2017 IIoT Prediction Series, Part 5: Major Public Utility Company Closes Doors
As 2017 kicks into full gear and a particularly interesting 2016 fades into the rearview mirror, we took a look around the IIoT landscape to see what this year might potentially have in store. Today, we wrap up the 2017 series – let us know what you think! On Tuesday, we started our predictions by looking at the potential development of Fog Computing at the Edge and its impact on cybersecurity. Wednesday, we predicted that the rise of IIoT applications will outpace consumer IoT apps. Thursday, we wrote about the challenge facing IIoT businesses as the workforce ages and new skills are needed for the ongoing IT/OT Convergence factor. On Friday, we predicted that the growth of smart cities infrastructure would force a connectivity standard for the IIoT industry. A Public Utility Closure in 2017 The maturation of interoperability standards and evolution of remote data collection technologies are forcing critical infrastructure and utility organizations to adapt at a new pace, in light of aging infrastructure and high percentages of the workforce that are nearing retirement. Existing management continues to struggle to match the IT and operations resources needed to build a comprehensive, integrated portfolio of applications that must work together to support the organization’s goals. The prediction A public utility company will close its doors in 2017 due to challenges surrounding the adoption and implementation of modern IoT technologies. There are numerous forces that support the prediction. Here’s our take on the big ones: Are you Taking Advantage of Fog Computing at the Edge? According to analysts, utility organizations are becoming more comfortable hosting critical infrastructure data and applications in the Cloud. But, in an effort to further optimize processes and shorten response times, utilities need to explore ways to host applications at the device/sensor level (i.e., the Edge otherwise known as Fog Computing). A decentralized network architecture that brings computing power closer to where data is generated and acted upon enables utilities to analyze, control and automate closer to the “Things” in the Industrial Internet of Things. In electric power, for example, where even milliseconds are vital, certain processes can move away from the Cloud and closer to the Edge. In an industry where cloud computing presents its own sets of challenges, can utilities go one step farther to look at new ways to optimize the “things” at the edge? IT-OT Convergence Presents Plenty of Challenges With identifiable business benefits and rapidly developing technologies that are closing the IT/OT divide, there are functional and operational differences between IT and OT groups that exist and complicate integration or convergence. IT and OT groups typically have fundamentally different charters, focus and personnel within their respective organizations. The challenges to IT/OT convergence are not the sensors, hardware, software or technology, but how each group perceives each project or opportunity and in turn, the solutions, which are skewed by their respective domains. In order for IT/OT convergence to be successful, communication is essential and in turn, there needs to be a clear understanding of each group’s roles – something we see utility organizations struggle with mightily, especially as an aging workforce butts heads with the next generation of digital-centric employees. However, the careful selection of technology for IIoT or industrial applications can help drive the convergence of IT/OT systems. For example, in electric utilities, the rollout of Advanced Metering Infrastructure (AMI) and Distribution Automation (DA) networks is truly an OT application. The source of the data will fuel IT/OT convergence because it is the data analytics applications such as outage detection, fault management, prepay and others that bring value to the Smart Grid. If utilities can proactively take a systems level view of its infrastructure and integrate legacy systems with modern IT systems, the convergence of IT/OT groups may prove less strenuous. Cyber-threats to the Utility Utilities are at the forefront of the Industrial IoT with complex and comprehensive networks for advanced metering infrastructure, energy management, distribution management and substation automation. The estimated growth in IIoT applications for utilities and energy industries will increase to more than 1.5 billion devices by 2020. This explosive growth in networks, smart sensors and devices, and automated systems requires utilities to address, implement and monitor the security of their data networks because these are the networks providing command and control of critical infrastructure that is the Smart Gird. As technology has evolved, so has the intelligence and sophistication of cyber terrorists and their tactics. If utilities do not build a comprehensive security layer, especially across its internet-connected systems, there is little faith they’d be able to combat against such tactics as Denial of Service and Intrusion – the two top threats according to the Federal Communications Commission (FCC). If utilities don’t invest in hardened/proven networking and communications equipment, network access control programs, data encryption strategies, advanced monitoring technology and explore various other tactics for limiting exposure to harmful cybersecurity threats, they may be forced out of business anyways. Today, it is not a matter of “if” a cyber-attack is going to take place, but when. We hope you are ready. All in All We hope this prediction is one that doesn’t come to light in 2017, especially with all the direct investments being made in our critical infrastructure projects across the nation. However, a competitive organization is both agile and proactive in meeting market demands – something utilities need to learn from as business continues. That does it for our list of 2017 IIoT predictions – hope you enjoyed and please be sure to send your questions and comments below!
