To create and implement a security policy for transmitting IOT data securely to a service provider.
Interviews with stakeholders leading to a technical design and proof-of-concept. Production rollout followed.
Personnel and schedule:
Five consulting engineers plus support personnel; twelve months from project start to completion.
Challenges and results:
In this case, a major global manufacturer determined that it was forgoing very substantial cost savings because of concerns arising from data security and confidentiality. This specifically involved predictive analytics in large-scale assembly robots. The company wished to transmit robot telemetry to a trusted maintenance partner (also a well-known global company), but without leaking information that could be used to infer confidential details about the automaker’s production processes.
The cybersecurity maturity of the automaker was very high, and indeed we discovered no substantial security breaches or rogue devices in their wired, low-latency automation networks. (Their wireless networking, on the other hand, did exhibit a number of weaknesses which were subsequently remediated in a different project.)
The key problem was to enable a digitization effort that would integrate seamlessly with the existing plant architecture (based primarily on Allen-Bradley PLCs and associated industrial controls). Our engineering team worked closely with the automaker’s robotics partner and developed customized security technology that automatically generated subsets of robot telemetry data.
This required analysis and understanding of the actual application data, whereas most cybersecurity approaches consider very little beyond network-level metadata. Our custom software was able to “scrub” sensitive items of data From the robotics telemetry that was transmitted to the automaker’s business partner, while leaving the specific data points that were relevant for predictive analytics.