It’s Time to Rethink Machine Safety and Security

PB 25 Rockwell newlogo 400

March 30, 2021

By Todd Bissell, Commercial Programs Manager, Safety, Sensing and Industrial Control, Rockwell Automation

Digital technology continues to transform manufacturing. And as smart factory initiatives escalate, OEMs face new demands for highly productive, information-enabled machines that support digital transformation – and help maintain safety and security in a connected world.

Not so long ago, “productivity,” “safety” and “security” were viewed as separate machine considerations – often at odds with each other. However, in modern connected plants, they are indelibly linked. A security breach on an industrial control system can delay production, damage equipment, injure workers or harm the environment.

As a machine builder, you play a key role in helping manufacturers capture the benefits of connectivity – and mitigate risk. Thanks to new technologies – like smart safety and CIP Security – you can rethink your approach to machine design and step up to the challenge.

Smarter Devices. Smarter Safety.

Of course, machine safety has always been a critical consideration in your designs. But conventional machine safety systems provide little or no data.

For example, the system can notify an operator that a line has stopped, but cannot provide any information regarding the position or nature of the fault. So even an easily corrected safety fault – like a guarded access door being slightly ajar – can result in extensive troubleshooting and lost production time.

The key to smart safety – and better machine productivity – is more information. Smart safety takes advantage of digital technology and network connectivity to provide rich data that can optimize performance.

Simply put, smart safety controllers and devices acquire and process data – and can monitor and report on asset conditions in real time. They can communicate on the same EtherNet/IP™ network that runs the rest of the machine using a safety-based communication protocol – or built-in CIP Safety™ functionality, like this light curtain.

Smart safety devices provide diagnostic information that can deliver valuable insights, such as exactly where a safety-related failure is occurring or if workers are following standard operating procedures. What’s more, smart safety devices enable better visibility into operations – and deliver the information manufacturers need to make better decisions about how to improve their processes.

The result? Faster troubleshooting. More machine uptime. Higher throughput.

Safety and Security – A Critical Relationship

There’s no doubt about it. In today’s increasingly connected plants, cybersecurity also impacts safety and productivity. A bad actor who infiltrates an industrial control system can quickly cause devastating damage – from manipulating a process to compromising a safety system.

At the same time, more manufacturers are looking for ways to enable secure remote access to their equipment. Indeed, one lasting lesson from the COVID-19 pandemic is that remote access can be critical when on-site service options are limited.

The good news? Cybersecurity is a foreseeable safety issue – and risk mitigation is attainable. In fact, a cybersecurity strategy based on defense-in-depth is one of the most effective measures manufacturers can take to help protect their systems. And your machine designs can support their efforts.

Keep Security in Mind as You Design

Ultimately, cybersecurity risk mitigation is dependent on the defense-in-depth strategy implemented by your customers. Specifically, the IEC 62443 standard provides the framework to address and mitigate security vulnerabilities in industrial automation and control systems (IACS).

To mitigate risk, manufacturers must focus on strong policies, physical protections, network infrastructure and segmentation, and securing their equipment. At the outset, they must first define how secure their machines are – and many are demanding equipment that meets more stringent security protocols.

How can you meet your customers’ cybersecurity expectations? Design your machine control systems with security in mind. Your first step is verifying that the control system components you apply feature robust security profiles designed for industrial environments and in compliance with IEC 62443.

Make Your Machines CIP Security Ready

While your customers will no doubt use a variety of methods to help thwart cybersecurity threats, CIP Security is becoming an increasingly important way to reinforce a defense-in-depth strategy. To support this strategy, you can make your equipment “CIP Security ready.”

CIP Security helps provide a secure way to transport data – at the protocol level – on EtherNet/IP networks. A CIP Security enabled device can help protect itself from malicious communications in three important ways:

  •    –   Rejects messages sent by untrusted people or untrusted devices
  •    –   Rejects data that has been altered
  •    –   Helps prevent viewing of EtherNet/IP data by unauthorized parties

The most vulnerable access point to your machine is its workstation which always links to the control system. To help mitigate that risk, an increasing number of controllers, drives and communication modules have built-in CIP Security capability.

To improve access control, you can group devices with CIP Security within your machine – and create a “zone” or set of devices that share the same security policy.

