Whenever talk turns to the Industrial Internet of Things (IIoT), two topics typically take center stage. Those topics are security and availability.
It’s easy to see why the security topic arises since, in any IIoT structure, a large degree of device and system openness is required that runs counter to the historical design of such systems. Availability also looms large in IIoT discussions because immediate access to computing services, tools and data is inherent in any description of a usable IIoT system.
Jason Andersen, vice president of business line management at Stratus (a supplier of high availability hardware and software computing platforms), takes a somewhat contrarian approach to these discussions. His views here are especially interesting considering he represents a company that focuses on products designed to deliver high availability computing. Though he does not downplay the importance of IIoT security and availability, he argues that those factors should be positioned further down the IIoT adoption curve.
“Too often, operations and IT managers discount the infrastructure troubles right in front of them and [don't realize] that serviceability should be their top concern up front,” says Andersen.
Explaining the concept of serviceability as it applies to a company’s IIoT infrastructure, Andersen says that Stratus approaches the concept in two ways. “First, Stratus has designed specific functionality into hardware and software to self-monitor systems. If one system is in danger, the system allows for failover to a redundant server. Secondly, all the telemetry Stratus has from self-monitoring is broadcasted out to the service cloud. This is something we’re monitoring remotely at all times; if a component exhibits any abnormal behavior to suggest it might fail, we’re then prepared to take action.”
He cites two key reasons in support of his position about the core importance of serviceability:
- Legacy systems can be inherently unsafe and insecure and most industrial operators are running a patchwork of old desktop hardware and no-longer-supported software.
- Assets that are easy to service and manage remotely should be the priority as networks of automated and connected systems expand outward.
“Early adopters of IIoT focused on pilots for a specific use case to demonstrate its value, such as improving the efficiency of a particular area of production,” says Andersen. “But these pilots don’t become scalable and what’s missing is a broader understanding of how pieces of [a business’] systems fit into a unified blueprint for IIoT.”
Since Andersen’s first reason clearly points toward hardware and software replacement—something that many manufacturers are often reticent to do—I asked him to explain his recommendations on how businesses can best assess what should be updated first.
“The first step is to take a comprehensive inventory of the infrastructure already in place and make sure it’s as up to date as possible with the latest software and security patches,” says Andersen. “IT shops all have a set of standards on their quality and security, but it is not uncommon for an operation to still be entirely vulnerable to threats and failures just because of the infrastructure they have in place. If we compare it to a patient, this is first diagnosing them before treating them and eventually making them healthy. And this needs to be done everywhere from the central data center all the way out to the edge systems, which are particularly vulnerable.”
The next step, according to Andersen, is to “look to fix the problem and eventually make it healthy; this involves looking at the applications the infrastructure is already supporting and figuring out what can be migrated to virtualized servers. Stratus’ virtualization solutions are perfect for migrating servers and, in turn, consolidating infrastructure to reduce your operation’s footprint. It’s a good way to clean house, but is also the first step in getting on a right path for modernization.”
Though Andersen argues that serviceability takes the top spot when it comes to IIoT infrastructure, security and availability still figure prominently in his view of the critical steps required to ultimately realize the benefits of IIoT. He describes these critical steps as taking place around four points:
1. Modernizing Systems. “Truly minimizing vulnerabilities and getting away from a ‘set it and forget it’ mentality requires removing this equipment and updating infrastructure for connectivity, reliability and simplicity and layering on virtualization of OT systems,” Andersen says.
2. Connecting Devices. Legacy environments often consist of isolated system islands, but data feeds are the lifeblood of IIoT, making connectivity a core requirement, says Andersen. The key is to implement systems that support secure connectivity between industrial control systems and IT resources, including data warehouses, analytics engines and ERP systems.
“A dangerous approach a lot of operations take is in treating security as something you can just buy like you would Microsoft Word,” Andersen says. “It’s something that needs to be constantly adjusted and updated as you execute whatever designs and plans you’ve set forth. There are a lot of moving parts to installing secure connectivity, as controls still exist on their own network and I don’t see that changing, nor do I see a collapse occurring between the process layer and IT layer of the network. What I can say is that the ‘set it and forget it’ approach many operations choose to take—not updating systems, applying appropriate patches or installing updates at the edge— is never recommended.”
3. Achieving the Holy Grail of Real-time Analytics. Once your underlying systems are modernized and devices securely connected, the next major leap is making decisions in real time. Andersen suggests that a good example of this is driving intelligent supply chains that automatically optimize production based on a granular, up-to-the-second understanding of each link in the chain—from materials pricing to equipment dynamics to market conditions.
Achieving this “holy grail of real-time analytics”—regardless of company size—involves a combination of technology, culture and responsibilities, says Andersen. “Data doesn’t become insightful until someone sits down with it and evaluates it against a set of KPIs. It’s an evolutionary process that starts with having the right technology, then culturally making a shift to embrace data and analytics and finally determining who will be responsible for handling it. The data scientist role, the individual who owns that data, will become key to really understanding the data you collect. This is not a resource many manufacturers currently have; but data science expertise is growing and resources are becoming more accessible for operations of all sizes.”
4. Optimizing Operations. “With true connectivity, get serious about who owns, manages and polices this trove of information—IT or OT—and continually evaluate if you have the right skills to manage an optimized IIoT environment,” says Andersen.