Category Archives: Automation and Process Control INSIDER

The INSIDER is out! The February issue has stories…

Insiderlogo3Walt Boyes’ analysis of the ARC Orlando Forum 2018

Videos and commentary from the ARC Press Conference including:

–Stratus Technologies

–Siemens

–Emerson

–Honeywell

–L&T Technologies

–Schneider Electric

–OPC and Fieldcomms

–Microsoft

–Inductive Automation

–more

Joy Ward on the Human Face of Automation

Joe Weiss’ speech at DefCon last year

Walt Boyes on How to Make Open Standards Work

Rajbahadur V. Arcot on Industry 4.0

 

Subscribe now at www.spitzerandboyes.com/insider

OPTO22 Introduces Edge Programmable Controller

Insiderlogo3Press Release from OPTO 22. Although they announced the product yesterday, the release was embargoed until today. Go figure.

Opto 22 announces world’s first Edge Programmable Industrial Controller: groov EPIC

Completely new system brings the future of automation to the present by combining guaranteed-for-life I/O, real-time control, local and remote HMI, and industrial/IT data exchange in a compact, industrial package.

Temecula, CA – February 14, 2018 – Experienced industrial automation manufacturer and industrial internet of things tools developer Opto 22 today announced a groundbreaking new industrial system to address the needs of automation engineers and developers solving the challenging automation and industrial internet of things (IIoT) problems in today’s fast-moving, data-centric environment.

Current IIoT solutions typically require multiple moving parts, including stitched-together software technologies, bolted-on communications protocols, legacy controllers and I/O, and a medley of gateways. These solutions are expensive to build, difficult to troubleshoot, require multi-domain expertise, and are unsustainable over the long term. The new groov EPIC® system helps solve these problems by combining I/O, control, data processing, and visualization into one secure, maintainable, edge-of-network industrial system. groov EPIC lets engineers and developers focus on delivering value, not on triaging loosely connected components.

“We are a company of engineers inspired and driven to create products that unleash our customers’ imaginations,” says Mark Engman, Opto 22 CEO. “groov EPIC is a culmination of that mission, a response to industry requests to more wholly integrate IT and OT technologies, simplify development and deployment, and provide a platform for long-term growth now and well into the future.”

Combining reimagined intelligent I/O with an embedded Linux® real-time controller, gateway functions, and an integrated display, groov EPIC offers field-proven industrial hardware design with a modern software ensemble, to produce the results that visionary engineers want today. Connecting legacy systems, controlling processes and automating machines, subscribing to web services and creating mashups, acquiring and publishing data, visualizing that data wherever it is needed, and mobilizing operators—all of these are now within reach. In addition, groovEPIC simplifies commissioning and wiring and helps engineers develop rapidly and deploy quickly.

“The groov EPIC system incorporates in one unit everything needed to connect and control field and operational devices and data, through on-premises IT databases, spreadsheets and other software,
to cloud storage and services—and back again,” says Benson Hougland, Opto 22 vice president of Marketing & Product Strategy. “This ability to easily exchange data and use it where needed opens opportunities automation engineers have not had until now. This is a truly new system that builds on the past but looks fundamentally to the future of our industry.”

The groov EPIC system will be of particular interest for process control, machine control, OEM, manufacturing, SCADA/RTU, building and facilities, and IIoT applications. Commercial, retail, warehousing, and distribution customers will also find that the system opens a wide variety of new options for tracking, storing, and visualizing data—all of which are essential to developing more efficient operations.

Of particular interest to Original Equipment Manufacturers (OEMs) will be optional access to the Linux operating system through secure shell (SSH). This access, along with toolchains and interpreters for Java, C/C++, Python, JavaScript/Node.js, and more allows OEM developers to execute their own custom developed applications on this ruggedized, edge processing control system.”

Features of the new system include:

  • Industrial modular intelligent I/O, real-time Linux-based automation controller, and edge gateway in a single stainless-steel chassis
  • UL Hazardous Locations approved and ATEX compliant
  • Integrated high-resolution color touchscreen with HDMI output for optional external monitor
  • Compact footprint with integrated power supply and dead-front design
  • On-board system configuration, commissioning, and troubleshooting; no PC required
  • Remote configuration and troubleshooting from any web browser on any device
  • Dual, independent Gigabit Ethernet network interfaces
  • Dual USB ports for serial communications, touchscreen monitors, or WiFi adapters
  • Multiple power supply options including AC, DC, and pass-through
  • Wide  -20 to 70 °C operating temperature range
  • Touch-sensitive pad on I/O modules for configuring, commissioning, and testing
  • Spring-clamp terminal strip directly atop I/O module accommodating up to 14 AWG wire
  • LED indicators for module health at a glance, and for individual discrete channels
  • I/O module density of up to 24 channels per module
  • Multi-featured analog inputs supporting voltage, current, and loop sourcing in single module
  • Analog input resolution of 20 bits at 0.1% accuracy over span
  • Channel-to-channel isolation available for most I/O modules
  • Real-time, open-source Linux OS running on an industrial quad-core ARM® processor
  • 2 GB RAM, 6 GB user space on industrial solid-state drive

