A transformative event is occurring where countless industrial devices, both old and new, are beginning to use Internet Protocol communication technologies. We refer to these collections of IP-enabled industrial devices and associated networks as the Industrial Internet of Things (IIoT). The Industrial IoT is at the very core of disruptive visions, such as Industry 4.0, and other advanced manufacturing initiatives, and it promises to bring countless new value creation opportunities across all market sectors. However, cybersecurity and data privacy issues present major hurdles and roadblocks for adopters of Industrial IoT technologies, and if these issues are not appropriately addressed, the true potential of the Industrial IoT might not be met. This is the first in a two-part blog series that will introduce the reader to the Industrial IoT and its future potential. In the second part, I will be describing the various cybersecurity issues that might impact the overall success of the Industrial IoT.
Overview
A new revolution is occurring within industry. It is a revolution resulting from the convergence of industrial systems with advanced computing, sensors and ubiquitous communication systems. It is a transformative event where countless industrial devices, both old and new, are beginning to use Internet Protocol (IP) communication technologies. We refer to this new revolution as the Industrial Internet of Things. The Industrial Internet of Things is a subset of what we have come to know as the Internet of Things (IoT). The IoT is an abstract idea that captures a movement that started when we began integrating computing and communication technology into many of the “things” that we use at home and work. It started with the idea of tagging and tracking “things” with low cost sensor technologies such as radio frequency identification (RFID) devices. However, the paradigm shifted as the market began delivering low-cost computing and Internet-based communication technologies, simultaneously with the rise of the ubiquitous smartphone. This perfect storm of low cost computing and pervasive broadband networking has allowed the IoT to evolve. Now, the IoT includes all types of devices ranging from home appliances, light bulbs, automation systems, watches, to even our cars and trucks. Technically speaking, the IoT is a collection of physical artifacts that contain embedded systems of electrical, mechanical, computing and communication mechanisms that enable Internet-based communication and data exchange. The Industrial IoT follows the same core definition of the IoT, but the things and goals of the Industrial IoT are usually different (see Figure 1). Some examples of the things of the Industrial IoT include devices such as sensors, actuators, robots, manufacturing devices such as milling machines, 3D-printers, and assembly line components, chemical mixing tanks, engines, healthcare devices such as insulin and infusion pumps, and even planes, trains, and automobiles. Indeed, it is a vast spectrum of devices. One interesting aspect of Industrial IoT devices is system complexity. In particular, Industrial IoT devices can contain systems of IoT systems. For example, an industrial robot as a whole might contain multiple sensors working both independently and as a group, and one or more of these sensors could control one or more actuators that, in turn, control the robot’s movement. Further, the sensors, actuators, and other parts of the robot can connect independently to an IP network with some centralized server that governs the overall control of the robot.
Another term commonly used when discussing the Industrial IoT, and in particular, the Industrial Internet, is operation technology. Operation technology (OT) refers to the traditional hardware and software systems found within industrial environments. Some examples include programmable logic controllers (PLC), distributed control systems (DCS), and human-machine interfaces (HMI). These systems are also known as Industrial Control Systems (ICS) because they “control” the various processes that occur within an industrial environment.
System Characteristics
As I mentioned earlier, the Industrial IoT is a subset of the more general IoT. Hence, some of their characteristics are similar. The most common characteristic is that they all contain embedded computing and communication technology. These systems are largely focused on sensor technology along with the collection, transmission, and processing of sensory data. Communication is obviously a key component of the Industrial IoT. As illustrated by Figure 2, the Industrial IoT can use both wired and wireless communication.
Some of the protocols used by Industrial IoT devices include Ethernet, Wi-Fi, WiMax, LR-WPAN, 2G/3G/4G telephony, IPv4, IPv6, 6LoWPAN, HTTP, CoAP, MQTT, XMPP, DDS, and AMQP, Profinet, ModBus, and DNP. Whew! That is a long list. It turns out that communication technology and acronyms go hand-in-hand. For some reason, they just cannot survive without each other. On a serious note, there are different protocols for different use cases, commonly driven by environmental factors and resource constraints. For example, HTTP and MQTT are application layer protocols. HTTP, the hyper-text transport protocol, is a text-based protocol commonly used by web-based systems, i.e., web servers. It is a good protocol for client-server communications when there is more of a need to do only “one-way” data pulling. Although multiple sets of data packets moving in both directions are required for a client to pull down a web page from a server, the protocol is designed for pure client-server architectures. However, it is common for IoT devices to act as both client and servers. In these cases, HTTP is more difficult to implement, although it can be done using a “polling” methodology. MQTT was designed specifically for industrial network environments. It is a publish-subscribe messaging protocol, which eases the pain in terms of “two-way” communications where a device might act as both a client and server. Further, it is a light weight protocol in terms of transmission overhead, and it was designed to support lossy data transmission networks.
Future Vision
The Industrial Internet of Things will drastically change the future, not just for industrial systems, but also for the many people involved. If we can achieve the full potential of the Industrial IoT vision, many people will have an opportunity to better their careers and standards of living because the full potential of this vision will lead to countless value creation opportunities. This always happens when new “revolutions” get set into motion. The full potential of the Industrial IoT will lead to smart power grids, smart healthcare, smart logistics, smart diagnostics, and numerous other “smart” paradigms. For example, the Industrial IoT is at the heart of a related movement called “Industry 4.0”. Industry 4.0 is sometimes referred to as the 4th industrial revolution, and it is a vision of smart factories built with intelligent cyber-physical systems. It will enable manufacturing ecosystems driven by smart systems that have autonomic self-* properties such as self-configuration, self-monitoring, and self-healing. I’m not suggesting “Terminator” style technology. Instead, this is technology that will allow us to achieve unprecedented levels of operational efficiencies and accelerated growth in productivity. New types of advanced manufacturing and industrial processes revolving around machine-to-human collaboration and symbiotic product realization will emerge. It will truly be amazing to see all of the many benefits and technological advances that can be gained if we can achieve the full potential of this technology.
Conclusion
The Industrial Internet of Things can have a bright and shiny future. However, the devil is in the details. The number one challenge faced by the Industrial IoT is security and privacy. If we cannot alleviate many of the security and privacy issues that impact the Industrial IoT, we will not be able to achieve its full potential. In my next post, I will talk about some of these security and privacy challenges along with some potential solution paths and techniques that might help us move forward on this new journey. Title image courtesy of ShutterStock
Mastering Security Configuration Management
Master Security Configuration Management with Tripwire's guide on best practices. This resource explores SCM's role in modern cybersecurity, reducing the attack surface, and achieving compliance with regulations. Gain practical insights for using SCM effectively in various environments.
