What the electronics industry must do to change that.
Ed.: This is the seventh of an occasional series by the authors of the 2019 iNEMI Roadmap. This information is excerpted from the roadmap, available from iNEMI (inemi.org/2019-roadmap-overview).
To realize the benefits and potential of the Industrial Internet of Things (IIoT) or move toward Industry 4.0, the industry must overcome several challenges ranging from securing the factory equipment used to produce secure IoT-ready products to defining the cobotic dialogue so collaboration between humans and machines can be used to drive innovation, while providing efficiencies with minimal workforce displacement in this industry and those of its customers.
Aside from technical issues, ethical, geopolitical, economic and regulatory issues may affect the current and future state of the industry.
To continue reading, please log in or register using the link in the upper right corner of the page.
Hackers have already wreaked havoc by infiltrating connected IoT devices. Paradoxically, they usually aren’t targeting device owners, who often remain unaware of security breaches. Instead, the hackers may simply use IoT devices as starting points for attacks directed against another target. For instance, the 2016 Mirai attack, which used IoT devices to launch a distributed denial of services against gaming servers, ended up attacking the Internet infrastructure, causing shutdowns across Europe and North America that resulted in significant economic damage. As the IoT base continues to show double-digit growth rates, security is simultaneously a major industry challenge and a significant opportunity.
To some industry customers, the semiconductor companies are obliged to develop solutions that strengthen IoT security. However, research suggests that four major challenges may prevent them from capturing the opportunities:
Gaps in technical sophistication. By nature, a complex system of connected devices opens the potential for many new attack vectors, even if each device is secure when used independently. Thus, any part of the overall system can be a target — from the ethernet cable to every jack, port, API connection, or stream of data.
Further, attacks may target the least sophisticated or least protected element of a system or may use a multipronged approach. As a result, innumerable permutations and combinations of vulnerabilities and the risks they pose must all be considered when implementing a security strategy.
Although several electronics industry segments may have a role to play in developing the robust, comprehensive security solutions needed for IoT or IIoT, it is not yet clear which segment will take the lead.
Standards are absent or immature. IoT and IIoT lack well-established overarching standards that describe how the different parts of the technology stack should interact. By example, some industrials still rely on a small set of proprietary, incompatible technology standards issued by the major players, while other segments, such as automotive or smart buildings, have at least rudimentary standards. This lack of standards and a standards architecture is likely slowing IoT and IIoT adoption or discouraging manufacturers from developing new technological solutions.
Customers and end-users view IoT security as a commodity. Although electronics producers and their customers consider IoT security essential, at this point in the maturity of mobile devices, like smartphones for example, security is often perceived as a commodity – a basic feature that does not merit higher prices. This creates a fundamental disconnect between the desire for security and the consumers’ willingness to pay for it. Unlike challenges that can be addressed solely with technology or standards, this issue also requires changing customer mindsets: in other words, convincing them security is worth additional cost.
Industry verticals. Since IoT industry verticals differ in many respects, their security challenges also vary by industry. Insufficient security technology in industrials, for example, relates to the large variety of legacy systems in the field, as well as a lack of standards. In many businesses, operations largely depend on older computer systems and dated machinery. When companies connect those legacy systems to the Internet, they often struggle to maintain security or find it impossible.
To resolve the issues with legacy systems, leaders might consider implementing compensating controls, such as ring-fenced networks or redundant sensor networks. Within niche applications for specialty equipment, OEMs typically create tailored solutions for their customers. In many cases, however, they have little incentive to provide IoT or IIoT security features that may drive up the cost of their solutions. Thus, the situation will not change until end customers specifically demand such applications and the security that goes with them – a trend that will take time to gain momentum.
In summary, the IoT security challenge is complex, providing opportunities within the middle layers of the technology stack and between application and hardware, such as software infrastructure, gateway communication, and communication protocols.
Architectural Framework Needs
Although there are different schools of thought on why digital initiatives so often fail, the consensus seems focused on two areas: human capital, where fear of change and organizational structure are the root cause, and/or the “shiny new object” syndrome, mismatching the desired outcome (use case) with fragments of emerging or immature technologies.
Aside from the above, evidence suggests that in the case of electronics manufacturing, what is really missing is the means to create and pull the digital thread from concept to consumer (ideation to product disposal): in short, an architectural framework that supports the four design principles of Industry 4.0 (interoperability, information transparency, technical assistance and decentralized decisions) and provides the pathway to phase in the capabilities for advanced manufacturing.
FIGURE 1 is a diagram of what such an overarching IIoT framework might look like.
An Industry 4.0 architecture could address another critical issue: the need to support the bidirectional flow of information between maker and user, as well as accommodating data streams from customers and suppliers. Without this cohesive framework across the industry’s segments or sectors, no digital thread can be pulled across the electronics ecosystem by any stakeholder group. This leaves the electronics industry and the sectors it supports digitally fragmented, creating an opportunity for those sectors, some of which are returning to vertically integrated manufacturing models to reap the benefits of digitalization from within (FIGURE 2).
The step from digital to physical – or connected, digital technologies to the creation of a physical object – are the essence of Industry 4.0. While it is said it takes a village to raise a child, it also takes an ecosystem to realize the benefits of IIoT and Industry 4.0. Thus, it’s vital to use digital information from many different sources and locations to drive the physical act of manufacturing with the desired flexibility, production, quality and cost-efficiencies. To accomplish this objective requires unifying the information technology (IT) and operations technology (OT) silos. This problem is far from new: OT, such as manufacturing execution systems (MES), factory automation and shop-floor systems, has been siloed and somewhat separate from IT for decades.
, is CEO, Connektedminds. is program manager, NIST on a Chip, and associate director, Physical Measurement Laboratory, NIST. They are chair and co-chair, respectively, of the iNEMI Industrial Internet of Things product emulator group.