Notice

This multimedia story format uses video and audio footage. Please make sure your speakers are turned on.

Use the mouse wheel or the arrow keys on your keyboard to navigate between pages.

Swipe to navigate between pages.

Let's go

real.times en

Logo https://bachmann.pageflow.io/real-times-en

Security

The siege of Troy was entering its tenth year when Odysseus committed the deception that decided the war. Pretending to give up the siege, the Greeks left behind a giant wooden horse, in which Odysseus and the soldiers under his command were hidden. In spite of the warnings from Cassandra the oracle, the Trojans dragged the horse up to their impenetrable city walls, which they breached, since the horse was too tall for the city gates. After the Trojans had celebrated their victory, the Greeks hidden inside the horse were able open the city gates unnoticed and let their returning army back into the city. Troy was burned down.

Nowadays, clever criminals leave USB sticks in employee car parks and use these to gain access to corporate secrets, send fake mail, attack password administrators or try to extort victims via unpatched software. These are the Trojans of our time. Historians doubt whether the historical structure was ever built.  

But the concept of security should not be limited only to IT security and technology. Security is more.


Goto first page

Dimensions

Please select a chapter:
Goto first page

Secure future?

Explore the uncertainties of the world and find out how Prof. Dr. Christoph M. Schmidt rates these.
Goto first page
Scroll up
Scroll left
Scroll right
Scroll down

Question & Answer

Are we witnessing the end of globalization?
Prof. Dr. Schmidt: No, it's not the end of globalization. However, you do have to distinguish between stasis and movement. In a state of stasis, one can assume that we will also be living in a globalized world also in the future. However, if we look at the movement towards a further open-ing and integration of markets, we also have to expect the dynamism of this process to decrease. The low hanging fruit present at the initial opening of global trade has been picked. It is now becoming increasingly more difficult to make further progress.

Question & Answer

But is there also a lack of enthusiasm for global trade?
Prof. Dr. Schmidt: Not necessarily. While most trade agreements were signed by states in the nineties, there have been in recent years more difficult agreements and socially more controversial agreements on the agenda, such as TTIP. On the other hand, the idea of free trade is once more gaining traction over here – particularly with a US president calling for an “America First!” policy and many Europeans having to realize how much their prosperity depends on free trade. Free trade agreements are all of a sudden seen in a completely different and more positive light.

Question & Answer

Is the world now coming closer together economically against Trump?
Prof. Dr. Schmidt: There are definitely new opportunities for partnerships appearing. China has for a long time been an important export market for Europe-an industry, particularly the German industry. However, it has not necessarily seemed to be a genuine partner. For several months many companies have been looking possibly quite differently at China, since President Trump and some of his administration have demonstrated an equally aggressive stance towards both Europe and China.

Question & Answer

However, things are going quite well in Europe at the moment...
Prof. Dr. Schmidt: That may be true but this upturn is not selfsupporting. In order to defend at all cost the integrity of the euro and revive the economy, the European Central Bank (ECB) has chosen a loose monetary policy and thus stabilized the situation. However, every medicine has its side effects: Due to the low interest rates, insurance companies and pension funds are being forced to take on greater investment risks, and property markets have severely overheated in several regions in Europe. It is now time for the ECB to gradually move away from this ex-tremely expansionist policy, and force states to meet their responsibility to secure growth.

Question & Answer

Europe has around five years – what has to be tackled?
Prof. Dr. Schmidt:  Policies are required on three levels: On the national level, the demographic change is one of the greatest challenges. We will have to accept a longer period of working life. More innovative spirit and trust in market mechanisms could also help to maintain growth in pros-perity. At European level, an EU finance minister with a separate budget will not be able to substantially help the individual national econ-omies. Every member state should instead secure the strength of its economy by its own effort. There is no way round implementing appropriate reforms. At the global level, new international alliances have to be set up if measures to fight climate change and poverty are to be effective.

Question & Answer

Have categories of risks and insecurities changed?
Prof. Dr. Schmidt: I think the difference to previous crises like the Cold War is that you knew better at that time who belonged to whom. Nowadays, we often don't know this so precisely.

Question & Answer

China is not a solution for everyone. Many companies are worried about their US business.
Prof. Dr. Schmidt: I hope that US President Trump will soon understand that he can't run the USA as if he was managing a company. A national economy doesn't work like that. Companies are free to choose their location and investment projects. Consumers everywhere equally make their own choices about consumption. President Trump can't force anyone to only buy products from the USA, regardless of their price and quality. For that reason alone I am fairly certain that European companies in the USA will continue to find good partners.

