attacked, ransomware attacks on ICS could disrupt operations or prevent access to an asset. The incorporation of ransomware into exploit kits facilitates a profitable build-once, infect-many approach, Booz Allen said. It has led to a veritable army of attackers, ensuring massive infection rates. Infections for some variants were estimated at 90,000 machines per day in February 2016, according to Forbes magazine. In fact, per the Cryptothreat Alliance, between January and October 2015 an estimated $325 million in revenue was generated from just one variant, Cryptowall version 3.0. The problem is only compounded, Booz Allen pointed out, when ICS are often older systems not restorable from backup. It also may be difficult to obtain a clean version of system software and configuration settings. Access to the system itself may be difficult, and there may be a shortage of trained personnel for the restoration.
2016 industrial cybersecurity developments summarized Dystopian side-effects of internet-information utopia unfold in cyberspace Some current and noteworthy cyberthreat developments mentioned in SonicWall’s recently released 2017 Annual Threat Report include the following: Poorly designed IoT devices are being compromised for use in massively distributed denial-of-services attacks. Secure sockets layer/transport layer security (SSL/TLS)encrypted malware provides an uninspected backdoor into networks that cybercriminals can exploit. At the same time, SSL/TLS-encrypted traffic grew by 34%, partly
24
|
MARCH 2017
IIoT For Engineers
in response to growing cloud application adoption. Android devices saw increased security protections but remained vulnerable to overlay attacks. On the other side of the ledger, the often-seen exploit kits Angler, Nuclear, and Neutrino disappeared in mid-2016. What’s more, unique malware samples collected fell to 60 million in 2016, compared with 63 million in 2015, a 6.25% decrease. Total attack attempts dropped for the first time in years, to 7.87 billion in 2016 from 8.19 billion in 2015. www.controleng.com/IIoT
“Frequency and severity of ransomware infections on ICS networks are likely to increase,” the report concluded.
Government help In April 2016 the National Institute of Standards and Technology of the U.S. Commerce Department issued a draft of an NIST Cybersecurity Framework tailored to the manufacturing industries. The profile, says the institute, gives manufacturers a simple method to indicate the types of controls they have in place to protect their manufacturing system resources and operational data. It allows evaluation of their ability to operate the control environment at an acceptable risk level. In addition, the framework outlines a standardized approach to preparing a cybersecurity plan that validates system security. The profile is built around primary functional areas of the NIST Cybersecurity Framework, and enumerates basic cybersecurity functions and activities. The five primary functional areas are: identify, protect, detect, respond, and recover. There are 98 distinct security objectives within the primary functional areas. They comprise a starting point for developing a manufacturer-specific or sector-specific profile cognizant of low, medium, and high risk levels. Besides prioritizing the functions and categories found in the NIST Cybersecurity Framework, use of the profile can help identify a subset of relevant security practices that can be implemented to support enterprise goals.
Final words In February, IBM, Nokia, Palo Alto Networks, Symantec, and Trustonic formed the IoT Cybersecurity Alliance. The companies say they’ll work www.controleng.com/IIoT
together to help find solutions for top IoT security challenges, while raising awareness of how to better secure the IoT ecosystem. In a survey last year, AT&T reported a 3,198% increase in attackers looking for vulnerabilities to exploit in IoT FIGURE 3: SCADA and other industrial control systems incorpodevices. Approxirate Cloud modalities, adding complexity to IIoT cybersecurity. mately 58% of Curtesy: SonicWall survey respondents said they were not comfortable with manufacturers and developers on the security of their devices. what is needed to create a safer, “The explosive growth in the nummore secure IoT ecosystem. ber of IoT devices is only expected This is all to say that the dangers to continue; therefore, so must the and threat of ransomware and other associated cybersecurity protections,” kinds of cyberterrorism have drawn said Mo Katibeh, AT&T senior vice the attention of technology leaders. president of advanced solutions. “To- Not addressing the threat endangers day’s businesses are connecting detheir customer base, technology infravices ranging from robots on factory structure, and dreams for the future. floors to pacemakers and refrigeraNo matter how well threats against tors. Helping these organizations stay ICS are addressed, at no point will evprotected requires innovation across ery possible risk have been mitigated, the whole IoT ecosystem to enable whether because of financial, technisustainable growth.” cal, or even political constraints. The Alliance members say protecExperts say take an incremental tion at the endpoint, network, cloud, approach and focus on high-impact, and application layer are all relevant low-cost initial steps that eliminate to good IoT security. They also believe imminent risk, while looking to a in the use of threat analytics and in long-term strategy. IIoT designing products with built-in and “always-on” security. They plan to Kevin Parker is content manager at both advise consumers and educate CFE Media.
