Your Network – The foundation for any Industrial IoT Initiative
Industrie 4.0, or the Industrial IoT, offers great promise for manufacturers to optimize business operations. The key to any successful Industrial IoT project lies in the factory data. Without data, extracted from a myriad of sources, delivered to the right application, at the right time – little optimization can happen. There is a considerable amount of useful data trapped within plant floor equipment, which includes run-time, equipment condition, performance, and quality data. You need seamless access to this data to make better business decisions in your plant.
I recently saw a plant drawing where network switches were shown labeled as “Connection Boxes.” Since the most critical piece of optimizing any factory is data, and that data is transported and managed by the network, isn’t the network the most important part of any plant? Doesn’t it warrant more attention than a “Connection box” on a drawing, and likely in a purchase requisition? Perhaps all manufacturers don’t treat the network this way, but many still do. The network is the foundation of any plant, and it needs careful planning and attention to ensure I4.0 initiatives can succeed. Manufacturers need reliable, validated, scalable, secure factory networks so they can turn their focus on their most important task: making whatever they make more efficiently, at higher quality levels, and at lower costs.
I think I’ve established the importance of the network, so let me cover the key network characteristics essential for any Smart manufacturing initiative to succeed. Manufacturers need solutions to help aggregate, visualize, and analyze digital data from connected machines and equipment, and assure reliable, rapid and secure delivery of data to relevant applications. To do that, they need:
- Interoperability: Flattening of the industrial network to improve data sharing
- Simplicity: A simple network infrastructure, and ability to manage that network
- Intelligence: IoT data transformation via distributed intelligence from edge to cloud for timely action and relevant insight. Access actionable information vs. raw data.
- Network Automation: Plug and play network deployment to streamline processes and drive productivity
- Security: Visibility and control to reduce risk, protect IP and ensure production integrity
Interoperability is key. Manufacturers need to seamlessly pull data from anywhere in their facility. Industrial Ethernet and Time Sensitive Networking (TSN) can do just that. TSN on Industrial Ethernet allows you to converge plant networks into one, secure deterministic network for Industrial IoT. With TSN, Industrial IoT applications run over the same Ethernet infrastructure as time-critical Industrial Automation and Control communications. A standard from the IEEE 802 committee, TSN represents an evolution of the standard Ethernet networking capabilities to meet these new demands. With the OPC-UA protocol now running over TSN, it also becomes possible to have a standard and secure communication from sensor to cloud. TSN fills an important gap in standard networking, namely secure, guaranteed latency and delivery for critical traffic. Automation and Control applications require consistent delivery of data from sensors, to controllers, and actuators. TSN ensures that critical traffic is delivered in a timely manner, securing bandwidth and time in the network infrastructure for that purpose while supporting all other forms of traffic. To these industries, security is also critical. Because TSN is delivered over standard industrial Ethernet and guarantees network performance for critical communications, control networks can take advantage of best practices for security that have been developed into Ethernet for decades. TSN can eliminate network silos that block reachability to critical plant areas and can help you extract real-time data for analytics and business insights. TSN has achieved rapid adoption across the ecosystem of industrial automation vendors, and that ecosystem continues to grow.
Network simplicity is also essential. Choosing a single network infrastructure, capable of handling TSN, Ethernet IP, Profinet, and CCLink traffic can significantly simplify your installation, reduce maintenance expense, reduce downtime, and most importantly allow you the freedom to get your machine controls from any of the top worldwide automation vendors, and ensure they will all talk through the same, validated network hardware. You also want to manage that network infrastructure with tools that operations, and not just IT can understand. Make sure you have user-friendly tools that operations can use to troubleshoot network issue quickly, and thoroughly visualize and understand what is connected to what. Knowing for example, that an Allen Bradley PLC (with detailed Series, and firmware version information) is connected to Port 1, and a remote I/O block is connected to Port 2 can help speed system commissioning and troubleshooting. Does your network vendor offer published, scalable, validated design guides so you can quickly roll out new network deployments, and ensure the performance of your automation equipment? They should!
Intelligence within your network is also crucial for Industrial IoT. Manufacturers need to access information quickly, filter it on the fly, and present actionable data from your facility to better understand your processes and identify areas for improvement. Clipboards and spreadsheets be gone! Can your network support edge application deployment, that is running applications right on your network hardware to make more intelligent decisions, faster – closer to the data itself? One example might be running edge applications to ease the burden of connecting legacy technologies and protocols, versus adding the cost and complexity of gateways? Can you run statistical analysis on the data at the factory edge to reduce the bandwidth required upstream of your plant floor? Once you deploy these edge applications, make sure you have the tools to manage and implement them with confidence, at scale. Managing massive amounts of data can also quickly become a problem. You’ll need systems that can extract, compute, and move data to the right places at the right time.
Network automation is also critical as your network grows, and uptime becomes more and more important. Does your network, and the supporting tools have the capability for plug and play network deployment to speed system commissioning, and reduce downtime when a switch fails in the dark of night? Having systems in place that automatically set correct switch security settings, communication parameters, and switch settings are important as your network grows, and your attack surface along with it. Proper network settings are critical to meet Industrie 4.0 objectives. You’ve automated your factory, so look for network vendors who support automated network deployment.
Lastly, but critically important, security is paramount for manufacturers as the attacks of the past year have shown. As manufacturing networks grow, the attack surface or vectors for a malicious attack increase as well. Nearly 50% of manufacturers use six or more security vendors in their facilities. The multitude of products and vendors in manufacturing settings creates a confusing picture for security experts. The complexity speaks to the need for both IT and OT teams to narrow their focus on security threats—for example, using only those products than can address the most immediate concerns. Manufacturers should look to vendors who can implement comprehensive network security, and implement a defense-in-depth policy that includes simple protections for physical assets, such as blocking access to ports in unmanaged switches or using managed switches in their plant network infrastructure.
No single product, technology or methodology can fully secure industrial operations. Protecting critical manufacturing assets requires a holistic defense-in-depth security approach that uses multiple layers of defense (physical, procedural and electronic) to address different types of threats. Manufacturers need a network that can share data with security platforms, and third-party security products and work together to helps extract the identity of plant floor assets from operations tools deployed on the plant floor, and feed them to network and security platforms implemented in the process zone, manufacturing zone, and DMZ to provide pervasive security across the entire plant.
There is a massive pot of gold at the end of the Industrie 4.0 rainbow. Improved overall equipment effectiveness, lower costs, enhanced innovation and time to market are all there for the taking. The path to that destination is a lot clearer if you have a solid road or foundation to walk on. The network is that path, so make sure it has a lot more thought put into it than a “connection box.”
Be sure to stop by Cisco’s booth at Hannover Messe April 23-27, 2018 to discuss how a solid factory network foundation can Secure & Accelerate your Industrie 4.0 Journey. Hall 6.0 Stand G30.
 Cisco 2017 Midyear Cybersecurity Report
Originally the article was published in Controls magazine.
This article was written by Scot Wlodarczak. He joined Cisco in early 2016, where he now manages the industrial marketing team, focused in the manufacturing, oil & gas, and utilities space. He and his team are responsible for developing strategy and content for Cisco offers in the industrial space, specifically around helping these customers on their digital transformation journey, and bridging the gap between IT and operations.