Question & Answer

To what extent is the world economy still predictable?
Prof. Dr. Schmidt: Macroeconomic and political conditions for companies have become more volatile in recent years. Many people perceive what they con-sider to be the specter of globalization, while protectionist slogans have helped to win election votes in some countries. A few years ago, it would have been inconceivable for a US president to put free trade into question. However, it is not only macroeconomic developments that havecreated uncertainty amongst companies. They also have to deal with upheavals in their particular field, which occur increasingly more rapidly, in both the industrial and service sector.

Question & Answer

Are we afraid of losing?
Prof. Dr. Schmidt: Yes, that may also often be a key factor – and is perhaps why we avoid some risks, even if taking them could move us forward – economically, ecologically or socially. Prosperous societies in particular find sticking to existing structures very attractive, and their economists have no desire for change. Every generation certainly throws up its creative people, but if not enough of them are willing to give up their security, society misses out on many opportunities.

Goto first page

Secure Cloud

Go on a discovery trip and explore the new solution from Achenbach Buschhütten. Learn how Google supports the company and why the M1 from Bachmann electronic fits the project so well.
Goto first page
Scroll up
Scroll left
Scroll right
Scroll down

The customer's request:

“Our customers, like us, wanted to follow
the production steps more closely, and correlate, for example, the data from the foil rolling mill with the slitting machine and the feedback from the customer.”

The solution:

All the data from the Bachmann M1 controller is sent to a small single-board computer via OPC UA, where the information can then be subscribed and stored in a cloud memory. Access from the cloud to the machine? No chance! “Our security concept guarantees that the data can only be transferred on connections that are established from the machine network. The machine controller can neither be viewed from the Internet nor addressed. Only the machine operator can thus decide whether data is transferred to the cloud or not,” Feist explains.

The data:

There can be around three gigabytes of data for each machine in one day, mostly consisting of OPC UA and SQL data. As the storage capacity of the cloud is virtually unlimited, data never has to be deleted to save space. “Neither we nor our customers can say today what questions we will try to answer with the data. Only if actual problems with a particular material occur, or if a customer is struggling with a particular subsystem, will we know which data is relevant for solving the problem. Problem solving would be much more difficult if this data was deleted too early.”

The demand:

At present, OPTILINK® collects the data from individual machines, however, the next objective is to achieve process analysis across multi-ple machines. The customer can query the current state of the machine via a web interface. Achenbach provides the customer
with a basic set of analysis tools, but the customer can create and perform their own analyses. “We have been selling Achenbach OPTILINK® as an addon for our customers for several weeks,” Feist reports. The system is generating a lot of interest. Chinese customers still have to wait for a connection since Google services are blocked there. “However, we are already working on a solution,” says Feist optimistically.

Google's Cloud:

The US concern supplies the cloud technology and partner Scitis has brought the know-how about the technology from Silicon Valley to the project. Combined with the expertise and experience of the machine builder, it has been possible to create a powerful portal for analyzing production data. “All the data is located on European servers,” Feist explains. Did he ever have a bad feeling about using cloud services? “My gut feeling here was that it was fine,” he states with confidence. Feist thinks the data centers of the major cloud supplier are safer than the IT systems of most medium-sized companies: “An enormous effort is taken to satisfy the highest security standards and the several measures are made transparent and certified by independent bodies. Over 700 employees at Google take care of IT security.

The future:

And Achenbach also intends to do more with the data. Artificial intelligence is a hot topic, and not only with the focus on ‘deep learning’ intensively promoted by Google. Achenbach is implementing ‘unsupervised machine learning’ in many solutions. For this, the rolling mill tries to detect patterns in the data that deviate from structureless noise. Ideally, this will provide the operator with an action recommendation, such as the ordering of a spare part.

The M1:

A machine can be equipped with Achenbach OPTILINK® in half a day, depending on the hardware present in the machine. “The Bachmann controllers have here some very useful features that simplify the installation of our system,” the engineer said in praise of the controller. At present, OPTILINK® collects the data from individual machines, however, the next objective is to achieve process analysis across multiple machines.

Die Menschen:

Roger Feist is responsible for the automation technology at Achenbach. For around three years he has been intensively involved in the implementation of the digitization of the Achenbach rolling mills and foil slitting machines.

