Guarding Against Cyberattack Is a Drain on Machining Capacity
The Colonial Pipeline shutdown was a warning about the dangers of malicious use of data networks. However, as the full value of Industry 4.0 becomes apparent, isolating CNC machine tools from networks will be seen as an increasingly costly way to protect manufacturing from threats.
On May 7, 2021, a malware cyberattack shut down the operations of Colonial Pipeline, which runs the largest pipeline system for refined oil products in the U.S. This 5,500-mile-long system transporting three million barrels of fuel per day between Texas and New York (including 45 percent of gasoline, diesel and jet fuel used on the East Coast) was halted for six days. More than 16,000 gas stations ran dry. Operations resumed only after Colonial Pipeline paid a ransom in bitcoin equal to nearly $5 million.
Given the danger of this type of attack, it is no wonder that CNC machining facilities are frequently resistant against letting their machine tools and systems connect to networks outside the facility. Indeed, frequently the machine shops’ customers require them to be unconnected in this way. For a machine shop, it is not just that productive capacity could be lost as the pipeline capacity was lost, but CNC machine tools also process and employ proprietary engineering information. A CNC machine secretly hijacked into simply broadcasting its G-code moves to an outsider would be transmitting enough information to reproduce the design of a secret part.
In general, machining providers know this. Their customers know this. Which is why machining capacity is, in many cases, deliberately kept isolated from avenues of connection that could be used by malicious hackers.
But in a sense, the hackers have already struck a blow by bringing about this response. Because of machine tools’ isolation, capacity is already being lost.
The nature of this loss became apparent to me in a recent conversation with Joseph Szenay, vice president for customer care with machine tool provider United Grinding. This company, like various machine tool builders, offers a service for remote machine diagnostics to help with rapidly returning machines to production if something goes wrong. The service increases machine tool capacity by reducing unplanned downtime. But this can be a tough sell, Szenay says. Many, many manufacturers knowingly or unknowingly accept greater downtime rather than allowing their machines to be connected to the outside.
In the case of United Grinding’s service, the connection needed is slight. An option the company offers called “Remote Service” does not do active monitoring from a distance, but instead requires essentially just an open email channel. If the machine has a problem, the user can choose to send a PDF record of CNC error codes to the machine tool company’s service team. Error codes can be deceiving, because one error state quickly leads to another in what might become a long cascade of CNC error messages. An experienced service tech can scan through the list to deduce the initial cause at the root the machine’s problem. This knowledge gets to the resolution and gets the machine back to being productive more quickly than if the shop had to wait for in-person service attention.
But for many manufacturers, even this small amount of connectivity — the ability to email — is too much. And again, you can’t blame them; see Colonial Pipeline.
Yet here is the thing, says Szenay: We have to figure this out. Remote Service does not do active monitoring, but in the near future, he can see how active, real-time, remote monitoring of machine tools might deliver dramatic gains in machine capacity and performance.
“We have a customer able to get 98 percent uptime on machines more than 20 years old,” he says. That manufacturer performs vibration measurement on spindles to anticipate maintenance needs. In short, the company is very good at preventive maintenance, Szenay notes, but the success hints at what will be possible once sensors in machine tools routinely report this kind of information, and once AI tools begin to develop insights into machines’ service needs based on the sensor data from many applications.
“Over the next five years, I think Industry 4.0 will explode,” he says. “From a distance, we will be able to automatically tell you things like, ‘Your machine will need a ballscrew replacement in the next six months.’ We can have the part on order and have the service appointment set so the productivity interruption is minimal.”
Yet this kind of uptime advantage will require network connections. Manufacturers will need to make the calculation: What is more costly, unexpected maintenance downtime or the risk of cyberattack?
The calculation will change, because shops are taking steps to improve cybersecurity, and those steps are getting more sophisticated. Greater confidence here might bring down the presumed cost of this risk, while the value of capacity increase resulting from data connection goes up.
This is a journey we all might recognize, because many of us have made it ourselves. “With our personal devices, we are already in the habit of allowing personal data to go to the cloud,” Szenay observes. This acceptance came gradually; we did not get there all at once, and we still question it. A similar gradual acceptance might occur in the realm of manufacturing data. Today, the posture is frequently zero tolerance for external networking of machining equipment. In the future, as remote machine monitoring increasingly demonstrates value, shops and their customers might find their way into more nuanced and provisional views of remote connection in which shop networks, along with shops’ tolerance for allowing controlled data access, both open up.
Related Content
5 Stages of a Closed-Loop CNC Machining Cell
Controlling variability in a closed-loop manufacturing process requires inspection data collected before, during and immediately after machining — and a means to act on that data in real time. Here’s one system that accomplishes this.
Read MoreLeveraging Data to Drive Manufacturing Innovation
Global manufacturer Fictiv is rapidly expanding its use of data and artificial intelligence to help manufacturers wade through process variables and production strategies. With the release of a new AI platform for material selection, Fictive CEO Dave Evans talks about how the company is leveraging data to unlock creative problem solving for manufacturers.
Read MoreShop Quotes Smarter, Works Harder with Machine Monitoring
Temco first installed MT-LINKi to optimize quoting. Now, the software helps the shop optimize its machines — and machine purchases.
Read MoreProcess Control — Leveraging Machine Shop Connectivity in Real Time
Renishaw Central, the company’s new end-to-end process control software, offers a new methodology for producing families of parts through actionable data.
Read MoreRead Next
Cybersecurity Becomes a CNC Machining Prerequisite
Management software and information technology partner services prove their worth amid the rollout of defense industry requirements.
Read MoreInside Machineosaurus: Unique Job Shop with Dinosaur-Named CNC Machines, Four-Day Workweek & High-Precision Machining
Take a tour of Machineosaurus, a Massachusetts machine shop where every CNC machine is named after a dinosaur!
Read MoreThe Future of High Feed Milling in Modern Manufacturing
Achieve higher metal removal rates and enhanced predictability with ISCAR’s advanced high-feed milling tools — optimized for today’s competitive global market.
Read More