Cybersecurity: SmartBox, not blackbox

Features - Cybersecurity

Closed, inflexible systems prevent manufacturers from getting actionable information from Big Data; Mazak’s SmartBox does not.

August 26, 2019

Mazak’s SmartBox Industrial Internet of Things (IIoT) gateway collects manufacturing data and features cybersecurity hardware.

With increasing digitization in manufacturing, manufacturing IT professionals have vested interest in preventing unauthorized access to networks without hindering intended users from taking advantage of data. Unfortunately, many manufacturers have turned to cybersecurity solutions that involve black boxes – systems that remain completely opaque to the user.

Security through obscurity comes from the long-used Kerckhoffs’ principle: a properly designed security system – whether it involves cryptography, locksmithing, or cybersecurity – should remain secure even if everything but the key is public knowledge. The moment black boxes are opened, they become worthless for securing data. So, robust security is only truly possible if black boxes are removed from machine connectivity hardware.

This approach prevents improvements to systems after deployment. Not only does a black box hide the mechanism by which it outputs data, it prevents the user from changing or improving the mechanism. If the box is opened to change anything inside, it can’t provide security. Given that manufacturers frequently discover new uses for their data – such as new methods for machine monitoring or preventive maintenance – inflexibility severely hampers process improvement and optimization.

A better box

Mazak Corp.’s SmartBox operates with open-source software and protocols while offering improved scalability. Featuring a Cisco Industrial Ethernet 4000 Series Switch, the Mazak SmartBox provides connectivity for machines and devices, enhancing monitoring and analytical capabilities, and providing a greater level of cybersecurity without the use of black boxes.

With several standard input and connection ports, the SmartBox connects standard off-the-shelf sensors to the system for machine-data gathering and condition monitoring. One SmartBox installed on a nearby I-beam or stand can serve several machine tools and associated manufacturing equipment.

Network isolation prevents unauthorized access to and from networked machines and equipment through a virtual local area network (VLAN). SmartBox’s network isolation and MTConnect implementation satisfy critical security concerns facing IT departments when connecting new and legacy equipment to a plant’s main network.

A core component of Mazak’s iSmart Factory paradigm, the SmartBox digitally integrates Mazak’s advanced manufacturing cells and systems for process control and analytics data sharing. As a result, Mazak has increased the use of monitored machines by double-digit percentages.

Big Data

As the world economy increasingly centers on Big Data, protecting those data becomes vital, especially for manufacturers performing sensitive work that requires security clearances, Department of Defense (DOD) oversight or, in some cases, Host Intrusion Prevention System (HIPS) certification from the National Security Agency (NSA).

This high level of trust requires complete transparency from manufacturers – including their security systems. Removing black boxes from SmartBox’s system architecture qualifies the device for the most demanding security applications and gives manufacturers and their IT departments complete ownership of their data.

IT professionals collect and store the data themselves. When sharing, IT departments can audit data and send only what a partner or vendor needs to accomplish their task. With the help of their operational technology (OT) colleagues, IT professionals can also use this data as a guide to expand upon the SmartBox’s existing feature set.

SmartBoxes require active management by IT professionals, who can interact with them individually or use software such as Cisco’s Fog Detector to manage numerous SmartBoxes. Because each SmartBox is built around a Linux PC, the microapplication possibilities are virtually endless.

Mazak’s SmartBox balances cybersecurity needs with data utilization and improves overall equipment effectiveness (OEE). By removing black boxes and encouraging IT professionals to collaborate with their OT colleagues, Mazak ensures that real-time manufacturing data continue to play a vital role in improving productivity, efficiency, and responsiveness to customers and market changes.

Mazak Corp.
Westec 2019 Booth #1031