Goto first page

Secure supply

Close
Wind power in the US is growing.
Goto first page
The best way to reach Maxim Rupp is on Twitter. For the past year, the security expert has been in great demand, particularly in the wind power sector. It was around a year ago when this security specialist published a document on the security vulnerabilities of wind turbines in the USA.

Rupp discovered three security risks: He could change the administrator password using a socalled cross site request forgery, so that he could then make changes to the turbine blade or the network settings. He also found a security breach on the web connections of the plants. The results of Rupp's work were disturbing for operators and the entire industry. Forbes magazine published a major report on the discoveries.

“The problem starts when an application is developed. Suppliers still start from the premise that devices will be implemented in a secure network,” Rupp told the magazine. The German security expert explained that this was an assumption that arose in the nineties. For Rupp, there is no difference between a web page or a wind turbine – both systems are susceptible to attack and must be protected. According to Forbes, Rupp said that wind turbines were operating in Europe without protection. A simple search using the shodan.io search machine revealed security risks. However, PLC suppliers have responded to this with a solution. Rupp has also noticed this. “Companies are beginning to understand the situation and are making more effort to protect their products,” Rupp reports. However, the issue seems initially limited to the USA. In Germany, there are only a few publications about attacks or security breaches on wind turbines. The Ger-man trade press is dominated by the coverage of design benefits or alternative materials.  

Partner of NREL

Brian Hill, on the other hand, from Bachmann electronic in the USA, usually has to talk to his customers about security. “The importance of wind farm security has increased and is right at the top of the agenda for many customers.” The US authorities set high standards with regard to security, since failures in infrastructure must be prevented. “The government is working on more stringent regulations and requirements for the operators,” Hill reports. “We are ready to create secure infrastructures for our customers,” the American engineer assures. Bachmann electronic provides its customers worldwide with new hardware, and regularly supplies new software updates. Customers just have to install the patches on their own. Hardware and software are critical for the secure and economical operation of wind turbines. For this reason, Bachmann electronic is involved in the retrofitting of existing systems. Hill and his colleagues are working together with the National Renewable Energy Labs (NREL). The authority intends to include the retrofitting of wind turbines with state-of-the-art Bachmann electronic technology, in order to draw conclusions about the entire wind farm sector in the USA. The idea behind this is for researchers to carry out tests on wind turbines, change parameters and adapt them to actual conditions so that they can use the re-sults for more efficient systems – laboratory tests for normal operation. “We are helping NREL with our controller systems,” explains Hill, who is expecting new orders in the USA resulting from the collaboration with the NREL and the test results. “In the USA we are concen-trating on existing systems,” Hill reports. In the world's largest wind power market, Condition Monitoring Systems from Bachmann electronic are in demand.

The second largest wind power market – for how much longer?

“If the Trump administration had been in power a few years earlier, the success of the wind power sector would never have happened. Although the current plans will have an effect on the market, the decisions cannot stop the growth of wind power in the USA,” Hill as-serts. Federal states and local governments will continue to invest in renewable energy, Hill says. There are also several companies who will invest in wind power in the USA and create new jobs.  

“Donald Trump is not interested in science but in votes. If he tries to restrict the wind power sector through legislation, he will face a great deal of political resistance, as some of the largest wind farms are located in states where he had a voting majority,” explains Dr. Tom Lombardo, professor for engineering and technology at Rock Valley College. Wind power creates jobs.  

Does this mean that wind power is a job machine?

The US Ministry of Energy estimates that there will be around 250,000 Americans working in the wind power sector by 2020, and even up to 600,000 by 2050. The sector continues to be optimistic about the future – in spite of the new government, and in spite of the withdraw-al from the Paris Climate Accord. Brian Hill still has some concerns. “We have a lot of space in the USA, but the energy from wind turbines has to be brought to the centers,” Hill insists. Our US colleagues also understand the issues around the power grid. “It's easier to build power stations than power lines,” Hill points out. Even he has to admit that “The grid is overloaded in some regions.” However, new lines are planned and this will help wind power in the USA. At the same time, NREL is doing good work in the field of battery technology and the development of new turbine generations, Hill states. Bachmann electronic supports its customers and research in the USA.

And Maxim Rupp? He is continuing to highlight the security features of the controller suppliers and is eagerly publishing security breaches – in wind turbines in the USA and in the entire world. There was one disturbing fact that arose from his discovery in June 2015. One entry in Wikipedia describes how the security breach could have been discovered. “It is not really difficult.”  


