Outline
Industrial Applications
Industrial Automation
Safety vs. Security
Outlook and Concluding Remarks
November 5,
2015
| Slide 2
Industrial Applications Examples of Power Systems
Grid stabilization and long
distance power transmission
with low power losses
November 5,
2015
| Slide 4
Industrial Applications Examples of Substation Automation
Continuous electrification and
load management of cities and
industries
November 5,
2015
| Slide 5
Industrial Applications Examples of Process Automation
Continuously stabilizing
unstable and unsafe
processes
November 5,
2015
| Slide 6
Industrial Applications Examples of Discrete Automation
High speed assembly,
packaging and palletizing
November 5,
2015
| Slide 7
A journey from electromechanical relays
to centralized control systems and
today decentralized control systems
Industrial Automation Where do we come from?
Many plants have two or three generations of systems in operation
November 5,
2015
| Slide 9
Industrial Automation The Control Pyramid
Several products and protocols in order to meet the
requirements
November 5,
2015
| Slide 11
Industrial Automation Fieldbus Communication, the “Things”
Proxies
to other
buses
•Profibus
•others
MV
DrivesMV
Switchgear LV
Switchgear
LV
ProductsDrives
Remote I/O
InstrumentationHV Valves
GIS
AIS
Distribution
trafoPower
trafo
Web HMI
Proxies
to other
buses
•Profibus
•others
MV
DrivesMV
Switchgear LV
Switchgear
LV
ProductsDrives
Remote I/O
InstrumentationHV Valves
GIS
AIS
Distribution
trafoPower
trafo
Web HMI
• The distributed control systems collect information from the
process in order to control and actuate using for example
• High voltage to low voltage switchgears
• Electrical machines ranging from MW to kW
• Process instrumentation and control valves
Installed multi billion equipment have an expected life time of up 20
years and only subsystems are upgraded due to cost issues
November 5,
2015
| Slide 12
Industrial Automation
Safety and Security
Protect people, properties and the environment
High availability
Fault tolerance
Run-time reconfigurations
Deterministic system response time
Even in case of failures or reconfigurations
Efficient deployment and maintenance
Scalable and interoperable
Basic Requirements
Often contradicting requirements!
November 5,
2015
| Slide 13
Safety vs. Security
Safety
Reduce the risk of damage to person, property or environment
All possible error cases are determined pre-runtime, and must not change over time
Examples: A faulty device causes environmental pollution or an uncontrolled chemical process
Security
Reduce the risk of unauthorized access or sabotage to a system
Security threats will change over time
Examples: A deliberate security attack causes loss of production or degraded production
November 5,
2015
| Slide 16
Safety vs. Security Why safety for industrial automation?
Because I care about the environment and worker safety!
November 5,
2015
| Slide 17
Safety vs. Security Why security for industrial automation?
Because I cannot unplug the correct network cable in time?
November 5,
2015
| Slide 18
Safety vs. Security The need for secure systems and communication
Firewalls
Intrusion Detection Systems
Access Control / User Account Mgmt
Antivirus
Whitelisting
Secure Communication
Code Signing
Classical security mechanisms are necessary, but no longer sufficient.
November 5,
2015
| Slide 19
Safety vs. Security
Why not applying security best practices from the IT
domain directly?
We do, but locking down systems for sake of security might
have a negative impact on safety
Patching 10.000 – 30.000 embedded systems in a plant
every year hamper the production rate
How to keep things secure with all different actors involved
over the complete lifecycle of a plant?
Maintenance and commissioning personnel are not crypto
experts, but process experts
They cannot enter a RSA key pair in a device or install digital
certificates on New Year’s Eve when the plant manager
demands full production after a component failure
Security Challenges
November 5,
2015
| Slide 20
Outlook and Concluding Remarks
Research, adapt and standardize new technologies
towards industrial automation
From a communication perspective, the volumes to
develop proprietary hardware solutions today are not
cost effective (leverage on standardized and high
volume hardware)
Flexibility, scalability, and maintainability are some of
the main challenges today (added value by new
technologies)
New technologies should improve on the system level
to add end-user value (cross-domain research)
Opportunities
November 5,
2015
| Slide 22
Outlook and Concluding Remarks
Customers expect secure systems but also expect it to ”come for free”. Are we willing to pay for privacy?
Audit trails are important, can we deploy this while preserving the end-users privacy? Will engineers be sued for malpractice?
In a Cloud or IoT scenario, equipment or data will not the physically protected as today, thus privacy solutions will be a key element to protect business information from 3rd party.
Two major requirements are safety and availability. In worst case, new technologies might have a negative impact on overall system availability.
Challenges
November 5,
2015
| Slide 23
Outlook and Concluding Remarks
The safest and securest critical infrastructure is the one that is never taken in to operation!
But that would be the worst multi billion investment ever…
In order to take the next leap in distributed real-time systems
we need flexible, cost efficient and long lived Cyber Physical Systems that control our critical infrastructure
But more important, just because we can add new technologies are the benefits worth the risks?
If so, how to guarantee the safety of people, property, and the environment?
November 5,
2015
| Slide 24