TENtalks with Cisco and Dyson
Updated: Feb 26, 2021
Our webinar session with experts in Industrial Automation, Secure-by-Design Network Architectures, IoT Edge Computing, CyberVision, TrustSec, and Industrial Cybersecurity concluded on Thursday afternoon with great learnings about IT and OT Convergence. Here a brief of our presentation.
The Journey towards an IIoT Strategy
As most of you probably know, the journey to being Industrial IoT ready isn’t yet plug and play.
Organizations have a significant opportunity to get more productivity and less downtime through insightful data, from new or existing plant equipment. Typically though, existing setups don’t allow for the monitoring of availability for assets in the factory or supply chain.
Companies need to be analyzing data to monitor efficiency and help predict things like component failure, which is increasingly essential to avoid costly interruptions to production runs.
Often, Operational Technology (OT) production networks are not only closed to the outside world, but also to other internal OT & IT systems, so they can’t talk to each other when they need to collate the information.
If they do work together, it’s often done in a very vulnerable way. Either the security risk hasn’t been understood, the design is not secure, or individual deployment projects are not structured around wider threats and are confident about a lack of external connectivity.
Whereas in the real world connectivity is everywhere and needed to collect and transmit data. Those companies that have linked up systems insecurely can find themselves paying heavy prices. Cyber attacks and ransomware demands on production facilities are increasingly becoming more common, especially in times of digital acceleration such as what we are currently experiencing due to the COVID-19 pandemic. Therefore, organizations have got to adapt to take this area of security more seriously.
Three areas in which we help organisations to align towards an IIoT strategy are leadership, upskilling and adoption.
Polestar helps industrial organisations and other enterprises to create a Strategic Commissioning Plan, in which we design the program to follow and set the vision towards a secure-by-design, connected, smart factory. This plan set the roadmap to the execution of an IIoT strategy.
Additionally, we work on getting Operational Technology Policies set to boost the creation of IT+OT integrated virtual teams. In this process, we help organisations ask themselves which digital skills they need to thrive on their IIoT and operational strategy.
Finally, Polestar helps define which are the right technologies to build the Digital Foundations the company needs and to create a Loss Prevention Report that help to assess risks and create preventive measures.
Stages of an IIoT Strategy
A comprehensive IIoT strategy must contain 3 main pillars: Acquisition, Transportation, and Analysis. But there are many levels of maturity on the way to that nirvana of connected factories, or Industry 4.0. We have classified these levels or stages as follows:
Basic Stage: Computerisation & Connectivity.
Secure Stage: Integration of OT & IT layers and all departments, namely engineering, production & manufacturing.
Connected Stage: Adding sensors for visibility, leading to a digital model of the factory to show what is happening at any given time - not just in manufacturing cells) - allowing upkeep of the digital model at all time.
Gatherer Stage: Transparency and big data analysis. A primary requirement for predictive maintenance capability.
Smart Stage: Simulation of different future scenarios and identify most likely ones. Allowing accurate decision making and implementation of appropriate measures in good time.
You can better understand these stages following this link. Also, you can undergo a quick assessment to define in which of these stages your company currently is.
Industry 4.0 means different things to different people. To Polestar it is digital transformation for manufacturing companies, or more precisely:
+ Industrial IoT
+ Digital Twins
+ Cyber-Physical Systems
Implementing these through the right framework will translate into adaptability leading to automated actions and automated decision making, eventually without human assistance in order to securely optimise processes in the shortest possible time.
Many companies are just trying to dip a toe in the water with POC's or data analytics, which means leaping the steps of a grounded strategy, which is not good for control and security!
The Evolution of IIoT Systems
The majority of manufacturers are running factories with technology that is up to and sometimes over 30 years old. This makes of getting visibility on their assets a major problem, even if they have the knowledge within the business to make the right decisions about which devices can communicate with each other. Most of the times the approach that is taken is usually to ringfence assets by installing multiple firewalls at zone and cell level.
Another challenge is the exposure of data points from control systems to enterprise systems in order to drive efficiencies. IT departments do not have the time, resources or knowledge to protect the actual systems. Additionally, managing collaboration tools, Office 365, standardisation around cloud-first projects for corporate applications, and cyber-security in the enterprise contribute to the problem for IT teams to stay current and up to date.
The implementation of standards like IEC62443 for OT teams can be effective towards solving these pain points, especially when protecting Industrial Control Systems for Critical National Infrastructure. But for manufacturers, this can be too costly due to the management overhead as they have a very large number of disparate assets in some very large factories.
Most of the time, perimeter protection is therefore installed using firewalls and the OT and Automation teams are left quite literally to their own devices. This does not solve the problem as MOST hacks come through enterprise services and not as IT teams would probably expect: through Industrial Control Systems. This is due to the high number of services that require to be open in an enterprise in order for information workers to do what they need to do.
So what can be done to minimise risk without having to rebuild a Production network from scratch? Perhaps there is a different way of looking at that and dealing with the problem?
Business needs are driving the adoption of cloud technologies much faster, giving the automation and OT teams too many projects. The cloud provides the opportunity to bring IT/OT and Automation teams together.
Cloud platform security can arguably be said to be more secure than any number of perimeter and access firewalls - if implemented correctly.
Transitioning to a hybrid cloud platform will provide transparency and security by design, as you only need to build it once. By routing industrial data through more securely controlled cloud systems, you are reducing the attack surface and the number of data points that are being exposed across the entire enterprise.
However, using some of these new technologies does not come without potential high risk. By not having the means to monitor what is going on at the industrial level and by not having the means to implement the right policies and controls, any manufacturer can end up in a security breach situation, as there are multiple routes into the Production systems from the enterprise and from supply chain vendors.
What we are seeing, particularly with the Covid 19 situation is a lot of customers running 24x7 production schedules with the emphasis firmly on keeping the ‘lights on’. This doesn’t give much headroom to implement new technologies such as secure remote access for support, maintenance and commissioning - quickly.
Our approach is to move the remote access risk to the cloud where it can be carefully managed, and at the factories, build robust and resilient OT networks.