MORE
INFORMATION For more information: www.rh.gatech.edu/news/587359/simulated-ransomware-attack-shows-vulnerability-industrial-controls www.sonicwall.com/whitepaper/2017-sonicwall-annual-threat-report8121810/ www.boozallen.com/insights/2016/06/industrial-cybersecurity-threat-briefing/ csrc.nist.gov/cyberframework/documents/Manufacturing-Profile-DRAFT.pdf IIoT For Engineers
MARCH 2017
| 25
IIoT IN THE NEWS
IIoT reference architecture updated Ways to prepare for the proliferation of cyberphysical systems
T
he Industrial Internet Consortium (IIC) announced the publication of version 1.8 of the Industrial Internet Reference Architecture (IIRA). This version builds on version 1.7, which was published in June 2015, by incorporating emerging Industrial Internet of Things (IIoT) technologies, concepts, and applications. The IIRA is a standards-based architectural template and methodology designed by a broad spectrum of IIC members, including system and software architects, business experts, and security experts, to assist IIoT system architects to design IIoT solution architectures consistently and to deploy interoperable IIoT systems. The IIoT core concepts and technologies addressed in the IIRA v1.8 are applicable to small, medium, and large enterprises in manufacturing, mining, transportation, energy, agriculture, healthcare, public infrastructure, and virtually every other industry. In addition to IIoT system architects, IIRA v1.8 emphasizes the value of how converging operational technology (OT) and information technology (IT) enables business decision-makers, plant managers, and IT managers to better understand how to drive IIoT system development from a business perspective. “It has been widely recognized that IIoT delivers value and transforms business. A main challenge for many enterprises now is how to get started,” said Shi-Wan Lin, CEO and
26
|
MARCH 2017
IIoT For Engineers
co-founder, Thingswise, LLC, and co-chair of the IIC architecture task group. “The IIRA provides a framework to drive IIoT projects from a business viewpoint. This is valuable for enterprises building IIoT systems that can deliver the expected business value.” Technology vendors can use the IIRA concepts and methodologies to build interoperable system components. System implementers can use the IIRA as a starting point to shorten system development by deploying reusable, commercially available or open-source system building blocks to reduce project risk, associated costs, and time-tomarket. The IIRA is designed to help the IIoT community to realize an open, innovative IIoT ecosystem, and reduce the cost of design and operations. - Edited from an IIC press release by CFE Media.
