Industrial control systems are converging with Big Data
Within the last 10 years, industrial automation has evolved to become driven by large amounts of data due to technological innovation and advancements of the Industrial Internet of Things (IIoT). With all the industrial data being routed through networks, the growing inter-connectivity of networks, and escalating threat scenarios, it is becoming increasingly difficult to segregate and protect industrial control system (ICS) platforms from both external and internal threats.
Cybersecurity approaches need to be designed around a Big Data approach to provide run time intelligence on the network traffic and packet behavior in order to safeguard organizations from threats and attacks. Business intelligence (BI) solutions used to focus on internal structured data and rule-based analytics, and processed that information to support decision-making within enterprises. Big Data is designed to increase the range and variety of data that can be analyzed so additional context and insights result in better decision-making, process optimization, and security awareness.
Big Data scales in size and speed in a predictable and straightforward way so business analytics reporting tools can grow organically. Speed is critical to this process. To decrease time to actionable results, Big Data may provide an advantage by adding a real-time view capability that can enable operational, engineering, and supervisory personnel to be more responsive in the day-to-day situations.
Big Data approach
Raw data is not very beneficial unless it is turned into knowledge. Data needs to be analyzed and applied to the benefit of decision-makers, the industry sector, and the architecture of the network. The response to this need is software-based analytics and decision tools suited for industrial operations management solutions. With a Big Data viewpoint, companies can visualize the quantities of data they collect to drive improvements to products and processes.
The foundation of any Big Data architecture that leverages ICS data is the historian and the infrastructure that complements the historian to feed real-time data for aggregating and representing data to a process platform for Big Data analytics. One must not overlook the need to have a reliable sensor data infrastructure that is integrated in the equipment and systems that provides connectivity to fuel Big Data analytics.
Big Data implementation and architecture must ensure that the communication infrastructure to the sensors is sophisticated enough to allow forensic investigations for incidents. Networks and functional business units determine Big Data. As more sectors use these information-based resources, more data will be generated, which can provide an advantage to an enterprise.
With increased deployments of digital platforms within the industrial sector such as fieldbus—which is seen as a key industrial automation technology that helps industrial facilities achieve major increases in efficiency and cost effectiveness—the next evolution of the industrial digital platform is to allow new ways for industrial facilities to connect and create additional value. This capital-intensive sector owns long life cycle assets that are critical and require significant monitoring and maintenance throughout their service life.
Just as fieldbus digital solutions were selected by companies to improve productivity and reduce total cost of ownership (TCO) by maximizing the availability of plant equipment and facilities, so shall the selection of a Big Data platform. A Big Data platform, designed to bring new value to the treasure of data coming from these high value assets and the processes they operate, will allow for a new era of productivity gains and industrial information-based services.
Companies and solution providers should work together diligently to understand the work environment to ensure that they can handle the complexity of Big Data and unstructured data, which exists throughout many organizations. There will be very large volumes of operator logs, cyber logs, event logs and meta-data from streams of network monitoring and packet level analysis, which also is providing real-time monitoring, intelligence and incident response against an increasingly broad range of cyber-attacks.
Cyber situational awareness
Continuous monitoring of the operational system data traffic by the collection of real-time data will allow the detection of unfamiliar activity through a machine learning modeling ability. This provides owners and cyber-security auditors unprecedented detection capabilities and visibility regardless if it’s a cyber-attack, an operational malfunction, or an incident. Capture and analysis solutions allow for every packet flowing through the network to be captured and analyzed in real time. Packet protocol layers can be broken down to ascertain the destinations and details of every packet.
By analyzing every packet, normal traffic patterns can be developed, giving detection of deviations a greater probability of occurrence. There are security challenges that exist with Big Data environments that should be mitigated against, by using security solutions that can keep up with the continuous evolution of non-relational databases, security measures for automated data transfers, ensuring a high occurrence of data validation for trust, origin and accuracy, measures against unethical behaviors related to data mining, access control encryption, and having a detailed audit process that can manage the enormous amount of data.
Six benefits of Big Data
ICS vendors or ICS solution providers that can demonstrate the ability to aggregate disparate sources of data and analyze to discern patterns that are easy to implement and allow end users to make better decisions will define the new baseline for competition and growth that creates significant value for the world economy. Implementing Big Data solutions can be difficult given the information that must be gathered is from many remote sites, sensors, and systems and can require considerable cost, time, and engineering expertise.
Big Data can be leveraged to:
- Make information more transparent
- Gain additional detailed performance information that spurs innovations and increases quality
- Utilize refined analytics that minimize risks and discover insights that would not have been visible
- Implement theories and analyze those results in controlled experimental environments that guide investment decisions
- Augment staff with real-time operations centers that include automation and analytics—risk management is increased and downtime is minimized, resulting in 15% staffing reductions and 5% production increases.
- Revolutionize the supply chain management, demand forecasting, integrated business planning, and supplier collaboration and risk analytics.
Lack of knowledge, confidence
Not everyone has bought into the idea of data analytics and the benefits. In a recent survey, more than a quarter of companies polled stated they don’t have any current plans to invest in Big Data and/or IoT within the next few years.
Some respondents noted they do not have sufficient knowledge to justify the costs related to this technology. Others cited a lack of resources and time. Over half of the survey respondents reported they already have cost-effective, reliable systems in place to ensure safety and success and their companies are growing without Big Data.
While advocates tout Big Data being as a vast wealth of knowledge that can improve operations, skeptics see Big Data expanding the cybersecurity attack surface without sufficient defense layers.
A challenge in becoming productive with Big Data is deploying powerful visualizations that capture all the available data to allow multi-structured and iterative discovery that reveals information without the need for directional queries.
Keywords: Big Data, industrial control system
Big Data scales in a predictable and straightforward way so business analytics reporting tools can grow organically and speed is critical to this process.
The foundation of any Big Data architecture that leverages ICS data is the historian and the infrastructure that complements the historian to feed real-time data.
Providing powerful visualization is a challenge for becoming productive with Big Data.
What other developments will help Big Data realize its potential on the manufacturing floor?
About the author
Anil Gosine has over 18 years of construction management, operations, and engineering experience within the industrial sector with a primary focus on electrical, instrumentation, and automation process and systems in the U.S., Canada, and Central America. He has been involved heavily in the utility industry for over 11 years, engineering, implementing, and managing a wide range of projects, utilizing a wide array of products and control system technologies within this industry segment. Anil is an active member of several professional organizations and independently participates in industry forums and technical committees for infrastructure development, industrial automation design and implementation, data analytics, and cybersecurity processes. Anil is the global program manager for global industrial projects with MG Strategy+ and leads the Strategic Efficiency Consortium Security Workgroup with specific focus on cybersecurity metrics, threats, vulnerabilities, and mitigation strategies for ICS and security intelligence and analysis.