Tag Archive for: Design

Posts

IIoTのための理想的なプロトコル – DHTPの開発

Industrial IoT(IIoT)の概念が普及して以来、人々はそれに対して理想のプロトコルを見つけようとしてきました。 結局、IIoTは新しいものです。「Internet of Things」 と同じように、インターネットを横切って走行するデータに関わっていることは明らかです。しかし、“Industrial”では、FTPやHTTPのような一般的インターネットプロトコルを超えるものが必要です。IIoTプロトコルとして最良の選択は、工業的要件とインターネット要件の両方を満たすよう設計されたものです。

Skkynetでは、DHTPというプロトコルを使用しています。—DHTP (DataHub Transfer Protocol) 20年前の創業以来, DataHub 技術は、リアルタイムにネットワークとインターネットを介して異種システムの接続に関わってきました。 90年代には、QNXリアルタイムオペレーティングシステムで実行されるプログラムとWindowsで実行されるInTouch HMI間でデータを交換する、Cascade Connectという製品を使用していました。 Cascade Connectは、DataHubの前駆体である2つのコネクタを使用しました。1つはQNX、もう1つはWindows上で実行されていました。 これらはそれぞれ、標準的な産業用プロトコルを使用して、それぞれのオペレーティングシステム上で動作するプログラムに接続され、ネットワークを介してTCPを使用して接続されました。 これらをTCPで接続するため使用したプロトコルは、現在、私たちがDHTPと呼んでいるものに進化しました。

オープンプロトコル

DHTPは当初からCogent APIにて公開されています。 その後のDataHub製品のCascade DataHubやGammaスクリプト言語、Cascade Historianなどは、Cogent APIを通じてアクセスが可能になりました。DataHub製品がOPC DataHub、そしてCogent DataHubへと発展するにつれて、より多くのコマンドが追加され、APIはWindowsで利用可能になりました。 現在、DHTPはDataHub APIDataHub コマンドセットで構成されています。

ニーズを満たす

この進化過程の個々のステップは、具体的なプロジェクトのニーズ対応で、工業的背景の中で起こりました。お客様がTCPを介してより堅牢で安全なデータ通信を要求したため、SSLなどの機能を追加することでDHTPの機能を改善しました。 OPCトンネリングアプリケーションのためのCogent DataHubよりも明らかな成功はありません。 DataHub DA TunnellerとDataHub UA Tunnellerは、OPCサーバーとクライアントをネットワークまたはインターネットを介して接続する他に類を見ない製品です。

クラウドと組み込み

クラウドを介して産業通信の価値を認識した最初の企業の1社として、Skkynetは、DataHubからSkkyHub への接続にWebSocket機能を使い、DHTPを強化しました。 ファイアウォールポートを開かずに、双方向通信のために産業システムからの安全なアウトバウンド接続をサポートするDHTP独自の特許取得済み機能は、Skkynetのセキュア・バイ・デザインアーキテクチャがキーになっています。数年後に組み込みシステム用に ETK を導入し、この構成図が完成しました。 DHTPは現在SkkynetのIIoT製品とサービスの3つのコアコンポーネントであるDataHub、SkkyHub、ETKで使用されている標準プロトコルです。
次回のブログでは、なぜDHTPがIIoTの理想的なプロトコルであるかを詳しく説明します。効果的なIIoTデータ通信challenging基準の概要を説明し、DHTPがそれらのすべてをどのように満たしているかを示します。 DHTPの詳細については、次の点に留意してください。 DHTPについて詳細、 IIoTプロトコルとしての成功は、工場通信とインターネット通信が絡み合う厳しい環境でどのように開発されたかに起因しています。

Cyber Security: Over 90% of IIoT Experts Express Concerns

Respondents to the 2017 Industrial Internet of Things Security Survey by Tripwire paint a pretty bleak picture of cyber security for the Industrial IoT (IIoT).  Among the more than 400 IT professionals responsible for securing their companies against IIoT-related threats, 96% said they expect to see an increase in cyber attacks in the coming year.  At the same time, less than 50% of them feel prepared for those attacks.

