Top 10 Design & Security Tips to Elevate Your SCADA System

61 min video  /  55 minute read Download PDF View slides


Don Pearson

Chief Strategy Officer

Inductive Automation

Travis Cox

Co-Director of Sales Engineering

Inductive Automation

Every day, the worlds of OT and IT continue to blend together and access to data becomes more vital. That’s why it’s more important than ever to embrace modern technology and security standards through ‎collaboration with IT to provide more robust, efficient automation systems and minimize cybersecurity ‎risks.

Join Inductive Automation’s automation experts to explore 10 tips for better SCADA UI/UX design and best practices for security, so that you can head into 2022 with greater confidence in your control system.

  • Increase data efficiency with MQTT
  • Establish consistent navigation strategies
  • Secure all connections
  • Learn high-performance HMI techniques


Episode Transcription:

Don: Welcome, everyone. And welcome to today's webinar, Top 10 Design & Security Tips to Elevate Your SCADA System. I'm very pleased you could join us today. My name is Don Pearson, Chief Strategy Officer here at Inductive Automation, and I'll be moderator for today's presentation. The presentation here is coming from Travis Cox, he's Co-Director of Sales Engineering at Inductive Automation. Travis, I think probably everybody knows you, but we do have some new people on here, so I always like to have you take a minute to introduce yourself.

Travis: Thanks, Don, happy to be here. So as Don said, I'm Co-Director of Sales Engineering at Inductive Automation. Our team is the Solution Architect Team, so we have most experience with implementation and of course, with the Ignition platform, and we help our customers and partners apply the best practices, find the right architectures, and understand how to configure Ignition to solve their challenges.

Don: Thank you, Travis. And so let's just take a quick look at today's agenda for the webinar. First, we'll discuss why UI/UX and security considerations are so critical to control systems, then we'll go through our list of top 10 tips to elevate your system, and we'll finish things up with an audience Q&A, as we always do. I know there are a number of people that are new to Ignition. For those who don't know, a little bit of background about our software platform, Ignition. It's an industrial... a universal industrial application platform for HMI, SCADA, MES, and IIoT Solutions. It's used by 54% - 55% of Fortune 100 companies and somewhere around 35 or 40 of Fortune 500.

Don: The latest version is Ignition 8.1. It has, you can see some bullet points here on the screen for some of the features: An unlimited licensing model, cross-platform compatibility, IT-standard technologies, a scalable server-client architecture, web-based, web-managed, web-deployed designer and clients, modular configurability. So you basically use Ignition for what you need and keep adding modules as you need more functionality and rapid development and deployment tools. So I guess the question is, why should you care about UI and UX and security? 

Don: Well, I think the worlds of OT and IT are continuing to blend together more and more, access to data has become more and more vital to organizations, and that counts both for who should have access to that data, as well as who shouldn't have access to that data. Today, we'll talk about UI/UX, which is all about users, how users are really interacting with data and how efficient that interaction is. Is that data easy to find? Is it clear what data points are important? Can users recognize important information from across the room? 

Don: We'll also look at cyber security, as companies become increasingly reliant on technology to expand and to improve their operations, keeping your software and hardware secure becomes equally important. So that's just kind of a little set-the-table for today's discussion. So with that, let's start on the top 10 UI/UX and security tips to elevate your SCADA system. I think that's your cue, Travis, to take over.

Travis: Alright, well, thank you, Don. Thanks for the introduction. So here is the top 10 list that we're gonna go through today, and we really wanted to share this top 10 over all the years of helping customers with their solutions today, especially how people are developing their systems today. We really wanted to give you the top 10 things you should look at when you're approaching a new application or when you are approaching maybe an upgrade of a system, so that you could put the best UI/UX possibilities forward, as well as, of course, you could apply the best security that you can.

Travis: So I'm just gonna quickly read through these tips here, and then we're gonna go through each one of them individually. So tip number one is to determine your navigation structure, as navigation is vitally important to applications. Two is understanding cognitive load. Three is using visual hierarchy in your applications. Four is to incorporate high-performance HMI techniques and leverage those. Five is leveraging mobility and the magic of mobile and what you can do with that. Six is understanding and securing all the connections within your network and your systems. Seven is employing two-factor authorization and single sign-on.

Travis: Eight is leveraging DMZs and how they can help you. Nine is decoupling devices from applications, and the last one is leveraging new smart sensors and how that can provide a lot of value to you. So let's start the countdown with navigation structures. When designing control systems, you need to determine your navigation strategy. We can break this down further into the organizational structure of the screens in your system.

Travis: Here are examples of two different types of navigation strategies. Broad and shallow starts with the home screen, which you can then navigate to every other screen. This is useful when you have a lot of overarching categories, but with only a few pieces of information in each, as the strategy requires fewer clicks and allows users to see all options at one time. Narrow and deep limits the options from the home screen and allows you to dig further down, depending on the action taking place. This strategy is useful when you only have a few categories, but each one contains a lot of information, especially for workflow with multiple steps.

Travis: Now, let's zoom into one of those screens themselves to discuss layout. Picking a layout is a step that can be easy to gloss over, but it's integral for users who will be constantly interacting with the HMI. As you can see in the graphic, the screen is broken into home link, navigation links, system information, content title and content, but how it is all presented can have a ripple effect on how useful any of this information is. So let's take a closer look at a few of these components.

Travis: The top header is ideal for primary navigation because thanks to years of web use, we intuitively look at the top of the screen. This placement also reduces confusion by separating the page's content from the navigation. Keep in mind that a horizontal navigation does restrict the number of links you can include, so it may be better suited for a narrow and deep structure. For more complex navigational systems, a secondary top header may be useful, it has the same advantages and disadvantages as a primary header, but also, but allows for more options if the horizontal layout leaves you feeling a little stifled.

