Control Engineering Software eNewsletter for June 2003
Industrial Operations Security
Software security at both the home and corporate level was a predominant issue long before September 11. Since then, the threat of terrorism targeted at industrial facilities, coupled with the increasingly open and interconnected nature of industrial automation, has brought the issue of plant floor software security to the forefront. Despite the good intentions and concerted efforts of numerous parties to address these issues, many still remain to be resolved when it comes to securing the plant floor. Three important ones are:
Enterprise IT security solutions are not designed to run on control system networks, which typically operate at 10MB. Enterprise systems run at 100MB or more;
Firewalls don't protect against many of the attacks, particularly internal ones, that threaten control systems; and
Anti-virus software cannot run on control system application servers.
As with any unfulfilled need in a free market, companies are looking to fill that gap. One of the early entries into this fray is Verano, which is launching its Industrial Defender Solution Suite this week. With a 12-year history of providing mission-critical plant control and monitoring solutions to the power, energy, transportation, and utilities markets, Verano is taking the next step by introducing this suite of software that it claims will address the five phases of mission critical security best practices per the NIST, NIPC, Department of Homeland Security, Argonne National Labs, Sandia National Labs, and Pacific Northwest Labs.
These five phases are:
The suite consists of three modules: Watch , Guard , and Control . Watch, available now, is installed as an appliance at the control network layer on SE Linux (running on an IBM X-Series server) and monitors logs and performance, fulfilling the monitor, detect and notify steps. Guard and Control, to be launched before the end of the year, will round out the suite by addressing the protect and recover requirements, respectively.
According to Brian Ahern, president and CEO of Verano, the Industrial Defender Solutions Suite is platform agnostic and runs on automation systems from vendors such as ABB, Emerson, Foxboro, and Honeywell. Ahern says each of these vendors could offer similar security solutions, but it would require them to redesign their systems-an issue Verano can sidestep by offering an independent solution running on a separate server.
For more information on secure industrial systems, see Control Engineering's March 2003 cover story: " Get Safe: Prepare for Security Intrusion ".
Automation architecture of the future?
Although it has elements similar to the collaborative manufacturing models released by AMR Research and Gartner over the past two years, ARC Advisory Group has developed its Collaborative Discrete Automation Systems (CDAS) vision to describe a reference architecture that provides a model for manufacturers to benchmark and gauge production process requirements, methods, and emerging technologies against the products and services that automation suppliers offer now and in the future. Where the AMR and Gartner models focused more specifically on the enterprise level systems, ARC's CDAS will likely have more immediate interest to control engineers due to its focus on plant floor issues such as equipment capability and capacity as well as product design.
According to ARC, the vision of the CDAS architecture provides a framework that spans the production process from the equipment level to the business systems at the enterprise level, leveraging interoperability and common standards. Such enterprise-wide connectivity remains a major issue for manufacturers, despite the failure of early ERP systems to deliver on their promise because outsourcing, globalization, lean manufacturing, and time-to-market pressures continue to require the convergence of IT and production systems.
ARC claims that, due to these pressures, information is increasingly becoming the engine that runs the production line across all of the discrete industries. Companies are moving from solely manufacturing-focused methods and processes to a more extended production environment that involves much more than automated equipment, machinery, and production lines.
"It has become increasingly evident that the manufacturing enterprise cannot continue to operate as a group of independent functional organizations that have separate goals, processes, methods, technologies, applications, and systems," says Senior Analyst Dick Slansky, the principal author of ARC's Collaborative Discrete Automation Systems (CDAS) Study.
Interesting times for large enterprise vendors
June began with two huge announcements in the world of enterprise software. The first piece of news to hit the streets was that PeopleSoft had agreed to purchase J.D. Edwards . This news was followed a day later by the announcement that the investment group behind SSA Global Technologies had purchased Baan from Invensys .
That's when things got really interesting. A little more than a week after the PeopleSoft/J.D. Edwards announcement came news that Oracle was looking to make a hostile take-over bid for PeopleSoft-a clear attempt to scuttle chances of a PeopleSoft/J.D. Edwards merger and ensure Oracle's place as the second largest enterprise application vendor (Germany's SAP is the largest).
Prior to Oracle's move, PeopleSoft planned to purchase J.D. Edwards for $1.7B in stock as a means of extending its reach more deeply into the manufacturing market, according to AMR Research . PeopleSoft is largely known for its human resources capabilities. The combined entity of PeopleSoft and J.D. Edwards would have 11,000 customers, 13,000 employees, and an estimated $2.8B in annual revenue, which includes a substantial amount from maintenance and service revenue. Under the agreement, J.D. Edwards would operate as a wholly owned subsidiary of PeopleSoft in a 25% to 75% ownership split.
Oracle's hostile takeover bid for PeopleSoft was for $5.1 billion or $16 per share.
Reaction to Oracle's bid was strong and swift. Almost immediately, PeopleSoft's stock rose to more than $18 a share, making Oracle's bid virtually obsolete. However, at press time Oracle continued to push forward with its takeover bid despite legal threats and Wall Street's insistence that the bid price be increased.
Currently, voices are raised on all sides of the issue. Both PeopleSoft's and J.D. Edwards' CEOs have spoken out against Oracle's hostile bid, calling it a ''stunt'' and raising ''serious anti-trust issues.''
Meanwhile, SAP is taking advantage of the ruckus among its competitors by launching a global ad campaign directed at customers of the three vendors caught up in the dispute. At least initially, it appears that SAP is benefiting the most from all the squabbling. In the days following Oracle's bid announcement, SAP's stock had risen more than 10%.
Stay tuned to Control Engineering Online and this newsletter (which begins monthly distribution in August) for what promises to be plenty of interesting news in the days and weeks ahead.
In less splashy news, for $135 million (roughly 18% percent of Invensys' cost to buy Baan), the venture capitalist groups behind SSA Global Technologies were able to purchase Baan from Invensys and add it to their stable of ERP systems, including BPCS (SSA's own), Infinium, and PRMS, CAS, MANMAN, MK, Masterpiece, MAXCIM, and KBM from Computer Associates.
Engineers at companies using any of the aforementioned ERP systems should take note to be watchful of potential enterprise level changes that could affect the plant floor.
New engine for Real-time Performance Management (RtPM) platform
OSIsoft has released a next-generation engine for its recently introduced Real-time Performance Management (RtPM) platform. The RtPM core is based on the PI System, used in real-time information management systems for nearly 20 years. OSIsoft completely rebuilt the PI System Server to perform over 10 times the scalability and 5 times the reliability of the previous generation system.
According to OSIsoft, the new performance metrics for version 3.4 include support for more than one million data points per PI Server, support for over 500 simultaneously connected users and up to 80,000 events per second throughput for storage into the archive. Additionally, multi-threading techniques ensure timely access for all connected users, regardless of the complexity of the query.