lead the value, beyond the it smarter data for securing ... 1_1440 - 1520... · to big data...
TRANSCRIPT
Smarter Data for
Securing Smart Factory
Lead the value, beyond the IT
WIZCORE Inc.
Agenda 2
1. About WIZCORE Inc.
2. Smart Factory & Security
3. Security Management System for Manufacturing
4. Summary
1. About WIZCORE Inc.
3
About WIZCORE Inc. 4
The leader company in delivering customer-based ICT converged technology
2010 ~ now
Global IT
Distributor/Reseller
From Distributor/Reseller
to Big Data specialized company …
2012 ~ now
Big Data business starting
Implementing the security system based Big Data
for major companies
• Distributor/reseller of Symantec, Veritas, Precise, Quest
(Backup, Security, DB performance, DB reorg.)
• The partner of Splunk, Elastic, Nutanix, PureStorage,
Inspur
(Security/Searching of Big Data, Hybrid virtualization)
2010~
2015 ~ now
Self-developed solutions for Smart Factory
2015~ Our products for ICT
converged market…
2016 ~ now
Own brand sales & marketing investment in
domestic/overseas
Building the smart factory project by Korea government
• starting for the own brand business/won the leading
company’s project in smart factory (NEX-Series) • Continued investment & selling own brand on the basis of
global distribution business
• Growth with the global IT distribution biz. & own brand biz.
2017 ~ now
Industrial SW based on Big Data
2017~
Diversification of
products & joint growth…
2017 ~ now
Biz expansion through the domestic/overseas partner
network
Building the smart factory project by Korea government • Diversification of new ICT technology & own brand
(NEX-Series, BDP, Cloud)
• Successful commercialization for BDP, BDSP
• Joint growth of global IT distribution biz. & own brand
biz.
5
The solutions that enable to operate in smart the manufacturing environment
Big-Data Engine
Agent
Sensor Data
Data Source
Structure / Un-
structure Data
Integration
ERP
(Enterprise Resource Planning)
MES
(Manufacturing Execution System)
SCADA
(Supervisory Control And Data
Acquisition)
CMM
(Coordinate Measuring Machine)
PLC
(Programmable logic
controller)
Protocol Data
etc ...
Big-data Engine
Smart Engine
Analytic Engine
/
Monitoring
Engine
Publisher/Reporter
NEXPOMPublisher/Reporter
Dashboard
Monitoring
Analyze
Alarm / KPI
Analyze
Predictive analyze
Analyze Chart
Correlation analyze
Report
Rawdata Report
Excel/PDF Export
Various Form Support
O
P
C
Manufacturing System
(MES, ERP, SCADA
(Enterprise Resource Planning)
DB Connect
TCP/UDP
Data Transfer
Data Filtering
Function
Alert
Summary
Scheduling
Analyzer
KPIBatch Data
Big-Data Platform
Analytic Data
Realtime Data
• Quality data
management
platform for daily
quality check
• Link with measuring
devices
• Can link with various
brand equipment
• Big Data base
integrated production
management system
• Effective delivery,
inventory, material&
sales management
according to standard
info
• Improve reliability,
availability, capacity of
maintenance
• Integrated
management of
company’s equipment
asset information
• Systematic
management of facility
history
• Big Data base factory
energy management
system
• Energy flow
management &
control
• Apply optimal
environment for
energy reduction&
production
• New generation Big
Data base smart
factory analysis
system
• Big Data base
integrated data
analysis/monitoring
• Provides solution to
improve productivity
and reduce defect
• Bigdata platform for
NEX-series
• Subscribe to licenses
by region / group
• Customized licenses
available for special
needs
Analysis & Monitoring Execution & Management Big Data Platform
6 6
In Korea, we are promoting smart factory support projects led by the government. The Korean government defines
smart factory levels in five steps. In 2025, government support 30,000 smart factories and 1,500 leading factories.
PLC, Inverter, SERVOR, HMI ..etc
MES, QMS, Motion Control
CMMS, FEMS, Process simulation &
diagnosis
ERP, Big Data Analysis
, robots, IoT, Intelligent senor
Smart Factory Phase Level
Industry 2.0 Industry 3.0 Industry 4.0
Without ICT Basic level Intermediate
level 1
Intermediate
level 2 Elevation of altitude
※ 2017. 4. 19 Ministry of Trade, Industry and Energy (Korea)
10,000 in FY2020 30,000 in FY2025
Smart factory supply Lead model deployment
Promising field
Big Data, including Big Data,
Nexus, Smart Injection Sensor,
and Collaborative Robots,
which support billions of
dollars in R&D.
Market creation
Creating Smart Factory Driven
by Hundreds of billions dollars
Market
(Element techniques, facilities,
solutions, etc.)
Human resource
training
Ability to foster 40,000 talents of
creative talent needed to operate
smart factory
45 in FY2016 1,500 in FY2025
(5%) Intermediate
level 2 or higher 1500(EA)
(25%) Intermediate level 1
7500(EA)
(70%) Basic level 21000(EA)
Future plans(2025)
(1.6%) Intermediate level 2 or higher
45(EA)
(18.2%) Intermediate level 1
510(EA)
(80.3%) Basic level 2245(EA)
Last Year(2016)
<Goal of Smart Factory In Korea>
7
2. Smart Factory & Security
8
9
So many definitions Here, Smart Factory is
“For improving productivity,
A factory where all data from
all machinery & facilities & IT
infra related to production
are connected and managed
via a network.”