Software features include:

  • groov Manage software for tool-less configuration, commissioning, and debugging on-board and from anywhere on the network
  • PAC Control flowchart-based control development environment with scripting and visual debugger
  • groov View visualization server for creating and viewing HMIs, trends, and events for any mobile device or web browser; also viewable locally on integral touchscreen
  • Node-RED flow-based development environment and runtime for edge data processing, handling, and communications
  • Ignition Edge® from Inductive Automation® with drivers to Allen-Bradley®, Siemens®, and more
  • MQTT/Sparkplug protocol for efficient, industrial publish/subscribe communications
  • 100% backward compatible with SNAP PAC systems and SNAP Ethernet I/O
  • Available secure shell access, SDKs, and cross-compiler for custom user-written applications

Availability

The groov EPIC system is slated for release in May 2018, with pre-orders beginning in April. For additional information and application advice, contact an Opto 22 pre-sales engineer: 951-695-3000 or toll free, 800-321-6786.

 

Open Group OPA Forum Launches First Business Guide

Insiderlogo3From a press release at #arcforum

The Open Group Open Process Automation™ Forum Launches First Business Guide

 

Guide Aids Industrial Manufacturers to Transition to Standards-based, Open, Interoperable, and Secure Architecture for Industrial Control Systems

 

San Francisco, CA – February 13, 2018: The Open Group Open Process Automation™ Forum has launched the Open Process Automation™ Business Guide – Value

 

Proposition and Business Case for the Open Process Automation Standard. The publication, coming so soon after the Forum officially launched in January 2017, details the value and business case for the development of the Open Process Automation™ Standard, and was written by principal authors in the Forum from ExxonMobil, Intel, Lockheed Martin, Merck, and Schneider Electric. Additional contributors are from Accenture, AspenTech, BASF, CMC Associates, Curtiss-Wright, DuPont, Enterprise Transformation Partners, Georgia Pacific, Koch Industries, Royal Dutch Shell, and Siemens.

 

Aimed at helping industrial manufacturers increase productivity and customer satisfaction, the Forum will define standards for an open, interoperable, secure process automation architecture. The Business Guide expresses the motivation and vision for this architecture as a business imperative for both users and suppliers of industrial control systems.

 

The Business Guide outlines an ecosystem of end users, system integrators, hardware and software suppliers, and service providers. It defines how the business models of current stakeholders will be impacted by open interoperability and answers questions about the value propositions for buyers and sellers.

 

In addition, it outlines a spectrum of business scenarios for the current state of industrial control system use and the future state where Open Process Automation conformant systems will be used, including in continuous process industries such as oil and gas, pharmaceuticals, pulp and paper, food and beverage, mining and minerals, chemicals, and technology.

 

“This publication is a fundamental next step for us in driving the development of a framework and a ‘standard of standards’ for how process automation is achieved,” said Ed Harrington, Director of The Open Group Open Process Automation Forum. “This initiative aims to deliver real-world benefits to a range of different vertical industries in response to the demand for standards, and we are excited to have built the business framework for success of both buyers and sellers in this area.”

 

Don Bartusiak, Chief Engineer at ExxonMobil Research & Engineering, added, “ExxonMobil believes that industry standards based on an equitable business framework and sustained by effective conformance certification are keys to achieving our business goals for the process automation systems we need to be competitive in the era of digitalization. This three-part process –consensus-based standards, defined business framework, and conformance certification from the outset – are distinguishing characteristics of The Open Group that we will employ to produce useful and timely standards. The Open Process Automation Forum’s first major deliverable, the Business Guide, articulates the value proposition and business case for all stakeholders. Its words are the business framework. They set the tone for the constructive transformation that we member companies of the Forum are striving for.”

 

“As a proud member of the Open Process Automation Forum, we were pleased to take part in the creation of this Business Guide and we congratulate all our members for achieving this important landmark,” said Trevor Cusworth, Senior Client Executive, Schneider Electric. “The Business Guide is a major step forward and an indication of the great momentum building behind this critical industry initiative. Our customers are under increasing pressure to lower the costs related to their control systems while improving the profitability of their operations. Closed, proprietary control systems make it more difficult to achieve these financial objectives because they are expensive to operate, upgrade and maintain, and they are difficult to integrate with third-party offers. That’s why many of our customers support a standards-based, open process control framework. The Open Process Automation Forum is driving the development of these standards, and this new Business Guide explains exceptionally well the value open-standards control will provide to end users, suppliers and integrators alike.”

 

Please download the Business Guide here.

 

Read the January 2018 INSIDER for free!

Because of the very high interest in the cover feature, “The Future of Automation in the Age of the Internet of Things” we have decided to make the January issue open sooner than we would normally.

So, effective immediately, you can download a copy of the issue at 2018-01 INSIDER.pdf.

And if you like this kind of content, and you want to read it regularly, visit

http://www.spitzerandboyes.com/INSIDER and click the “Become an INSIDER” button to subscribe.

Bedrock Announces New Firmware Upgrade for Cyber Security

Press Release from #arcforum:

 

Bedrock® Cybershield 3.0 Delivers on the Promise of Open Secure Automation (OSA®) with a Suite of Cyber Defense Tools and Open SCADA Partners

 

San Jose, Calif. – February 12, 2018 As part of their participation at the ARC Conference, Bedrock Automation has announced the availability of Cybershield 3.0, a major firmware upgrade with advancements that make it easier for end users and developers to build control applications that are both open and secure.  Among the six major innovations facilitated by the Cybershield 3.0 upgrade are the first public key infrastructure (PKI) built into an OPC UA server for SCADA applications; an industrial Certificate Authority (CA) for user key management; virtual crypto key locks for the controller; and a Secure Proxy server capability that can protect legacy controls systems of other vendors.

 

“Cybershield 3.0 is one of the most significant steps forward since the release of our Bedrock OSA platform. We now support leading SCADA companies in integrating their OPC UA client to our open security and key management tools.  In addition, we start our march to converge IT cyber detection technologies into real-time OT automation with our integrated Anomaly Detection (AD) tools built into every controller. We are delivering secure SCADA and AD as intrinsic and zero-cost advancements, focused acutely on ease of use and reductions in lifecycle costs,” said Bedrock founder and CEO Albert Rooyakkers.

 

Bedrock Cybershield 3.0 includes the following capabilities:

 

  • Secure Open SCADA with OPC UA. The cryptographic keys built into all the Bedrock system electronics, provide the root of trust for the Bedrock Certificate Authority (CA) that verifies the reliability of OPC UA-managed communications between SCADA and PLCs or other industrial control systems.

 

  • Open Certificate Authority (CA) for SCADA. This advanced SaaS key and certificate management tool is not only FREE to our customers but is simple to deploy with our Secure SCADA Interface Specification Leading SCADA providers, including Inductive Automation, ICONICS and Tatsoft, are committing to and releasing support to this interface specification.

 

  • Intrusion detection. Even though the Bedrock control system has protection built into its core, users still need to know when system security is challenged. Cybershield 3.0 comes standard with intrinsic Anomaly Detection (AD) functionality that continuously monitors the controller’s network and system time to detect intrusions and anomalous behavior and report it to both SCADA and enterprise database applications for trending, alarming and historizing anomalous cyber activity.

 

  • Quickly Secure Legacy Automation with Secure SCADA. Companies can now use Bedrock security to help integrate open standard communications protocols with legacy PLC and DCS systems from other vendors. A Bedrock secure controller module acts as a gateway between SCADA platform workstation and the legacy controllers.
  • Cryptographic key locking. Cybershield 3.0 also includes a cryptographic controller engineering key lock that permits only users with the required credentials to change the mode of the controller.

 

  • Achilles and EMP compliance on power supplies. Bedrock Automation is certifying its standalone power supply and standalone uninterruptible lithium power supply to both MiL-STD-461-G, the military standard for advanced EMP hardening, and Achilles Level 2 certification, augmenting the EMP and Achilles certification achieved for its control system modules last year.

 

“Today’s increasingly connected environment drives the process industries to search for automation solutions that deliver the benefits of open communications with ‘baked in’ cybersecurity. By extending its secure automation technology to third-party software providers, Bedrock Automation addresses this key pain point of future automation requirements. ARC believes the intrinsic and no-cost approach of Bedrock’s cybersecurity strategy is the quintessential component missing in control systems, today,” writes ARC analyst Mark Sen Gupta in his recent report, Bedrock Automation’s Open Secure Automation a “Win” with End Users

 

Availability

Cybershield 3.0 will be standard on all Bedrock control systems starting in Q2 of 2018 and will also be made available to current Bedrock users as a free upgrade.

