The Internet of Things (IoT) and other connected devices have been integral to the efficient operation of manufacturing lines for decades. Security of the production line was maintained by isolating equipment in what was known as the Purdue Methodology—air gapping the network to keep it out of reach from threat actors. But as digital supply chains required hyperconnectivity to enable data exchange and greater levels of automation, the air gap was bridged, and manufacturers became vulnerable. A new Purdue Method is needed.

Fortunately, the means to protect connected devices on the production line is available. The following article offers insights and best practices to help guide an IoT security strategy for manufacturers.

The use of IoT in manufacturing continues to accelerate and evolve, as do the threats that come with the convergence of OT and IT. Recently, NSA and CISA released an alert warning manufacturers of potential security vulnerabilities in their OT systems. The alert cited an increase in the number of threats to OT assets including ransomware, spear phishing attacks, and the modification of control logic parameters, among others.

The primary driver of the emerging threats to OT is the unification of OT devices and systems with IT and IoT, or as NSA describes it, the proliferation of “internet accessible operational technology.” This increase in the number of OT devices and systems that integrate with IT is the result of developments in technology, evolving features and capabilities, the movement of network access control vendors into OT, as well as mergers and acquisitions.

In this article, we look at some of the use cases for IoT in manufacturing, as well as the challenges and opportunities that manufacturers face at the intersection of OT/IT. But first, a couple of quick definitions.

https://youtube.com/watch?v=Ex1_s6bsYr8%3Ffeature%3Doembed

What is IoT in manufacturing?

IoT in manufacturing is the subset of the industrial internet of things (IIoT) specific to manufacturing applications. IIoT is the network of sensors and devices that connect to computer systems and industrial software applications.

While IIoT refers to industries such as retail, utilities, or transport, IoT in manufacturing specifically applies to the Internet-connected sensors and devices used to track and produce goods more efficiently.

Both IoT in manufacturing and IIoT are themselves part of the broader internet of things (IoT), which comprises all the internet connected devices and sensors across domains. When people talk about IoT in practice, however, they’re typically referring to the consumer applications—such as smart home devices—so we’ll stick to using the term IIoT for sake of clarity.

What is operational technology (OT)?

Operational technology (OT) consists of hardware and software components that monitor, control, and create changes in industrial equipment, devices, assets, processes, or events. OT technology systems may control industrial elements such as engines, conveyors, valves, or machines that are directly connected to the manufacturing process.

While OT systems were once commonly siloed from IT (or at least thought of as distinct from IT), the present trend is toward more integration of IT and OT systems. Three primary factors are driving this convergence of IT/OT:

  1. Increased reliance on/availability of remote operations and monitoring
  2. Outsourcing OT asset management and/or maintenance
  3. Decentralized workforces

The trend toward more unified OT/IT systems and greater IoT connectivity in manufacturing brings new capabilities and control for manufacturers, but also some risks. In the next section, we’ll explore some IoT in manufacturing use cases, benefits and challenges, as well as some of the ways manufacturers can mitigate these risks.

Use cases: IoT in Manufacturing

The digital transformation of the manufacturing industry is changing the way production environments and supply chains work by improving efficiencies, automating processes, and adding intelligence.

But challenges accompany these opportunities, and manufacturers will need a strategy if they are to successfully capitalize on these benefits without compromising security or efficiency. Before we look at some specific use cases, it’s important to consider some of the needs manufacturers will face as IT/OT continue to converge:

  • Visibility – Decisions about which OT devices and systems will be used are increasingly being made by multiple stakeholders in the supply chain. Manufacturers need visibility into all of these devices, as well as a system for asset discovery, classification, and segmentation for those with security vulnerabilities.
  • Compliance – IoT, IT, and OT compliance depends on navigating an increasingly complex system of regulations. Understanding which devices are governed by each specific set of standards can help manufacturers cultivate robust security and remain in compliance.
  • Efficiency – Aging devices put manufacturers at risk of losing efficiency as operating systems become obsolete or outdated. Recognizing which devices can still be secured can increase their longevity and avoid downtime.
  • Intellectual property – As the number of attacks on OT and IoT devices continues to increase, manufacturers are at increased risk for theft of intellectual property. Manufacturers need a strategy for identifying business-critical devices and flagging abnormal behavior in order to protect their most valuable assets.

Manufacturers already rely on IoT devices and connectivity to drive production, quality control, and machine utilization, and additional use cases continue to evolve as OT/IT merge. These include the rise of predictive maintenance, real-time monitoring, remote management, and the collection of consumer insights.

Predictive maintenance

With the aid of sensors and the increase in data from manufacturing equipment, companies can now detect and predict failure before it occurs. For example, an analytical model may find that a machine has a high probability of failing when it breaches a specific temperature threshold. With this information, the monitoring applications can alert the machine operators when the event occurs, and they can then promptly replace it before causing larger issues with production.

According to Fortune Business Insights, the global market for predictive maintenance is expected to grow at a CAGR of 29.8% through 2026. That makes predictive maintenance one of the most rapidly expanding aspects of IIOT technology.