10
=
통합모니터링시스템
전력관리시스템
§ 설비마스터의 구조는설비에 따라그 레벨이정해지지만 최대 3~4레벨을 권장
§ 각 설비의구성자재 등록가능(BOM)
§ 각 설비별사진, 도면, 문서 등을별도로 관리
설비관리시스템 생산관리시스템
통계적공정관리품질모니터링
Total monitoring system
Equipment
management
system
Manufacturing
Execution system
Statistical process
control Quality
monitoring
Energy
Management
System
Simply Start
11
4 i Intelligent, Autonomous Processes &
Self Organizing System
3 i Integration of Cyber-Physical Syste
m
2 i Real-time Data Processing
& Integration
1 i Real-time Data Generation
0 i Frame Condition
-1 Industry 3.0
Maturity Level of Industry 4.0 by Fraunhofer,
Germany
Discrete Automation
Industy4.0 awareness
M2M, Real time, Vertical integration
Smart Data analytics
Future
Plan
Future
Plan
Build Step by Step
12
Communication
Interoperability Optimization for mutual communication and processi
ng
Production Process
Connectivity
Convergence
with each data
within factory
with IT and manufacturing
13
1st Generation 2nd Generation 3rd Generation 4th Generation
Simple hacking by
script-kiddy
virus
Hacking or DoS by
professional hacker on
the purpose of money
Various malicious codes
like virus, worm, Back-
door, etc
Passive attacks
Very fast & aggressive &
complex & evolutionary
attacks
Leakage internal
information
DDoS, APT, social
engineering attacks, etc
Intelligent attacks
Ransomware, Fraud
Inbound/outbound &
mobile & Cloud & IoT
security issues
An increase in security
incidents caused by
internal factors rather
than external factors
Firewall
Vaccine
Security Event Mgmt.
IPS Firewall/Vaccine
DDoS, DRM, DLP,
Data encryption
Security Info. Mgmt. SEM/IPS/Firewall/Vaccin
e
SIEM*, UEBA** DDoS/DRM/DLP/Data
encryption/SIM/SEM/IPS/
Firewall/Vaccine
* Security Information & Event Management
** User & Entity Behavioral Analytics
14
The most of factories have
No Security Solutions
No Security Education for SF
No Preparations
No Countermeasures
very
dangerous
But
Most factories have not adopted smart factory.
Even if they have adopted smart factory, the level is still
low.
However, if IT infra or smart factory become larger, you
can experience security incidents.
So
To prevent security incidents, they need to adopt
the various security solutions.
Also, they need to adopt the integrated
analysis/monitoring solution for abnormal symptom
detection & root cause searching.
15
The most of security solutions with rules & libraries focused on IT infra
Manufacturing data that differs from normal IT data (Unstructured data)
Needed security solutions for manufacturing facilities
Dynamic threshold & easy scenario(case) management
Extensibility & Compatibility & Integration
16
3. Security Management System for smart factory
17
- In Industry 4.0, all of the production facilities and IT infra will be eventually converged.
- Also, all security threats existing IT infra can be occurred at the manufacturing site.
Internet
Intrusion
Intrusion
Hacking
from
outside
Data
Leakage/
Falsification
Malfunction or
failure caused by
malicious code
Data
Leakage/Loss
Ransomware
/Data loss
Interruption of
production due to
various security
issues
Intrusion through
wireless network
Ransomware
/Data loss
18
- In Korea, the traditional IT security is considered in three ways.
- Aspects of management, physics, technology
- So the traditional IT security approaches should be applied considering the nature of the manufacturing
industry.
Management
Physical
Technology
Environment assessment, Policy/Procedure/Guideline, Asset analysis & assessment, Employees/Outsourcing management, Security operation/organization, Education, etc
Access control, Asset carry-in/out, Restricted area, Physical guard system, etc
Inspection about system/application/network (vulnerabilities/threats/configuration), Simulated penetration/malware test, etc