 

Emerson Announces DeltaV version 14 and DeltaV Mobile

Press release from @arcforum:

Emerson is expanding its Plantweb™ digital ecosystem with today’s launch of DeltaV version 14, a cybersecurity-certified control system designed to deliver new value in capital projects and make plant operations more connected and productive. The latest release provides significant innovations to the entire DeltaV architecture and was built with customers’ digital transformation initiatives in mind.

This major update to the DeltaV automation system includes several meaningful enhancements to eliminate costs and reduce complexity in capital projects, plus improve productivity during operations through enhanced access to production and equipment data, improved usability and greater security.

“More than ever, an integrated plant data environment is essential to achieve digital transformation. With DeltaV, we’re reducing the engineering effort required to securely connect plant, operational and information systems,” said Jamie Froedge, president of Process Systems and Solutions, Emerson Automation Solutions. “Our customers will have more capabilities in their distributed control and safety systems to help them successfully execute capital projects and optimize operations.”

Capital Project Flexibility

Continuing to advance the impact of DeltaV Electronic Marshalling with CHARMs on capital project engineering, CHARM I/O Block takes CHARMs—which achieved more than one million deployments at more than 1100 sites in only five years—closer to the field. Small enclosures with up to 12 CHARMs can now be installed closer to field devices, significantly reducing wiring and overall installation costs by as much as 60 percent and providing more engineering flexibility.

Smart Commissioning, launched in 2016, took one of most engineering intensive operations off a project’s critical path. Traditionally, commissioning has been a manual task that requires more than two hours per device for thousands of devices. Smart Commissioning reduced commissioning time to 25 minutes. Emerson is now expanding these capabilities and reducing device commissioning time to as little as 10 minutes, a nearly 93 percent reduction in costly commissioning time that could save several hundred-thousand dollars in engineering costs.

Mobility and User Experience

DeltaV Live Operator Interface is a modern, built-for-purpose operations experience that is easy to understand and modify. The HMI comes pre-engineered with the industry’s best practices for user experience including ISA 101.01 and is based on research with the Center for Operator Performance, a consortium of vendors and academia focused on human factors engineering. The HTML5 interface enables scalable graphics and gives operators the flexibility to adjust their displays to focus on process data that is most important for each situation. The new operator interface helps improve overall situational awareness and decision-making speed. Emerson is helping companies prepare for the shift to mobility with DeltaV Live by building a foundation for graphics to be transferrable across desktops, laptops, and mobile devices—all without additional engineering or custom scripting.

A Secure, Connected Plant

DeltaV will offer its users a new level of confidence and protection from cybersecurity threats by being one of the only systems to have a top-to-bottom cybersecurity certification. DeltaV v14 will be certified ISASecure SSA Level 1 by the International Society of Automation (ISA), signifying that Emerson developers are trained to write secure code and the system as a whole is hardened against cyber threats.

Emerson is making connecting a plant’s OT systems with IT systems seamless by expanding OPC UA access in its DeltaV hardware and software offerings. DeltaV is the pathway for most plant data and now using the IIoT’s most prevalent protocol, OPC UA, DeltaV applications and servers can securely share data to cloud analytics applications, remote monitoring solutions, and third-party technologies.

Emerson announced the first two additions of its new DeltaV system last year with the DeltaV PK Controller and DeltaV Mobile. The DeltaV PK Controller enables plants to control skids and applications typically managed by PLCs with a standalone DeltaV controller or connect into an integrated full-scale DCS automation architecture or the cloud via embedded OPC UA. The DeltaV Mobile platform that natively connects into DeltaV—securely and without additional engineering—to enable managers, engineers, operators and subject matter experts to monitor operations and have critical data and alarms at their fingertips, whenever and wherever they need it.

Emerson allies with AspenTech

Press release from ARC Forum:

AUSTIN, TX and BEDFORD, MASS., Feb. 12, 2018 – Emerson (NYSE: EMR) and AspenTech (NASDAQ: AZPN) announced today they have teamed up to deliver asset optimization software solutions along with global automation technologies and operational consulting services. Together, the two industry leaders will help customers optimize production and drive operational excellence.

AspenTech’s broad suite of asset optimization software creates value across all phases of the asset lifecycle – design, operate and maintain – in capital intensive and complex projects and operations, supporting Emerson’s Project Certainty and Operational Certainty initiatives. Emerson’s global footprint, automation engineering services and software, extensive large-scale project execution and consulting capabilities complement AspenTech’s technology footprint. Collectively, these capabilities can be deployed as solutions in both conventional and cloud-based architectures.

“Emerson and AspenTech are both highly focused on digital technologies and services that deliver measurable improvements and value to our customers’ bottom line,” says David N. Farr, chairman and CEO of Emerson. “Together, we are well positioned to help our customers navigate the best path in this era of digital transformation and achieve Top Quartile performance.” Top Quartile is defined as achieving operations and capital performance in the top 25 percent of peer companies.

