by Dave Gunter
In today’s process plants more and more automatic guided vehicles (AGVs) are being deployed across the manufacturing space. These vehicles are used extensively for material handling and distribution of final products within the process or manufacturing facility. The operational efficiency these vehicles bring to plant operations are highly prized and are a critical part of the digital transformation strategy of most companies have in place or are planning to deploy. However, as the deployment becomes mainstream and as a part of any technology deployment, we must ask ourselves are there any unseen safety and security risks?
In the simplest of terms, AGVs are mobile robots with embedded control and safety systems. They contain sensors, actuators, controllers and safety interlocks. Yet, in our assessments, we have noticed that many companies do not treat AGVs as control system equipment, or, the wireless network that they communicate over as a control system network. Yet, compromise of the AGVs or the AGV network could result in productivity losses, product damage, equipment damage, and even safety consequences.
The key question of security raises its head. “Is the network architecture secure”, “Is it designed in the context of the Purdue Model”, “Could safety interlocks be defeated via the network”, and “What are the consequences of compromise in your facility”?
To answer these questions, it takes a small team of SME’s to identify the threats, vulnerabilities and operational consequences in order to determine the risk. Once this is clearly understood, the team can design and implement appropriate security controls to mitigate the risk. We call this a CyberPHA. It is not a science project with endless analysis. Rather, it requires a commonsense approach that is based on industry standards and the consequences if a fleet or a single AGV becomes compromised.
To achieve true change a successful Digital Transformation or IIoT Program should leverage the experience, know-how and technical understanding that site Engineering, Operations and Maintenance teams bring to the table. This allows the programs or projects to be more effective and facilitate a cultural transformation in safety, cybersecurity, profitability and quality.
This presentation puts forth 5 simple areas of focus for plant personnel when impacted by Digital Transformation or IIoT projects or programs. The 5 areas of focus ensure a fundamental work process and approach to mitigating plant cybersecurity and safety risks.
Learn more about our aeCyberPHA process:
Learn more about aeCyberSolutions: aeCyberSolutions Suite of Services