Companies have been using Internet of Things (IoT) devices for a long time, from agricultural companies monitoring weather and crop conditions to industrial companies tracking the output and safety within manufacturing facilities.
In the manufacturing industry, using IoT devices is an easy way for companies to make processes more efficient. Tony Del Sesto, technical fellow at MxD, a Chicago-based public-private innovation center for advanced manufacturing, said IoT allows manufacturing companies to do better continuous improvements, a necessity for staying competitive in the industry.
“If you’re a manufacturer and you’re not doing continuous improvement, or your competitors are doing continuous improvement better than you are, you’re not [going to be] in business very long,” Del Sesto said. “IoT allows you to do things in applications and solve problems that you just can’t do manually, and that’s primarily because of speed.”
IOT DEVICE MANAGEMENT BASICS
- Provision devices using standard provisioning protocols.
- Take extra care when adding legacy technology to the network.
- Take failure into account when planning device orchestration.
- Educate employees on cybersecurity good practices.
- Adopt zero-trust security measures.
- Choose low-maintenance devices.
- Train and upskill employees on IoT device management.
Seve Carnera, solutions consultant at FourKites, a real-time supply-chain visibility platform, said companies in the logistics industry are dependent on IoT for tracking shipments.
“For example, a Costco distribution center may have 1,500 to 2,000 trailers out in the yard somewhere,” Carnera said. “Their challenge is to be able to identify where those trailers are located at any given point in time.”
“IoT allows you to do things in applications and solve problems that you just can’t do manually, and that’s primarily because of speed.”
IoT can accelerate processes by giving companies real-time data and visibility, but having a lot of devices can be a maintenance and security headache. In those cases, it’s even more important to have the right procedures in place for IoT management.
“The ones who are really into IoT are using thousands [of devices] and the implication of that is you need to have automation to be able to provision them,” said Stephen Mellor, CTO for the Industrial Internet Consortium, which works on improving standards and technology for industrial companies. “That’s actually a major problem.”
Provisioning, which refers to identifying and connecting devices to a central system, is the first step of the IoT device management process. That’s followed by orchestration, where devices are configured to work together, and finally the ongoing process of updating devices and maintaining their security.
Provisioning Devices: The First Step in IoT Management
Devices need to be activated and incorporated into a company’s existing suite of IoT devices before they can be used. Doing that successfully for new devices takes several steps, starting with the IoT system identifying each new device.
“It has to do with discovery, ways in which you can identify yourself to other parts of the system,” Mellor said.
Just like people need a common vocabulary to communicate together effectively, devices need a shared protocol to join established networks. Companies can use specific standards that are created for the complex communication dance associated with provisioning devices.
Sometimes provisioning is complicated by devices that aren’t easily compatible with modern protocols. Many companies in the manufacturing industry, for instance, have existing technology that predates the internet and IoT devices. For those companies, provisioning not only involves connecting new devices but sometimes also connecting old devices to a new IoT system.
“Most manufacturers are brownfield operations, which means they’re established, they’ve been around for a while,” Del Sesto said. “They’re using older equipment, legacy systems, legacy networks.”
“You want to find simple ways in which you can connect things to standards and then go from there.”
It can be tricky combining new and old systems without breaking either and forcing an operations shut down, but doing so is crucial for older operations that want to take advantage of the opportunities offered by IoT systems. Mellor said using resources such as the Industrial Internet of Things Connectivity Framework can help companies navigate old and new protocols, and get them to work together.
“Because what you don’t want is to redo everything,” he said. “You want to find simple ways in which you can connect things to standards and then go from there.”
Devices are not necessarily all provisioned together, but rather in an ad hoc manner. Shash Anand, vice president of product strategy at SOTI, an IoT management company, said employees in the field sometimes add devices without the knowledge of the IT department — these devices are known as “shadow IT.” He gave the example of a company he worked with whose lab technicians bought smart temperature sensors in order to monitor lab temperatures, but the devices were never properly onboarded. As a result, they weren’t being managed with the rest of the lab’s devices.
Companies should try to uncover and incorporate shadow IT into the centrally managed IoT network as early as possible because the best way to get optimal use from devices is by taking them through the correct orchestration and maintenance steps.
Orchestration Needs to Take Failure Into Account
Mellor said the second step of the IoT device management process is orchestration, which makes sure connected devices are able to work together properly and can be controlled centrally. That means configuring more than just the IoT devices.
“It’s not just the devices, it’s also the computers and the servers and various other elements that you have that make up your system — so you need to find a way to bring all these things together, making them work together as a single whole,” he said.
The ability to control IoT devices centrally allows companies to save time and money. It can get expensive to send employees to physical locations for standard maintenance issues like checking the health of devices and pushing updates.
“In a large enterprise, like a huge retail outlet, these guys are challenged because it takes them somewhere between two to three weeks to get to all the different stores that they have and ensure that the firmware has been properly updated,” Anand said. “It’s a lengthy process, it’s very cumbersome and it takes a long time.”