The alliance will initially focus on three key areas: engineering software, including high-fidelity simulation to help validate project design and train operators before start-up; manufacturing and supply chain software, including advanced process control software designed for highly complex operations; and asset performance management software to improve plant reliability.

“Working with Emerson, we will help more organizations drive higher total shareholder returns with a relentless focus on operational excellence,” says Antonio Pietri, president and CEO of AspenTech. “We look forward to helping make the best companies even better by optimizing the design, operation and maintenance lifecycle with software and insight to run assets faster, safer, longer and greener.”

Together, the two companies will provide holistic optimization strategies that rely on real-time data, advanced analytics enabled by machine learning, and rich process knowledge to bring measurable business improvements in production, as well as in the areas of reliability, safety and energy management.

India’s Expanding Economy and Emerging Growth Opportunities

Insiderlogo3India’s expanding economy and emerging growth opportunities

By Rajabahadur V. Arcot,
Independent Industry Analyst / columnist and Automation Consultant with extensive experience in writing industry and technology trend articles, market research reports, case studies, white papers, and automation & manufacturing IT insights
rajabahadurav@gmail.com

India, with a growing economy, has been an important market for global automation supplier companies for the past couple of decades. Resulting from the growth dynamics that are in play in the country, the economic and industrial profiles of the country are undergoing changes. The transformations taking place will further enhance India’s importance for the global automation industry.  Until now, process industry control system suppliers mainly benefitted because of large investments that have been taking place in industries, such as electric power, oil and gas, cement, and steel. With the expected expansion of industries relating to construction & infrastructure development, electronics & semiconductors, and defense in the coming years, the future looks bright for discrete industry automation suppliers as well.

Influenced by global trends, even electric power industry, which presently accounts for a significantly large share of the control and instrumentation market in India, is at an inflexion point. Investments in fossil fired power plants are set to decline. According to industry sources, by 2030, almost 40 percent of the country’s total generating capacity is expected to come from renewable energy sources.  Renewable electricity generation, which presently stands close to 50 GW, is set to rise to 175 GW by the year 2022, with solar power contributing to almost 100 GW. This implies boost to the growth of industries relating to production of solar cells and modules, battery, invertors, and such others. The automotive industry’s plan to switch over to electric vehicles by 2030 will also provide additional impetus for the growth of the battery, charging stations, and other related industries.

After course corrections, India’s economy scales back

India’s economy, as it expands, keeps mutating and evolving with the State initiatives continuing to play a crucial role. Some of these initiatives are major course-corrections and hence have lingering negative impacts in the near-term. Examples of such initiatives are the recent measures to free the economy of the influence of unaccounted money through demonetization of high value currency notes and the introduction of more transparent and efficient Goods and Services Tax (GST). While both these measures are long-term positive for the Indian economy, their near-term impacts have been negative leading to growth slowdown in recent quarters.  The World Bank’s report – Global Economic Prospects – that was released few months after demonetization, foresees GDP growth to scale back. Also, it attributed the initial growth slowdown to the withdrawal of a large volume of currency in circulation and their subsequent replacement with new notes. While responding to questions on the slowdown in India’s growth, World Bank President Jim Yong Kim called the recent slowdown in India’s economic growth as an “aberration” caused by temporary disruptions due to the introduction of GST. He further said that GST will have a positive impact on the Indian economy.

According to the newly released data, India’s economic indicators have turned positive once again and point to economic revival.  The United Nations’ ‘World Economic Situation and Prospects 2018’ report, which states that India will clock a GDP growth rate of 7.2 percent in 2018 and 7.4 percent in 2019, reaffirms this optimism. According to the report, India, driven by robust private consumption, public investment, and government reforms, is set once again to emerge as the fastest growing economy in the world. Other reports are also positive about the country’s growth prospects. Indian economy is expected to witness a sharp recovery in the first quarter of 2018 and its GDP growth is likely to be around 7.5 per cent for 2018, says the recent Nomura report.

Transformations and Initiatives underway augur holistic and sustainable growth

Additional economic and industrial transformations are also underway and they are expected to spur the country’s economy further and contribute to accelerating growth and making the growth more holistic and sustainable. Until now, the service & informal sectors and domestic private consumption largely contributed to the country’s economic growth. The manufacturing sector’s contribution was mainly related to meeting the essential needs of a nascent economy, such as electric power, steel, and cement.  While subsequently it began to encompass industries, such as generic pharmaceuticals, petroleum refining, and automotive, the country continues to depend on large-scale imports to meet the ever-expanding needs for consumer durables, electronic goods, defense equipment, and such others. With imports exceeding exports, the country, already, finds it challenging in balancing its trade account and the deficit is unsustainable in the long run. This situation dictates the growth of a manufacturing industry that caters to the needs and wants of evolving consumers and the country.

