Plant & Works Engineering
Are you secure?
Published:  02 June, 2016

Mark Fairhurst*, takes a look at the importance of security in an increasingly connected world.

In recent times hydraulic and pneumatic systems have become much more sophisticated, comprising a selection of components that enable system design dreams to be turned into a reality.

Traditionally, fluid power systems have concentrated on power transmission; with hydraulic systems mainly made up of control valves, power unit, hydraulic actuators and fluid monitoring equipment, and pneumatics systems comprising a power unit, fluid conditioning, actuators and control valves. Today, fluid power systems are not just about power transmission, but more about motion control, with a focus on moving things in a more precise and predictable fashion. This can involve electro-hydraulic or electro-pneumatic actuation, which in turn is part of a network by which many of the individual components within the system are able to communicate with each other.

The communications process need not only be autonomous and operating within the particular system in question; indeed the system, or components within the system, can also communicate with a much wider network. Also, the plant controller or maintenance engineer no longer needs to be in such regular close proximity to the plant and equipment in order to control and monitor its operation. Through the use of sensors and wireless technology plant control and monitoring need not be so confined to within the walls of a physical building and could feasibly be undertaken from anywhere in the world.

So, with all this increased motion control and communications know-how many modern fluid power systems have grown to become part of a much wider network. This wider network scenario is, in essence, very much part of the Industry 4.0 revolution whereby communication reaches wider and accessibility of information to and from these systems becomes much easier.

The overriding benefits of having easy access of information, often in real-time or near real-time, are many. For example, sensors within a system can automatically inform a maintenance engineer when a component or larger piece of equipment has malfunctioned or is due for replacement by sending an alert to his or her smartphone or tablet PC. The maintenance engineer can also remotely interrogate particular equipment within the system in order to, for example, change its function, hours of operation, schedule maintenance procedures, or investigate its operational history and which personnel operated certain types of equipment during specific periods.

However, with all these benefits and more to be had from today’s integrated high-tech motion control systems – whether from an operational or maintenance and overhaul perspective – certain important choices and decisions need to be made, and some of the most important of these revolve around security. Before we start running we have got to learn to walk, and this basic statement of common sense can also be applied figuratively to modern motion control systems. Careful thought needs to be given about who should be allowed to access the system, or parts of the system, and be able to make decisions in terms of operating or maintaining or making changes to the system and the wider network.

Moreover, making this type of decision regarding individuals’ access to, and mandate to control, the system is just the start. Only certain people may have been given the authority to do certain things, or have access to certain types of information, but without careful control and monitoring of communication protocols, information kept within the system could be open to infiltration or malicious abuse by other parties.

In this regard, I believe the biggest concern is that if people were able to maliciously intercept these communication systems it may not be long before a serious injury or even a fatality results – it could be due to motion equipment in a bottling plant becoming unstable, it could be the result of robotic arms flailing in precarious ways, it could be due to a shock from a power transmission system, and so on. In the wake of a serious injury or death, the subsequent court case could then set a precedent whereby a whole new level of cyber policing is put in place – deemed necessary to bring the situation under control. If this high level of policing were to become a reality, this could potentially stop the growth in further development and deployment of Industry 4.0-related systems technology in its tracks.

Therefore, understanding how robust a company’s data communication systems are is a very important consideration. Some systems are likely to be more resilient than others. For example, in a manufacturing plant a radio-frequency (RF) wireless transmission system could prove to be more reliable and robust than Wi-Fi. Wi-Fi is more open to being intercepted or corrupted at any level. So, although we all want change for the better there also comes a time to reflect on what the implications could be if we change too rapidly without thinking about the possible consequences.

It is also worth ensuring that any computer software used as part of the system has a reputation for being secure, and that proven encryption technology is deployed to make it as hard as possible for malicious hacking to take place. Additionally, companies should make sure that immediate IT-related help and advice is at hand in the event of such a security breach occurring. And from a system design perspective, I believe it is important that systems are thoroughly beta- tested ‘in the real world’ in order to monitor their performance and resistance to security abuses.

The world is becoming an increasingly unpredictable environment, and so the issue of security risk should not be taken lightly. It is therefore all the more important that we should develop efficient, reliable and robust motion control systems in order for them to conform to the best ideals of Industry 4.0 without risk of compromise. Industry 4.0 is already here and the trend is likely to gather even greater momentum over the coming months and years.

Thankfully these security issues are being addressed by information network providers and the like who have realised that the consumer internet and existing wireless platforms are not fully suitable for industry. In fact, such is the speed of change that I advise those interested to keep a watchful eye on new government guidelines and news from trade associations such as the British Fluid Power Association (BFPA). Let’s not let poor levels of security risk compromising the major improvements in efficiency, convenience and reliability that this type of technology can offer.

*Mark Fairhurst is the technical director at BHR Group. He is presently the vice-chairman of the product testing committee of the BFPA/BSI, and the chairman of the technical advisory committee of the Water Jet Technology Conference.

For further information please visit: