IIoT: Choose the right tools for the job

Know your security, speed, and data access needs as you work to connect your plant.

By Bob McIlvride, Skkynet Cloud Systems

1 of 2 < 1 | 2 View on one page

The American poet Carl Sandburg wrote, “They will go far and see much, and they will never be any good for sitting with the sitters and knitting with the knitters.” As true today as it was almost 100 years ago, those who sit tight and stick to their knitting rarely accomplish much. Right now in the world of manufacturing and industry, a new horizon is opening up: the industrial internet of things (IIoT). Are you curious? Do you want to go far and see how much you can do with it, or will you just sit back and knit?

Even from a distance, the benefits of the IIoT are visible. Plant Services contributing editor Sheila Kennedy highlighted many of them in August in her article Yes, IIoT can drive operational improvements. Put briefly, the IIoT offers a number of ways to optimize your system performance by providing data-driven insights into your processes. Among other things, you can see how well your assets are performing, implement predictive maintenance, simplify logistics, coordinate procurement, and drive down resource costs.

OK, you may say, that all sounds fine. Suppose I am interested. How will it work? Can the IIoT fit with my current system? How much will all of this cost? What about security? And supposing I do want to build IIoT connectivity and capabilities in my plant, how should I get started? Should our company try this on our own, or should we seek expert outside guidance or assistance?

Who builds it?

Taking the last question first, building your own system from scratch may not be the best way, according to those who have tried it. A recent Machina Research survey, "Lessons Learned from Early Adopters of the IoT," shows that most early adopters in the IoT space who took a do-it-yourself approach found the task to be more complicated to implement than they had expected. “When asked about primary concerns around IoT, adopters have some insight that nonadopters just don’t yet have,” the report's authors wrote. “Adopters point to ‘complexity of the IoT solution’ as the largest concern around IoT, a concern that nonadopters have yet to consider fully.”

On the other hand, if you do decide to bring in an expert, you'll have to decide who is most qualified for the job. In her blog post "The IIoT Integrators Are Coming", Stephanie Neil at AutomationWorld claims that control system integrators are not gearing up for the IIoT quickly enough and that SIs from the IT world are stepping in to fill the gap. They are more than happy to bring their experience implementing IoT for IT applications to the OT world. Naturally, some OT system integrators see things quite differently. They point out that it is easier for an OT company to add IoT to its portfolio than for an IoT company operating in the IT space to learn industrial process control. Jeff Miller of Avid Solutions wrote a blog post titled "We Are Ready for IIoT" to make the case that control system integrators are gearing up for the task.

The right tool for the job

Whomever you choose, an in-house team or a system integrator, you can save a lot of time and money by not reinventing the wheel. You can benefit by using tools, and you'll want to choose the right ones. Because the IIoT looks a lot like SCADA, some may be tempted to continue using the same tools. This can be a mistake, though, because industrial data communications software was not built for the open spaces of the Internet.

Take security, for example. The IIoT presents security challenges that industrial system designers never contemplated. First, there is the obvious need to eliminate the chance of attack from outside the perimeter. But there's also a need to protect the system and its data from inside as well. Using designed-for-IT approaches like Microsoft's RDP or a VPN may seem like the logical choice, but Microsoft Developer Clemens Vasters raises valid concerns in a paper titled "Internet of Things: Is VPN a False Friend?" Useful as they are for the purposes for which they were designed, RDPs and VPNs give each user the keys to the kingdom – access to applications and data far beyond what they might need or what you might want them to see. The 2014 attack on Target via a VPN shows how dangerous and costly that can be.

What is needed is a secure-by-design technology that does not rely on a VPN and keeps all firewall ports closed. This can be done by making outbound-only connections to a secure cloud service. This design exposes zero attack surface and makes your system invisible to hackers. At the same time, it allows for bidirectional data communication through reverse proxies, which corporate IT departments are increasingly recommending as a standard for ensuring the security of OT systems. Needless to say, developing this kind of technology from scratch is not a project for your average plant engineering team. Instead, you can get the most out of your team and keep costs down by using a tool designed for the job.

1 of 2 < 1 | 2 View on one page
Show Comments
Hide Comments

Join the discussion

We welcome your thoughtful comments.
All comments will display your user name.

Want to participate in the discussion?

Register for free

Log in for complete access.

Comments

No one has commented on this page yet.

RSS feed for comments on this page | RSS feed for all comments