This is cause for concern, according to David Meltzer, chief technology officer at Tripwire, who said, Industry professionals know that the Industrial Internet of Things security is a problem today. More than half of the respondents said they don’t feel prepared to detect and stop cyber attacks against IIoT.

At the same time, 90% of these same IIoT experts expect the use of IIoT to increase.  They acknowledge that innovation must go forward, and that the benefits of the IIoT outweigh the costs.  Two out of three of them recognize the need to protect against cyber attacks, despite the fact that less than half of them feel prepared for attacks on insecure IIoT devices.

The Industrial Internet of Things ultimately delivers value to organizations, and that’s why we’re seeing an increase in deployments, said Meltzer.  Security can’t be an industry of ‘no’ in the face of innovation, and businesses can’t be effective without addressing risks. The apparent contradiction of known risks and continued deployment demonstrates that security and operations need to coordinate on these issues.

Meltzer points out that the consequences of insecure IoT implementations leading to a cyber attack are far more severe for industrial applications.  Greater connectivity with operational technology (OT) exposes operational teams to the types of attacks that IT teams are used to seeing, but with even higher stakes, he said.  The concern for a cyber attack is no longer focused on loss of data, but safety and availability. Consider an energy utility as an example – cyber attacks could disrupt power supply for communities and potentially have impact to life and safety.

Here at Skkynet, we could not agree more. It was this kind of thinking that led us to develop our secure-by-design SkkyHub service. Those who understand the risks of the IIoT and the difficulty of securing it using conventional IT or OT approaches recognize the value of what we are doing. We invite every survey participant and anyone else who wants to get the most out of the IIoT to see for themselves how these concerns fall away when using an IIoT platform that is secure by design.

Top 10 IoT Technology Challenges for 2017 and 2018

Gartner, Inc., the IT research firm based in Stamford, Connecticut, recently published a forecast for the top ten IoT technology challenges for the coming two years.  The list covers a lot of ground, from hardware issues like optimizing device-level processors and network performance to such software considerations as developing analytics and IoT operating systems to abstract concepts like maintaining standards, ecosystems, and security.

“The IoT demands an extensive range of new technologies and skills that many organizations have yet to master,” said Nick Jones, Gartner vice president analyst. “A recurring theme in the IoT space is the immaturity of technologies and services and of the vendors providing them.”

Heading the list of needed expertise is security.  “Experienced IoT security specialists are scarce, and security solutions are currently fragmented and involve multiple vendors,” said Mr. Jones. “New threats will emerge through 2021 as hackers find new ways to attack IoT devices and protocols, so long-lived ‘things’ may need updatable hardware and software to adapt during their life span.”

To anyone considering the IoT, and particularly the Industrial IoT (IIoT) or Industrie 4.0, this should be a wake-up call.  As the recent power-grid hack in the Ukraine shows us, old-school approaches like VPNs will not be sufficient when an industrial system is exposed to the Internet. In the IoT environment, Skkynet’s secure by design approach ensures not only a fully integrated approach for the security issues that many are aware of today, but also a forward-looking approach that will meet future challenges.

Having taken security into consideration, there are other items on the list that we see as significant challenges, and for which we provide solutions.  Among these are:

  • IoT Device Management – Each device needs some way to manage software updates, do crash analysis and reporting, implement security, and more. This in turn needs some kind of bidirectional data flow such as provided by SkkyHub, along with a management system capable of working with huge numbers of devices.
  • Low-Power Network Support – Range, power and bandwidth restraints are among the constraints of IoT networks.  The data-centric architecture of SkkyHub and the Skkynet ETK ensure the most efficient use of available resources.
  • IoT Processors and Operating Systems – The tiny devices that will make up most of the IoT demand specialized hardware and software that combine the necessary capabilities of low power consumption, strong security, tiny footprint, and real-time response.  The Skkynet ETK was designed for specifically this kind of system, and can be modified to meet the requirements of virtually any operating system.
  • Event-Stream Processing – As data flows through the system, some IoT applications may need to process and/or analyze it in real time.  This ability, combined with edge processing in which some data aggregation or analysis might take place on the device itself, can enhance the value of an IoT system with little added cost.  Skkynet’s unique architecture provides this kind of capability as well.