IoT Emerge Recap
IoT Emerge bounced on the scenes of Chicago this week. Yes, aside from the long awaited World Series win, an IoT conference was happening in this windy, action-packed town. The conference boasted two days of keynotes, technical sessions, workshops, live demonstrations, hands-on training and plenty of opportunities for networking with industry peers. The IoT Emerge mission is to continue to educate and promote cross-industry functions with a focus in Industrial IoT, smart cities and IoT engineering. Below, we’ve highlighted the best moments from the week. IoT Emerge: What have we learned? Back in 2011, research firm Gartner said the Worlds of IT and Operational Technology Are Converging. We believe IT/OT convergence is a critical concept: it promotes a single view of an enterprise’s information and employs process management tools to help ensure that every person, machine, sensor, switch, device, etc. in an organization has accurate information in the best format and at the right time. We learned optimizing the business process is vitally important. Decisions will be made in real time with higher levels of confidence because more information will be available regarding the event or condition. For example, load shed or curtailment events will be based on energy availability (IT sources) and demand throughout the distribution network (OT sources). Event management in an IT/OT converged networkwill execute as a closed loop process by targeting a feeder or substation, issuing curtailment signals to customers under that substation or feeder. This gauges real-time response and repeats as required to achieve the target reduction time. What other insights did we gain from IoT Emerge? Myths about IoT Engineering: The Industrial Internet of Things (IIoT) is not ready to support predictive analytics With commentary from Eddie Garcia @freewavetech | Published on @ElectronicDesgn “When most people think about the IIoT, they think of machine-to-machine communications (mostly supported by RF technology) that have dominated the industrial sector for years. However, the convergence of IT and OT practices have seen intelligence moved closer to the access layer than ever before. New communication platforms have improved to the point where big data transport can come directly from the sensors at the edge (OT) all the way to the servers in the back office (IT). The industrial sector is closer than it’s ever been to supporting the future of data collection, transport, and aggregation, ultimately resulting in the huge data sets necessary to support predictive analytics at the IT/OT level.” IoT Emerge and Up-Close and Personal IoT Experience By @JKerns10 | Published on @MachineDesign “As IoT applications and case studies start piling up, some companies still wonder where the Industrial Internet of Things (IIoT) fits in their production lines. There’s lots of information on the internet about the IIoT, such as how IIoT worked in one application or how much a company could save by using a specific IIoT product. While examples and case studies offer ideas on how IIoT might fit your production line, having a chance to talk to experts directly about your applications and concerns can help ease concerns.” IoT Emerge: Looking ahead to the future By @IoTEmerge | Published on @cote_se IoT Emerge a chance to shed light on the possible digital future. Smart cities and Industrial IoT top the watch list. Along with the conference buzz, conference organizer Penton Publishing also launched the IoT Institute aimed at educating the growing IoT world. Color your IoT World By @IoTEmerge Coloring is not just for the kiddos. IoT Emerge worked with local Chicago artist Rawfa to create a wall sized coloring book. Conference goers got to take a break from the IoT information overload and color to their harts content. Industry thought leaders did an excellent job representing the broad range of emerging IoT applications this year, and as we move steadily toward the close of 2016, it’s clear that we can expect some exciting and innovative technology applications in the not-too-distant future.
IIoT Top News: Machine Learning
Machine-to-machine (M2M) learning is an integral apart of the expanding world of Industrial IoT. Over the past few months we have given attention to manufacturing and its current digital disruption, but have failed to show the direct impact smart M2M and IoT technology is having on the industry. So, this week we are diving deeper into the term machine learning and how it connects to manufacturing both today and in the future. Before we get to our news round up let’s start by re-defining M2M, to ensure we are all on the same page with its purpose and meaning. Gartner has defined machine-2-machine communications as “something used for automated data transmission and measurement between mechanical or electronic devices.” Now, that we have defined M2M, its time to check out our top news round up for the week on how M2M applies to both manufacturing and IoT. 10 ways machine learning is revolutionizing manufacturing Machine learning is poised to improve manufacturing by streamlining the process of OT and IT, thus increasing efficiency and lowering overall operation costs. Louis Columbus at Forbes believes that “Every manufacturer has the potential to integrate machine learning into their operations and become more competitive by gaining predictive insights into production.” IoT will recharge Machine Manufacturers Manufacturing can look to software companies as an example of how IoT can implement creating a smarter M2M network. Timothy Chou with CFO.com writes, “Today, manufacturers of machines — whether seed drills, chillers, or CT scanners — can leverage the path paved by the software product companies through three new business models: service and support; assisted services and machine-as-a-service.” Climbing the IoT Mountain–by adding M2M to manufacturing Manufacturing is only at the beginning of its ascent into IoT and M2M, so there are many more bumps and obstacles a long the way for the industry to fully integrate. Ronnie Garrett with Supply & Demand Chain Executive describes IoT and M2M manufacturing implementation as, “Standing at the foot of Mount Everest, ready to climb the world’s tallest mountain. You know you want to get to the top but you aren’t really sure how you will get there or what obstacles you’ll encounter along the way.” Cybersecurity is manufacturing’s biggest risk factor Manufacturing needs to continue to add M2M automation and big data analytics to the shop floor, but a threat to the overall industry is manifesting itself in the cybersecurity world. Ian Wright with Engineering.com informs writes, “A new report from BDO indicates that 92 percent of manufacturers cited cybersecurity concerns in their SEC disclosures this year. According to BDO, this represents a 44 percent increase compared to the first Manufacturing Risk Factor report in 2013.” As we wrap up our top news for the week, we realize the need to fully implement advanced machine learning across the manufacturing world will take more than a simple flick of the wrist. With that said, we leave you with a cautionary tale of when automation goes wrong. It was recently discovered an airport in India had an sign translated with automation software which read, “eating carpet strictly prohibited” — of course this was not the translation they had meant to display. Regardless, as we move towards a fully integrated M2M world, we will have to adjust our equations depending our our intended outcome, much like the world is finding with the love/hate of language automation. Hope you have enjoyed this week’s top news, as always tell us your thoughts on M2M and how it might impact your world!
