Panel Builder System Integrator

Mica data transmission 400

 

April 30, 2019

By Thomas Holthöfer, Regional Digital Marketing Manager, HARTING Deutschland

The large variety of machines and plants that has mushroomed over many years is increasingly being networked for monitoring and maintenance purposes. The threat posed by cyber-attacks is highly problematic in the face of old systems and their data connections which lack their own protection mechanisms. This is where HARTING comes in with its MICA® Edge Computer.

HARTING’s MICA® Edge Computer enables machines and systems of any kind to be integrated into an IIoT system. As a result, services such as condition monitoring, predictive maintenance and determining KPIs such as OEE (Overall Equipment Effectiveness) are now possible for existing plants and equipment as well. Depending on the application, suitable interfaces and the appropriate software are combined with the MICA® to form a solution package.

When integrating existing systems into a network, besides the availability of plant interfaces the security of connections and data poses the greatest challenge. Given this, HARTING has developed special protection mechanisms for the MICA® mini-computer and enhanced it with security solutions developed in its MICA partner network.

Major cyber risks for machinery and facilities

A variety of recent studies confirms the growing number of cyber-attacks. Know-how at medium-sized production companies is an especially attractive target. According to the VDMA study "Cyber Risks in Mechanical and Plant Engineering", the majority of companies are not adequately prepared for attacks. The protection that is in place is inadequate and outdated, and consequently there are threats in the form of business interruption and the loss of confidential company data.

This is where the MICA® and the enhancements developed in the MICA partner network come in. The MICA® enables medium-sized businesses without large IT departments to securely connect machines and systems. Protection comprises five core elements:

  • MICA®-provided protection due to a secure operating system
  • Holthofer mica 400Protection of applications in the MICA®
  • The use of secure protocols
  • End-to-end encrypted data transfer
  • Protection of applications

One MICA network partner is Berlin-based Infotecs, a leading international IT security provider and specialist in software-based VPN solutions. Combining the MICA® and Infotecs’ security solutions permits e.g. the remote control of wind farms, video transmission of final quality inspection in remote production facilities, the management of remote maintenance access, and early scheduling of maintenance work. With Infotecs’ solution, data transmission between the MICA® and a remote peer is protected by a bug-proof and tamper-proof VPN connection (Virtual Private Network) and encrypted end-to-end. "The starting point for our security solution is the MICA. The MICA is particularly robust and secure for the industrial environment," explains Josef Waclaw, CEO of Infotecs.                                          (Thomas Holthöfer)

Securing the MICA® against attacks

The MICA® is a mini-computer with network connection. The computer has a Linux-based operating system and virtualised application environment consisting of Linux containers. The MICA® operating system is designed to be very slim and contains only the software elements required to operate the MICA®. This in itself eliminates numerous potential attack vectors. For example, the MICA base system does not include package managers, e-mail clients or other services that are often attacked by hackers. The MICA® base system is also inaccessible to users and administrators and cannot be modified by them.

The applications on the MICA® run in separate, virtualised Linux containers. They are designed so that processes or applications cannot gain access to another container or to the operating system. While the MICA® operating system is provided by HARTING, containers can also be developed by third parties, e.g. in order to provide security applications.

End-to-end protection of data transmission from applications

ViPNet software from Infotecs was developed as a MICA container and acts as a virtual security gateway for the MICA’s other application containers. When the applications send data, the latter are picked up by ViPNet, encrypted and sent to the equally protected peer. This can be another machine at the same location as well as a remote peer in a remote network, for processing of the process data.                                                                                                        (Infotecs CEO Josef Waclaw)

CEO mica

Infotecs CEO Josef Waclaw emphasises that additional safety requirements should be considered in industrial applications. Standard networking applications typically work with web servers vulnerable to cyberattacks. Waclaw cites problems with buffer overflow, insecure protocols and man-in-the-middle attacks. Consequently, ViPNet software does not use web server technologies. Another difference mentioned by Waclaw is that standard VPN solutions with asymmetric encryption have been developed for office environments. The keys and certificates are first exchanged in the network and a secure connection is then made to the complete network.

