MAR-APR 2019

Issue link:

Contents of this Issue


Page 12 of 59

INTECH MARCH/APRIL 2019 13 COVER STORY tion of the provided resources. Examples of resources include storage, processing, memory, and network bandwidth. Rapid elasticity Capabilities can be automatically pro- visioned and scaled to rapidly meet computing and storage needs based on user demand. To the user, the capa- bilities available often appear to be un- limited and can be appropriated in any quantity at any time. Measured service Cloud systems automatically control and optimize resource use by leverag - ing a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, band - width, applications, and active user accounts). Resource use can be moni - tored, controlled, and reported, provid- ing transparency for both the provider and consumer of the utilized service. The application of cloud computing has the potential to change industrial automation system architectures that have been traditionally on-site sys- tems requiring capital investment to add functions. In contrast, the cloud computing model provides significant storage, computing, and application software on demand with engineers only paying for what they use. Cloud computing and on-demand analytics are also being developed for a much broader range of applications outside of industrial automation, providing powerful and more cost-effective new capabilities for automation engineers. How do you characterize new cybersecurity challenges created by cloud services used in industrial automation applications, and do you have any advice for users? Kling: The cloud brings so much promise, it is hard to ignore its poten- tial. Several supporting technologies— improved communications, virtualiza- tion, improved compute power—make the cloud happen. All of this support- ing infrastructure brings, in turn, its own set of cybersecurity challenges. So, it is not enough to just ask about cloud security-related challenges. You must also be aware of all that surrounds the use of the cloud. Each of these techno- logical elements brings new challenges. Edwards: Love it or hate it, the cloud is here to stay. There has been some fear, I think, in the adoption of cloud techniques in the control system space and rightly so. We need to look at sig- nificant change in our systems design very carefully. As far as cybersecurity, you can get the best and the worst. In some ways cloud services let you bun- dle security services onto something in a very easy way, but like anything, if you don't configure your containers and the like correctly, you can introduce secu- rity issues very easily. Here's an interesting story to prove the point. I saw a wide geographic SCADA application in which the user had moved their entire SCADA envi - ronment—front end servers, comms, etc.—into the cloud, which surprised me. Their rationale, which was very well thought out, was that the uptime of the cloud provider's infrastructure was guaranteed contractually to be much higher than what they could accomplish with their own infrastruc - ture. By the time they looked at main- taining the communications and all the servers, the cloud implementation looked very attractive and has per - formed very well for them. Fog computing Fog computing, also known as fog net- working or fogging, is a decentralized computing infrastructure in which data, compute, storage, and applica - tions are distributed in the most logi- cal, efficient place between the data source and the cloud. Fog computing essentially extends cloud computing and services to the edge of the net - work, bringing the advantages and power of the cloud closer to where data is created and acted upon. How do you characterize new cybersecurity challenges created by fog computing, and do you have any advice for users? Kling: Similar to cloud, fog brings a unique set of security challenges. Ap- plications become virtualized, which makes them fluid. That means they can move east to west (device to device) and north (to cloud) or south (closer to the cyber/physical edge). As a result, security features must "follow" the ap- plication. For example, certificates that might traditionally be stored in hard- ware will have to find a way to become more fluid as virtualized applications move between platforms. Fog bridges the gap between edge computing and cloud computing and comes with its own unique challenges. Your first step is to understand those challenges: It demands virtualization, and it is often required to be more per- formant to run IACS [industrial auto- mation control system] solutions than traditional cloud technology. Make sure that, as a bridging tech- nology, your security solution does not fall to just the lowest common denomi- nator between the layers but maintains a robust set of security features unique to large amounts of virtualization. Edwards: Fog is essentially an "on- premise cloud infrastructure." If that is the case, then end users will have many of the same challenges they confront when enabling a cloud infrastructure. Edge computing IoT is creating a flood of new technol- ogy and driving communication and computing to the edge of system ar- chitectures. The number of connected IoT devices worldwide will increase 12 percent on average annually, from nearly 27 billion in 2017 to 125 billion in 2030, according to new analysis from global information provider IHS Markit. This is particularly the case with smart sensors that have embedded process- ing and communication to controllers, enterprise, and cloud servers. These IoT devices are uniquely identifiable electronic devices using Internet "data plumbing," including Internet Protocol, Web services, and cloud computing. An example of this trend is the In dustry 4.0 for Process Automation initiative started by NAMUR. Indus - try 4.0 and IoT concepts are being applied to process automation to achieve a holistic integration of au - tomation, business information, and

Articles in this issue

Archives of this issue

view archives of InTech - MAR-APR 2019