Announcing the 2016 IIoT Bold Prediction Series!
The year 2015 is soon coming to an end as the year 2016 looks to be ushering in exciting new ways in which the Internet of Things (IoT) is changing our way of life. It’s easy to see these transformations taking shape on the consumer side (home automation, smart appliances, connected cars, personal computers, smart devices, etc.), but what will 2016 hold for the Industrial IoT (IIoT) space? (Note: Go here for a quick rundown on the difference between consumer IoT and industrial IoT) 2016 IIoT Bold Prediction Series As stated in our introductory blog post (Are We All on the Same Industrial IoT WaveLength?), we at FreeWave Technologies are thrilled for the future of the IIoT and what it means for the entire business ecosystem. That is why we are excited to present the “connected world” community with a bold prediction in IIoT each day this week – aptly named the 2016 IIoT Bold Prediction Series! We of course encourage everyone to contribute your perspectives and experiences – whether in response to our predictions or a submission of your own – to help advance the dialogue around the emergence of the industrial internet. Our first bold prediction in the series comes from Glenn Longley, Regional Manager of Energy Markets at FreeWave: Prediction #1: Major Security Breach of Industrial SCADA System Brings New Focus to IoT According to Longley, “There will be a major security breach of an industrial SCADA system in 2016, which will drive industrial organizations to shift more of a focus on IoT and newer, more secure communication systems.” If you may not already know, cyber attacks against supervisory control and data acquisition (SCADA) systems are not new. In fact, Homeland Security Magazinereported earlier this year that “Cyber attacks against industrial targets—including power plants, factories and refineries—increased 100 percent in the past year, according to a new study conducted by computer technology company Dell.” Additionally, IT World Canada reported on a new InfoSec survey by the SANS Institute in 2015 where, “Both the degree of uncertainty and the rising number of known incidents are red flags calling for the dedication of greater resources to monitoring, detecting and analyzing anomalous activity in control system networks.” The survey also found that only 65 percent said vendor qualification of security technologies and solutions to be either highly important or mandatory. So with a proliferation of new cyber attacks seemingly happening more frequently, Longley explains how this widespread issue will impact IoT adoption in industrial businesses in the coming years: “Each company is different in how it handles the influx of IoT and the resulting IT/ OT convergence. With the merging/blending of Information Technology (IT) and Operations Technology (OT), the firewall that separates the two becomes more complicated and less well-defined. Traditionally, each was a separate entity; however, with IP-enabled devices and blending of technologies in enterprise networks, that dividing line becomes less clear. IT and OT professionals themselves might put a different emphasis on security, but in 2016, the two will need to come together (more than ever before) to prioritize security in their quest to create end points for all of their field assets. Therefore, security will ultimately be the limiting factor on how much IIoT is deployed.”