Travis: Side navigation is frequently combined with one or more top headers to assist with more complex navigation. It's especially effective if there are multiple linking objects as a vertical structure naturally lends itself to scrolling and doesn't limit you to the dimensions of the window. Tabs are also a great navigational choice for large applications because they are so intuitive. It's easy for operators to recognize that they're looking at different information when they click a new tab. This setup allows you to efficiently display content by splitting it across multiple tabs.

Travis: Now, let's take a look at some examples of this in actual HMIs. So here's an example of an HMI where this was just basically one screen that we started with. There was no top navigational header, there was no left navigation pane, but within this, there was the ability to navigate, you can click on things and go to different areas or look at different lines, but by looking at the screen, it's very hard to understand what that navigation is and how I should be interacting with it or if there's just more information that we should be looking at.

Travis: So if we apply some of the techniques by leveraging the proper headers and location of this content, we can get something like this, where you can see it's clear at the very top what the page we're looking at is, we can see that there are tabs that we're using here to be able to go to and navigate to different areas, looking at the line state, OEE by area, the skid load count, and then over on the right-hand side with the drop-down list, we can see that we can choose a different line here, but it's very very clear to the user how they interact and how they would leverage this.

Travis: Now, we're gonna go through many more techniques in UI/UX, but you also see that we fixed a couple of other issues in terms of use of color and placement of these objects, but it could be a drastic improvement. Simple little techniques can make the experience of a user... For the user, much more enjoyable. Now, our demo project at  leverages the navigation pane on the left, and this one has more of a deeper structure as we can go explore different features of Ignition with that. And this is also really perfect for mobile-responsive design, where if I go to a phone or tablet, of course, that menu can be collapsed, can be hidden, and then I can bring it out with the hamburger icon. I'm sure a lot of people are familiar with those kinds of navigational strategies. So it's really, really important to kinda get the navigation set properly at the beginning.

Travis: Now, once we have that in place, the second thing to look at is understanding cognitive load. So what is that? Cognitive load describes the effort required to create a mental map of how a system works. The human brain can only process so much information at one time, so you need to focus on what's important and get rid of extraneous information. One of the main ways to accomplish that is by removing visual clutter. This means getting rid of any visual elements that don't add critical information. Just looking at this slide, your eyes immediately jump to the words "remove visual clutter." That's the same concept you wanna be thinking about when designing your application, you're guiding the user's eye.

Travis: Using alignments and grids seem straightforward, but it really makes a huge difference. When elements are aligned, it's far easier to visually understand how they're related. Grids add rhythm and order, creating a set of visual rules that form the backbone of your interface, introducing uniformity and familiarity. That way, even if a user hasn't seen a certain screen before, they'll be able to anticipate where to find navigation, data, and imagery. This goes back to the same principle of looking at the top of the screen to find the navigation bar. People today read more words each day than any other point in history, but the truth is that we don't actually read most of the time. We scan. Our eyes jump around from element to element looking for the right information.

Travis: To optimize for this behavior, you wanna do a couple of things. Make sure that your information is organized left to right, top to bottom, and for this example, we're assuming English. Try and use short phases or bullet points... Short phrases or bullet points and wrap up your data under a meaningful sub-headline. Limit your text to two or three fonts or font variations, like a color change. Making something bold or italic. Too many variations feel distracting, but when you limit your variations, you have an interface that feels more cohesive. There's more rhythm and you maintain that impact.

Travis: Also consider pairing icons with your text. Icons act as a visual break, but be careful, you wanna make sure your icons are simple and easy to read, and that you always pair them with text because not everyone interprets icons the same. And leveraging flat icons is certainly much better than leveraging more 3D or colorful icons. Continuing with the icons idea, being descriptive with errors. Icons won't cut it on their own, specificity is always appreciated when it comes to finding out what needs to be fixed. Finally, keep all text left aligned.

Travis: The last point we'll cover for cognitive load is the idea of consistency. Consistent UIs match user expectations and make it easier for them to interact faster and more accurately. Make sure that your imagery looks like it belongs together, you'll end up with an interface that works better and looks better too. Make sure to stay consistent with your terminology, if two buttons have the same action, use the same term. Having different words for the same action can be very confusing, your aim is to make sure the interface is intuitive. Lastly, when adding elements, don't ignore the visual rules that you've created for your layout, reuse them, it'll make your life easier and your users' lives easier as well. Now, let's see how cognitive load works with a few examples. Here's our first example. On the left, we didn't necessarily use a grid... Grids properly or break up the data into different sections. We also had very different kinds of use of fonts and font variations.

Travis: And as you could see at the top where it says “product loaded” and the actual products, there's no distinction between the actual title and the data of that. And there's all different kind of colors that are useful here... Used when using it, plus there are visual elements that don't really add much to the actual meaning of the data and how critical that information is. On the right, you can see that now we've leveraged the idea of having, very clear at the top, a separation of what the header is and what we're talking about. We've organized into a grid format. Very easy for our eye to move around and see what's happening. The use of color is really important here, we're very consistent with that use of color and the fonts. And you can see the font variations that let us know what's titles and what's data, and we're consistent with that throughout the entirety of that. So it's really important to leverage these techniques.

Travis: The second example here is another one where it's really about... With a redesign, is removing a lot of that visual clutter, and again, being very consistent with how we do things. As you can see with this one, we are definitely using icons with various actions and buttons, but we're doing it in a very consistent way. So hopefully you can see with using these techniques, it can make a huge impact and just do that throughout the entirety of your application. Now, let's move on to visual hierarchy and understanding how that applies. Visual hierarchy is about creating emphasis with an HMI, so that operator can recognize what's important quickly. This can be accomplished with the use of position, size, color and isolation.