According to Gartner, and in our experience, these are some of the technical hurdles facing the designers and implementers of the IoT for the coming years.  As IoT technology continues to advance and mature, we can expect other challenges to appear, and we look forward to meeting those as well.

Security Framework for Industrial IoT Built on Trust

Ultimately, it comes down to trust.  When someone hears about the Industrial IoT, and asks, “What about security?” what they probably mean is, “Should I trust it?”  Without trust, things get complicated, bog down, and sometimes stop moving altogether.  Without trust it’s difficult to build anything—a team, a business, or a family.  And among other things, trust depends on security.

Recently the Industrial Internet Consortium (IIC) published a paper titled Industrial Internet of Things Volume G4: Security Framework, that outlines a comprehensive security framework for the Industrial IoT (IIoT).  In the introduction, the paper outlines five key system characteristics that build trust: security, safety, reliability, resilience and privacy.  The IIC paper then describes how these characteristics must be infused into the IIoT for industrial users to trust it.

It says, “A typical Industrial Internet of Things (IIoT) system is a complex assembly of system elements. The trustworthiness of the system depends on trust in all of these elements, how they are integrated and how they interact with each other. Permeation of trust is the hierarchical flow of trust within a system from its overall usage to all its components.”

Trust is fundamental to the Security Framework

The idea is that for trust to permeate through the IIoT system—for the users to trust it—the system must be trustworthy from the ground up.  First, the components or building blocks of the system must be trusted.  Next, the system builders need to both trust these components, as well as put them together in a trustworthy way.  When all is checked, tested, and functioning well at these two levels, and the system meets the specifications of the system users, then the users will begin to trust the system.  Trust will permeate down from the users to the system builders, and ultimately to the components and those who supply them.

Skkynet’s secure-by-design approach to the IIoT follows this model.  At the level of components, our software and services have been installed in hundreds of mission-critical systems.  The system integrators who work with these components trust them, because they have seen how they perform.  Using DataHub® and SkkyHub™, they have been able to deliver highly-trusted, well performing systems.  Plant managers and owners are satisfied with these systems, and have extended their trust to the system integrators, as well as to the software and services.

How the IIC’s Security Framework applies specifically to Skkynet’s SkkyHub, DataHub, and ETK is well beyond the scope of one blog—more needs to be said, and is coming soon.  The Security Framework concepts are familiar to us, as we have been incorporating them for years in the secure-by-design approach we take in developing our software and services.  We are pleased that the IIC has published this paper, and consider it a valuable resource for gaining a better understanding about security and the Industrial IoT.

Will Time-Sensitive Networking (TSN) Improve the IIoT?

Is current Internet technology sufficient for the needs of Industry 4.0 or the IIoT?  Or could it be better?  How can we enhance Ethernet to improve real-time data communications? These are the kinds of issues that some key players in Industrial IoT plan to address by developing the world’s first time-sensitive networking (TSN) infrastructure.

TSN has been defined as “a set of IEEE 802 standards designed to enhance Ethernet networking to support latency-sensitive applications that require deterministic network performance,” according to Mike Baciodore in a recent article in Control Design titled “How time-sensitive networking enables the IIoT

Put simply, the goal of TSN is to provide the IoT with the same kind of real-time performance that is now limited to individual machines like cars and airplanes, or to distributed control systems in industrial applications.  The Industrial Internet Consortium (IIC), along with Intel, National Instruments, Bosch Rexroth, Cisco, Schneider Electric and others have joined forces to achieve this goal, to enable a truly real-time IoT.

