Embed Size (px)
Citation preview
REMOTE MACHINERY MANAGEMENT SOLUTIONSXXXXXXXXXX
Effektiv udnyttelse af IIoT for servicering af maskiner, er mere end blot at forbinde ting til skyen
Peter Koldig [email protected]
2
AGENDA – TEKNISK GENNEMGANG AF…
IEC62443 standarder SHA256 og Cipher suites X509 certifikathåndtering Krypteringsalgoritmer Secure coding standarder
Eller .. Måske noget mere jordnært
3
FØRST – HVEM ER SECOMEA?
▶Secomea A/S ▶Privately held Danish company▶6 times Gazelle award winner 2013-2018▶Branch offices in China, Canada, Japan▶+ 130.000 installed units▶+ 5.500 customers world-wide▶Worldwide distribution network▶Technology supplier to Schneider Electric, Pro-face, B&R and Hirschmann
▶Target customersMachine builders
Factories Utility
LIDT IIoT / INDUSTRI 4.0 TRENDS
5
DIGITALISERINGS TRENDS – INDUSTRY 4.0Source: PwC 2016 Global Industry 4.0 Survey
6
PREDICTED INTERNET-OF-THINGS (IoT) GROWTH
31% Year-to-Year Growth 75 Billions connected devices in 2025 Industrial IoT (IIoT) focuses on:
Smart Sensors Smart Monitoring Smart Analytics Smart Factory Deeper Business InSights thanks to
increased data awareness
Source: Statista 2018
7
Troels H. Jensen, Schourup A/S“For mange virksomheder er det svært at overskue, hvordanbehovet for teknologi ser ud blot få år ude i fremtiden. Det kanhurtigt blive en dyr forretning at gætte sig frem, og derfor giver det god mening at leje maskinerne, så virksomhederne hele tiden er opdaterede.”
Frederik Braun, Microsoft Danmark“..IoT-Teknologi består af tre elementer: Det første er sensoren isig selv og den data, den indsamler. Det andet element erindsigten, som kan skabes gennem analyse af data, og det tredjeer beslutningen, du tager på baggrund af indsigten.Teknologien findes allerede, men du skal først og fremmest vide, hvad du vil bruge den til i forhold til dine kunder, din organisation og virksomhedens strategiske retning”
Anders Kjøngerskov, Bürkert“for mange af vores kunder er det vigtige, at de ikke behøver at beside specialviden om de enkelte elementer i løsningen, men kan nøjes med at trykke på start-knappen. Det skal væredriftssikkert, nemt at arbejde med, nemt at vedligeholde ogservicere, og så skal det være muligt at skalere”
Felix Langkjær, Rockwell Automation“Fjernadgang til maskinerne og i det hele taget hele Smart Manufacturing aspektet stiller store krav til sikkerheden, fordivirksomhederne jo gerne selv skal have indflydelse på, hvem der har adgang til de vitale data”
8
ER DEFINITIONEN AF EN MASKINE UNDER FORANDRING?
▶Er en robot en maskine, eller blot en komponent i en produktion?▶Er et vandværk mere en fabrik der producerer vand, end blot en
forsyningsstation▶Er en støvsuger en maskine der producerer renhed? Og er kundens
lokation så et ”produktions-site”?▶Er en bygning en fabrik bestående af maskiner, i takt med at
bygninger bliver mere og mere intelligente?▶Bliver en maskine snarere en Service end et Fysisk Asset?
9
“IoT is poised to make a mark in the not-too-distant future is enterprise business models. More specifically it could lead to more and more high-value equipment being leased, as opposed to being sold outright. The machinery of the future could be outfitted with built-in sensors and marketed as both a product and as service. As a result, equipment owners would then be able to monitor it remotely and provide maintenance, repairs and necessary upgrades automatically. This would allow end users to focus on the work at hand instead of worrying about the condition of the equipment, leading to increased productivity and satisfaction”
https://www.aem.org/news/5-manufacturing-trends-to-watch-in-2019
MAINTENANCEIN AN IIoT CONTEXT
AUTOMATION MAINTENANCE LIFE CYCLE
Preventive Maintenance (operations – real-time) General production condition monitoring (consumables, produced items) Replacements based on experience or unusual behavior (temp, pressure) Automated process control actions (SCADA)
Predictive Maintenance (optimization - OEE) Prediction of next service or potential break downs Optimization of production and processes Optimization of machines (cost, efficiency, stability)
Corrective Maintenance (commissioning and recovery) Adjustments/tuning (programming) Service Level Agreements (troubleshooting) Operator assistance (helpdesk services)
11
12
13
Hvilke data må vi sende ud fra maskinerne, som ikkekompromitterer kundens IT sikkerhed ellerforretningshemmeligheder? Hvordan definerer vi en sikker måde at sende
instruktioner eller opdateringer tilbage til maskinen? Hvordan fjernservicerer vi, hvis maskinen er i uorden? Hvordan får vi serviceteknologi integreret i alle
maskiner og får det skaleret op? Hvordan får vi alt dette integreret i organisationen
Nilfisk, som jo har rengøring som kernekompetence, ogikke IoT og dataanalyse?
EXAMPLEWINE PRODUCTION
14
Machinebuilder (OEM)
Vineyard
Grape press
Machine DataHelpdesk / Remote assistance
Analytics / optimization
Farmes’sProductionoverview
Condition Monitoring
Engineeringescalation
Machine Data
TroubleshootingProgrammingUpgrades
IoT EdgeDevice
Operator panel
PLC
Automation tools
Machine Data
IoT M2M Server
IoT CloudPREDICTIVE
CORRECTIVE
CORRECTIVE
PREVENTIVE
PREVENTIVE
PREDICTIVE
15
CORRECTIVE MAINTENANCE & CYBERSECURITY
▶Opmærksomheden på Cybersecurity mangedobles ved Corrective Maintenance, da det giver ”tunnel adgang” til lokationer og/eller udstyr. Derfor, hav fokus på:
▶AuthenticationThe authentication of user, i.e. establishing their identity by assuming a mapping of a physical person to a username and password, possibly multiple, is critical to security of any system. For both the Machine builder and Machine owner, this is the key to ensuring that only the right staff get remote access. By ensuring proper authentication – avoiding sharing accounts or password and similar – the Machine builder can manage normal employee turnover and career changes.
▶AuthorizationIn a remote access scenario both the Machine builder and owner are interested in the minimum authorizations (permission) required for doing the troubleshooting/servicing. This means that both the Machine owner and the Machine builder would like to arrange the permissions in a model where what permission an individual is assigned can be configured in access scope, duration and method.This is especially so, since often the Machine owner does not allow internet access in the plant or installation normally.
▶ConfidentialityThe actual servicing and troubleshooting will often directly affect sensitive systems and data. Hence there is a need for the access and content, to be confidential between the Machine builder support staff and the Machine owner.Doing everything over the Internet, simply strengthens this need.
▶AuditingEven when staff doing service are authenticated and authorized, there is often a need to support later auditing of staff and systems actions. This can be as part of normal legal proceedings or internal auditing, but also in case of investigations of cybersecurity breaches.
KONKLUSION…
…. Om der findes en one-size-fits-all IIoT løsning?
Måske rent teknologisk (funktion og sikkerhed) – hvis man er dygtig nok til at identificere alle behov.Men nok ikke en som samtidigt imødekommer alle juridiske forhold.Men der findes i hvert fald én løsning du kan komme sikkert i gang
med…
16
hint
?…
17