Travis: Let's take a look at a couple of examples. First, consider size. Which square stands out for you? The large one, of course. That's because the human eye is attuned to finding patterns, and anything that breaks the pattern will immediately draw our attention. On an HMI, this means that the larger the element on the screen, the more attention it will command. But remember, size is relative; if all the elements on the screen are large, none of them will have emphasis over the others.

Travis: In this example, the orange square pops out because it breaks the pattern of gray squares. Just like size, color is relative, and the more color contrast with the surroundings, the more emphasis it will have. Complementary colors are ones that are farthest away on the color wheel, and therefore, are easiest to differentiate at a glance. This is especially effective when it comes to alerts. As you can see in the example, everything is blue, except for the section with the exclamation point, which is orange, and it immediately draws our eyes to find it. Here's maybe a less intuitive example. Which of these squares did you look at first? Depending on your background, this might be different, but in Western culture, we read from top to bottom, left to right, so the square at the top left commands more attention even though the squares are the same size and color. What this lets us do is break the screen into four quadrants. Quadrant one is the first place we look, and three would be the last place we look because we tend to go from top to bottom.

Travis: Keep this in mind when designing. You should put the most important information where users will instinctively look for it. Here, the square on the left stands out because it's isolated from the others. Isolation means an object has empty space around it. The more empty space around an object, the more emphasis the object will have. Now let's see all four of these aspects of visual hierarchy work together. And before we get to look at examples, you can use each of these techniques on your own or you can combine them to achieve an even greater effect. By using multiple emphasis techniques, you can create a hierarchy of importance for each element on the screen, experiment with different combinations to create your desired effect.

Travis: Remember that the goal of using emphasis in your HMI is to make a more effective tool in the hands of the operator. So here is an example of a HMI before, and we are leveraging some of these techniques. But again, where we place things, where we... On the screen in terms of the quadrants, in terms of the use of color and what stands out, that largely, we're gonna get to our next tip of high-performance HMIs, a lot of techniques we're using, we can apply these.

Travis: And you can see here, if I go to this next one, we are clearly putting our filtering or navigation area on the left, we're breaking our communications and status and the header into its proper areas, and of course, we are leveraging the use of color, so it quickly draws our attention to things that are wrong, and we're also leveraging a lot of the techniques we talked about here: Putting a lot of that together into a single screen. Let's go to another example. So here is another one, where this is before, if you apply some of these techniques here, we can get to something afterwards, where, again, we're breaking up into quadrants, we're being consistent with where our data is at, and we're creating that kind of visual hierarchy very easily as to what's gonna draw our attention. So immediately we're gonna draw our attention to the analog indicators at the top, and then we're gonna move ourselves around the screen so that we can get to all that data and really effectively use it. We'll see more examples as we go forward of all these techniques in play.

Travis: So leveraging, a lot of what we're talking about is high-performance HMI techniques. If you've looked at the books on high-performance HMI, the principle behind them are very similar to what we're talking about here, and they utilize designs and display that can help viewers make the best decision in the shortest amount of time with... After interacting with the HMI. So the idea is that somebody can easily come in, who has less training and understand how the application works and understand if there's any issues. But what does that look like? As an example, think about an analog watch versus the digital watch. The digital watch shows you numbers that tell you exactly what time it is. An analog watch can show you at a glance how much time you have until your next meeting. It requires more mental effort to do that with the digital watch.

Travis: Imagine having to do that without dozens of number... Imagine trying to do that with dozens of numbers crammed into a screen and understanding how that works. Another example here is a blood pressure reading. A lot of people would not know... If you look at the one that left, would not know whether or not that is a good or a bad result. The one on the right is more informative, it shows you that the reading is high compared to normal and where it falls on the spectrum of blood pressure readings. It shows us the current condition in relation to what it should be, so additional context is really, really important when looking at these interfaces. High-performance HMIs can look basic and simplistic, typically using grayscale rather than traditional graphics and bright colors.

Travis: Conceptually, this operates under the idea of visually contrasting critical and non-critical states. That way, when something does go wrong, a high-performance HMI will quickly guide the user to the source of the problem. Just at a glance, the red and orange draw our attention on the example to the right much quicker. And what are some of the tools that help you build the high-performance HMI? As you can see here, the left is the traditional, on the right, we're utilizing these different techniques for the high-performance, versus a sparkline chart, which displays a line chart history from a single data point and there are no axes. Typically, these are used to display recent history as a way to discern recent trends: is it going up, is it going down, what's happening with that value? Because they show contextual information in a very small amount of space.

Travis: Moving analog indicators are a great way of displaying whether a value is within a desired operating range or not. If I just see a value, I have to do that mental math to know, is it a right range or not? But with the analog indicator, I can see very quickly... Quickly it's within that blue range. And we can use these throughout the entirety of our applications, and it also will let us know if it is outside those ranges, it will use color and like red or orange when it has issues. And again, the contrasting colors are really important here, which is why it tends to lead to more grayscale.

Travis: A radar chart is a great way to display real-time information to quickly identify outliers to convey if a process is running on-spec or off-spec at a glance, especially with a lot of process values. So rather than putting a bunch of process values on the screen, we can leverage them in a radar chart as individual spokes here, and we can clearly see at a glance if anything's outlying. You can see on the left here, V temperature is outlying. We basically tune in, so that the middle point of every one of those analog values is the desired setpoint that we want, and if it deviates from that setpoint, it's very easy to see, so it's a really good tool we can use in our applications.

Travis: Having an HMI that's mostly grayscale gives you a unique opportunity to use color not only to create emphasis, but also reduce ambiguity. As you can see an example here, you immediately know which of the two pumps has a problem. So we use this quite a bit. So let's put it all together. Here is high-performance HMI, where we are using, you can see the sparkline chart, in terms of the tanks, so we can see how those tanks are trending. And in fact, we could have used sparkline charts a lot more, so we could have seen what those flow meters are doing, what the pumps are doing, all of that could have...