19
1. Identify the exact status about our factory.
2. Deduct the priority of countermeasures through total risk assessment.
3. Carry out appropriate security countermeasures
4. Continuous security education and follow-up management (PDCA* model)
* PDCA : Plan-Do-Check-Act
Establishing & announcing security policy/procedure/guideline Continuous security education, etc
Introducing appropriate security solutions Checking system and network configuration, embedded SW Secure coding, separate & redundant of network Regular inspection by self or expert, etc
Introducing access control system Designation of a restricted area Separation of operation field and test field, etc
20
So far, it is not different
IT Security
Smart Factory Security
except objects & attributes
These days,
Root cause Integrated analysis & monitoring
getting more important
IT
…
So,
Integrated analysis and monitoring solution based on Big Data
with
Introducing security solutions in stages
21
So we are developing NEXSMS for manufacturing security. - Integrated monitoring about inbound/outbound traffics to detect various threats
- Advanced detection and monitoring to prevent various threats
- Can detect and monitor abnormal symptoms through Big Data analysis about various data & logs
Big Data based data
collection and
processing
detecting various intrusion
detecting data loss/leakage
detecting malicious
code/virus/worm/ransomwa
re/etc
Abnormal symptom
detection through Big Data
analysis (using UEBA)
“collecting various
structured/semi-
structured/unstructured
data & logs”
[ERP] [HR DB]
22
Data Source
Manufacturing System (MES, ERP, SCADA, etc)
CMM (Coordinate
Measuring Machine)
Sensor Data
PLC (Programmable Logic
Controller)
Protocol Data
IT Infra Data
ETC
Data Source
Structured/Unstructured Data Integration
DB Connect
TCP/UDP
Data Transfer
Data Filtering
Big Data Engine
Big Data Engine Batch Data
Analytic Data
Real-time Data
Smart Engine
Analytic Engine /Monitoring Engine
KPI / Scenario
Analyzer
Function
Alert
Summary
Scheduling
Big Data Platform
Publisher/Reporter
Analytic Engine /Monitoring Engine
Dashboard
Monitoring
Analyze
Alarm / KPI
Analyzer
Predictive analyze
Analyze chart
Correlation analyze
Report
Raw data report
Excel / PDF export
Various forms support
OPC
Dynamic threshold
23
Message/
Event Queues Log Files Databases AP Digital I/O Analog I/O RS232/RS485
Databases Networks Virtual
Machines Smartphones
and Devices
Custom
Applications Security Web
Server Servers Machineries, Facilities, Measuring Tools, etc
Alerts Wire Data Metrics Changes Scripts Configurations Log Files Tickets
Big Data Engine
Collecting
Any types of data and logs from Smart Factory (Unstructured/Structured/Semi-structured)
Pre-processing
Cleansing
Storing
24
Machineries, Facilities, Measuring Tools, etc
Databases
Networks
Virtual
Machines
Smartphones
and Devices
Custom
Applications Security
Web
Server
Servers
Real-time
or
near real-time
collection
Monitoring
Simple Monitoring
Composite Monitoring
Symptom detection
25
Simple Monitoring Composite Monitoring
FW : inbound traffic status, allow/block status, etc
DRM/DLP : Document encryption/decryption, Carry-
in/out status, etc
Machine & facility : run/idle/down status, identifying the
cause of idle/down, etc
FW+DRM/DLP+Mail : Leakage of internal data
Security solutions + Machine&facility : Identifying the
interruption or malfunction by security threats
Root cause : Searching the path of a malicious code,
Identifying illegal actors, etc
26
Symptom detection
Developing of scenarios or cases based on UEBA
Verifying scenarios & cases
Ease and flexibility of scenarios & cases application/ implementation
Simple & complex scenarios & cases
Dynamic thresholds
Detecting symptoms based on scenarios & cases
27
Real-time/Non real-time/Near real-time
data and logs, etc
Monitoring
Rule-set
Scenario/Cases
Accumulated Data
“Analysis Engine”
28
Accumulated
Data
Analysis Engine
based on Big Data
Real-time/Non real-time/Near real-time
data and logs, etc
Statistical analysis
Regression
Cluster analysis
Sensitive analysis
Scatter analysis
Abnormaly detection
etc
Machine learning
Unsupervised learning
Peer analysis
Supervised learning
etc
“Advanced monitoring for prediction & analysis”
29
Pre-defined
Dashboard
Searching Visualization
Statistical monitoring Root cause
- simple searching (single condition)
- complex searching (multiple conditions)
- drill-down searching for root cause
- various searching with keyword, time, etc
- Various types of chart or table, etc
- Readability,
- Mean, Frequency, Variance, Standard
variance, etc
- Top 10, Min/Max, etc
30
Modularity
User-defined
Dashboard
Configurable by module
Drag and drop
Easy configuration through
wizard
Flexibility
31
Wizard
User-defined
Dashboard
5. Summary
32
33
When building a smart factory, the security should be considered.
If not, planning and applying the security is needed as soon as possible.
But there is not enough expertise in IT and security in the manufacturing industry.
So, we need
Planned
Security
Phased
Security
Continuous
Security
Integrated
Security
Predictive
Security
34
Planned
Security
Phased
Security
Continuou
s Security
Integrated
Security
Predictive
Security
Environment
analysis
Asset analysis
Threat analysis
Risk analysis
Etc
Identifying threats
and risks
Prioritizing the
perceived security
threats and risks
Applying the
phased
countermeasures
Identifying threats
and risks regularly
Implementing an
appropriate
countermeasure
Repeating the
process of
identifying and
implementing
Regular security
training
Integrated security
for the effective
security
management under
limited resources
Integrated security
monitoring like total
log management,
abnormal symptom
detecting, relational
analysis, etc
Predictive security
management
through the data
mining and machine
learning, etc (using
accumulated data)
It is the ultimate
goal of using smart
data for securing
smart factory
THANK YOU Do you have any questions?