Data security despite an open system architecture

Machines and production facilities for the future

The open architecture of an automation system of Generation 4.0 offers key benefits and the significance given to it by operators of these systems is equally high. An open architecture with standardized communications protocols and standardized interfaces is one of the requirements for conversion to Industry 4.0 technologies. Simple and rapid implementation, reduction of the commissioning times and more efficient development steps, which deal with the application and not with system questions or grappling with IT topics, are the main criteria when selecting new IIoT components. This is because the in-built intelligence of the smallest components is not supposed to serve its own ends but should be reflected in tangible competitive benefits. Many users are afraid of the risks – with regard to data security. Suppliers of components and systems must get to grips with this and develop strategies, in order to offer their customers secure solutions.

Continuous networking of intelligent devices
The benefits can be felt: In Industry 4.0-compatible production systems, all the automation components, such as sensors, controllers, command stations or actuating devices, are networked via Ethernet. Access to the system and its components is then possible using any web browser, independent of software and the location. Data can be transmitted via Ethernet and exchanged in the system. When a component is exchanged with a new component of the same type, the system updates it automatically, comparable to a RAID system, meaning that it is possible to talk of a true Plug & Play system. It is thus not necessary to set the parameters again.

Production reliability thanks to data analysis
The process data which the automation components can deliver offers system operators a wide range of analysis options, with the aim of drawing conclusions about production and preventing errors and production down times.
Various scenarios are possible. For example, a drive can deliver its motor temperature to a higher-level system, which continuously records this value.
Predefined values could be used as indicators influencing the process or production and allow predictive actions, such as predictive maintenance or condition monitoring. The drive itself is of course protected by self-diagnostics. It now barely needs to be regarded as a source of errors. As a reminder: IIoT keeps its focus on the application and not the subcomponents.
But the journey continues: If we do not know the indicators, then the question arises of the occurrence and correlation of problems and causes, which allow conclusions to be made about production.
If, for example, the web tension is monitored, then, when observing undesired effects, such as web tears, the entire available data record could be reviewed for outliers. Large volumes of data become smart data. Here, the technologies from the field of "deep learning", a subsection of automatic learning, will help us. To remain in the example: This allows determination of whether web tensions were chosen incorrectly or the penetration of the web with moisture has led to changes in the e-module.
This is only possible thanks to an open architecture.

How can data security be maintained in spite of this?
If remote access now also comes into play, with which the manufacturers of components and systems can offer rapid support during commissioning, maintenance or troubleshooting, then the operators of production facilities worry about the security of their data. The risk appears to be too great that the open architecture generates unwanted transparency and, in extreme cases, opens the door to industrial espionage or sabotage. To rule this out with absolutely certainty, special coupling software is used with secure hardware switches. In this way, for example, a supplier of automation technology can perform remote maintenance for their customer and temporarily access their data in a defined subarea of the system.

Users profit from interchangeability
Among manufacturers, a further consequence of the open system architecture is discussed with understandable controversy: Open systems with unified network protocols and standardized interfaces allow the substitution of the components of a system. For example, the company operating the system or the machine manufacturer can easily replace a sensor with an identical sensor of another manufacturer - a benefit for users, but a double-edged sword for the manufacturers. Providers of engineering services, who integrate third-party components, can find an additional field of occupation here.

Remote maintenance is a matter of trust
The open architecture of a system allows not just data analysis for status monitoring of machines and devices, but also preventive maintenance and rapid aid in cases of fault – the benefits of remote maintenance are usually uncontested. However, there is often a contradiction in the requirements for availability from the point of view of production and security from an IT point of view.
Manufacturers are keen to take this subject seriously and offer solutions. "Remote maintenance is a matter of trust," explains Dirk Schröder, Head of Sales for the Printing/Film division at Erhardt+Leimer. The company is a global leader in the manufacturing of automation technology for web guiding, web tension control and web inspection. Schröder knows what he's talking about: "For many of our customers, the open architecture of their automation system has a high priority. Our new product generation of sensors, controllers and drives for web automation fulfils this requirement. At the same time, we also have to guarantee the security of our customers' data. If, therefore, a machine is to be connected to the Internet for the purpose of remote maintenance, for example, then we can offer a solution that takes into account both the requirements of production and also IT." This also ensures that devices already installed on customer premises can be kept at the latest security level, thanks to automated updates.


Download: Data security despite an open system architecture