"However, for the security of an industrial production environment it's important to establish a connection solely to a single machine, rather than immediate access to the entire network. We achieve this through a direct connection that is symmetrically encrypted end-to-end," the Infotecs CEO said. The remote peers are also equipped with symmetrical keys, and only those data packets where the key fits are opened. This procedure does away with the necessity of exchanging keys via the network and the subsequent verification of certificates. This is advantageous e.g. for connections via mobile communications, since no additional delays are caused by renewed exchange of keys in the face of more frequent disconnections. "The solution, in combination with the MICA, protects sensitive equipment and industrial applications. The software is set up once, and no in-depth IT skills are required," Waclaw summarises the concept.

Security solutions for industrial applications

With the MICA.network, HARTING has set up a user organisation around the MICA® Open Computing Platform. A partner network has emerged here that provides solutions for e.g. factory automation, logistics, ERP connectivity, IoT and embedded systems, predictive maintenance and a wide range of security solutions. Berlin-based Infotecs is one of these partners. Perfact and krumedia are among other partners with solutions in the area of data protection.

Remote maintenance solution with central service portal

PerFact::MPA (Meeting Point Architecture) was specifically designed in-house for efficient and controlled collection and troubleshooting malfunctions via remote maintenance. It enables the secure and easy setup of a remote connection to a machine. If a problem occurs on a machine, with the push of a button the customer connects the machine via the internet and the service technician receives temporary access to the machine’s controls.

Secure data transmission over public networks

krumedia’s SeComBo Suite enables the secure and dynamic networking of individual network subscribers or complete networks via public networks. This is possible even with restrictive security requirements in company-owned infrastructure and data transmission paths. The focus is on ease of use and complete transparency for the devices involved, so that any network subscribers can use these services. Central administration is web-based and requires no additional software.

Changing Scene

  • Prev
  Phoenix Contact Canada is pleased to announce that Roger Hallett has accepted the ...
  Machine designers are required to design safety into more industrial systems than ever. ...
Pilz Canada officially opened their Canadian Facility surrounded by Industry Partners, colleagues ...
Allied Electronics & Automation has announced the addition of the new TM Series of ...
Cybertech Automation is proud to announce the expansion of services into Texas, Pennsylvania and ...
Eclipse Automation recently announced the acquisition of D&D Automation, located in Stratford, ...
The Automation and Controls industry landscape is a very dynamic one in which technology, customer ...
Onyx Engineering has been registered to Intertek's ETL Panel Builder Certification Program for ...

One of Canada’s largest wastewater treatment plants at Annacis Island provides secondary treatment to approximately 175 billion litres of wastewater every year for over 1 million residents in 14 municipalities. After almost 20 years in operation, the variable frequency drives supporting the critical pumping systems for the primary treatment and secondary treatment facilities had to be replaced to ensure that the plant’s high operational availability and reliability will not be compromised in serving the plant, the surrounding municipalities and the environment. Metro Vancouver Regional District chose to deploy Rittal’s enclosure and power distribution solutions with E-plan software to efficiently support vital infrastructure improvements by reducing equipment replacement times and thereby minimizing risk to plant operations.

PB 25 Phoenix ControlCabinet 400

Phoenix Contact will provide you with support as your reliable partner in the optimization of your processes in control cabinet manufacturing.

Phoenix Contact provides you with holistic solutions in a cooperative partnership, based on their products, services, and experience. Digital data is used consistently, processes optimized, and time saved. The PROJECT complete planning and marking software supports your entire control cabinet manufacturing process. The program provides you with an intuitive user interface that enables you to individually plan, automatically check, and order terminal strips.

