Securing the Machine-Connected Supply Chain

Today’s supply chains are entering a new era of automation with blockchain, artificial intelligence (AI), and the Internet of Things (IoT) all jostling for the attention of global CIOs. These disruptive technologies will transform supply chains into highly connected and intelligent digital ecosystems that will foster improved collaboration. However, securing digital ecosystems will always be a challenge and the need to invest further in cybersecurity efforts is more important than ever before.

Manufacturing environments have become incredibly complex as advanced robots are introduced to production lines around the world. We are a ways off from seeing ‘Terminator style’ production robots in the work place,like those seen in the franchise’s third movie, “Rise of the Machines”, but production robots are becoming more complex, intelligent and self-aware by the day. However, as future robots or any AI enabled piece of equipment, connect to the enterprise, there is always the associated risk that external hackers can infiltrate the network through these devices and thus gain access to sensitive design information relating to the products that are being assembled.

Identity and access management (IAM) solutions have traditionally provided secure single sign-on capabilities for employees to get access to internal enterprise resources, but this technology can also be applied to allow external stakeholders to have secure access to internal enterprise resources and to secure connected devices as well. However, as the number of connected devices grows exponentially, companies will need to find a way to manage and navigate around these device identities in a more efficient way. 

A potential solution to managing these connected devices is to associate an ‘avatar’ style profile to each connected device. The avatar profile would contain a unique identity for each connected device, a description of its capabilities and its mode of operation. This would allow users to visually keep track of all connected devices across each environment and provision/de-provision these devices securely from the enterprise network.

Applying avatar profiles to connected devices may seem like fantasy but Rolls-Royce Aerospace recently voiced they are set to achieve exactly this through its ‘Facebook for Engines,’ a Facebook style environment for managing all connected devices within their engines. Not only can this help to secure these connected devices, but new AI related processes such as predictive maintenance could be managed through this type of environment. But how exactly would this work?

Let’s illustrate this with an example of a connected piece of construction equipment, an excavator. Just as your Facebook profile lists the number of friends you have, the Facebook for Machines portal would list the number of similar excavators that exist on the market. The portal would also provide a list of the connected devices and sub-systems within each excavator. So, just as you are able to explore your network of friends on Facebook, you would be able to explore all the connected devices within the excavator as each and every connected device would have its own profile page. 

Now if a problem occurred with a part within the excavator, for example the air filter in the engine becomes blocked, a pre-configured message from the connected engine would be posted on the excavator’s profile home page to reflect the issue, e.g. ‘Air filter blocked, replace immediately – with XYZ Corp. Filters . Similar to tagging friends in Facebook posts, the engine would tag XYZ Corp. Filters, automatically notifying them that a new air filter is required to be fitted to this particular engine. Therefore, a procurement process would be automatically triggered, and a purchase order raised and then transmitted across the company’s business network to XYZ Corp. Filters. A replacement filter could then be shipped out to the location of the excavator where a service technician would replace as required.

There are several technologies available today that could enable this concept. IoT/IAM platforms, AI solutions are available already and an avatar-based identity management portal could be developed to manage connected devices in a visual and user-friendly way. While the above example relates to an excavator, the connected device could be a robot on a production line, production equipment, utilities infrastructure, inventory management systems, or simply any device connected to an enterprise network. 

Improving cybersecurity will continue to be a high priority for many companies, especially among the digital eco-system. Implementing an identity-based approach to managing connected devices, and the information coming off of these devices, will grow exponentially as more connected devices enter the extended enterprise. The ‘machine connected supply chain’ is certainly emerging and although we may be some time away from seeing a Terminator style ‘Skynet’, the building blocks to achieving an identity based connected ecosystem certainly exists today.

2 comments on “Securing the Machine-Connected Supply Chain

  1. Fichter
    August 23, 2018

    Information security sits at the top of the agenda for almost every CIO but its role has subtly changed. Sure, we want to make sure nothing bad happens to our data or network. This will always important. The connected supply chain is one of the best examples where security underpins how you can work with customers, suppliers and other trading partners essentially, it is possible to share information with those who need it more easily and securely than ever.

  2. alyssacaroline
    August 25, 2018

    This is good and I am feeling well here.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.