Travis: We could have had a lot more sparkline charts, and I'll show you an example where we do have a lot of those. We're using moving analog indicator in here to quickly see if things are within range or not. The use of color is very important, not only with our indicators, but our alarms indicators, and with the alarm indicator, it's over here on the right, with the orange upside down triangle, we're using redundant coding and that is the idea that I have a orange triangle, it's upside down, it has a number three inside of it, and if it was like a big alert, it might be a square red box with the number one inside of it, and you could use that, that redundant coding to really help you understand and get that context. So the more context we can provide the operators, the better the application's going to be at the end of the day.

Travis: So again, take a look at a couple of examples here. Well, this is one we showed earlier, but this one is very much using those techniques. Instead of, again, using the graphics, we can replace that, again, removing any visual clutter, things that are not necessary, we wanna show the data and get it to them... Yes, it's not sexy graphics, but it's much more intuitive for the operator, and we can really clearly see at all our analog values, look at the sparkline charts, how they're trending, if then we can see if... A lot of times, you can glean an issue just by looking at the trend. So I encourage everyone to apply these visual techniques for your applications and really design best practices or a guide for how people should create applications and create a standard that you'll use over and over again, that includes these different techniques.

Travis: Alright. Moving on to tip number five. When we do that, we create our application that's effective, and we're thinking about who's accessing it, we're designing it for the operators, and we're... That's who's gonna interact with it, that's who's gonna use it. We're not designing it for somebody... For a pretty screen that somebody's gonna look at. We're designing it because it's critical for operations. And when we have done all that, we're thinking about whether people are opening it on plant floor, on TV displays, in their offices, on their laptops, and also now with, on their phones and tablets. Leveraging mobility is really important, especially today, and the iPhone is on, what, it's 12 version, and if your SCADA system can't leverage mobile technology natively, well, we're kind of behind the times. I know a lot of people are resistant to it, but there's a lot of power that mobility can bring.

Travis: It gives operators and managers access to data everywhere, and it can tap into things like GPS, camera, Bluetooth, NFC, and more. It also gives you the option to use the cloud for deploying read-only applications. Now, majority of the time, we're gonna leverage mobility within our on-premise networks. So that will require having WiFi, where people can easily have their phone out, they can open up the application and leverage it. And with that, there's native apps that leverage phone sensors, and we can use cameras to take photos of our faulty machine or we can scan barcodes, including QR codes to give our systems instructions, or give our people instructions, or they help us get to relevant areas of the application.

Travis: We could take readings or photos in the field and tag them with GPS and other sensor data. We can use GPS for geo-fencing. We can connect to Bluetooth Low Energy devices and read in that data, and many other practical applications. Now, one of the most exciting things, I think, and the pandemic has happened... When the pandemic started, is that people wanna get data remotely. Well, it's really... That's the perfect use. Right? We wanna be able to get data no matter where we are.

Travis: And of course, we wanna think about security, but we don't provide access to that data anywhere. There's really cool ways of being able to do that and do that in a secure and especially in a potentially read-only way, so that people can stay connected and can access the systems that we've put so much emphasis on, in building. And so here, for example, I'm leveraging... Showing an Ignition example, where I've got Ignition on-premise, that's our own local... Everything's local network. It's all good, people are accessing the applications locally, potentially with WiFi, they're using mobility.

Travis: But let's say they're at home or they're traveling, and you want to be able to see the application, well, it's easy to deploy an Ignition server in the cloud, in AWS or Azure. We can create a secure outgoing connection that's encrypted, that's read-only, that can provide data to that server. And then we can put that application to be built up there, and that could be accessible through a public address. Of course, that could be secured through HTTPS.

Travis: You want that green lock. We'll talk more about that as we go forward. But this is a really simple way. We have a lot of customers who just... They quickly put a server on the cloud, spun it up, got it connected, and were able to provide data to anyone, anywhere, of course, securely. And it was read-only, but they were able to stay connected and get that data and leverage that data and get the magic of what we're talking about here. So I definitely encourage everyone to take a look at that.

Don: Travis, that is great. I'm gonna interject here and give you a chance to take a breath, and also maybe to answer a couple of questions. Just from one point, anybody can put questions in the console, we'll get to them at the end. If we don't get to them, like, with a couple we'd take right now. One question is, would we make a PDF available for the version of presentation? The answer is yes, plus this will be an archived presentation, it'll also be archived and available on our site.

Don: So Travis, these are really some great tips, and I'm sure they are going to be very useful for people then deciding how to build their best systems tailored for their project, but we're at the halfway point now, so I was wondering if you might... I happen to know, having worked with you for the last, more than the last decade, that you have lots of gems of ideas, and we had to pick top 10. So my question, I guess, would be, can you interject a little bit here, just off the cuff, of what might be some other tips for improving HMI navigation, other thoughts you have that didn't make it to the top 10, and then we'll go back to our top 10 list afterwards.

Travis: Absolutely, there's a lot of great tips for navigation and we talked about some overarching ideas, but in general, think about affordance, which means making buttons and links look clickable. I've seen so many applications where you click on something and randomly it navigates somewhere else, you had no clue, there's nothing that lets you... Any indication lets you know it was navigable. And so have it be underlined with the hand icon, you put your mouse over it, or have a blue border or some border around that lets a user know that it's an actual button.

Travis: Also use page names, use back buttons. Or you can create... A lot of people really like breadcrumbs, where you can go between different things. Separate categories from utilities, and it's just... There are so many good techniques that are out there, but really put a lot of thought to it at the beginning, I mean, ultimately, if you plan it properly, you can create a very effective system.

