Is the automation industry ready for cloud platforms? Bernie Anger, general manager for control and communication systems at GE Intelligent Platforms, believes so. In the first part of this two-part SearchCIO.com Trailblazer interview, Anger discussed why the time is right for this change, what it means to CIOs in industrial manufacturing and who the early adopters are. Here, Anger discusses the security and privacy concerns that IT...
leaders might have about opening up automation to the connected, collaborative, Internet-enabled world -- and the promise of doing so.
How is security addressed -- especially in a space like automation, where IT pros aren't used to being so "connected?"
Bernie Anger: The majority of control systems running the planet today were actually designed in the pre-Internet era. A lot of the existing connectivity protocols make some assumptions about what can be connected to them that are no longer true. So, one of the things we've done as we build this automation platform for a connected world is [to] build an infrastructure that relies primarily on the type of secure protocols and standards that the CIO community is used to seeing, versus the protocols and standards the traditional automation community has been dealing with. Once you do that, you're dealing with a much more known entity, and have a much bigger brain pool of people helping secure that platform, versus some of the more proprietary approaches, which are, in our view, more fragile. They were adequate when they were created, but they were created in a pre-Internet era.
I think people are going to realize that for certain types of data, sharing that data is going to be of more value than not sharing it.
general manager for control and communication systems, GE Intelligent Platforms
Think about some of the capabilities of remote control you have on traditional Unix-type systems; that capability is embedded in proprietary ways in essentially every control console out there. That makes it very difficult to secure. Historically, customershad taken the approach of "air gapping," meaning that the reason systems were secure was that no one could connect to them. We've learned that's not really a viable answer because if somebody needs to connect to that control system from a laptop, for example, to do maintenance or enhance a solution, at that point in time you introduce the risk. Thinking about all that, we reinvented things much more in line with standards and protocols from the IT world.
How do you address the issue of sharing data across borders?
Anger: Crossing geographies can be an enormous issue. The approach we're taking is allowing each customer to define who has access to their content, rather than having a model that starts with the idea of us [GE] having access to everything a customer puts up there. In order to create the right framework, we decided we were going to set this up so customers have to grant us access to any connectivity they want to give us access to -- otherwise it's private to them even though it's hosted on our environment. We think that aligns better with policy around the globe.
Meet more of SearchCIO.com's Trailblazers
PayPal chief scientist on cracking the code for 'big data' analytics
Gamification key to launching new FedEx social collaboration program
But if you jump the clock forward, I think people are going to realize that for certain types of data, sharing that data is going to be of more value than not sharing it. Why? Primarily because learning systems work better when there are more people providing history into the learning. Nobody loses when everybody learns, and I think that's what's going to end up happening in practice.
How do you see all this information-sharing playing out in automation?
Anger: We think over time customers are going to end up crowdsourcing the definition of the assets that they're controlling. What I mean by that is you're going to start seeing common definitions for assets -- all the stuff that makes up the essential infrastructure of the world -- and people will gain comfort sharing the actual operating parameters for those assets. As that happens, we're going to get a lot smarter about optimal ways of controlling those assets, because the aggregate history is a fantastic tool for optimization.
Let us know what you think about the story; email Karen Goulart, Features Writer.
Dig deeper on Enterprise information security management
Karen Goulart, Senior Features Writer asks:
Do you see cloud platforms and cloud-based solutions as a security threat?
0 ResponsesJoin the Discussion