In the first episode of our newly launched podcast series—Automation World Gets Your Questions Answered—we sought out answers to the question: What are the pros and cons of smart instruments in light of industrial cybersecurity concerns?
Questions used in this podcast series were submitted as part of a recent Automation World reader survey.
As I delved into answering this question for the podcast series, it turned out to be a deeper topic than it initially appeared. To better compartmentalize the issues raised by the reader question, I broke the podcast into two parts—with the first portion addressing the difference between smart instruments and traditional instruments, and the second portion focusing on the specific cybersecurity concerns around smart instrument use.
For the first installment, I spoke with Dr. Helge Hornis, regional technical director of the Americas for Pepperl+Fuchs. He said the primary difference between smart instruments and traditional instruments is mainly around the additional data points smart instruments are designed to collect. For example, consider a photoelectric sensor, which will give you a temperature reading. Now think of what’s possible if all the other instruments providing data on a given piece of equipment or segment of a process could also provide a temperature reading. In that scenario, “the amount of additional insights and potential benefits to be gained increase exponentially. You could know if it was just one sensor that is hot or if the machine itself is overheating,” he said.
That’s the benefit of and difference between smart instruments and traditional ones—the smart instruments are capable of providing much more data.
Such benefits can be applied directly to preventive maintenance, Hornis said. “Consider an instrument with a sensor measuring a process valve that’s opened and closed by actuator. If you measure the stroke length of that opening and closing, you could determine when the seat of the valve is getting worn. These additional pieces of information from smart instruments are useful for diagnostics, maintenance, and operations, in addition to the main function of the instrument.”
He also cautioned users to be aware that not all smart instruments are the same, and that the capabilities of smart instruments will differ from supplier to supplier.
For the second part of this podcast, I spoke with Nathan Hedrick and Ryan Williams, both product managers at Endress+Hauser.
Picking up on Hornis’s comment about the differences in smart instruments between suppliers, Hedrick noted that there will definitely be differences in the signals that different smart instruments will monitor. Looking at a smart Coriolis flow meter, for example, Hedrick said that some will provide multiple process values and dozens of diagnostics related to the health of the device, but others may be simpler and not provide as much as data based on their measurement technology.
When it comes to the effect of smart instruments on cybersecurity, Hedrick stressed that you have to look at the issue holistically. “If you’re not at a place where your business systems and operations networks are secure, your use of smart instruments won’t make you more or less vulnerable,” he said.
Williams added that users should look to have layers of defense in place—from instruments to connectivity to user passwords to data encryption. "You’ve got to look at each instrument type and put in layers of defense [based on what you have] to minimize risk,” he said.
Application aspects are also critically important to correctly assessing your cybersecurity needs, as different applications will require different measures. “We’re seeing more adoption of smart instruments in remote locations and in locations that are not as safe or easily accessible,” said Williams. “We’re also seeing mobility of the workforce” driving specific types of interest in smart instrument cybersecurity.
“When you’re looking to make investments [in smart instruments], it’s important to look at the company [supplying them] and the brand’s applicability around common networks and organizations like ODVA and ISA-related protocols and certifications,” said Hedrick. “They [the instrument suppliers] should provide reassurance around security being built into the design of the instrument and be an active participant in industry” cybersecurity efforts.
Assessing your smart instrument cybersecurity needs should start with a look at your installed base, followed by an audit of what you have. “There are lots of smart devices that have been on the market for many years to monitor the health of a device or system beyond basic sensing measurements,” said Hedrick. “So, maybe you only need small upgrades [to those instruments] versus having to replace complete instruments. To make this determination, consider how you’ll acquire, accumulate, and assess the data from the smart instruments.”
To hear both podcast installments and learn more about the difference between smart and traditional instruments and the pros and cons of smart instrument cybersecurity, visit the “Automation World Gets Your Questions Answered” podcast site. Our podcasts are also accessible on iTunes, Spotify and other major podcast platforms. To find them, search for “Automation World Gets Your Questions Answered” and be sure to subscribe to be notified when new episodes are posted.