Don: That's great, Travis. I just wanted to interject a couple of things there, thanks for doing that, and also just a little plug for you and the team in Sales Engineering, your team is always willing to help out with anybody, in terms of both architectures, design, the aspects of things you're talking about, we're available to help any way we can to anybody here that would like to take us up on that.

Don: So I broke in at this stage, partly because the first tips have really mostly applied to design, but we've got two parts to the webinar tips, so now we'll change gears because these next few tips are gonna be focused on security. So with that, take us forward, Travis.

Travis: Absolutely, Don. And obviously, you wanna create a very effective system, you wanna design it well, but we also wanna get data to everybody and we wanna leverage mobility, but we've gotta do that securely, we've gotta think about security and have... Really put that at the forefront. Make it a priority. And the first thing to really look at, and the biggest tip here is to understand all the connections and how we can secure those connections. As a developer, I'm sure cybersecurity is something you think about a lot, so let's explore a few of the tools for, to be able to look and identify and secure these connections.

Travis: First things first, here's a general architecture. I would definitely suggest make... If you have an architecture diagram, build one. Understand all the connection points, put your routers and switches in there, put everything you have, really fully understand that. And then when you do it, identify all the connection points early on and whether or not we can secure those connections. We all know that a lot of PLCs are known to have insecure connections. For example, if I had a Modbus device. It's over at port 502. Well, if I knew the IP address and I was on that network, I can go and sniff and find those devices, and I can go and read and write. I don't need to have a username and password, there's not an encrypted connection, and all of that.

Travis: So we wanna be able to understand how this all works because that affects how we set up firewalls and how we set up our network and how we can make sure we protect it and put our best foot forward. We're later gonna look at how we can leverage edge devices to be able to protect some of the PLCs there, but ultimately, again, looking at all these connections, connections to people, clients, databases, application, other applications, the SCADA system, to PLCs and so on, make that audit and figure out how can make these connections encrypted.

Travis: Obviously, with applications that we're accessing from a client, we wanna leverage HTTPS. The S means that's encrypted through SSL or TLS. The encryption protects from snooping and session hijacking, and when you don't see that lock, it means your connection is not secure and you absolutely should not be putting critical information to the system, and we're all used to this, and of course, going to our banks and all of that, we don't want to put our credit card in to an unsecure site, we wanna make sure it's secure. And we could do that all locally, on our local systems, on-premise.

Travis: We're gonna talk about MQTT more later, but one of the benefits of using modern open standards like MQTT and OPC UA is that they have encryption built into them, the problem is they're not turned on by default, you have to be able to go and make sure that those connections are secure. Now, a lot of OPC UA connections are secure by default, but there are ways to make that insecure. Again, audit that, make sure you have all the connections being, leveraging security that's built as a standard or leveraging TLS.

Travis: A few ways to keep your OS protected is to enable firewalls, to restrict network traffic, we wanna remove any unnecessary programs, we wanna be able to make sure that the ports that are open in the firewall are the only ports we need, in the right directions that we need them, and of course, we wanna keep all of our patches and services up to date. I know it's increasingly more complicated as we go forward, but there are great automation tools out there that can help us do this. You also want to limit the ports in your system. Open ports that aren't being used are areas open for attack. Close off any of the ports you don't need. This tip may seem obvious to some, but I've seen plenty of examples of unsecured ports with open internet connections.

Travis: And now as the worlds of OT and IT are blended together, IT is getting more involved in OT, and of course, that's helping be able to really secure these systems. Last thing here is to really perform routine audits of your system, an audit keeps track of who did what and where they did it. When you have a detailed understanding of the traffic in your network, recognizing suspicious activity becomes immensely quicker. And there are some great tools out there that can continuously scan the network, that understand operational technologies, especially PLCs and things, so that we don't take them down, but that can help us see and discover what's there and provide us reports.

Travis: And there's obviously cost to these tools, but they can be vastly beneficial, especially as systems get more complicated. Alright, let's move on to the next tip, which is not only are we securing all the connections to applications or to different systems behind the scenes, but when the users access the application, we wanna employ the best authorization that we can. And today that is leveraging identity providers and corporate identity systems that employ two-factor authentication and single sign-on to both secure and streamline the log-in process.

Travis: So two-factor authentication forces the user to authenticate a login on a separate device, so that if someone steals an operator's password, they can't break in the system, they have to have that extra layer of protection, that second form. And that may sound tedious to do every time, but it's not. Right, these are built out. We're leveraging that right today, it's all like our consumer applications that we leverage on the cloud, like Nest and things that Google provides or that Apple provides, we're leveraging these identity systems already with Facebook and all of that.

Travis: Everything has this two-factor turned on. Well, we can do that same thing with our control systems, and these are leveraging identity providers that IT probably already has in place, things like PingID, Okta, Duo, ADFS, they have industry-leading encryption protocols through SAML and OpenID Connect, and they support this two-factor and SSO, so that you could go in there, and with SSO turned on, you can go log in, use that second form, verify your session, keep that session alive for a certain amount of time, and then you can navigate to any application without having to log in again. And so every one of the systems you use internally can benefit from that, and so I definitely encourage this. For example, at our company, Inductive Automation, it's a critical part of our cyber security stance, is that IT has this corporate identity system, and we want all the applications to be... To funnel through that, so we can see and trace who's doing what, who's getting in there. We can have that second form, and that could be a YubiKey, it could be a text message sent to a phone, it could be an email, it could be various things, but it not only makes it more secure, but it does streamline the process.

Travis: I promise, once you have it in place, people will not have that shared username and password on a sticky note anymore, they'll leverage these things properly, and will ensure that we are identifying and verifying the people who are getting to the applications. So beyond that, of course, we use security groups and security levels within the application to further lock down who can do what, but this is a great step we can put in place.