The manufacturing industry presently contributes to only 15 percent of India’s GDP. Driven by the fact that the growth of the service industry and private consumption beyond a point can be sustained only when they are backed up by the growth of the manufacturing industry that is broad-based to meet the aspirational wants of consumers, India is making efforts to increase the role of manufacturing both for achieving sustainable economic growth and job creation. The ‘Make in India’ program aims to make the country a manufacturing hub and push the share of the manufacturing industry to 25 percent from the present 15 percent, and in the process create millions of jobs in 25 industry verticals that include electronics and electronic systems, defense equipment, and infrastructure, such as construction of roads & highways, ports and others.

Yet another feature of the Indian economy is that its growth until now has been domestically funded. With limited access to capital, the country had to prioritize its investment. As a consequence, enough funding was not available for the development of infrastructure, such as the construction of roads, highways, ports, cities and others. Wealth generation that the country has witnessed in the last couple of decades has contributed to increased domestic savings, tax collections, and growth of banking & other financial sectors.  In addition, India has become attractive for global institutional investors and has emerged as an attractive investment destination. Investment in physical assets, such as gold has been the traditional means of savings in the country. But that is changing.  More and more domestic savings are finding their way to the banking and financial sectors. This is helping the country to channelize funds for building the country’s infrastructure that include building smart cities, railway networks, highways, waterways, airports, industrial corridors, and such others.

For example, the government has approved plans to develop approximately 84,000 km of roads by 2022, the biggest highway construction plan so far in the country. Other projects that the country has embarked upon are the Smart Cities Mission and Sagarmala. Smart Cities Mission is an urban renewal and retrofitting program by the Government of India with a mission to develop 100 cities and make them citizen-friendly and sustainable with the help of technology. Sagarmala is a series of projects to leverage the country’s coastline and inland waterways to drive industrial development and encompasses modernization and enhancement of port infrastructure, improve port connectivity, create 14 coastal economic zones, and develop skills of fishermen and other coastal and island communities. India needs over $1.5 trillion in investments in the next 10 years to bridge infrastructure gap, said India’s Finance Minister Arun Jaitley recently.

India set to become destination of choice for automation companies

India, apart from working on these catch-up strategies as a latecomer to industrial development, is also focusing on making the country future-ready.  The Digital India program is a flagship program of the State with a vision to transform the country into a digitally empowered society and knowledge economy. It aims to make government services available to citizen electronically through online infrastructure and by making the country digitally empowered.  India has developed a 12 digit unique-identity number, called Aadhaar, based on their biometric and demographic data. With close to 1.1 billion enrolled members already, it is the world’s largest biometric ID system. The Indian State is slowly pushing people to use this biometric ID system as proof of their residence, for opening of bank accounts, for availing social security benefits, and such others. There is also a strong thrust to make people use digital payment systems and thereby wean them away from cash transactions. All these initiatives mean greater reliance on information technology and this will spur the growth of discrete industries, such as semiconductors & electronic systems, smart phones and other communication equipment & gadgets, smart sensors & actuators, and similar others. Perforce, defense is yet another industry which is expected to witness robust growth. Strategic compulsions dictate that India builds a more vibrant domestic information-technology hardware and defense industrial base.

The annual consumption of electronic hardware in India is expected to touch US$ 400 billion by the end of the decade. If the domestic industry’s growth does not accelerate, India may well have to depend on imports to the extent of US$300 billion annually. It is imperative for the electronic industry to robustly expand if India is to avoid the impending import nightmare that can push the country into a spiral of unsustainable imports. This would necessarily entail higher external debt / borrowings and this does not bode well for India’s economy in the long term. India is the fourth largest spender on defense. Due to geopolitical compulsions, India’s defense spending accounts for almost 1.8 percent of the country’s GDP and this is set to increase. Only about 35 percent of the required defense equipment is manufactured in India. If we take into account the import component of materials that go into domestic production, both at the system and sub-system levels, the overall import content may exceed 70 percent. There are clear indications that these hi-tech industries are growing.  Apple has announced its plans to make its iPhones in India, one of the fastest growing markets for smart phones. According to available reports, the company is taking the ‘Make in India’ route. According to the Lockheed Martin’s recent news release, the company has signed an agreement with India’s Tata Advanced Systems to produce F-16 fighter jets in India. The news release goes on to say that “this unmatched U.S.-Indian industry partnership directly supports India’s initiative to develop private aerospace and defense manufacturing capacity in India.” The company is eyeing orders worth billions of dollars from the Indian Air Force. Few months ago Dassault Aviation laid the foundation stone for the Dassault Reliance Aerospace Limited’s manufacturing facility in India. Dassault Aviation is investing over 100 million euros in this a joint venture project to manufacture aircraft components as part of the ‘offset obligation’ connected to the purchase of 36 Rafale fighter jets from France.