“It’s not just the devices, it’s also the computers and the servers and various other elements that you have that make up your system.”
The goal of orchestration is to have IoT devices working smoothly together, but part of the process involves planning for when steps don’t go as planned. That’s especially important for the infrastructure that controls and monitors the devices.
“You have to find a way to orchestrate all the servers to work together in some way and that must include failure,” Mellor said. “If that server has died, then you need to find a way to ensure that everything gets shifted.”
Managing device failure in IoT systems is a priority for manufacturing companies because normal operations can depend on a company’s ability to monitor production by getting real-time feedback from IoT devices.
Del Sesto explained that the benefits gained from IoT are a double-edged sword: It can speed up processes, but failure at critical points can make companies lose even more output than it would have otherwise. For industries like manufacturing where IoT can dramatically increase efficiency, the opportunity cost of having IoT systems go down can be serious. It’s much better to do regular maintenance of devices, servers and networks to ensure things run smoothly all the time.
Securing IoT Devices Against Attackers
Security is a big concern in the IoT world. Insecure devices can easily let hackers penetrate systems and access sensitive information. And it’s not just IT departments that should be aware of these security concerns — because of the number and variety of access points, employees also need to work with their companies to keep systems protected. Del Sesto said companies in the manufacturing industry could have thousands of connected devices.
“Within the factory, you have lots of different systems,” he said. “There’s more and more computers, more and more servers, more and more microcontrollers.”
Employees should practice basic password management and be vigilant against phishing attacks. As a whole, companies can take preventative measures that reduce risk by preventing attackers from gaining access to the whole system if one part is compromised.
One such method involves building a zero-trust network, where sections of the system are segmented off from one another and only approved communication is allowed to go between servers. Because segmentation makes it harder to communicate across a system, it has the potential to interfere with devices’ ability to work together. But using zero-trust methods properly reduces the risk, and Del Sesto said it’s becoming a popular way to manage security.
“Is the board aware of this issue? Is the board investing in this issue? Is it putting money where it needs to be?”
“Rather than doing anti-viruses, which is checking for bad stuff, you set up the network so it only lets through stuff that it knows is good,” Del Sesto said. “Most manufacturers know what they need to communicate. When they look at the IoT ecosystem, they know that a particular type of information needs to go from place A to place B, so they structure the systems so only that information can go from place A to place B.”
IoT device security also extends to the devices themselves and how they were built. Mellor highlighted the difficulty a manufacturing company might have with securing devices individually if it sources many different kinds of devices from different vendors.
“That factory is going to have all sorts of components bought from all sorts of places,” Mellor said. “So what you need to be able to do is to get evidence that your supplier is trustworthy.”
Verifying IoT suppliers may sound burdensome, but Mellor said it’s an important part of the IoT procurement process. Companies should ask vendors about their investment in security when shopping around and whether there are built-in checkpoints that ensure security.
“Is the board aware of this issue? Is the board investing in this issue? Is it putting money where it needs to be?” Mellor said. “The kind of thing you’re looking for is evidence of their processes, so they can show you, ‘This is how we developed this. These are the things that we thought about. These are the compliance tests that we have run.’”
IoT Devices Should Allow for Flexibility in Management
It can be daunting to manage a large fleet of IoT devices, but companies can set up devices so updates don’t take as much time. Carnera, from FourKites, recommends that companies think outside the box when choosing devices.
“The important thing that I think organizations need to understand is to try and get as maintenance-free as possible,” Carnera said. “What we try to do is simplify that by the use of inactive capacitor tags.”
FourKites uses RFIDs to track shipments on trucks, which allows the company to make more accurate projections of product delivery times. Carnera said the company chose between two types of RFIDs: active and passive. Active ones last much longer, but they are more expensive and need to be recharged and maintained. Since passive RFIDs still last many years and only cost a few dollars, FourKites decided to use them and also gain the benefit of not having to do regular maintenance on more devices.
“Conversations tend to be focused on technology, but what many [companies] tend to forget is the people of the equation.”
It also helps if companies have the flexibility of managing IoT devices however they want instead of being locked in to device manufacturer’s own proprietary management systems. Anand said to beware of IoT device makers whose products aren’t compatible with other systems.
“You want a third-party system to be able to give you that holistic view — and as you know, in IoT there’s really no standards out there,” Anand said. “It’s just like when you want to buy an IoT device at home, you want to make sure it’s compatible with your central system.”
It’s also important to consider the learning curve associated with IoT management. Companies should invest in training and upskilling employees so they can learn to take care of and make the best use of the company’s IoT devices.
“Conversations tend to be focused on technology, but what many [companies] tend to forget is the people of the equation,” Del Sesto said. “People are extremely important, and they are really the heart of any factory. You have to start asking yourself, ‘Who’s going to install it? Who is going to maintain it? Who’s going to use it and operate it? Who’s going to fix it, when it breaks?’”