Iran-Facility
Iran-Facility
Iran-Facility
Iran-Facility
Iran-Facility

Case Study: Startup and commissioning without the hassle or expense

July 6, 2016
Secure remote access for plant floor equipment.
About the author
Doug Putnam-Pite is director of software development at Owens Design in Fremont, California. Contact him at [email protected] or 510/580-0208.

Machine tool builders are under ever-increasing pressure to deliver robust production equipment with complex feature sets under shorter schedules and tighter budgets. After a new tool is delivered to a customer the expectations are for short commissioning schedules with quick resolutions to issues that are found during startup and initial operation.

The increasing complexity of new manufacturing equipment often requires multiple software and PLC developers to complete the project development within aggressive schedules. It is not feasible or desirable to send the entire development team to the customer site to resolve tool issues associated with commissioning a new tool.

Rather than bringing the development team to the customer’s site, we can now bring the customer’s site to the development team. This is accomplished with commercially available remote-access hardware and software tools. These tools allow the entire development team to be available to resolve issues in real time as they are discovered on the equipment at the customer’s site.

Network and security

Ten years ago, very few production tools had network connections, and, of those that did, even a smaller number were connected to a factory network or to the Internet. Fast-forward to 2016, and the world has changed dramatically. Nearly all major PLC and robot vendors provide Ethernet connections on their controllers. All of these controllers and hence the tools containing these controllers are connected to the factory network and to the world.

Also read: Hannover Messe showcases Industry 4.0 innovations

Machine builders need to be aware of the security risks of this network connectivity and need to ensure their tools are network-safe. As a builder, you do not want to ship a tool to your customer that’s going to pose network security risks when connected to the factory-floor network and the Internet.

Until a few years ago, factory-floor equipment wasn’t considered a risk to cyber-attack. This all changed dramatically in 2010 with the Stuxnet worm.

Stuxnet

The Stuxnet worm infected the uranium enrichment facility in Iran (Figure 1). Nearly a fifth of the nuclear centrifuges in the facility were compromised and destroyed. The Stuxnet worm was introduced to the plant IT network through an infected USB drive. It is suspected that this USB drive was brought into the facility by a contractor. The worm replicated itself across the plant’s Microsoft network looking for Siemens Step7 PLC software. Once the target PLC was found, the worm loaded its payload into the PLC modifying the behavior of the PLC code. The centrifuges were then spun up beyond their operating window and destroyed. While this is an extreme case, it isn’t the only known exploit of an industrial control system. The potential is there for any industrial control system on the Internet to be compromised by malicious software.

There are many other examples of cyber-attacks on manufacturing systems around the world. Attacks range from stealing information to stopping the plant-floor SCADA and PLC systems.

Search and destroy

Figure 1: When the Stuxnet worm was introduced into an Iranian uranium enrichment facility’s IT network through an infected USB drive, nearly a fifth of the nuclear centrifuges in the facility were compromised and destroyed.

Fortunately, as a tool builder, there are many steps you can take to secure your equipment before you ship your tool to your customer. These steps are not very difficult and can easily be accomplished before shipment with little cost to the tool builder.

PCs in equipment

It is becoming common to see industrial PCs as part of the control system in new equipment. PCs have many vulnerabilities with regard to computer security. Here is a short list of steps you can take to make sure your PC equipment is secured before shipment. These steps need to be taken at the tool builder’s facility before shipment in order to maximize their usefulness. Remember you are not only trying to protect your equipment, you also do not want to infect your customer’s plant with viruses that may be on the equipment that you ship.

Passwords: the PC should have at least one Windows user account that is not the administration account. This account should be protected by a password and require the user to enter the password when the PC is started.

Disabled ports

Figure 2: USB ports are typically disabled through the PC basic input/output system (BIOS). Ethernet ports can be disabled through the PC operating system.

USB and Ethernet ports: PCs come with multiple USB ports and Ethernet ports. Unused ports should be disabled to prevent malicious access. USB ports are typically disabled through the PC basic input/output system (BIOS). Ethernet ports can be disabled through the PC operating system (Figure 2).

Anti-virus software: load anti-virus (AV) software on your PC. Ask your customer if it has a preference for AV software in the facility. If not, there are many good free AV software packages available, such as Avast or Bitdefender. Before you ship the PC, run a full disk scan. You would be surprised to see how often a new PC arrives with virus issues. Once the equipment is installed in your customer’s facility, you can uninstall the AV you loaded at your facility and have the customer install its preferred AV software. 

