The manufacturer set particular importance on the following requirements:

1. Remote access: Technicians should be able to perform remote maintenance on the machines at any time. This would allow any necessary action to be taken more quickly, reducing or even eliminating downtime. Furthermore, it would reduce the cost of traveling to the production sites as well as the CO2 footprint of the company.
2. Data collection: In order to optimize production lines, various process data should be collected and then compiled and analyzed at a central location.
3. Use of custom software: Last but not least, an industry-specific requirement had to be met: Each of the manufacturer's components is marked with a part number. This number is associated with various data from the production process, such as temperature, date and time or production location. The solution also needed to be able to capture this data using the manufacturer's own software, which was already in use before the digitization project. With this data it is possible to ensure the quality of each produced piece and also solve warranty or liability issues if they should arise.

Cybersecurity as a requirement

IT security should also be guaranteed at all times - a requirement for the manufacturer before starting digitization. For good reason: "As soon as machines and systems are connected to the internet, they are also threatened by web-based risks, such as malware that can be used to steal, encrypt or manipulate data. Every networking point becomes a potential entry point. Attackers are taking advantage of increasing interconnectedness and designing their malware in such a way that it can spread quickly from one production line to another. This can cause incalculable damage to a globally networked organization through business interruptions. It is almost impossible to close security gaps in an existing digitization solution retrospectively, and the costs increase exponentially depending on the project phase," says Raphael Vallazza, CEO of Endian.

EndianOS: The Linux advantage

Endian is providing a platform that can be used to connect and secure both IT and OT networks. The Endian Secure Digital Platform was developed according to the principle of "security-by-design" and therefore prioritizes security both during development and throughout the entire product life cycle. The platform is built on its own Linux-based operating system, EndianOS.  Thanks to a security-oriented configuration, EndianOS is a so-called "hardened Linux" that is highly resistant to potential threats.

EndianOS also offers numerous protective measures that are important for digitized companies. These include, for example, the establishment of a zero-trust architecture, which can be used to define fine-grained authorizations for different players in the network. The network visualization enables a quick overview of all connected devices and is the basis for network segmentation, which is the first fundamental step towards improved security.

Secure connectivity via IoT security gateways

In network segmentation, networks are divided into different zones and separated from each other according to their protection requirements. At the plastics manufacturer, each production line represented a separate segment. An Endian 4i Edge X gateway, which is equipped with several harmonized security functions, was used for the separation in each case. At the same time, these gateways allow secure, bilateral data exchange via VPN. This enables technicians to access the machine to carry out remote maintenance and software updates, while data can also be collected from the machine and transferred to a higher-level cloud.

Edge computing and container technologies ensure flexibility

Thanks to the strong computing power of the gateways, it is possible to analyze the machine data in advance on site. This reduces the data transfer rate and therefore saves costs. The gateways also have sufficient storage space to temporarily store the data in the event of an interrupted internet connection.

The EndianOS also allows the use of container technologies so that individual company applications can be implemented directly at the edge of the network. The plastics manufacturer had developed its own software to collect the relevant machine data. Using the Container Management Engine (CME), in this case Docker, the application, stored in a container, can be quickly transferred to another machine. This process can also be automated, which minimizes roll-out times. Another advantage of software containers is their independence from an operating system, i.e. they work equally well on Windows, Mac OS and Linux. This point is particularly important, as it enables the same software to be operated in heterogeneous machine parks and production lines, which may all be equipped with a different operating system.

Containers also contribute to data security because they are completely independent of each other. If one container fails, all the others continue to run. The Endian 4i Edge X gateways are configured in such a way that not even Endian itself has access to the data received, and there is no backdoor that could be used to read the communication. For highly innovative industrial companies that invest large sums of money in research and development, this argument is another plus point.

Conclusion

Linux-based operating systems offer companies the security and flexibility they need for their digitization. EndianOS enables the simultaneous management of IT and OT systems and is therefore particularly user-friendly.