Issue link: https://iconnect007.uberflip.com/i/1472190
JULY 2022 I SMT007 MAGAZINE 25 e reality is that in almost all factories there are many types of automation, from many ven- dors, with many versions of unprotected so- ware. is is further complicated by numer- ous instances of middleware; the OT network connection to the IT network has therefore become a critical security concern. In some cases, connection is not allowed at all, as fire- walls allow legitimate traffic to flow, which are emulated by viruses that may already be present in the OT network. Data breaches are a major concern as product data, traceability data, and electronic visibility and control are all some- how inevitably transferred to and from the OT network, oen using uncontrolled USB drives, middleware, or in-house developed soware. It is an absolute nightmare for IT teams, which cannot practicably be expected to be in control all the time. Become Solution-Oriented I wish I could describe a perfect and simple solution, such that manufacturing can avoid the cost, compromise, and burden of security measures that will imminently be required in manufacturing, but I cannot. e reality is that there is no easy answer. ere are some princi- ples that can and should be established as soon as possible to reduce the cost, risk, and impact from security breaches, or requirements for protection, which enable easier compliance and benefit the factory. ink back to the early days of traceability, where data collection and collation quickly became a major burden for the industry, with accuracy and usefulness of reporting, as well as long-term storage of data being quite a challenge. As technologies developed, native traceability data extraction mechanisms became normal with the IPC- 1782 traceability standard defining exactly what is needed and how to communicate requirements. e IPC-CFX standard securely extracts traceability data in a single standard language. is enables the use of traceability data for machine learning and active quality management, thus building value from contex- tualization of events in many ways, turning an everyday burden into an everyday benefit. Pre- paredness and utilization of the right technolo- gies and solutions turns situations around. Trying to bolt on a high-security regime on top of an existing shop-floor network, more reminiscent of the "wild west," is likely to invoke a life-changing experience. Instead, there are several things that can be consid- ered and prepared that will secure produc- tion, while at the same time modernizing and streamlining the operation for improved per- formance and quality, thus reducing costs and risks. Some things for immediate consider- ation are: Is the current exchange of data on the shop floor secure? • Is any of the data open and not encrypted end to end? • Is there any third-party middleware involved? • Are there one or more "translations" of machine data? If the answer to any of these questions is "yes," then consider the use of IPC-CFX (Connected Factory Exchange) which is already supported by an increasing list of machine vendors. Are the shop-floor solutions secure? • Are there home-grown solutions that cannot be modified or maintained? • Are there multiple solutions that share data through an automated or manual translation process between solutions? Preparedness and utilization of the right technologies and solutions turns situations around.