“The United States and Great Britain are two countries separated by a common language,” George Bernard Shaw is supposed to have said. I said something similar in my first year of blogging: IT and engineering – two organizations separated by common technology. One of my pet peeves then, as it is now, is the notion that IT and automation are always at odds.
We need to make that statement fall into past tense: “were always at odds.” Greg Hale at ISS Source noted that in Cyber Security: Bringing IT, Engineering Together: “There are companies just now coming to the realization the two sides have more in common than they think.” And security is one area that can catalyze that cooperation. (Another is the ability for automation engineers to use IT tools for troubleshooting and diagnostics of Industrial Ethernets.) BTW, if you haven’t subscribed to Greg’s enewsletter “The Shield” you are missing a great resource for security threats and solutions. (Subscribe here.)
One of the drivers in bringing Automation and IT together is Industrial Ethernet. Dave Greenfield in the video accompanying Survey Results: Ethernet and Wireless in Production Facilities points this out in the results of their survey.
Multiple members of the panel made comments about IT. “IT owns down to the switches; Automation, below that.” “PROFINET benefits from IT tools.” “Users of PROFINET benefit from IT knowledge.” Unlike serial fieldbuses, Ethernet provides common ground between IT and Automation. “Involve IT from the beginning!” A surprising comment was that MES is driving adoption of Industrial Ethernets like PROFINET. Flexibility, ease-of-use, expandability, and determinism were also cited as PROFINET benefits.
In Security: The Difference Between IT and Industrial Control, Dave Greenfield summarizes the differences between Automation and IT approaches to security. The main point is that “though a good dose of IT security is essential to industrial control system security, successfully securing a control system requires additional steps.”
And to finish out the security topic also read 3 pillars of industrial cyber security by Dennis Brandl at Control Engineering. A reminder that it’s not just about the technology, it’s about the people. I’m convinced the most severe security threat is the post-it note – the one the operator stuck on the monitor with his username and password on it.