Travis: Now, another network technique that we can do is leveraging DMZs. DMZ is short for demilitarized zone. A DMZ network is a perimeter network that protects and adds an extra layer of security to an organization's internal local area network from untrusted traffic. A common DMZ is a sub-network that sits between the public internet and private networks, or the business network and the OT network, in terms of what we look at it for.

Travis: The end goal of the DMZ is to allow an organization to access untrusted networks, such as the internet and others, while ensuring its private network or LAN remains secure. So it is something that I've seen used a lot more, especially it's becoming commonplace, but if you're not doing it, you should definitely do it. There are a lot of benefits of a DMZ. The improved security you'll get by isolating or filtering, limiting traffic, preventing that from different network segments. You have better access control, you have improved monitoring along this, improved performance and you have better containment, right? So when something happens, it's much easier to contain issues with that.

Travis: So let me show you a couple of examples I think are relevant to Ignition. Oftentimes here, if you look at the Purdue model, you have Level 3, which is the OT systems. Typically, that's where SCADA sits. You have level 4, which is the business. And with that coming together, a lot of people wanna be able to get access to the application on the business side of the network, and they want to leverage that system, especially if you had WiFi. Typically, the WiFi is only on the business network, not on the operational network. And so it's really easy to deploy, to have a DMZ. So that's level 3.5 here. And in the DMZ, you can use... For example, with Ignition, you can have Ignition as a proxy node. You could basically have an Ignition server in the business that provides the application again. This is like the cloud example we showed earlier, but this is all on-premise.

Travis: And in the DMZ, we have this proxy node, so there's outbound traffic from level 3 to level 3.5, outbound traffic from 3.5 to... Or sorry, level 4 coming down to the DMZ, so there's firewalls in the DMZ that prevent the traffic. There's no way for the OT systems to talk to the business network directly and vice versa. They go through that proxy node. So we could... If a  risk was identified, we can eliminate the DMZ. We can turn it off, and we can maintain our security and local functionality. But what's important is that outbound traffic, no inbound ports in the firewalls are needed on our business... On our OT network, as well as even on the business network.

Travis: And so that allows us to effectively provide access to more data, and we're seeing more of that too when we look at data. We'll talk about MQTT more here on the next tip, but we can put our MQTT broker in the DMZ. We can have data being sent to that, and we can have business systems that are connected to their broker and get to that information. So DMZs can be leveraged for a lot of great... There's a lot of good use cases, but ultimately it provides a very high level of security because you have that network segmentation, you... By having that segmentation, you are really being able to limit what's going through, and you can have a much more robust and much more secure system.

Travis: Alright, so we're on tip number nine, and this one is around MQTT, but importantly, this is about decoupling devices from applications. Decoupling applications from devices makes real scalability possible because it lets you access all the device data that was directly coupled to a single application or stuck in the field. It provides a single source of truth for all your tags. It eliminates the need to use SCADA software as middleware, it makes it possible to replace individual devices as necessary, without having to replace everything else. And maybe most importantly of all, decoupling solves the pain points on the plant floor by providing a superior OT solution, while being able to deliver data to the business.

Travis: We cannot get to high-level applications like machine learning or analytics or advanced analytics until we improve the situation on the plant floor first, right? So, we'll look at the traditional in just a minute here. But speaking of open standards, let's look at MQTT again. It is a lightweight publish-and-subscribe protocol that enables message-oriented middleware architectures. It allows you to build a more robust architecture by delivering data to line of business applications.

Travis: It also lets you leverage edge computing to pull data at the source at faster rates and efficiently deliver that data to the business. So looking at a traditional architecture, one that is coupled together and we can see that applications are connected to those devices directly. And most of the time, it would be SCADA. SCADA will be talking to all those PLCs and ultimately we might have another MES system talk to the PLCs, or we might have other businesses talk to our SCADA and make that middleware. It's not really designed for that. In fact, that data is not just something that SCADA is gonna look at. Data is available... It's something that the business is... It's important to the entire business, right? 

Travis: Data is vital to the entire organization. That can be any kind of data that's out there. And so ultimately, we looked at a decoupled architecture, we can have devices or PLCs and such with edge devices in front of them, publish data into infrastructure, and then we can have multiple consumers of that data. So, we basically can allow anything tap in to work with that, and we can have new devices plug in. Very plug and play, very... A very much... Much more robust, much more scalable system at the end of day. And we're not suggesting you have to completely rip and replace everything you have and completely transition over, but as you go forward, consider leveraging decoupled architectures because it's gonna give you much more scalability as devices... As we add a lot more devices.

Travis: So again, just a highlight here of MQTT, the benefits are the decoupling devices from applications, it's low bandwidth, it would support by exception and supports TLS security, has outbound connections only, has stateful awareness, offers quality service data delivery, provides single source of truth, has plug and play functionality, and it can eliminate cutovers. You can have parallel applications really easily and test out some new technologies without interrupting our operation. We keep our operations running efficiently and have it get the data that it needs and not have it get data that it doesn't need, to then be a middleware or something else. We can make our systems more robust by being able to tap into the data that it requires, and ultimately, you can easily start adding in more data that we can leverage. Data is critical in digital transformation, and by leveraging these kind of architectures, you get to a much more robust system.

Travis: Lastly, because we're doing that, there's amazing smart sensors that are out there today and these often speak MQTT or some open standard right away that are designed to... They have the data, it's their data, they're gonna publish it in, and we wanna be able to get that data, the new data into infrastructure. A lot easier today to get a brand new sensor or smart sensor, get the data from it because it's smart, right? We're not having to wire it to a PLC or anything like that, and there's a lot of benefits of that. People are already leveraging these things, right? 