Monitoring in real time

Anyone in the production process can have access to data in real-time, which means anticipating and rapidly responding to changes or incidents that may impact production. Ultimately, this kind of real-time monitoring helps prevent down time and speeds up production.

Remote management

IIoT connected devices and digitally controlled machinery allow for fully remote operation of a production line. Many businesses choose a hybrid approach, in which some parts of the production line are automated and/or remotely controlled, with others operated by humans. Remote management has become more prevalent now that workforces are becoming less centralized.

Supply chain asset management and tracking

IIoT devices can help businesses understand how different parts of the supply chain are operating by tracking and monitoring how both raw materials and finished products move through the different production and transportation processes. This can not only help understand the overall state of production, but also glean insights into areas that could be optimized or costs that could be reduced.

For example, a complex supply chain may receive raw materials from numerous different vendors. A backup in just one of these deliveries can cause a bottleneck in production and cause expensive delays. By tracking how all materials are moving through the organization, management can quickly understand exactly where the issue is and make necessary adjustments to resolve it before causing larger delays.

Digital twins

Digital twins are computer-modeled simulations of a physical object or process. For example, a 3-D model of a building is a digital twin of the actual facility. While traditionally used to plan the structure and characteristics of a physical manufactured product, a digital twin can be used in conjunction with IoT systems to map out the digital representation of a production line to test and simulate changes to the manufacturing processes. Digital twins can also be used to mirror processes and model diagnostics.

For example, a business may want to understand the effect of changing the speed of a specific process. Using a digital twin and data from IIoT sensors, it could rather run a computer simulation to understand the impact of the speed change on the rest of the production line.

Building and operational systems

Manufacturing environments include a variety of operational technologies and devices, including HVAC, surveillance, access control, and energy systems. IIoT systems can be added to these to monitor their status and even adjust them remotely.

By doing so, these operational technologies can become intertwined with the broader supply chain and digital models. For instance, the climate systems may have an effect on the quality of the production process and therefore that data can be combined with the machinery data to run predictive maintenance and other types of models that may otherwise be difficult without the environmental context.

Collecting consumer insights

Manufacturers can use connected tools to gather data on consumer usage and track demand patterns. As a result, business managers remain agile and able to adjust the product to stay ahead of these trends. This increased responsiveness allows even large companies to be nimble and maximize customer satisfaction.

Challenges to IIoT in manufacturing

The merging of OT and IT technologies, as well as the increased accessibility of IoT devices present manufacturers with opportunities to minimize disruptions, streamline production, remotely access and monitor data, and ultimately drive revenue. But there are other considerations that manufacturers must take into account if they are to fully realize all the potential that OT, IT, and IoT offer.

Security & threat protection

According to Gartner, 75% of all OT security solutions will be provided by multifunction platforms that integrate with IT by 2025. With the exponential growth of connected devices in manufacturing facilities, these IIoT devices create an expanded attack surface. Threat prevention will become even more important as more OT devices interface with IT.

The threat of attacks has far reaching implications for manufacturers: in addition to disrupting production processes, attacks can also impact revenue and—in the worst-case scenario—compromise employee safety on the manufacturing floor. The security of these devices is critical to maximize uptime and optimize manufacturing processes, particularly as many remain in service for years and may become more vulnerable to attacks as they age.

Asset management

Manufacturers have an increasingly large inventory of assets to discover, evaluate, classify, and manage. The proliferation of IoT-accessible OT devices will only increase as the number of decision-makers in the supply chain expands, remote management of facilities and processes becomes more prevalent, and workforces become less centralized. Knowing exactly which assets are vulnerable is critical for providing adequate security measures and for maintaining production processes.

Operational resilience

According to a recent Gartner Risk Management Survey, one of the most common risk priority areas identified by respondents is the need for improved operational resilience for OT systems. That means understanding risks, anticipating potential disruptions, and planning for business continuity in the event of an incident, attack, or other breakdown in the production process. As the number of internet accessible OT devices increases, planning for operational resilience will become more complex.

Regulatory compliance

The patchwork of regulations governing OT/IT/IOT devices can be particularly challenging for manufacturers, and this problem will only continue as more and more devices and processes are integrated into the IIOT. Being able to map each device or component to the correct regulations plays a critical role in maintaining security and meeting regulatory requirements.

Secure all your connected devices

Manufacturing companies are embracing the convergence of IT and OT in hopes of capitalizing on the benefits brought by internet accessible OT devices. These benefits include more control over production processes, access to real-time data from remote locations, the ability to decentralize their workforce, and improved efficiencies that drive revenue growth.

As more OT devices become IoT-compatible, and as OT and IT security protocols continue to merge, manufacturers should have a plan for discovering and assessing all of their connected devices, including those used throughout their supply chains.

Most importantly, these devices must be evaluated and secured against the growing threat of security breaches. Ordr Systems Control Engine (SCE) can enable visibility and security of all your connected manufacturing devices. Try a demo of Ordr to learn how to keep your manufacturing devices—and the data they collect and share—safe and secure.

Interested in Learning More?

Subscribe today to stay informed and get regular updates from Ordr Cloud

Ready to Get Started?

REQUEST A DEMO