Internet Security Details in the Machine Building World

Today's Machine Builder Has a Powerful Role to Play in Protecting the Customer Networks to Which It Connects

By Jim Montague

1 of 3 < 1 | 2 | 3 View on one page

Just as the Florida Keys now are linked to the mainland by a causeway, formerly isolated islands of machines and production lines are being drawn into widespread automation and enterprise networks. This archipelago helps coordinate operations, optimize performance, improve efficiency and aids profitable decision-making. However, as users of IT, business and process control networks have learned, more-inclusive access creates more risks and requires more and better security.

Up to now, machine security has sought mostly to protect remote, dial-in monitoring, diagnostics and troubleshooting applications, but these solutions are rapidly becoming more complex and closely integrated, especially as end-user networks expand.

Secure the Support

SHL Automation in Bottingen, Germany, has been building polishing, grinding, deburring and brushing machines since 1989, and integrating them with robots and other production systems to produce turnkey solutions that include training and service (Figure 1).

"For 25 years, we've taken our customers' parts and developed plans to perform what they need, and this often means using secure, remote access," says Thomas Koch, SHL's executive sales vice president. "We typically use TeamViewer IP-based support software for remote access, but we can also work via customers' virtual private networks (VPNs) that are segmented and firewalled. This gives us a direct connection from SHL to their sites and equipment over a separate network, which is more secure because our users decide when to allow us to access their noncorporate networks. For example, a user will establish a TeamViewer account and username, and then give us a password and permission when needed."

To address internal as well as external security, CNC machine builder Okuma America in Charlotte, North Carolina, reports it recently developed and launched its OSP Virus Protection System (OSP-VPS) as a factory or field option on its OSP machine controllers. OSP-VPS embeds a virus-scanning application programming interface (VSAPI) from Trend Micro on Okuma's controls to prevent infection by viruses from networks or USB flash drives.

Okuma reports that OSP-VPS provides reliability, maintainability, safety and usability. First, before a virus pattern file is distributed and search engines are updated, operations are verified in advance by Okuma to prevent CNC software-detection errors. Next, the system issues an alarm when a virus is detected, and operators can check the corrective actions taken on a display screen. Third, virus scans are performed after completion of automatic and MDI operations to prevent slowing of screen responses due to scheduled virus scans. Finally, pattern files and search engine updates can be done either manually via the operator's PC or automatically via the Internet. Also, an option to update through the operator's PC or USB memory can be used for machines that aren't connected to a LAN or those on a closed LAN.
 
Basic Protections

Also Read: Industrial IT Takes Some Trust When The Internet is Not a Guaranteed Safe Place

1 of 3 < 1 | 2 | 3 View on one page
Show Comments
Hide Comments

Join the discussion

We welcome your thoughtful comments.
All comments will display your user name.

Want to participate in the discussion?

Register for free

Log in for complete access.

Comments

No one has commented on this page yet.

RSS feed for comments on this page | RSS feed for all comments