Back to blog
Posted October 29 2020
Written by Createch IBM Maximo

EAM, Data Security and Industrial Espionage in Industry 4.0

When we walk into a company facility as a visitor, our first port of call is normally a physical security desk.

We sign in, receive our access badge and meet our contact. The next step usually involves fulfilling a task. This task could be anything from a simple introductory meeting in a conference room to a critical unplanned emergency maintenance task needed to restore a critical system or service to bring the facility back online.

Security concept Lock on digital screen_EAM, Data Security and Industrial Espionage in Industry 4.0_Createch

Physical Security – An Extension of Enterprise Asset Management

Physical security access for any visit ideally aims to provide people with access only to the specific assets that are needed to fulfill a task, while the rest is generally kept off-limits. It’s a traditional human-based sentry system to ensure people do not intentionally or accidentally alter or damage a key asset such as a crucial piece of equipment they do not need to have access to. This also ensures our health and safety while securing the company’s intellectual property and sustainability. This is accomplished by keeping as many company-specific assets and processes as confidential as possible at all times.

Physical security ensures the highest return on assets with the least amount of risk, it is an extension of Enterprise Asset Management. We can use the assets in the most effective and profitable way, so it is just as important as physical equipment maintenance. It would be pointless to have incredible physical equipment maintenance and our assets in perfect condition if, however, a complete lack of physical security means they can easily be altered or damaged, reverse engineered or even cause serious injuries or death.

Data Security – Another Extension of Enterprise Asset Management

Physical assets in facilities today are generating more operational data than before and in much more detail. This data is proving to be more and more crucial for monitoring, control, automation and decision-making. Intelligent insights using this data provide companies with a competitive advantage by helping them to optimize processes which can increase profits and empower them to create new intellectual property within their business practices. The value the data itself creates in some cases is proving to have more book value than the physical assets themselves and is often very desirable to the manufacturers of those assets to have for new product development purposes.

Let’s take the Coca-Cola Company as an example. Their manufacturing processes and their flagship beverage formula has been a closely guarded secret and is key to their sustainability as a company. In traditional manufacturing, physical security described above could sustain this. Very few could become privy to their manufacturing process without having physical access to the assets.

However, if the plant assets are generating a large amount of data and the data itself has a lot of detail, manufacturing processes could be reversed engineered using this data and by anyone who can access it. Physical security access to a facility therefore is no longer the sole valuable sentry tool to ensure effective Asset Management. Data security within the facility and between the facility and everywhere the data is transmitted or received is just as important.  

Industry 4.0 and Real-Time Data Streaming From Machinery

“Stationary data” is a term I will use here to designate data that is saved on a hard disk or backed up to a storage device and remains at rest. This is either on premise or in the cloud normally through an encrypted connection.

Stationary data has been a target of malware, ransomware, phishing, theft and all sorts of other cyberattacks. This has created a large industry for cybersecurity companies and has often benefited cybercriminals who lately have been encrypting data and then requesting ransoms from the victims to restore that data back to its unencrypted state.

Other components of cybercrime and unauthorized access to data has been a result of industrial espionage, where we have seen companies and even countries stealing intellectual property from their peers.

Unlike stationary data, “streaming data” from IOT devices is needed in real-time to monitor and control critical industrial and other processes and their respective assets. Cybercriminals disrupting or reverse engineering this data and disrupting the real-time feeds in various ways will generally be more destructive from what we have seen with stationary data and could also have domino and rippling effects on several processes and even companies at once in the future. Think about the Coca-Cola example again – cyberattacks on their real-time IOT operational data could not only disrupt plants and make them inoperable, but this could also be impacting logistics to customers, supplies from suppliers and maintenance calls from vendors all relying on real-time manufacturing and facility operational data to make decisions and action on them.

As a result, IOT assets and their data are going to become much bigger targets for cybercriminals than stationary data because the prize of disrupting and/or capturing data from these assets by a cybercriminal or unethical competitor is going to be much larger. Countries can also spy on their rivals’ best-performing companies or industries, to try and help their own economy and competitiveness. This is the same case for inter-manufacturer espionage by seeing how their rival’s assets perform and where areas of weaknesses are.

Disrupting asset performance through cybercrime can also lead to enormous health and safety risks.

It’s here now on a smaller scale in some of your own kitchens. An outsider may find a way to turn off your smart IOT refrigerator and freezer through the internet and you come home to spoiled food.

All Physical Assets Will All Have a Digital Side to Them

In the IOT era, all assets will have physical and digital components to them. Both components will need to be managed and maintained together which is going to make Enterprise Asset Management and maintenance more complex, but at the same time more rewarding for businesses if managed proactively and correctly. Adopting this opportunistic view will help your business tremendously.

Tesla cars for example are a mix of computer hardware and software and traditional mechanical automotive components – one cannot function without the other. In the past, a large ore hauling truck at a mine would only need maintenance and servicing on the mechanical components of the truck along with lubricants, fuel and other physical components such as the tires to keep it operational. It was purely a physical asset – there was no digital side to it.

Now with digitization and Industry 4.0 in mind, when you change a tire on this truck, you might also need to reconfigure the on-board IOT tire pressure sensors or central computer or both to note there is a new tire and that the pressure is set correctly. You may also need to ensure all four tires are balanced in the computer systems and ensure other safety checks are met with the new tire. The IOT data will likely be transmitted and logged in real-time streaming and will require real-time protection. As a result, software updates and patches may also need to be applied while the maintenance person is present to ensure the truck has the latest functional and security updates.

We could argue that a lot of this could be achieved remotely. However, some or all the digital tasks may need to be completed by the maintenance person during the tire change as a fail-safe. In the case of an autonomous truck, a test drive with that person present may be required.

What Are My Next Steps in EAM?

EAM has four main components to it in the IOT age –

  • The EAM platform and the system controlling the processes and procedures of asset management as well as maintenance;
  • People and processes performing the maintenance;
  • Physical security of each asset;
  • Data Security of each asset and the overall platform (no1 above).

Createch’s team can help you with this journey in all four areas. Our seasoned EAM professionals possess in-depth knowledge and experience across many industries. We will gladly talk about your objectives and where you may also be having some challenges and difficulties.

Regardless of where you are in your Enterprise Asset Management journey, Createch will be pleased to help you implement technologies and best practices so you can get the most out of your efforts. Contact us now!

These Articles Could Also Interest You
Author slug - john-newstead
Author slug - muhammad-moizuddin
Muhammad Moizuddin
Muhammad Moizuddin
Posted February 3 2022
Author slug - sil-zoratti