It’s important to pay attention to AV software updates to ensure that tool performance is not affected during an AV software update.

Operating systems: as a tool builder, you should install up-to-date operating systems such as Windows 7 or Windows 10. If you are shipping tools with XP, you as a tool builder should seriously consider upgrading your product to use a newer version of the OS. Windows XP is no longer supported by Microsoft and has known security vulnerabilities that could leave your equipment open to attack. Load the latest OS patches before shipping your equipment, as Microsoft issues security updates on a regular basis.

PLCs in Equipment

If your equipment has a PLC, then you should make sure to take the following steps. Set a password in the PLC. You may want to do this to protect intellectual property if your customer does not own the source code. More importantly, you want to prevent unauthorized access to the PLC by an unauthorized individual or a malicious piece of software.

HTTP Web services are often available in PLCs to provide easy configuration of PLC hardware. These services can provide a backdoor to malicious software and should be either disabled or protected by passwords, as well.

If there are Telnet services available on the PLC and they are not required for operation of the equipment, these should also be disabled or protected by passwords.

Remote-access tools

There are a wide variety of remote-access tools available to the tool builder. The tools break down into two groups—tools that work with PCs and tools that do not require a PC.

PC-based tools: if the equipment you are building has a PC as part of the control system, then one of these tools may work well for you. This is just a short sampling of the tools that are available on the market. At Owens Design, we have used both LogMeIn and TeamViewer successfully with tools installed at our customer’s site.

LogMeIn used to have a free version, but now you have to pay for the software. There is a 30-day trial version available, so you can download this on your equipment and try it out before you ship your tool. More information is available at www.controldesign.com/logmein.

TeamViewer has both a free version and a paid version. The free version is meant for personal use. TeamViewer is supported on PCs, as well as most portable devices. The paid versions allow for remote access to 200 systems. More information is available at www.controldesign.com/teamviewer.

Remicus by the Peer Group is a newcomer to the field of remote-access tools. Remicus is designed specifically for the semiconductor industry, where security is a very high concern and remote access for vendors is often very difficult to obtain. 

PLC-based tools: if the equipment you are building has a PLC or other control subsystem with an Ethernet port, then one of these tools may work well for you. These remote-access devices include both a hardware component and a software component. Phoenix Contact, eWon, and Moxa provide just a short sampling of the tools that are available on the market (Figure 3). These hardware components have the extra advantage over a purely software solution in that these units typically have a built-in firewall, so you are protecting your equipment with its own firewall.

These devices are available with hardwired Ethernet ports and optionally with cellular connectivity. The cellular option comes in handy when your equipment is being installed on a new factory floor that may not have network wiring installed when your equipment arrives.

Hardwired firewall

Figure 3: These tools available on the market have the extra advantage over a purely software solution in that these units typically have a built-in firewall.

Preparing for remote access

Once you know that you are going to be providing remote access for your equipment after shipment, there are several steps that you need to take before shipment of your equipment. You need to select the remote access tools that you will use. These tools need to be installed on the equipment and tested before shipment. You will want to make sure your staff is well-trained on the usage of these tools and that the procedures for using these tools are well-documented. You don’t want to be in the position of debugging your remote-access tools when you should be debugging your customer’s tool.

Be sure to communicate with your end customer regarding the use of remote-access tools before your tool ships. You need to verify that remote access is permitted and who will be the main contact at the factory for remote access. You need to determine if there will be hardwired connections or Wi-Fi, or if you will need to provide cellular connectivity to your tool. There may also be special software requirements such as VPN software that is specified by the customer.

Remote-access sessions

Your equipment has shipped, you have made sure it is network-secure, and you have your remote-access tools installed and tested. What does a typical remote session look like once you are ready to access the tool? At Owens Design, we installed a tool in China and provided remote support for this tool for an extended timeframe.

Each day would start with an email, a phone call or a GoToMeeting to decide on the plan for the day, when we would start and who would be logging into the tool. To start a session we would contact the designated tool owner in China and then start our remote session. During the remote sessions, the tool owner would be asked to load parts into the tool, observe behavior and sometimes resolve mechanical issues. At the end of each day, the developers would send out emails describing what had been accomplished and suggestions for the next day’s tasks.

Conclusions

Remote tool access provides many benefits to both tool builders and end users. Tool problems can be resolved quickly by the experts who built the equipment. Travel costs to the tool builder are greatly reduced or eliminated, and the customer sees problems resolved in real time. Properly configured networked devices allow for safe remote access and minimize the risk of malicious software affecting tool or factory performance.