What about machine control devices without built-in CIP Security? Typically, these components are “allow listed” to communicate with devices within the zone. But now you can achieve an even higher level of machine protection, thanks to this new CIP Security proxy.

A standalone hardware solution, the proxy is designed to help protect many of the EtherNet/IP control devices in use that don’t have built-in CIP Security capabilities. As a result, you can improve security not only in your new equipment designs, but in existing installations, too.

Source

Related Articles


Changing Scene


Sponsored Content
The Easy Way to the Industrial IoT

The way to the Industrial IoT does not have to be complicated. Whether access to valuable data is required or new, data-driven services are to be generated, Weidmuller enables its customers to go from data to value the easy way. Weidmuller’s comprehensive and cutting-edge IIoT portfolio applies to greenfield and brownfield applications. Weidmuller offers components and solutions from data acquisition, data pre-processing, data communication and data analysis.

Visit Weidmuller’s Industrial IoT Portfolio.


ADVANCED Motion Controls Takes Servo Drives to New Heights (and Depths) with FlexPro Extended Environment Product Line

Advanced Motion Controls is proud to announce the addition of six new CANopen servo drives with Extended Environment capabilities to their FlexPro line. These new drives join AMC’s existing EtherCAT Extended Environment FlexPro drives, making the FlexPro line the go-to solution for motion control applications in harsh environments.

Many motion control applications take place in conditions that are less than ideal, such as extreme temperatures, high and low pressures, shocks and vibrations, and contamination. Electronics, including servo drives, can malfunction or sustain permanent damage in these conditions.

Read More


Service Wire Co. Announces New Titles for Key Executives

Bruce Kesler and Mark Gatewood have been given new titles and responsibilities for Service Wire Co.

Bruce Kesler has assumed the role of Senior Director – Business Development. Bruce will be responsible for Service Wire’s largest strategic accounts and our growing Strategic Accounts Team.

Mark Gatewood has been promoted to the role of Vice President – Sales & Marketing. In this role, Gatewood will lead the efforts of Service Wire Company’s entire sales and marketing organization in all market verticals.

Read More


Tri-Mach Announces the Purchase of an Additional 45,000 sq ft. Facility

Tri-Mach Elmira Facility

Recently, Tri-Mach Inc. was thrilled to announce the addition of a new 45,000 sq ft. facility. Located at 285 Union St., Elmira, ON, this facility expands Tri-Mach’s capabilities, allowing them to better serve the growing needs of their customers.

Positioning for growth, this additional facility will allow Tri-Mach to continue taking on large-scale projects, enhance product performance testing, and provide equipment storage for their customers. The building will also be the new home to their Skilled Trades Centre of Excellence.

Read More


JMP Parent Company, CONVERGIX Acquires AGR Automation, Expanding Global Reach

Convergix Automation Solutions has completed the acquisition of AGR Automation (“AGR”), a UK-based provider of custom, high-performance automation design and systems integration primarily to the life sciences industry.

Following Convergix’s acquisitions of JMP Solutions in August 2021 and Classic Design in February 2022, AGR marks the third investment in Crestview’s strategy to build Convergix into a diversified automation solutions provider targeting the global $500+ billion market, with a particular focus on the $70 billion global systems integration and connectivity segments. Financial terms of the transaction were not disclosed.

Read More


Latest Articles

  • Implementing Functional Safety Requirements

    Implementing Functional Safety Requirements

    The Safety Functional Requirements Specification (SFRS; sometimes referred to as SRS or Safety Requirements Specification) is the plan for the safety controls on a machine and is the second step of the safety lifecycle. The SFRS document serves as a framework for the safety control system design, is informed by prior work done in the… Read More…

  • From Endress+Hauser, 24/7 Digital, Plant-Wide Health Monitoring for Rockwell Systems Optimizes Workflows and Processes

    From Endress+Hauser, 24/7 Digital, Plant-Wide Health Monitoring for Rockwell Systems Optimizes Workflows and Processes

    Endress+Hauser’s Asset Health Monitoring Solution–Rockwell Edition, now available for installation, provides operators with a centralized, digital overview of plant-wide device health to avoid unscheduled shutdowns and accelerate troubleshooting. It not only presents early visibility of problematic devices but distinguishes itself by adding likely causes and remedies to such a report so problems can be fixed… Read More…