Fog computing reference architecture released The OpenFog Consortium released the OpenFog Reference Architecture, which is a universal technical framework designed to enable the data-intensive requirements of the Internet of Things (IoT), 5G, and artificial intelligence (AI) applications. The reference architecture is
a step forward in creating standards for interoperability and security in complex digital transactions. Fog computing is the system-level architecture that brings computing, storage, control, and networking functions closer to the data-producing sources along the cloud-to-thing continuum. Fog computing is applicable across industry sectors and addresses issues related to security, cognition, agility, latency, and efficiency. The OpenFog Reference Architecture is a high-level framework that will lead to industry standards for fog computing. The OpenFog Consortium is collaborating with standards development organizations such as IEEE to generate rigorous user, functional, and architectural requirements, plus detailed application program interfaces (APIs) and performance metrics to guide the implementation of interoperable designs. Fog computing works in conjunction with the Cloud and across siloed operations to effectively enable end-to-end IoT, 5G, and AI scenarios. The OpenFog Reference Architecture contains a medium- to highlevel view of system architectures for fog nodes (smart, connected devices) and networks, deployment and hierarchy models, and use cases. It is part of a suite of technical documents under development by the OpenFog Consortium. Future documents will provide updated requirements and lower-level details, www.controleng.com/IIoT
including formal, enumerated requirements that will form the basis of quantitative testbeds, certifications, and the specified interoperability of fog elements. The OpenFog Reference Architecture is based on eight core technical principles, termed pillars, which represent the key attributes that a system needs to encompass. These pillars are security, scalability, openness, autonomy, RAS (reliability, availability, and serviceability), agility, hierarchy, and programmability. - Edited from an OpenFog Consortium press release by CFE Media.
MORE
INFORMATION Learn more about the OpenFog Reference Architecture at www.openfogconsortium.org/RA/
Six ways to prepare for Industrie 4.0 and what companies should expect In April 2013 at Hannover Messe, a consortium of universities, research institutions and industrial companies presented a report which called for investment, awareness, ideas, and further research to help realize Industrie 4.0—a European term used to describe a wide variety of innovations in information technology (IT), manufacturing technology, and materials— that, it is said, will lead to the fourth industrial revolution. On the other side of the Atlantic, the Smart Manufacturing Leadership Coalition (SMLC) in the U.S. is supporting the development of smart manufacturing—systems that integrate manufacturing intelligence in real-time across an entire production operation. www.controleng.com/IIoT
Industrialized countries have spotted an opportunity. Each wants to be at the forefront of the new industrial revolution—a revolution that is expected to bring manufacturing back to Europe and North America, and create high value-added jobs. Social, technology, and green changes are driving the revolution, which could lead to the individualization of mass production. Everything from cars to shoes will be made to individual specifications, but still be mass-produced. This is a social change and, as a result, people are willing to pay around 10% to 15% more for a unique product. At the same time, they expect to be able to get their hands on their purchase almost immediately, and this is driving the trend to make products locally. Green is having a major impact too; we do not want any waste, and we do not want to use precious fuel to transport goods unnecessarily. Again, this will lead to small-scale, localized manufacturing. In the fourth industrial revolution, manufacturing plants will be self-organizing. Products and machines will be able to talk to each other, and they will have chips with detailed manufacturing instructions embedded in them. Then there is the concept of cyberphysical systems. Our plants, products, and equipment will first be built in simulated environments. Virtual reality will be used to check the feasibility, layout, quality, and volume that can be achieved. Not a foundation stone will be laid for the physical factory before the virtual factory has been perfected. However, the question still on the table is “What steps do manufacturers need to take to prepare
for Industrie 4.0?” We know that manufacturing will be very different in 20 years’ time, but we also know that technologies, materials, information technology, and society are changing fast. We will have to be prepared to be flexible, putting in place processes and technologies that are adaptable and will achieve a much faster return on investment. Organizations looking to make a change should start with these six basic actions:
1. Establish a team to study Industrie 4.0.
2. Have the team study the business impact of the technologies concerned.
3. Encourage the team to attend events and ensure they meet regularly to brainstorm ideas.
4.
Control and direct current investments.
5. Experiment with new technologies.
6. Be willing to try out different strategies, even if that risks losing money. When charting the progress made through each of the industrial revolutions, it’s clear that as we’ve progressed, so has the degree of complexity in the technology we rely on. Back in the late 1700s and early 1800s we learned how to harness water and steam power to enable mechanical production. Nearly a century later, we developed assembly lines and started using electrical energy for mass production—the first powered assembly IIoT For Engineers
MARCH 2017
| 27
IIoT IN THE NEWS
lines were used at scale in the Cincinnati slaughterhouses during the 1870s. More recently, IT systems have been developed to further automate production. And today, we’re starting to use cyber-physical systems to create connected factories, devices, and products. Mike James is chairman of the MESA International Board of Directors. MESA International is a CFE Media content partner.