Goto first page

Safe ride up the mountain

Close
Skiers and locals in Arlberg had to wait a long time before the link between Zürs and Stuben was built. Furthermore, the weather at the official opening ceremony didn't play ball, so that this often had to be postponed. The great day then finally came: The brass band, the dignitaries and a large number of skiers could rejoice – the Flexenbahn cableway, an investment of several million euros in the future of the skiing area, ensures greater skiing enjoyment and is economically important for the Vorarlberg hospitality industry. This only earns money when the cableway is operating reliably. Modern cableways transport up to 5,000 people an hour up the mountain. Any breakdowns cause holiday frustration, something no skiing area wants to experience. Reliability and process stability are therefore critical success factors, both for cableway operators as well for the machine builders. Doppelmayr, the cable car builders from the Vorarlberg, know this and have therefore revolutionized their control system and also the operating elements for users at the mountain stations.

But what are modern operating elements?
Gute Usability für sichere Arbeitsprozesse: Doppelmayr vertraut Schindler und Bachmann electronic.
Goto first page

Informationen zur richtigen Zeit, am richtigen Ort

Doppelmayr chose atvise®SCADA as the HMI product, since it had the greatest product maturity in this innovative technology. Today, a major part of the plant operation, as well as the visualization and monitoring of all individual functions, is implemented via the at-vise®SCADA. Its open communication via OPC UA enables communication with the different data sources.
Doppelmayr chose atvise®SCADA as the HMI product, since it had the greatest product maturity in this innovative technology. Today, a major part of the plant operation, as well as the visualization and monitoring of all individual functions, is implemented via the at-vise®SCADA. Its open communication via OPC UA enables communication with the different data sources.
Fullscreen
“Good usability alone is not enough. The right mixture of culture, usability, user experience (UX) and technology, however, ensures a sta-ble process,” explains Philipp Maul from Schindler Creations. Schindler supported the engineers at Doppelmayr with their project for the safe and rapid mountain ascent. From the start, the team observed the cable car employees in their daily work, analyzed their processes, their communication and commands. They carried out several interviews with them in order to better understand and find out about their work, and what kind of operating functions they were expecting – operation as easy as a smartphone?

Usability and UX belong together

There is naturally a great demand for good usability and UX: Operators must be provided with the right information, data, or prompts at the right time and place, as well as to individual requirements. This allows them to make the right decision for the specific situation at hand. Operation must also be a pleasurable experience, even after several months or years. Good user experience can be measured by increased productivity, improved operator safety and greater process stability. After all, the production process is safer if the operator can spot a problem quickly on the operator panel, or is prevented from accidentally changing settings by pressing the wrong buttons during operation or maintenance. “Previously, there was one user interface for everything. Today, many machine buyers require individual user types in the user interface, from commissioning to maintenance and to daily operation. Users should only be shown the information required for their defined role,” Cadera explains. Furthermore: Ideally, HMI applications should document processes and procedures automatically, fetch feedback from the operator, automatically learn from the results, as well as provide the user with support and context-sensitive information. In the pharmaceutical industry, for example, this data is indispensable. The digitalization of the HMIs (human machine interfaces) is gathering momentum.
 

Flat or almost flat?

Thanks to smart phone manufacturers, operators have been spoilt. “Nowadays, many expect to be able to operate products as intuitively as their phone, and quite justifiably,” Maul says and adds: “Just because the product I am working with is a necessary part in my job, this is no justification for burdening myself with old methods and illogical processes, even if it is more complex than my home applications. In fact, the motivation and requirement should be precisely the opposite.” This is reminiscent of the late Steve Jobs, the former Apple CEO, and his “super easy to use philosophy”. At its presentation in 2007, Jobs promised that the iPhone would actually “only redefine” the tele-phone. However, the US company has for ten years actually forged a whole new generation of machine operations or interfaces in the industrial sector – regardless of whether in flat or almost flat design. The sector cannot explain the iPhone effect away. “The interaction and the generally good design generated the expectation, that all today's products could be operated just as simply or with the same principles as the corresponding mobile devices,” Cadera confirms.

The Push button lives on

But swiping alone is not enough – the coolness factor is not always critical in production. “In the industrial sector, there is normally a great dependence on standard electronic components that are industry-compatible. These always slightly lag behind the current state of the art in the consumer sector, as well as being larger and slower,” says Cadera, and Maul can confirm this: “In 2003, studies showed for example that the use of AR (Augmented Reality) instructions decreased the error rate during mounting by 82 percent compared to printed or digital instructions. But do you see AR applications in production lines today, 14 years later? Only slowly do scenarios arise, in which all areas combine and make the use of these kinds of solutions possible.” The pushbutton also still has a place because operators can't swipe in every situation. The industrial designers combine modern software user interfaces with hardware operating elements, even if 3D touch and haptic feedback sensors are for the operator generations of the future.