With all these exciting developments taking place in India, the country is emerging as a destination of choice for automation suppliers. The party has begun.

This article first appeared in the December 2017 Industrial Automation and Process Control INSIDER. If you liked this type of content, you should consider subscribing to the only magazine in the automation field that is not advertiser supported. Visit http://www.spitzerandboyes.com/insider to subscribe.

 

Extreme Badness from Malware and Design Flaws Impact Industry

Insiderlogo3First, there’s the Triton Exploit

In 2004, Triconex safety expert Robert Adamski told me, “I’m going to share my nightmare with you.” He proceeded to talk about, not a safety issue, but a cyber security issue. He predicted that it would be possible to penetrate a control system and enter the safety instrumented system, the SIS, which is designed to safely shut down a plant in the event of a failure in the process. He explained exactly how his hacker, “Let’s call him Ali al Qaeda,” would be able to do that, and he dared me to tell him it couldn’t happen.

 

Ever since then, I have been talking about Bob Adamski’s nightmare, and nobody has ever been able to tell me it couldn’t happen.

 

The best they could do was to assert, pretty baldly, that it was highly unlikely, that it would require great resources, and would not happen because it would potentially cause extreme damage. Neither Adamski, who passed away a few years ago, nor I ever believed much in that argument, and we’ve been waiting for Bob’s nightmare to come true.

 

Well, now it has. Not quite as badly as Adamski feared, and no plant was destroyed. But an attacker targeted an SIS system, and caused it to shut down the plant.

The best description of what happened, and what the malware can do is in a blog by Heather MacKenzie of Nozomi Networks. You can read the entire blog here. She makes some important points.

 

“The attack reprogrammed a facility’s Safety Instrumented System (SIS) controllers, causing them to enter a failed state, and resulting in an automatic shutdown of the industrial process,” MacKenzie wrote. 

 

The attack is bold and notable,” she said, “because it is the first known industrial control system (ICS) attack that has targeted and impacted not just an ICS, but SIS equipment. Also, the type of SIS attacked is widely used and is commissioned in a consistent way across many industries.”

 

She then makes an important point. “The SIS system that was attacked was a Schneider Electric Triconex Safety Instrumented System (hence the malware moniker “TRITON”, also known as “TRISIS”.)  However, the malware was not designed specifically for Triconex, it was designed because the target organization was using Triconex(emphasis added).”

 

What MacKenzie, and Nozomi Networks’ partner, Fireye, which discovered the exploit, says is that FireEye is moderately confident that the attacker inadvertently shutdown operations while developing the ability to cause physical damage. You can read their reasons for coming to this conclusion, and many other important details about the attack, in the FireEye blog post on TRITON.

 

MacKenzie notes, “ It is the first known malware targeting SIS, and only the fifth malware known to specifically target ICS (after Stuxnet, Havex / Dragonfly, Blackenergy2, and Industroyer / CrashOverride).”

 

It is likely that if the target enterprise had been using another SIS system, the exploit would have targeted that one instead of the Triconex system.

 

Now that the exploit has demonstrated that SIS systems as a class are penetrable and vulnerable, we can expect to see more attacks.

 

“Cassandras” like Joe Weiss, myself, Eric Byres (of Tofino fame) and others have been pointing out for a decade that there is a thought gap between data security, which most cyber security systems are based on, and process safety. You cannot have a secure system unless it is a safe system. You cannot have a safe system unless it is a secure system. We can no longer ignore this fact or Bob Adamski’s nightmare will become all too real.

 

Intel, AMD, and Other Processors Vulnerable

 

If the Triton Exploit weren’t enough, the entire computing world was rocked in December  and early January by the revelation that processors by Intel, ARM, AMD, and even Qualcomm (one of the largest manufacturers of mobile device processors) are vulnerable to a series of vulnerabilities, like Spectre and Meltdown, which leave them open to attack.

 

How this impacts the automation industry is obvious. Since the major automation vendors abandoned making their own chips, almost forty years ago, chipsets by Intel, ARM, AMD and others have been used in everything from sensors to controllers, to the computers that DCS and SCADA systems run on. The computers that serve as cloud servers are not immune either.

 

A report from CNET describes the issue: “Researchers found two major weaknesses in processors that could let attackers read sensitive information that should never leave the CPU, or central processing unit. In both cases, attackers could see data that the processor temporarily makes available outside of the chip.