TSN is Good News for Skkynet

This collaboration to develop TSN comes as good news to us here at Skkynet.  Since we currently provide secure, bidirectional, supervisory control capabilities over TCP, we understand how much more effective our software and services will be when supported by TSN.

With TSN, our latencies of a few ms over Internet speeds would be reduced to simply a few ms.  Data dynamics would be better preserved, and system behavior more deterministic.  This effort to develop TSN validates our thinking that the IIoT works best with low-latency, high-speed networking.  Unlike those who operate on the assumption that web communication technology (REST) is the way forward, the TSN approach means that networked data communications can approximate or equal in-plant speeds and latencies.

Several participants and commentators on the TSN project point out that typical cloud architectures are not ideal counterparts for TSN.  Something fundamentally different is required.  Putting their individual ideas and suggestions together, what they envision for an architecture is remarkably close to what Skkynet currently provides.  It should be secure by design, fully integrate edge computing, and keep the system running without interruption during any network outages.  Above all, it must provide secure, selective access to any process data, in real time.

“One of the cool concepts out there is that people will want to have a cyberphysical representation of the equipment in the cloud,” said Paul Didier, solutions architect manager at Cisco. “That doesn’t mean the physical plant will be controlled in the cloud. Optimization and maintenance can be done in the cloud and will filter its way back to the machine.”

Our recent case study showcasing DataHub and SkkyHub technology illustrates this “cyberphysical representation.”  During the deployment and test of a mineral processing system, developers thousands of miles away monitored the machine logic and tweaked the system in real time. “It was as if we were sitting beside them in the control room,” said one of the team, “and through live monitoring, we were able to continue developing the application, thanks to the real-time connectivity.”

It’s a small step from this to machine control, and time-sensitive networking will be a welcome technology in that direction.  To the Industrial Internet Consortium (IIC) and everyone else involved in this project, we say keep up the great work!  We’re ready to put TSN to good use when it becomes available.

Connecting the Worlds of IT and OT

Ever since the dawn of computing for commerce and industry, there has been a wide gap between the world of IT (Information Technology) and OT (Operations Technology).  Most of us are more familiar with IT—crunching numbers for financial applications, building databases for personnel records and corporate assets, and printing out sales reports, monthly earnings, and year-end statements.  The world of OT is more remote and esoteric—hidden behind firewalls and DMZs, sometimes on completely independent networks, mission-critical systems oversee the real-time processes that control a company’s production equipment and machinery.

Now, with the advent of Industry 4.0 and the Industrial IoT, these two worlds are being brought together.  In a recent article, The Internet of Things: Bridging the OT/IT divide, John Pepper, CEO and Founder of Managed 24/7, makes the case that the business value of operational data will be lost unless IT and OT learn to co-operate.  He said, “Unless organisations actively bridge the gap between OT and IT, the real operational benefits of the digital business will be lost.”

A risk of losing the prize

According to their research, companies are jumping on the IoT bandwagon and increasing their number of networked devices, but due to a lack of an overall policy to bridge the IT/OT gap, there is a real risk of losing the prize.  Critical OT information that has been unknown in the past is now becoming available, but only to those who know how to connect to it, and are willing to do so.

“Indeed, while the vast majority of new control systems used in buildings and factories – from water pumps to energy systems – include an Ethernet connection,” says Pepper, “few organisations are actively using this real-time insight to support CxO decision-making.”

Pepper’s call for deeper integration between the real-time data flowing through the OT world and the analytical capabilities of the IT world is a need that Skkynet was created to meet.  The predictive technologies that Pepper recommends can be realized and fully supported by Skkynet’s Industrial IoT technologies.  The vision of end-to-end monitoring and self-healing technologies that Pepper shares can become reality when we effectively connect the two worlds of IT and OT.