Doppelmayr also uses both – touch screen or several haptic operating elements. The fan base in the sector is delighted. The video on the new controller and operator logic has had several views and comments on Youtube. Not only the operating behavior but also the information response has changed.
Doppelmayr chose atvise®SCADA as the HMI product, since it had the greatest product maturity in this innovative technology. Today, a major part of the plant operation, as well as the visualization and monitoring of all individual functions, is implemented via the at-vise®SCADA. Its open communication via OPC UA enables communication with the different data sources.
Doppelmayr chose atvise®SCADA as the HMI product, since it had the greatest product maturity in this innovative technology. Today, a major part of the plant operation, as well as the visualization and monitoring of all individual functions, is implemented via the at-vise®SCADA. Its open communication via OPC UA enables communication with the different data sources.
Close
Goto first page

Secure passwords

Biometrics is not an alternative

Biometric methods can not replace a password.
Biometric methods can not replace a password.
Fullscreen
For us, data is the gold of the 21st century. Industrial leaders have been singing its praise on panel discussions for years, and some are already building data warehouses for customers. That's all very well, but many companies are not yet prepared for it according to the data security sector. One insider reports that the security level at around 95 % of companies is disastrous. The reason for this is simple: “Data security and IT centers are not the core business of the production industry and many find it difficult to find well trained and suitable IT personnel,” explains Costin Enache, IT security expert at Detack. Added to this is the fact that although many companies protect them-selves from Internet attacks, the dangers are mostly elsewhere. “In recent years, technical security measures have constantly improved and attackers have responded to this quickly. Criminals are increasingly carrying out password attacks.  

Password audits help

The CPU power they require for this is now no longer a problem,” Enache explains. The response of many CEOs has been: “Introduce fin-gerprint scanning and provide employees with smart cards.” Enache concedes, however, that “Companies continue to need secure pass-words since, in our view, the alternatives to this are not secure enough. Professional attackers can overcome these obstacles and bio-metric data cannot be changed like a password.” In other words, once the data of a fingerprint has been identified, they represent a con-siderable security risk. Enache and his colleagues have developed a software that helps companies to increase the strength of their pass-words. The EPAS (Enterprise Password Assessment Solution) application provides password audits for the company infrastructure and regularly and automatically checks the different target systems at customizable intervals. All password related data is initially extracted from the target system, examined on the basis of structural entropy and other criteria, and evaluated in a comprehensive data protection report.

Checking dictionaries

The security experts install the software at the customer's premises. The audits are carried out at regular intervals automatically. At some customers, EPAS runs 24/7 due to the number of target systems. Little effort with a large result for medium-sized companies: “the audit of a Microsoft A/D is very quick,” Enache explains. And the information as to the size of the vulnerability is enormously useful. The end report provides the conclusion. It shows the password weaknesses but not the password itself. “EPAS enables us to restore 60 percent of the passwords in seconds after an audit,” Enache points out – an alarm signal for the industry. “With a few fine adjustments, such as including additional dictionaries, such as those for other languages, or specific corporate word lists and a simulated brute force attack, we can increase performance considerably,” Enache assures. The auditors visualize the objective strength of the password in relation to time and the resources that an attacker would need to break in. The experts also provide the client with information about whether passwords are being used in multiple systems and whether several people are using the same password.
Biometric methods can not replace a password.
Biometric methods can not replace a password.
Close
Goto first page

Secure information

You will find the online version of the customer magazine here. If you would like to receive our customer magazine regularly as a print version, please write us an E-Mail.

Your editorial team
Goto first page
Scroll down to continue Swipe to continue
Swipe to continue
Close
Overview
Scroll left
Chapter 1 Security

Security

Chapter 2 Dimensions

Dimensions

Chapter 3 Secure future?

Secure future?

Secure future?

Chapter 5 Secure supply

Secure supply

Report

Chapter 6 Safe ride up the mountain

Safe ride up the mountain

Report

Chapter 7 Secure passwords

Secure passwords

Chapter 8 Secure information

Secure information

Scroll right
  • Bachmann electronic
    Industrial Newsgames 
    Adobe Stock
    Sachverständigenrat der Bundesregierung
    Achenbach Buschhütten
    Schindler Creations

    ImpressumPrivacy notice