The Industrial IoT (IIoT), a subset of the IoT evolution, is quite the rage within automation companies as they seek to add a high-margin software component to their traditional businesses. Since Maxim Integrated chips are used to build these automation systems, we get a unique perspective on how automation system design has to evolve, or in some cases, change as companies attempt to put their automation systems online to take advantage of the IIoT. This paper briefly introduces IIoT and focuses on security challenges that must be solved to implement secure IIoT-capable end systems.
THE INDUSTRIAL IOT IN MANUFACTURING
Manufacturing can get the most leverage from the IIoT because of the sheer amount of data it can capture and process; data is the underpinning of the IIoT since it can be analyzed and visualized to help optimize operations and costs. Within manufacturing, security solutions provided by intelligent sensors, distributed control, and complex, secure software are the glue for this new revolution.
To realize the promise of IIoT, we have to put a lot of our systems, even legacy systems, up in the cloud. This will have profound security implications since the security implementation for industrial control systems has not kept pace at best, and in some cases, is non-existent. This will change as actors (malicious or otherwise) realize that a factory or a plant is effectively on-line, and exploit different attack opportunities.
Security will have to be a combination of software as well as embedded hardware to protect critical control systems from a variety of attacks. Three key challenges are: hardware authentication with secure keys, secure communications using TLS, and secure boot. Since connectivity (the thing that enables IIoT) completely exposes all of our security shortcomings, security cannot be an afterthought if we are to realize the benefits of the IIoT.
THE BENEFITS OF THE IIOT AT WORK
A good example of the IIoT at work is General Electric’s newest $170 million plant U.S. factory in upstate New York.1 It opened about a year ago to produce advanced sodium-nickel batteries used to power cell-phone towers. The factory has more than 10,000 sensors spread across 180,000 square feet of manufacturing space, all connected to a high-speed internal Ethernet. They monitor activities such as which batches of powder form the battery ceramics; how high a temperature is needed to bake them; how much energy is required to make each battery; and, what local air pressure is being applied. On the plant floor, employees with tablets can pull up all the data from Wi-Fi nodes set up around the factory.
Another good manufacturing example is the Siemens Amberg Electronics Plant that manufactures the Simatic programmable logic controllers (PLCs).2 Production is largely automated; machines and computers handle 75% of the value chain on their own—the rest of the work is done by people. Only at the beginning of the manufacturing process is anything touched by human hands, when an employee places the initial component (a bare circuit board) on a production line. From that point on, everything runs automatically. What’s notable here is that Simatic units control the production of Simatic units. About 1,000 such controls are used during production, from the beginning of the manufacturing process to the point of dispatch.
IIoT harnesses sensor data, machine-to-machine (M2M) communication, and automation technologies. Smart machines are better than humans at accurately and consistently capturing and communicating data used to fix inefficiencies and solve problems in terms of up-time, scheduled maintenance, power efficiency, and more efficient utilization, sooner. Maxim Integrated has broken down the IIoT in terms of a stack as shown
in Fig. 1. At the very bottom of the IIoT stack, we have the devices (systems) on the factory or process floor. These can be field sensors, controllers, industrial PCs, etc. All of these are hardware systems and can include aspects of hardware security. These end devices must have useful data to communicate and are generally hooked up to communication hubs, gateways, and switches so that the data is put in the cloud (or an intranet) as big data.
But that’s not all. The promise of IIoT is that this data can be integrated within the ERP and CRM software of the firm to not only efficiently plan and cost out a manufacturing process, but also to use the customer/market information to change assembly lines and process parameters.
The top of the stack impacts your software development and integration; the bottom impacts your system design perspective.
Primarily the benefits of IIoT can be broken down into three groups (Fig. 2): asset, process, and enterprise optimization. It is easier to optimize a motor than it is to optimize a drilling operation, which in turn, is easier to optimize than the manufacturing lines of a large enterprise. But optimizing at every level is the dream of IIoT.
The first level of analysis and interaction occurs at the edge: the data is collected from a sensor (e.g., a wind turbine sensor, a motor encoder, or a vibration signature). This is processed locally to help understand how to tweak parameters that would give the highest efficiency or provide an early indicator of a potential failure.
The next level of analysis is done at the control room or plant level where sensor data from multiple end devices and even multiple assembly lines is aggregated to make decisions that would increase the efficiency of the factory or a process. For example, a control room making idling or sleep decisions of the various end devices to reduce the overall power profile of the process.