Bridging the Plant-to-Enterprise Security Gap
Seamless and secure connectivity between isolated operations and processes throughout the entire value chain has long been a goal for manufacturers. But the technical and cultural gaps between the industrial automation technology and information technology have acted as stumbling blocks to achieving the benefits of a smooth and secure connection between the factory and the office.
Rockwell Automation and Cisco have developed a roadmap for enterprise and automation solutions to help manufacturers improve business performance through a successful collaboration on products, services and educational resources. These industry leaders are working together to help manufacturers to converge their network infrastructure and help integrate their technical and business systems. Companies able to tap the information available through a fully “connected enterprise” will be able to execute real-time operational-performance benchmarking, virtual simulation and design, and energy management.
Security is the linchpin enabling a connected enterprise. A connected enterprise requires a deep security strategy, where security is both ingrained into the plant and business infrastructure, and evolves over time. It is not a bolt-on solution. Manufacturers that properly secure their infrastructure will be able to take advantage of the promise and benefits of the connected enterprise – including the cloud, wireless, mobile devices, and other new technologies. Kevin Zaba, vice president and general manager of the Control and Visualization Business at Rockwell Automation and Maciej Kranz, vice president and general manager of the Connected Industries Group at Cisco Systems explain in today’s RSTechED™ presentation – security is the inflection point for manufacturers seeking to leverage these new disruptive technologies.
The security vision outlined by Rockwell Automation and Cisco enables manufacturers to create and implement a security environment that reaches all the way down to the level of the individual device, whether it is a sensor on the plant floor or a smartphone in an operator’s hand. This vision contrasts with the more common approach of securing the plant- and enterprise-level systems with completely separate policies and programs.
More manufacturers are coming to realize their intellectual property exists not only at the enterprise level, but also in the data developed and contained on the plant floor. This makes a broader site wide and enterprise wide view of information security a necessity. As an example, with the typical manufacturing enterprise operating numerous plants in a variety of countries around the globe, intellectual property in the form of process, recipe and product specification data can be exposed tens of thousands of times daily. Contributing to the level of exposure is the proliferation of mobile devices allowing employees worldwide to access company records and other sensitive data.
Similarly, the explosion of data contained at the plant level – in production servers, controllers, instruments and workstations – warrants a high level of security in order to ensure that product and process information remains adequately protected. The commonly accepted notion that the controller was the central point of information on the plant floor has been eclipsed as a greater variety of powerful devices make up the automation environment in today’s manufacturing facilities. In a connected enterprise, much of this operational data can be accessed via smartphones and other devices – in effect, allowing this information to move in and out of the machine zone.
The Rockwell Automation/Cisco view is that manufacturers can reap the benefits of this approach by specifying that all devices utilize the common networking technologies of Ethernet and TCP/IP, the most important networking technologies in use globally today. EtherNet/IP™, a leading open industrial Ethernet network, is designed to connect across systems and subsystems, from the end customer’s plant- or site-IT infrastructure to the instrumentation level on the plant floor.
EtherNet/IP uses the same Ethernet and TCP/IP protocol suite that is used for information technology applications, providing the performance, resiliency and security of traditional fieldbus solutions.
The challenge facing today’s manufacturers, as Zaba and Kranz point out, is for plant or site managers and operational staff to become both more educated about the need for an enterprise wide security environment and procedures, and to understand security as an evolving and ongoing investment, not a one-off event.
To this end, Rockwell Automation and Cisco are also partnering with Panduit to establish a joint educational forum, the Industrial IP Advantage resource center. The online resource center will serve as a go-to website offering technical documentation and certification programs that support the application of industrial networking and technology in the manufacturing enterprise.
RSTechED is a trademark of Rockwell Automation Inc.
EtherNet/IP is a trademark of ODVA.
-------------------------------------------------------------------------------------
Industrial IP Advantage - Learn More
Industrial Security Best Practices
Protecting Critical Infrastructure and Cyber Assets in Municipal Water Systems - White Paper