Compliance & Risks
Supply Chain Disruptions changes factory 2 Remote
This series of blog posts explains essential cybersecurity for the crucial reconstruction of supply chains. This part considers "remote" from the three types:between sites (outside the site), between buildings within a site, on the production floor.
Save to Folio
Posts in this series
In Japan, the term "sangen-shugi" (three actuals) is used to express the mindset toward operations in manufacturing industries. The concept regards the acts of going to the actual place ("genba"), looking at the actual things ("genbutsu"), and observing the facts ("genjitsu") to be important. This attitude toward solving problems can to said to have supported fundamental improvements in production quality, costs, and delivery times that could not be achieved through mere desktop studies and discussions.
Given the restrictions on the movement of and contact among people due to COVID-19, great changes in business operation processes are required to "remotely" solve problems on the basis of the three actuals.
This part considers "remote" from the following three perspectives:
- Between sites (outside the site)
- Between buildings within a site
- On the production floor
Business operations between sites, and remote work for factories
Because the pandemic has caused severe restrictions to be placed on international travel in various nations around the world, companies have been forced to stop business trips and dispatches of engineers across borders. This is a critical situation for manufacturing industries, in which dispatched engineers cooperate with onsite engineers to solve problems in factories. As of October, international travel restrictions and quarantine requirements have gradually been eased. However, in June, the restrictions were so strict that semiconductor manufacturers in various nations released a joint statement demanding an easing of such restrictions.
On the other hand, some manufacturers seized the opportunity to expand remote technical support using digital technologies. For example, in some cases, AR technology was used to support engineer training and maintenance work.
Although remote work to reduce commutes and contact was started chiefly for office workers' office work, application of remote work to factory operations is now being considered. The day is approaching when remote work will not be a special case; for example, a manager will carry out process management and operation state monitoring tasks at home, and provide instructions from home to the factory.
The network infrastructure to support the new work style described above must maintain the same performance as that of onsite work and ensure security. We think that many organizations have expanded their data center network capacities and use of cloud services during the pandemic. Various vendors have been using the term "zero trust" recently when describing network security. In August 2020, NIST released the final edition of SP800-207 (Zero Trust Architecture). The term appears to be used often in the context of rejecting or excluding the conventional boundary defense model. However, the NIST document states that although it is desirable to transition from conventional zone-base security to a model that continuously ascertains the validity of access to resources, the reality is that many organization will adopt a hybrid architecture in which the zero trust architecture will coexist with conventional environments, and in such cases, boundary defense functions such as segmentation will be required.
Business operations carried out between buildings within a site
Some factories are so extensive that we can call them towns. For example, TOYOTA's Honsha Plant has an area of 550,000 square meters, which is as big as 78 soccer fields. Volkswagen's headquarters in Wolfsburg has an area of 6,500,000 square meters, and busses and trains are operated on the premises. On such large premises, the office building where system administrators work is often distant from the factory buildings. System administrators must go to distant sites to test systems, carry out network maintenance, and solve problems. When there are many factory buildings, system administrators sometimes make the rounds. Therefore, to operate systems efficiently on large premises, there should be tasks for controlling and monitoring the systems from a remote site. At some production sites, remote control and monitoring are required for safety.
When reviewing the network operation of the entire site from the perspective of cyber security, one thing to pay attention to is trouble isolation. In a factory where countless processes are operated, equipment failures are daily occurrences, and cyber threats are not rare today if one includes minor threats. Systems and mechanisms are required to determine whether a system abnormality is caused by an equipment failure or is an early stage cyber incident, and to deal with the trouble remotely.
Wireless communication on the production floor
One requirement for smart factories is flexible production. Traditional production system models include the line system, which is suited to low-variety mass production (serial process for each product); the job shop system, which is suited to low-volume high-variety production (group for each process); and the cell system, which lies between the previous two models (process centered on workers). In any system, the floor layout is carefully designed so that humans, things, and information move without waste to improve production efficiency. When the layout is changed due to the production plan or to improve efficiency, equipment is moved and cables are wired after coming up with a well-thought-out design. However, to support mass customization due to the diversification of needs and to promptly respond to fluctuations in varieties and quantities, a new approach has been sought. This led to the flexible layout production model. As a technology to implement a wireless environment, 5G technology, especially private 5G networks that enable a company to construct its own private network, is attracting attention.
To control and monitor many AGVs (Automated guided vehicle), industrial robots, and measurement instruments on a production floor via wireless communication, 5G's low latency and massive connectivity are attractive. In this case, latency depends on two factors: the distance between the device and the computing resource, and the computing resource's processing time. Edge computing is the concept of placing a special computing resource near devices, and this is referred to as Multi-access Edge Computing (MEC). Massive connectivity is achieved through a network virtualization technology called network slicing, which virtually allocates network capacity and functions to reduce wasted bandwidth. To construct a flexible layout environment using a private 5G network, it is desirable to consider security suited to the 5G architecture, such as MEC and network virtualization, in addition to device security.
Trend Micro has released a list of best practices that includes a method for improving efficiency in security operations of smart factories suitable for operations at large-scale sites as well as countermeasures associated with the use of private 5G networks.
For the details, refer to the following.
The next part considers security from the perspective of smart factory "capital expenditures."