IIoT expected to grow, create unique value for companies in 2017 In their report “IIoT Trend Watch 2017,” IHS Markit technology analysts identified four key trends that will drive the Industrial Internet of Things this year and beyond. Increasingly, the report says, businesses see the IIoT as a tremendous opportunity to create unique value propositions by linking disparate devices.
IHS Markit highlighted four trends as leading the IoT evolution in the coming years:
1. Innovation and competitiveness are driving new business models and consolidation
The focus is shifting to the IoT developers themselves and how they will monetize new streams of data delivered by their IoT deployments. A wide range of monetization models are being tested, reflecting the fragmented nature of the IoT market across numerous vertical industries. Successful models will revolve around “servitization” and closer, ongoing relationships with end customers, the report says.
2. Standardization and security are enabling scalability
With the high growth in IoT deployments and much hype surrounding the promise of the IoT marketplace, scaling is highly dependent on two factors: first, the pace at which devices are connected and second,
AD INDEX B+B SMARTWORX - C3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105 www.advantech-bb.com/smartswarm Beckhoff Automation LLC - 17 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103 www.beckhoff.com CFE Media 2016 Industrial Internet of Things & Industrie 4.0 Study - 20 www.controleng.com/2016IIoTStudy Fluke Corp - 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 www.flukeconnect.com hilscher - C2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100 www.hilscher.com Inductive Automation-Bellyband, - 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 www.inductiveautomation.com TADIRAN BATTERIES - 21 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104 www.tadiranbat.com WAGO Corp - C4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 www.wago.us
28
|
MARCH 2017
IIoT For Engineers
the ability to manage many devices. By 2020, the global market for industrial cybersecurity hardware, software, and devices is expected to surpass $1.8 billion as companies deal with new IoT devices on business networks as well as a new wave of mobile devices connected to corporate networks.
3. Business models are keeping pace with IoT technology The methods used to monetize are almost as diverse as IoT itself. Many pioneers in the space sold products to build it. That is still happening, of course, but now there is a shift to reaping the benefits of the data that’s been created. An overabundance of business models are being tested to determine which models work and for which applications.
4. Wireless technology innovation is enabling new IoT applications Advances in wireless technologies will continue to extend at both the low and high ends. At the low end, low-power wide-area network (LPWAN) promises lowcost, low-power, and long-range, connecting millions of devices that previously could not be unified in a practical way. At the high end, 802.11ad makes it possible to wirelessly connect very highperformance applications such as 4k video. Beyond 2020, 5G has the potential to address new, mission-critical use cases, particularly where mobility is essential. IIoT
Jenalea Howell is research director of the IoT connectivity and smart cities team for IHS Markit, a CFE Media content partner. www.controleng.com/IIoT
For IIoT, get the non-disruptive Modbus gateway that listens and learns
Competing “Modbus to MQTT” gateways need to be deployed as a local Modbus master, but SmartSwarm 351™ gets the job done without affecting your Modbus network in any way. SmartSwarm 351 automatically identifi es every Modbus device on your network, unobtrusively “eavesdropping” on their communications and converting the data for easy consumption by upstream IIoT applications. SmartSwarm 351 makes Modbus-to-IIoT connectivity easy. Visit www.advantech-bb.com/smartswarm for details about SmartSwarm 351’s sophisticated functionality and rugged, industrial-grade specifi cations.
Copyright 2017 B+B SmartWorx. All rights reserved.
input #105 at www.controleng.com/information
PLC WITH BUILT-IN VPN & FIREWALL
Y RIT
CU
SE
B
N T-I L I U
IIoT READY
PFC Series Performance Class Controllers • VPN technology with IPsec and OpenVPN security protocols • IIoT-ready application security with SSL/TLS encryption • Firewall with whitelisting for increased network security www.wago.us/PLC-VPN
input #106 at www.controleng.com/information