Interrupted manufacturing in the age of PCs and software

Manufacturing in America Summit sheds light on how machine automation and cybersecurity concerns are affecting the way we bring product to market.

By Mike Bacidore, editor in chief

Pardon this interruption, but it’s necessary.

“Doing the same old things in manufacturing just won't work any more. It has to be interrupted, or we'll be interrupted,” said Raj Batra, president of Digital Factory for Siemens USA, addressing the Automotive Manufacturing Summit at Manufacturing in America 2016. The March event, attended by more than 2,000 people at Detroit’s Ford Field, was presented by Siemens and Electro-Matic.

Batra spoke of an automated future, in which machines optimize machines, and the products themselves tell the machines what to do and how to produce them.

“We serve a diversified set of global interests,” continued Batra. “We are one of the largest manufacturers in the world with more than 300 plants globally. We have a plant that makes PLCs. We use PLCs to make PLCs. This plant generates 12 defects per million.”

With more than a quarter of U.S. employees eligible for retirement, Batra foresees continued growth in the implementation of technology and automation to compensate for that coming exodus. “I'm pretty optimistic that U.S. manufacturing is pretty resilient right now,” he said. “But our manufacturing infrastructure is aging. It’s about 35 years old with 1980s technology at best. The cell-phone technology you hold in your hand right now is far more advanced than the technology we're using in manufacturing.”

Batra believes simulation and virtualization will play an important role in design and production going forward. “You want to be able to simulate it and virtualize it to run it,” he explained. “If you're controlling the design of a product, you're controlling the manufacturability of the product.”

WANT MORE? Check out the machine builder's guide to remote monitoring

For a long time, people thought manufacturing jobs were dirty, dark, dangerous and declining, said Mike Molnar, leader of the Advanced Manufacturing Program Office at the National Institute of Standards and Technology, who also presented. “Manufacturing is where two-thirds of engineers and scientists work,” he explained. “If we lost the manufacturing sector, this ecosystem stumbles. Technology and standards are enabling everything. People talk about the valley of death from the lab to the market. The National Network for Manufacturing Innovation (NNMI) is an investment to create space and de-risk manufacturing.”

Molnar is the director of NNMI, which links the various manufacturing innovation institutes, where industry, academia and government partners leverage resources, collaborate and invest in manufacturing innovation to accelerate commercialization. The strategic plan of the NNMI Program and a link to the first annual report are available at www.controldesign.com/nnmiplan.

Manufacturing contributes $2.2 trillion to the U.S. economy and employs more than 12 million U.S. workers, explained Gregg Sherrill, CEO of Tenneco and chairman of the National Association of Manufacturers (NAM), who also spoke at the summit.

 

 

Greg Sherrill Board HiRes

Gregg Sherrill, NAM

Tenneco is an $8.2 billion global manufacturing company with 30,000 employees and 90 manufacturing facilities on six continents. “Sometimes it's like herding cats,” said Sherrill. “We're faced with enormous changes. The way technology has changed our plants over the past 40 years is tremendous, and it's not linear. Sometimes you feel like it's difficult to keep up. This so-called Internet of Things is a big thing today. The ultimate Internet of Thing is the autonomous car. But there's a lot around cybersecurity and issues we already face. It's about to become even more of a challenge.”

Security in the industrial controls environment is a necessity, said Mike Bastian, chief engineer, global controls manager, at Ford Powertrain. “You need to have the security in the controls environment.”

Bastian was charged with standardizing automation solutions and specifying requirements to control systems. He shared the insights of his organization’s transformation at the Automotive Manufacturing Summit.

“People believe there's an air gap between the plant and IT environments,” he said. “In reality, the gap between IT and industrial controls is closing. In 2014, we were getting into situations where our auditing functions at Ford would identify and raise infractions on our control systems by using our IT policies. They were looking into PCs. At any given plant we're talking 400-500 computers in the manufacturing space. IT policies on virus protection and recovery programs weren't followed by these manufacturing PCs.”

And no one was assuming responsibility or being held accountable for the issues. “The controls engineers weren't owning the problem. IT wasn't owning the problem. Procurement wasn't owning the problem,” explained Bastian. “At the end of the day, it's part of the control system. Now, it's part of our controls strategy going forward.”

Machines optimize machines, and the products themselves tell the machines what to do and how to produce them.

What type of IT policy applies to industrial control systems? “Some of the policies make a lot of sense and do apply,” said Bastian. “In IT, they use CIA prioritization—confidentiality, integrity and then availability. In industrial controls, it’s reversed. Availability is the top priority.”

Bastian and his team recognized seven areas to be addressed on the manufacturing PCs and other industrial devices. “This year we will be deploying an industrial controls security standard,” he explained. “We're taking a risk-based approach.” The seven areas addressed in the standard include the following:

    • disaster recovery—if that asset crashes, you have to be able to recover it quickly
    • change control—as a discipline, you have to have a process for software and hardware changes
    • line of sight—Ford doesn't allow external access to internal networks
    • virus and malware protection—Ford has seen production losses associated with viruses popping up
    • access controls—there are thousands of passwords in the Ford system; who's managing those?
    • end of life
    • technology management—you have to have standards and a plan.

“We've moved the needle in terms of deploying Industry 4.0 devices,” said Bastian. “In 2010, we created a lot of standards that pushed us in the right direction. We've got a very solid Industry 4.0 infrastructure that we've deployed, but we've got to keep it protected.”

In 2014, Bastian and his team embarked on a journey to first determine what PCs it had in its plants. “We asked the plants to fill out an inventory sheet,” he explained. “We had to be prescriptive on the data sets that we wanted back from the plants. What we got back initially was all different.”

One of biggest problems the project unearthed was the churn on the PC operating systems. “We have DOS. We have Windows NT. We have OS/2. How do you manage the change and churn with all of these different operating systems?” asked Bastian.

“Once we had the data compiled, then we could act on it,” he explained. “We started combing through it. We needed to boil it down to risk, so we classified every PC with a level of risk, and we classified whether it was production risk. It took a year to do it.”

The next step was to create a plan for each computer. “Thousands and thousands and thousands of PCs,” Bastian explained. “It took every bit of two years to get where we are.”

Senior leadership then asked why all of the computers were needed. “First we had to agree on what an asset is,” said Bastian. “We decided it was anything we deploy with intelligence in the industrial environment. It took us months to get through those discussions. We have been deploying isolated networks, which prevents external access and allows us to control virus propagation. And we're also addressing remediation and obsolescence.”

 

Homepage image courtesy of Geerati at FreeDigitalPhotos.net

Show Comments
Hide Comments

Join the discussion

We welcome your thoughtful comments.
All comments will display your user name.

Want to participate in the discussion?

Register for free

Log in for complete access.

Comments

  • Cybersecurity is a process that takes time, and far to often it is not looked at within control systems as a value producer. It is technically a value protector more than value added within a manufacturing plant. However, the loss of critical machinery can impact more than lost manufacturing time, especially if the security flaws create situations that cause physical damage to the manufacturing processes. It appears that more companies are becoming aware of this importance every day. Great Article

    Reply

RSS feed for comments on this page | RSS feed for all comments