The following is an opinion-editorial provided by Howard Grimes, associate vice president for institutional initiatives at The University of Texas at San Antonio, and Peter Koudal, senior research scientist of GE Research at General Electric Company.
By investing in digital and smart manufacturing, the U.S. can lead the world in manufacturing productivity, energy efficiency and innovation. But we must do so in a cyber secure manner. The challenge is enormous and the complexity of cybersecurity grows bigger every day with the explosion of digital linkages between manufacturers, suppliers, customers and employees along with the digitization of products and services. Digitization directly leads to increased energy efficiency, productivity, overall equipment efficiency and cost savings throughout the supply chain. Digital communication is critical for this smart manufacturing ecosystem, but our current legacy internet infrastructure – ARPANET, the precursor to the internet is 50 years old this year – was never designed with security in mind. Consequently, digitization of automation and manufacturing supply chains expands existing cyber-attack surfaces and creates new ones every minute of every day. We need to rethink the economics of cybersecurity and how we build cyber systems for the future of manufacturing.
According to Cisco Systems, the number of nodes in the Internet is expected to reach 50 billion by 2020, including humans, machines, devices, companies and government agents. Because each new node potentially exposes all network participants to cyber risks, essentially, the risk of the network correlates with the number of nodes in the network. This is what we posit is the other side of the coin to Metcalfe’s law, which states that the value of a telecommunications network is proportional to the square of the number of connected users of the system. Indeed, these attack surfaces across the network are of great interest to adversarial nation states and other threat agents as vehicles to damage our economy; destroy our energy, communications and logistics infrastructure; disrupt our manufacturing supply chains; and harm our soldiers and citizens. The 2019 President’s Budget includes $15 billion for cybersecurity, representing an increase of more than 4% in a single year. According to William Evanina, Director of the U.S. National Counterintelligence and Security Center, “The U.S. loses $400B a year due to IP, trade secrets, and other data thefts.”
We must fundamentally change our approach to cybersecurity and develop a new business model that enables a secure digital transformation to propel America to the forefront of manufacturing competitiveness. The new cyber secure paradigm must leverage emerging digital and economic tools to drive security and trust in cyber space. New digital technologies, such as pervasive cloud computing, peer-to-peer computing, advanced mobile networks (e.g. 5G networks), distributed networking and storage, secure distributed ledgers, crypto contracts, quantum key distribution, and trusted identity keys and digital passports are increasingly available for industrial applications at cost points significantly lower than those of legacy technologies. Enabling new microeconomic models with dramatically lower transaction costs will drive positive alignment of the actions of humans and machines with cybersecurity and business goals. These technologies enable the design of new cyber-secure architecture and systems that lead to newfound innovation in manufacturing supply chains while dramatically lowering system and transaction costs.
In this new world of cyber-secure manufacturing innovation, all participants in cyber systems (humans, machine tools, robots, network operators, companies, government agencies, etc.) can become economic participants in designing, implementing and operating a more secure cyber world.
The U.S. Department of Energy has recognized both the economic reality of current cybersecurity models and the growing cyber threat in this new world of digital manufacturing. They have asked nothing less than to rally to a common vision to create a cybersecurity approach and architecture that will unleash American manufacturing innovation for decades. A new cyber architecture must be industry-driven and result in a suite of methods, standards and tools that are rooted in the concept that everything in the manufacturing supply chain has a unique authentic identity, addresses the comprehensive landscape of complex vulnerabilities, and that can be economically implemented in a wide array of specific machines and environments. We must design systems of systems where cybersecurity is no longer a dreaded cost of doing business but a productive investment to drive growth and profitability in digital manufacturing. Achieving this new vision of digital manufacturing also requires a cyber-savvy work force. It is well known in the cybersecurity world that amateurs attack systems while professionals attack people. The “human in the loop” needs to become a cyber asset instead of a cyber risk. This new cyber architecture can create new job opportunities for tens of thousands of people. Not only are new jobs created but they are in exciting and vibrant innovative work environments as opposed to the iron foundry that one of us worked in as a young adult.