Here’s why that happens: To make computer processes run faster, a chip will essentially guess what information the computer needs to perform its next function. That’s called speculative execution. As the chip guesses, that sensitive information is momentarily easier to access.”

 

Spectre and Meltdown (which targets cloud servers) can be used on systems that are not patched to prevent it, to permit unauthorized entry into the system. Now, it is in the industrial space that systems will potentially NOT be patched.

 

This is because in many cases, the system cannot be shut down to patch it, or the system is running on an archaic processor. There are thousands of Windows XP systems running in the industrial environment. There are instances of even Windows 3.11 and DOS systems running processes yet today. These systems cannot be patched.

 

Intel and the others state that the flaw has existed for at least twenty years, so all those archaic systems are vulnerable.

 

CNET reports, “Researchers, chipmakers and computer companies all say there are no known examples of hackers using these weaknesses to attack a computer. However, now that the details of the design flaws and how to exploit them are publicly available, the chances of hackers using them are much higher.”

As the Triton Exploit and others have proven, hackers up to and including nation states, have been trying to penetrate Industrial Control Systems for at least a decade and a half already. This just gives them another avenue to exploit. And as the ICS malware exploits we have already seen show, it is not all that difficult to attack a control system that is not adequately defended.

 

Operating system manufacturers like Apple and Microsoft are scrambling to patch their systems so that the exploits cannot be used. But the fact that it exists in nearly all processors means that it will be hanging over us for a long time.

In the meantime, be wary of phishing and other means of achieving entry into your control systems. Be afraid. Be very afraid.

This first appeared in the December 2017 INSIDER. If you like this kind of reporting and analysis, please consider becoming an INSIDER subscriber. Visit http://www.spitzerandboyes.com/insider for more information.

 

Consolidating Distribution

Insiderlogo3The Ongoing Consolidation Trend in Distribution
E+H Appoints TriNova in Upstate New York and New England

When your editor first began working as a sales engineer in the automation industry, distribution in North America was defined by the Dodge marketing territories.

These were county-by-county (later modified to be zipcode-based) distribution and representation maps, published by the F. W. Dodge Company. Every automation company representation contract used these territories. There was the “Northern California Territory” for example, which included the counties of Western Nevada, but not Clark County (home of Las Vegas and the military bases).

These territories were most often “exclusive” meaning that only one company had distribution rights in that territory for those products.

These territories have become more and more irrelevant. There are several reasons for this.

First, the economics of the small, family-operated, one- or two- person rep firm, or distribution company decayed. It now costs approximately $500 to make a single sales call. The traditional “eight calls a day” sales methodology simply stopped working.

Second, the generational shift left many second- or third- generation rep/distributor owners looking for exit strategies because they didn’t really want to work in the family business, or couldn’t make a living at it any longer.

Third, the better capitalized rep and distributor firms started expansion plans that focused on either buying a small rep or distributor in a new territory or simply bypassing existing distribution and starting up an entirely new enterprise, and soliciting crossover from their existing principals.
Endress+Hauser has been working with this level of consolidation since the early 2000s. At one point, they even purchased a representative firm which was in financial distress, and kept it running. Now, they’ve done it again, in New England and Upstate New York.

Fourth, the explosion of electronic commerce has made other options than buying from a local rep or distributor possible.

TriNova Inc. is a long-time representative and business partner of Endress+Hauser, and is 50 years old as a company. The company is the automation supplier’s Sales Representative and Authorized Service Provider in the southeast and has now expanded its operations in New England and Upstate New York from new offices in Ballston Spa, NY.

The two companies have spent the last three months preparing for a smooth transition by staffing the new office and training personnel. Teams have been established and are ready to provide customers in the new territory dedicated support and services in all markets and industries.

“We are pleased to have the opportunity to expand our partnership with TriNova in the New England and Upstate New York region,” said Chris English, Vice President of Sales, Endress+Hauser.

And, just as this issue is going to press, E+H announced that they were partnering with their rep and service provider in Oklahoma, Vector Controls to put together a consortium to work in the oil field industry, with partnerships with Angus Measurement Services, TechnipFMC and its Authorized Service Provider, Vector Controls. The automation companies will collaborate to bring added value to the oil and gas industry, assisting customers with transition to the digital oilfield. The partnership alignment between the automation companies is to inform and better prepare the oil and gas industry and customers for Industry 4.0. The oil and gas industry has played a pivotal role in the economic transformation of the world. Today the industry can set new parameters and direction through digitalization.

If you liked this content, there’s much more where it came from. This story was originally published in the December 2017 Industrial Automation and Process Control INSIDER. You can subscribe by visiting http://www.spitzerandboyes.com/insider.