The line is blurring between information technology (IT) and operational technology (OT). As more industrial robotics equipment is connected to the industrial internet of things (IIoT), the vulnerabilities increase. Among the many devices being added to networks are robotic machines. That’s raising red flags for some experts. And it has many people worried. What are the risks associated with connecting an army of robots? It’s the stuff of science fiction.
Industrial Robotics Cyber Security Concerns on the Rise
The World Robotics Report 2016 gives us some insight into the scope of global automation growth: “The number of industrial robotics deployed worldwide will increase to around 2.6 million units by 2019.” It says that the strongest growth figures are for Central and Eastern Europe. The report cites China as the market for growth, and says that North America is on the path to success. “The USA is currently the fourth largest single market for industrial robots in the world,” according to the report.
TechCrunch contributor Matthew Rendall says “Industrial robotics will replace manufacturing jobs — and that’s a good thing”. He writes that the “productivity growth” behind 85% of job losses is all about machines replacing humans. Luddite and famous poet Lord Byron would not have been pleased. But Rendall is not bothered. He says that “more is getting done” by industrial robotics that are safer and more reliable than human beings. And he believes that this robotics revolution will be beneficial to workers and society in the long run.
All this rush to automation might be the best thing since jelly doughnuts. But one question could make all the difference between abysmal failure and glorious success: Can we keep them secure?
Challenge in Industrial Robotics Cyber Security
We probably don’t need to worry about robots taking over the world any time soon. (Let’s hope, anyway.) What concerns security experts is that our computer-based friends can be hacked. Wired Magazine reports how one group of researchers was able to sabotage an industrial robotics arm without even touching the code. That’s especially worrying when you think that most industrial robotics have a single arm and nothing else. These devices are made to make precise movements. Hackers can change all that.
German designer Clemens Weisshaar addressed the issue in a form at Vienna Design Week in 2014. “Taking robots online is as dangerous as anything you can put on the web,” he said. In a video from the forum, Weisshaar talked about how even his company’s robot demonstration in London had been hacked within 24 hours. They even tried to drive his robots into the ground. “If everything is on the internet,” he said, “then everything is vulnerable to attack.”
Industrial robotics cyber security challenges are only one part of what many are calling Industry 4.0. It’s a trending concept — especially in Germany — and it’s another way of referring to the Fourth Industrial Revolution. To understand what this is about, we should first reach back in the dim recesses of our minds to what we learned in history class in school.
The Industrial Revolution, as it was originally called, took place in the 18th and 19th centuries. It started in Great Britain and involved the harnessing of steam and tremendous advances in production methods – the 1st. Next came the 2nd roughly from 1870 until World War I in the USA. This involved the use of electricity to develop mass production processes. Th 3rd brought us into the digital age. Part four is upon us now.
A video from Deloitte University Press introduces us to the Fourth Industrial Revolution — Industry 4.0. It gives a good summary of the four “revolutions”, and it talks about some of the new technologies that now define our age:
- Internet of Things (IoT)
- Machine Learning
- Augmented Reality
- Mobile and Edge Computing
- 3D Printing
- Big Data Processing
“These technologies,” says the narrator, “will enable the construction of new solutions to some of the oldest and toughest challenges manufacturers face in growing and operating their business.” They also make up the environment in which hackers flourish.
Industrial Robots Cyber Security Challenges for IoT
In this space we have already discussed the security vulnerabilities of IoT devices. We told you how white hat hackers proved that they could commandeer a Jeep Cherokee remotely by rewriting the firmware on an embedded chip. Imagine what hackers with more sinister motives might be planning for the millions of robotic devices taking over the manufacturing shop floor — supposing they are all connected.
Some researchers tackled the issue in a study called “Hacking Robots Before Skynet”. (You will remember from your science fiction watching that Skynet is the global network that linked robots and other computerized devices in the Terminator movie franchise.) The authors had a lot to say about the current state of cybersecurity in the industrial robotics industry. We can borrow directly from the paper’s table of contents to list what they call “Cybersecurity Problems in Today’s Robots”:
- Insecure communications
- Authentication issues
- Missing authorization
- Weak cryptography
- Privacy issues
- Weak default configuration
- Vulnerable Open Source Industrial Robotics cyber security Frameworks and Libraries
Each of these topics could probably merit a full article on its own. The researchers explained further: “We’re already experiencing some of the consequences of substantial cybersecurity problems with Internet of Things (IoT) devices that are impacting the Internet, companies and commerce, and individual consumers alike, Cybersecurity problems for industrial robotics could have a much greater impact.”
What might that impact be? Well, to start with, robots have moving parts. They tell how a robot security guard knocked over a child at a shopping mall. A robot cannon killed nine soldiers and injured 14 in 2007. And robotic surgery has been linked to 144 deaths. It’s not Skynet yet, but connecting robots has its risks.
How we communicate with machines and how they communicate with each other are matters that require significant attention. Arlen Nipper of Cirrus Link Solutions talks about MQTT, which is a protocol for machine-to-machine (M2M) messaging. Manufacturing designers and operators send instructions to one-armed industrial robotics, who work in a variety of industries from automotive to aerospace to agriculture to packing and logistics. All this talking back-and-forth with industrial robotics cyber security has to be regulated. NIST’s Guide to Industrial Control Systems (ICS) Security has a few references to robots. But maybe not enough.