IT Security Dynamics and the Industrial IoT
The quest to understand production and operational factors, distribute this information to business systems and people within an organization, and directly improve business processes and profitability as a result is not new. In fact, it has been embraced by companies for decades. This collection of operational information for use in information or business systems is known as IT/OT convergence. Getting IT and OT systems to work together to maximize business efficiency — while avoiding negative consequences, risks and pitfalls in the process — is a tall task. However, thanks to new technologies, this process is becoming more practical and is creating the opportunities for huge economic benefits when these two disciplines are successfully integrated. But, how does this convergence affect the security paradigm in large, geographically dispersed enterprises? Let’s Talk Security Traditionally, companies have a corporate firewall that divides the corporate IT space from OT space. With an Internet of Things (IoT) communications network, there is a need to protect the sensors and new applications on the OT side. However, even if there is a secure communication link, if the individual devices that are connected on the OT side become compromised and the threat has access to that communication link, a hacker can push malicious data, cause denial of service (DoS), or introduce malware or viruses to the entire network. There are many of ways to run into problems on the IoT front if companies are not careful in their network design security implementation. On the IT side, corporate network security typically sees many threats. Those threats require significant attention, and consequently IT organizations have numerous options and tools to use, such as intrusion detection, log monitoring, network behavior monitoring, network inspections, whitelisting, firewalls, and more. The IT space has a much different attack surface than OT because with an IT network, the company can physically secure the building and control where the data goes in and out. Data escaping the building is relatively small in comparison to the OT space. WiFi that is leaking outside the building could be a vulnerability, but there are tools and ways to lock down that type of threat, and checkpoints where the IT department can analyze the traffic going through the network. In IT, bandwidth is plentiful and the network overhead associated with security is generally not a major factor. Considering Industrial IoT Networks IIoT networks, on the other hand, can span many miles with potentially hundreds of thousands of data points. An IIoT network likely consists of small embedded devices with long lifespans, making it very efficient. However, they are generally not like the Windows operating system, which is consistently conducting massive updates. Some embedded technologies don’t allow any updates, making it essential to carefully select the best devices for a network. Having thousands of these edge devices is where organizations will begin to see IT/OT convergence – many more points in the field where threats could be coming into the IT network. Industrial organizations today are creating a connected infrastructure with IP-enabled sensors or IP/IIoT-enabled Access Gateways. The data generated by sensors at an asset location can be valuable to more than just the central control system. This might mean M2M communication with sensors talking directly to each other. It may mean that multiple systems consume the live, real-time sensor data directly from the field. It may even mean that operators connect their sensors directly to the cloud or other back office systems. If there is a way to share critical data while addressing security issues that can help provide information to key data users, then that information becomes increasingly valuable. Security Through Obscurity is Not a Solution IIoT solutions often utilize the widely deployed security technologies from the Internet to avoid the custom, one-off solutions of past industrial security, when it was used at all. IP technology makes it easier to deploy and talk to sensors, but it also makes it easier for intruders to see and snoop on valuable data streams. Security through obscurity is not a solution. There are many common attack vectors for industrial devices that become even more relevant when considering the IIoT infrastructures and fully networked, geographically dispersed projects.
Today’s IIoT Security Challenges
For decades, Supervisory Control and Data Acquisition (SCADA) systems have played a significant role in industrial operations. Industries like oil and gas, electric power/smart grid, agriculture and utilities have implemented SCADA systems and networks to collect data and automate processes, and are always looking to automation systems for more effective ways to operate. The ability to collect more data from geographically dispersed field assets in remote locations has driven the need for enhanced communication technologies. With the emergence of continuously improving wireless machine-to-machine (M2M) technologies, networks have more access to data points than ever before. The number of sensors and data points collected will continue to rise dramatically with improved connectivity. This collected data helps operators improve operational decisions, save manpower and, in many instances, keep employees safe by avoiding dangerous environments. Today, industrial network operators are increasingly implementing end-to-end Internet Protocol (IP) connectivity or the Internet of Things (IoT), enabling more capabilities at the edge of these networks. This does not make SCADA systems obsolete by any means; it opens the door to greater possibilities of enabling new applications and analytics with every single data point being captured in the system. So What’s the Security Tradeoff? There are many implications for the concept of a completely connected enterprise in terms of network security. Critical infrastructure projects are only as reliable and secure as the technology serving them. Security, therefore, will ultimately be the limiting factor on how much IoT technology is deployed. With security, the traditional trade-off is either “easy to use” or “secure”— but not both. We often consider a third tradeoff as well of features, though in most cases, operators are not willing to trade off features, but it is certainly part of the equation. An operator striving for an Industrial IoT (IIoT) network must look at SCADA security, the convergence of Operations Technology (OT) and Information Technology (IT), and make a thorough assessment of what will allow them to achieve a secure data communications network. Some of the top security challenges for the IIoT today include: With more data being transported than ever before, it’s important not only to secure assets, but to secure the communication link itself. Traditionally, SCADA systems have been on the outside of a firewall from the corporate IT network. Newer SCADA systems that use Ethernet devices are more security focused with measures such as VPN, secure sockets, encryption and dedicated log-ins on the devices. One Final Thought There are many benefits to the concept of a completely connected IoT system, but this also implies more crossover between IT and OT systems. Companies need to prioritize security in their quest to create end points for all of their field assets. Some industries, like the smart grid, are already experiencing mandates that ensure a more cyber-secure network. With others, however, it is still up to the organization to make security a top priority.