Travis: You don't have to spend time really configuring them. You can just hook 'em up and you can start leveraging that data very, very quickly and easily, and also very cost-effectively. A lot of times, we're not running conduits or power, we're not having to wire it to a PLC and then program PLCs, we're just putting a sensor in, and we can leverage it. Common examples of things that people are doing, like sensors for vibration monitoring, so especially to predict machine failures, getting temperature and pressure sensors out there. We have a company that's doing leak detection or they're adding flow sensors to monitor water levels, water leak detection, we can get temperature changes, pressure changes, chemical leakage detection, pump energy usage. We can see how much pumps, from an energy standpoint, are being used. Flow rates, putting these smart flow rate sensors out there, water quality and so much more, right? There's a lot of great examples of being able to put a new smart sensor in. And we can put these in parallel with our existing infrastructure.

Travis: But if you think about it, we can get our brownfield infrastructure and our greenfield infrastructure, we connect it to the same, basically same infrastructures, all that data can be made available to the business, not only can we use it in our operation system locally, but then we can start thinking about those higher ML, AI and tools that are available, and in fact a lot of the smart sensors that we bring in are already connected to some cloud services that provide that.

Travis: So looking at this holistically, if we transform our architecture, transform that, we can get to a pretty amazing place. So when implementing the tips that we've gone over today, and these are the top 10 tips that I would think you should look at or at least consider as you're going forward, the main thing to keep in mind here is that as data becomes more critical, you want to increase accessibility, as well as how efficiently a user can find and access that information. At the same time, you wanna make sure that the same data is... That systems are secure and that we're putting our best foot forward from a cybersecurity stance. And the great thing is that all this technology exists today, it's just about working, having OT and IT work together fundamentally to apply these techniques, upgrade our systems to something better and just get the benefits. And again, we could do this along the way, we can get those benefits immediately in parallel with what we already have. So hopefully this is very helpful for everybody, and we'll be here for questions. Back over to you, Don.

Don: Travis, thanks, that was really good, totally appreciate you covering a lot of ground. We do have a queue of questions here, and I'm sure if developers implement even half those tips, they're really gonna be well on their way to having more efficient and more secure systems. And just a reminder, since there were several questions on this, a recording of the webinar will be posted on our website under the resources section along with any accompanying slides over the next few days, and we'll get to Q&A here in a minute, but if you have any questions, type 'em in now, I'll get to the queue. Go to the GoToWebinar control panel in order to do that. There are a lot of new people on today, so you've heard a lot discussed on some things Ignition can do.

Don: The best next step, of course, is try it yourself. You can download the full version of Ignition 8, we're actually up to 8.1.12 now from our website, it just takes about three minutes to download, you can use it in trial mode for as long as you want, so it's absolutely free. Also, in terms of knowledge transfer, which is extremely important to us, I think you could tell even from today's webinar content, once you download Ignition, there's a free online training website called Inductive University, you can go there and use Ignition, gain knowledge about it.

Don: There's also a comprehensive online user manual that you have the opportunity to use any time you want. And I noticed we have a lot of international attendees today, so I wanted to do a shoutout to our international distributors. There's a network of those you see listed here. So outside North America, these folks offer business development opportunities, timely sales support, supporting your language, your time zone, so if you wanna know about distributors near you, just please visit the website or you can contact our International Distribution Manager whose name is Annie Wise, you see the bottom of the screen there. I also noticed Gilles is on there from France. Gilles, you and your team there, just a shoutout to you guys, doing great work for a long time. Some folks from EFA here, I'm sure I missed people. I'm just kind of glancing at some of the attendees but please take advantage. I pushed everybody towards our Sales Engineering folks with Travis and his team, but there are lots of skilled people around the world, here's a list of some of the contact places for that.

Don: So if you want to speak to one of our account executives here at our headquarters, you can call, this is the number, get a demo, get some more information, whatever you may want for that. So now, let's get into a little bit of Q&A. Travis, if it's okay with you, I'll just throw some questions at you and not in any particular order. How would you go about securing access to PLCs that communicated via Modbus? 

Travis: That's a great question, so that's what I was getting at. Typically, with the OT networks, we have our SCADA system, talking to those PLCs directly on that network. Those PLCs, of course, are not... Modbus devices are not secure itself. Now, if we leverage edge devices, we could put an edge computer right in front of that PLC, we can pull that PLC locally, and a lot of these edge devices will have two NIC interfaces, one for the local, talking to the PLC directly, and one for then bringing that data to a different network.

Travis: And so you can think of that edge computer as a protocol converter, converting from Modbus to MQTT, where we're pulling things locally, publishing it up, and so there's no direct access to that PLC. And through firewalls and all of that, there's no way unless we are physically on that machine to be able to go and talk to that PLC. So it's a way to help secure that. Yes, we could have firewalls, limit traffic from different things, but that can be hard sometimes to solve, where if we're in a cabinet, we can have an edge device with two NIC interfaces right there. Somebody has to actually... Actually has to go into a locked cabinet to be able to get access to it.

Travis: So a lot different there. That's one way to go about really protecting those PLCs, and we've seen a lot of people do that. So instead of having a SCADA system talk to those PLCs directly, having edge devices in front of a collection of these PLCs publishing back to essential infrastructure, to a broker that then the SCADA system is taking advantage of, it really... That decoupled architecture, you get the benefits of that, and you can get access to more data at faster rates and secure the PLC at the same time.

Don: So Travis, here's another question about decoupling architecture, that particular tip. How does OPC compare to MQTT for this? They sound very similar and independent OPC system. Can you make a comment on that comparison there for Stanley? 

