Lane Thames, senior security researcher, Tripwire, looks at the cyber security challenges faced by smart factories, and how fog computing can help enterprises address them.
The Internet of Things (IoT) and cloud computing have paved the way for industrial companies to advance the way they operate.
For example, a Smart Factory can gather performance data from its machines (Industrial IoT or IIoT) and process that data in the cloud to produce predictive analytics that can hugely optimise production.
However, there special considerations need to be taken into account in order to make this work for industrial operations. Can the cloud appropriately handle industrial workloads? How can we keep IIoT safe and secure?
A smart factory is a highly digitised and networked production environment containing numerous devices (things) with computing and communication capabilities. Some of these devices only communicate locally with other devices or legacy backed IT systems, while others can communicate with other systems via the Internet.
Cloud computing plays a very important role for the IoT, which live at the edge of the Internet (therefore often referred to as edge devices). IoT devices communicate to the cloud via the Internet for data processing, intelligence and communication fabrics.
For example, to use a smartphone to turn on a light, the application on the smart phone communicates with an endpoint in the cloud, and the cloud then uses a pre-established, always-on connection back to the device with the command. This is a type of command-and-control architecture very commonly found with IoT products.
The IoT’s current architecture works well for many application domains, especially within the consumer market space. However, the cloud it isn’t always well suited to handle smart factory and IIoT environments.
One of the cloud’s most crucial shortcomings is time. IIoT systems contain many components that are sensitive to time delays. The operational technology used in smart factories (e.g. industrial control systems, programmable logic controllers, supervisory control and data acquisition, etc.) have real-time constraints.
For example, a PLC could fail if a signal is not received and processed within an order of milliseconds and cause a disruption to operations. This can be an issue if smart factories need to send data to the cloud for processing. Sending and receiving data from the cloud simply takes too long for real-time control systems.
That’s where “fog computing” comes in. The OpenFog Consortium defines fog computing as “a system-level horizontal architecture that distributes resources and services of computing, storage, control and networking anywhere along the Cloud-to-Thing continuum.”
The fog moves cloud-type resources closer to the edge where things and “networks of things” can use more advanced computation resources with less network delays. The “fog computing layer” encompasses Internet-connected systems between the edge and the cloud that can be used as a fog computing resource.
Examples of these resources include switches and routers near the edge, on-premise data centres and even dedicated fog computing nodes living at the edge with the networks of things.
Fog computing will be key to realising the promising benefits of IIoT: increased productivity, increased product quality and increased safety. That in turn could lead to cleaner, greener manufacturing.
We could achieve customer collaboration like we’ve never seen, making ideas of mass customisation and individual customisation at scale possible. We’ve only scratched the surface on the possibilities of the smart factory.
These benefits are achievable, but there are notable challenges that must be taken into account. Cyber security is one of the most – if not the most – critical and challenging obstacles to overcome in realising the potential and benefits of the IIoT.
Bringing connectivity and new technologies into smart factories makes systems and the environment much more complex. As more advanced IIoT systems are deployed, new cyber-attack vectors will arise throughout the plant.
The more we pay attention to this, and the earlier we build cyber security in our digital transformation practices, the greater the overall benefit of the industrial internet. To achieve the vision we have for smart manufacturing, we need collaboration and education.
Building with security in mind will be crucial in achieving our goals and visions for a future world where everything is cyber, connected and smart.
All pioneers involved in driving towards this new frontier will need to level-up in their cyber security understanding, including those who build IIoT technology, those who use IIoT technology and those who secure IIoT technology.
Cyber security for the IIoT will require strong interdisciplinary collaboration between all of these associated parties. In other words, there can no longer be a cyber security silo. Everybody will need to play a role in securing our smart, connected future.
For our future generations, cyber security needs to be part of early education. Every single Science, Technology, Engineering, and Mathematics (STEM)-based content should incorporate at least the fundamentals of cyber security. With connectivity as pervasive as it is and will increasingly become in a short amount of time, cyber security isn’t just an IT specialisation – it’s embedded in almost every technology we touch.
With innovations like fog computing, it’s exciting to see how we’re getting closer to achieving the full vision for smart factories every day. Like fog computing, security is a crucial enabler for that, and it’s up to everyone involved keeping advancing IIoT with security in mind.