Industrial IoT predictive maintenance is expected to generate the large scope of B2B transactions that require data analysis. Indeed, IIoT is on such a growth pattern many of the billions of connected things in the coming years will be industrial assets, which will be deployed in settings like factories, agricultural, oil refineries and energy plants.
According to McKinsey the Industrial Internet has the potential to deliver up to $11.1 trillion on an annual basis by 2025 and 70% of this is likely to concern industrial and business-to-business solutions i.e. the Industrial IoT is expected to be worth more than twice the value of the consumer internet.
The Industrial IoT is at the heart of the fourth industrial revolution (Industry 4.0), which is driven by the interconnection of all industrial assets and the ability to collect and analyze data from them. In the scope of the Industrial IoT, assets are cyber-physical systems, which enable the control of physical devices through their cyber representations and the processing of digital data about them.
The applications of cyber-physical systems span a very broad range, including production control, process optimization, asset management, integration of new technologies (such as 3D printing & additive manufacturing), as well as various industrial automation tasks. Nevertheless, the most prominent application is the ability to continually monitor, predict and anticipate the status of assets, with emphasis on industrial IoT predictive maintenance using predictions about when a piece of equipment should be maintained or repaired.
Industrial IoT Predictive Maintenance Key to Industry 4.0
Maintenance and Repair Operations (MROs) are at the heart of industrial operations, as they involve repairing mechanical, electrical, plumbing, or other devices as a means of ensuring the continuity of operations. Nowadays, the majority of MRO operations are carried out on the basis of a preventive maintenance paradigm, which aims at replacing components, parts or other pieces of equipment, prior to their damage that could catastrophic consequences such as low production quality and cease of operations for a considerable amount of time. However, in most cases preventive maintenance fails to lead to the best usage of equipment (i.e. optimal Operating Equipment Efficiency (OEE)), as it maintenance is typically scheduled earlier than actually required.
In industrial IoT predictive maintenance (PdM) alleviates the limitations of preventive approaches. PdM is based on predictions about the future state of assets, with particular emphasis on anticipating the time when an asset will fail in order to appropriately schedule its maintenance.
PdM is empowered by models that estimate when the cost of maintenance becomes (statistically) lower that the cost that is associated with the risk of equipment failure.
Based on an optimal scheduling of maintenance, PdM leads to improved OEE, enhanced employee productivity, increased production quality, reduced equipment downtime, as well as a safer environment where failures are anticipated and repairs proactively planned. McKinsey & Co. estimates that the economic savings of predictive maintenance could total from $240 to $630 billion in 2025.
Nevertheless, there are still many industries that dispose with preventive maintenance, since they have no easy way to integrate and analyze data sets from thousands of heterogeneous sensors that are typically available in their plant floors. As a result only a fraction (i.e. 1% according to McKinsey & Co) of the available data is used, which is a serious setback to unlocking the potential of predictive maintenance applications, such as maintenance as a service, on-line calculation of OEE risk, maintenance driven production schedules and more.
The advent of Industrial IoT predictive maintenance is gradually unlocking the potential of PdM technologies facilitate the collection and integration of data from thousands of different sensors, while at the same time providing the means for unifying the semantics of the diverse data sets. Furthermore, IoT analytics technologies (notably predictive analytics) facilitate the processing of IoT data streams with very high ingestion rates based on machine learning and statistical processing techniques that can predict the future condition of components and equipment.
In several cases, IoT data are processed by Artificial Intelligence based techniques such as deep learning, in order to identify hidden patterns about the degradation of assets. Deep learning techniques are capable of leveraging (multimedia) data from multiple maintenance modalities such as vibration sensing, oil analysis, thermal imaging, acoustic sensors and more. Moreover, advanced deployments of industrial IoT predictive maintenance are not limited to deriving predictions about the future state of assets. Rather, they are able to close the loop down to the plant floor, through for example changing configurations in production schedules, altering the operational rates of machines or even driving automation functions.
Rise of Industrial IoT Predictive Maintenance Products and Services
PdM is looming as one of the killer applications for the Industrial IoT, which is evident not only on its potential savings but also on the rise of relevant IoT-based products and services. Most vendors have been recently releasing IoT-based solutions for PdM. In addition to empowering data collection and analytics, vendors are striving to enhance their products with added-value functionalities that help them stand out in the market. For example:
- IBM predictive maintenance solution is able to perform root cause analysis in a holistic way, including predictions about where, when and why asset failures occur.
- Software AG’s solution for industrial IoT predictive maintenance integrates with ERP and human resources systems to automatically plan the optimal allocation of tasks to technicians.
- SAP integrates predictive maintenance information with business information (e.g., CRM and ERP systems) and enterprise asset management (EAM) systems. To this end, it benefits from its strong presence and installed base in the ERP market.
- Microsoft offers PdM solutions over its Azure IoT suite in a way that offers preconfigured solutions (templates) for monitoring assets and analyzing their usage in real-time.
Recently, the DataRPM platform has been also established by a consortium of different vendors and manufacturers. DataPRM claims ability to deliver Cognitive Predictive Maintenance (CPdM) for Industrial IoT, based on the use of Artificial Intelligence for automating predictions of asset failures and closing the loop to ERP, CRM, and other business information systems.
Other major players in industrial engineering and automation, such as SIEMENS and BOSCH are offering their own platforms, while all major IT consulting enterprises have relevant services in their portfolio. Nevertheless, it is indicative of the market momentum of PdM and its positioning as one of the most prominent applications in the growing Industrial IoT predictive maintenance market.