Travis: Yeah, that's a great question. A lot of people have that question about OPC UA and MQTT: what the difference is, how do they work? Are they competitive? First of all, they're very much complementary. Now, with OPC, the way that most OPC systems, servers and clients are out there, the profiles they support are the data access profiles, so just getting access to live tag data. And there's a lot of OPC servers, Ignition being one of them, there are others like Kepware... There's many different kinds of OPCs, there are some PLCs now support OPC UA on the board, like Siemens devices, and that... A lot of times, we can get access to that data through OPC UA and then we can convert it to MQTT, and that can help us get to publish by exception, publish it to a broker that's message-oriented middleware that's designed for that kind of purpose. But you get the best of both worlds. I think they very much are complementary and work together.

Travis: Now OPC UA, they have a pub/sub version profile to be able to leverage, very much just what MQTT does, and that, there's... Because MQTT right now is kind of the de facto standard, obviously, we're just gravitating towards it directly versus using the OPC one, because not all the products are using the pub/sub profile yet with OPC UA. So I think right now they just work together. It's a way to kind of... We can leverage OPC for what we have and then be able to convert that to MQTT to build and do a lot more with that data, especially if you wanna deliver to the cloud or other systems there.

Don: So, overarching question to what you're just talking about about decoupling and comparing MQTT to OPC UA: Is it easy to decouple and have a resilient/redundant system? David would like to know.

Travis: Is it easy? The techniques are super easy to do. Now, of course, it means there's gotta be a commitment. I think the hardest part about this is that from the business standpoint, you've gotta have stakeholders who are all committed to wanting to go forward, you have a goal, you've got various outcomes you want, and everybody understands those outcomes and are all committed to those goals. And when you have that, you have this general acceptance from the different stakeholders, and they'll put the right things in place to move towards that. And you can do it slowly as you go forward. So can it be difficult? Absolutely, it could be difficult because of typically political reasons, where you have people who are resistant to change or there's shadow IT that happens.

Travis: And you open yourselves up to issues. This is one where if you wanna go down this path, it's you're doing it because you think data is vital and you wanna provide data to more places, and there's other people who can leverage it a lot further. So ultimately, from a technical standpoint, it's pretty easy, and there's a lot of benefits to it, it's just getting that acceptance and awareness within the organization.

Don: Actually, Travis, you hit on a pretty darn big point there. It's not the technical side. When you go on a journey like this, the digital transformation capabilities that you can bring to your organization and the value, you have change process, you have people, you have the people side of the business, it has to do with people wanting to be there, having champions, having sponsors, executive sponsors that really sort of have a real goal in mind to try and get there, that technical capabilities sometimes go much more easily than some of the organizational ones, as you pointed out there.

Travis: Yeah, the technology is there today. There's a lot of great technology, great high availability, redundancy, resiliency, all that's there. It's just a matter of saying, okay, we're gonna... This is the steps we're gonna take as an organization and this is what we're gonna do once we put those in place. Then you get people, the right stakeholders doing that, you can make some pretty amazing things happen.

Don: Yeah, I know. We see this all the time with Inductive Automation, which is partly what's exciting about the world we live in, is that the capabilities, when organizations get aligned around these goals, there's a lot of technical empowerment that can happen to really augment the results inside your organization. So these tips are sort of along that same line. Let's get to a few more questions with the couple of minutes we have left. So does the 2FA and SSO protect from a ransomware attack? Probably a question, timely, that many people have.

Travis: Sure. Ultimately, 2FA and SSO, they're protecting access to applications, to the different systems that are there, by really verifying somebody's identity, and that... Ransomware is more gonna be getting into the server infrastructures and things like that, where of course, when we really put our full cybersecurity stance in place, and have the right firewalls, and we have employed 2FA and SSO, we've limited the ports, all these kind of things, then ransomware attacks are a lot less commonplace. But there's a lot of things have to happen in order to prevent ransomware attacks, but 2FA and SSO certainly are a huge step forward in your cybersecurity stance.

Don: Cool, okay, just a couple more questions here. How do I send my OT data to cloud securely for data analytics applications? I know you've covered that, I think this is probably being asked because it's pretty critical to a lot of people, so maybe you can repeat and expand on that area.

Travis: Yeah, so we have a lot of people, a lot of customers right now, this is a big part of what they wanna do, is be able to get data to the cloud, and how can we do that securely? We have in Ignition, we have direct cloud injectors, so we have AWS Injector to go to Kinesis Streams, DynamoDB. We've got the Azure Injector to go to Event Hubs or IoT Hub. And as well as we just have generic MQTT to go into their IoT core on both platforms. And from there, we can leverage it, all different places within the cloud. We have a lot of customers looking at leveraging AWS SiteWise, so they're going to IoT core, getting that over to SiteWise, and then from there, they might do, create ML models and streaming analytics and things like that. There's a lot of possibility, but ultimately it's about being able to publish that data to the cloud by exception. And whether you have individual sites connected to the cloud directly, whether you funnel it through your enterprise and then get that up to the cloud is kind of up to you, but these technologies are making it possible, and of course a lot of security around that.

Don: Thanks, Travis. Before I just wrap up and say thank you, is there any final thoughts that you may want to add as we finish off here? 

Travis: No, I mean, I guess my final thought would be that our teams are here to help. If there's any questions, if you need help with PLCs or just wanna just bounce some stuff off of us, let us know, we're here to have those communications and to be of assistance as much as possible. And we have partners in the ecosystem and that really are amazing, and they're pushing our industry forward, they're the thought leaders. I think within our ecosystem, we're gonna do some pretty amazing things.

Don: Thanks, Travis. I really appreciate your time today, and thanks to all of you for joining us. We'll be back in January, we'll have another webinar and a community-focused Ignition Community Live. So until then, please follow us on social media, you can hear about all our upcoming events. You can subscribe to our weekly newsfeed and our podcast. And not only do I wish you anywhere in the world to have a great day, but have a fantastic finish to your year, a great holiday season, and we'll be back again in January. Thanks, again. That's it for today.

Posted on November 29, 2021