Thanks to optimized interfaces, you can easily integrate data from common CAE systems. This enables you to save significant amounts of time in the overall engineering process. Read More


 Like many cyclical industries, mining is reviving, driven by steady global economic growth and an increasing demand for materials to support new technologies like electric vehicles, renewable energy and mobile devices. Despite the optimism, the industry still faces major operational challenges including process efficiencies, cost control, worker health and safety, and skills gaps. To address these challenges, Rockwell Automation introduced The Connected Mine, leveraging the latest enabling and digital technologies.

Utilizing advanced analytics, The Connected Mine helps mining companies collect and aggregate data to gain end-to-end visibility into their operations and make informed business decisions to improve mining operations.

Read More

PB 25 Rittal MarineWaves 400For almost a half a century Canal Marine & Industrial of St Catharines, Ontario has provided electrical design, engineering and services around the clock to the merchant marine, naval and coastguard fleets in Canada and the rest of the World. In recent years, Canal has become a leader in the design and supply of marine hybrid power and propulsion systems. These systems utilize alternative methods for supporting propulsion and the vessel’s electrical power plant, so that fuel consumption and emissions are reduced.

Great Lakes Towing of Cleveland, Ohio (popularly called “The Towing Company”) operates the largest and most experienced U.S.-flag tugboat fleet. The Towing Company is a significant marine operations link in North America’s U.S. Great Lakes-Saint Lawrence Seaway marine transportation network, the fourth seacoast of the United States, an operating area that extends over 8,300 miles of shoreline, encompassing a water surface area of roughly 100,000 square miles. Read More

HARTING Electronics: Circular Connectors – A Round Thing

Circular Connectors 400

Jonas Diekmann, Technical Editor at HARTING Electronics

The metric system of units was introduced for the first time in 1793 during the French Revolution and is used even today in almost all countries worldwide. The metric round plug connectors are also based on this system of units and are a known standard in raw industrial applications. In various diameters and codes, they are a reliable connection for the three lifelines of industrial applications. Data, signals and performance are essential for drive, control and communication. The typical round appearance with the thread for screwing in is a success story up to the present. But classics often also still reveal unexpected potential. With its new PushPull Locking and Com-Lock HARTING is making two round guild models ready for the future.

Metric round plug connectors are some of the most widespread interfaces worldwide, when it comes to cabling for machines, industrial plant and devices under demanding conditions of use.

Read More

Rockwell SleemanTen years ago, tourists looking for a taste of the local life in Southern Canada may have asked for one of the region’s best wines. Today, it’s all about craft beer.

From entrepreneurial newcomers to large-scale producers, brewers in Canada are cashing in on the thirst for craft beer. The number of microbreweries – ­producing less than 25,000 cases of 24 – has more than doubled in the last seven years.

The explosion in craft beer popularity had one company – Sleeman Breweries – bursting at its production seams. The third-largest brewer in Canada, Sleeman brews and distributes popular beers from lagers to pale ales.

 Read More

 

Product News

  • Prev
IEC 60079-14 requires that ‘Ex d’ installations in explosion-hazardous areas ...
Modern 5-axis and multi-tasking machines as well as high-precision machining centers for ...
Pfannenberg, Inc., a leading global manufacturer of thermal management and signaling technologies, ...
Emerson expands the innovative Greenlee Shear 30T with seven new die sets and a new bare kit ...
Balluff’s newest precision laser sensors guarantee precise positioning of small parts, as ...
Endress+Hauser is offering two universal, device configuration tablet PCs that provide especially ...
The "Internet of Things" for industrial applications (IIoT) allows greater visibility and access to ...
The newly released ENI58PL series incremental rotary encoder from Pepperl+Fuchs offers incredible ...
The Drives & Motion Division of Yaskawa America, Inc. is pleased to expand the Single Phase ...
  Bender Inc has launched a new line of isolated power panels for healthcare facilities. ...
Kerrwil Publications

538 Elizabeth Street, Midland,Ontario, Canada L4R2A3 +1 705 527 7666
©2019 All rights reserved

Use of this Site constitutes acceptance of our Privacy Policy (effective 1.1.2016)
The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of Kerrwil