Any event that disrupts the screening of a Seth Rogen movie is to be applauded, and in that respect the canceled opening of “The Interview” after North Korean operatives hacked the computer servers of Sony Pictures was a good thing.
It also served as a reminder — for those who’d missed reports about cyber attacks at Home Depot, JPMorgan Chase and other large corporations a few months beforehand — of the vulnerability of information in the Age of Interconnectivity. Between ransomware, malicious hackers and cybercriminals, it’s no wonder that security specialists are in-demand members of the automation technology community.
It also helps explain why food and beverage companies long have cast a wary eye on remote monitoring and troubleshooting programs from OEMs and service providers that promise to provide improved uptime and optimized machine performance but require access to a plant’s data network. Inadvertent malware downloads from email attachments and Trojan horse jump drives add to stress levels that already run high.
The growth of hacker-for-hire networks adds to the anxiety. Once the domain of social activists and gamers more intent on cracking into the PlayStation Network than commercial enterprises, services like HackersList.com and NeighborHoodHacker.com help match businesses and individuals with computer-savvy specialists.
Some of the relationships are benign or even beneficial: A growing segment of NeighborHoodHacker’s clients are businesses worried about unauthorized access to data by company insiders (the website's tagline is "certified ethical hackers for hire"). More worrisome are businesspeople soliciting technical assistance to raid their competitors’ databases for customer lists and contract amounts.
Reverting to proprietary control networks would ease the angst, but that’s not going to happen. Automation managers have seen the industrial Ethernet promised land, and they’re not turning back. “Most industrial networks are relatively hardened, and security is not as big a hang-up as it should be,” observes Gerald Beaudoin, automation project manager at Leahy Orchards Inc. in Franklin Centre, Quebec.
He’d like more comprehensive controls-security support from his automation vendor, but he recognizes his warehouses and production facility are low-value targets. “We’re making apple sauce, after all,” says Beaudoin.
If in-plant networks make people squirm, what’s the stress level when mobile devices are added to the mix? It may seem counter-intuitive, but the answer is: not much higher.
“It is not data that is being protected here, it is communication with sensitive devices,” points out the controls director at a major food corporation in an email exchange. If access to the data is routed via cloud computing, the service provider ends up “protecting objects in their control and allowing proper access to the protected area,” he adds. “I am not aware of a service that can meet” the security requirements of the control network itself.
HMI to HDI
Wireless communication with control networks may give a case of the vapors to some, but the productivity advantages are simply too great to just say no. All supervisors at Keasby, N.J.-based Wakefern Food Corp. are equipped with iPads, allowing them to access information in the field without returning to the office as they did in years past, says Pete Rolandelli, vice president of logistics and warehousing. Likewise, voice-selection technology keeps lift truck operators moving without stopping to pick up paper work orders. Hacking into encrypted data is not a big concern, he says. “We’re big time into security.”
Data, encrypted or otherwise, isn’t the real concern. Penetration of the control network is where the real danger lies. Wireless security is a separate issue, and that reality is helping expand wireless and remote access.
Beckhoff Automation demonstrated the possibilities at Pack Expo 2014 with what it described as Google Glass technology. Billing it variously as a “wearable HMI” or “HDI” (human device interface) for machine operation and plant monitoring, Beckhoff’s demo was in conjunction with Matrix Packaging Machinery.
Google Glass was a convenient hook, but any wireless device with a browser could be used — at the Beckhoff booth, a technician used a smart watch to manipulate a robot’s motion. Smart phones won’t replace industrial HMIs anytime soon, but the ability to execute machine commands on a wireless device presents intriguing possibilities.
“This is a complementary device,” says Daymon Thompson, TwinCAT product specialist at Savage, Minn.-based Beckhoff. “I don’t see any trend toward replacing an HMI with a handheld device.” Nonetheless, the underlying technology enables more than status reports and alarm notifications.
Thompson says a German manufacturer of custom kitchens is using the connectivity model to drive “object-oriented manufacturing,” with work orders downloaded and translated into logic and motion commands to the machines that execute fabrication.
For the Pack Expo demonstration, scanning a QR code granted access to machine controls. In practice, encrypted real-time data would be uploaded to the cloud and accessed after entering a user name and password. A delay of “a few hundred milliseconds” would be all that separated machine response via remote control from commands entered by an individual in the plant, according to Thompson.