Eurotech Exhibitor Demo: Discover the Benefits of Running Ignition on Cybersecure and Certified Devices

Eurotech will showcase the benefits of running Ignition on an ISA62443-4-2 certified device. This demonstration will highlight how Eurotech's advanced device management capabilities can simplify the process for OT systems integrators to securely manage applications remotely. Attendees will gain insights into how the integration of Eurotech's ReliaCOR 40-13 Industrial PC with Ignition software provides a robust and cybersecure foundation for industrial applications. This collaboration not only meets stringent cybersecurity standards but also enhances the efficiency and scalability.

Transcript:

00:06
David Bader: My name is David Bader. I lead business development for a company called Eurotech. Has anybody heard of Eurotech before? A few? Yep. So I've been with Eurotech for about a year. There's, I'm the least I have the least longevity with Eurotech, even for companies that are not Eurotech. There's a lot of Eurotech employees and other companies here as well. Dave.

00:21
David Woodard: So I'm David Woodard. I'm a Solutions Architect with Eurotech. I've been here a bit longer. I've been with the company for 11 years and have been in IoT and industrial automation for probably closer to 15. So pleasure to be here.

00:36
David Bader: Yeah, I beat him out in the longevity of being in the business for sure. So I've been doing automation for 40 plus years now. So I've been involved in systems integration and distribution. I worked for AWS for a short time and led robotics for AWS for a while. The idea of coming to Eurotech was to be able to bring that kind of security level that AWS and the other cloud providers offer in the cloud down to the edge. So Eurotech is, if there's one thing that you take from this, it's that Eurotech is a company that provides enablement at the edge, right? So we provide a secure way to orchestrate and maintain your systems kind of at the edge. And we're gonna talk a lot about cybersecurity today. There's two themes, overall themes, that we that we kind of talk about from Eurotech. It's cybersecurity and the ability for systems integrators and OT providers to be able to uplift your cybersecurity posture in an area where we normally would turn that over to IT, right? So the concept is if we can provide the IT level of cybersecurity down to the OT space, that's kind of gonna be the theme that we're gonna talk a little bit about.

01:55
David Bader: And then the other one is to maintain kind of a secure remote access and remote device connectivity, right? So being able to do things that you normally would do by plugging into the device remotely, but in a secure manner, right? So being able to do VPNs that have the IT kind of functionality that you would expect from an IT perspective. So I'm pretty informal. If people have something that's genuinely on your mind, say it, but we are gonna have some questions and answers at the end. So I'm gonna talk a little bit about what Eurotech does and where we are from a... why cybersecurity is super important. And I'm gonna it over to Dave at the end, that he's going to talk about this brand new cybersecurity wizard that we're introducing here for the very first time. So you guys, the very first time you're, hearing anybody's hearing about this. Dave's going to do a demo on that.

02:49
David Bader: So Eurotech's been around for 30 plus years. We're headquartered in a small town in Amaro, Italy, which is in the Northeast part of Italy, all the way up near...

03:00
David Woodard: Austria.

03:00
David Bader: Austria. Thank you.

03:01
David Woodard: Never think of it.

03:05
David Bader: We have operations in the U.S., we have a bunch of people in the U.S., we have people in Canada and all. So some of the things that we've kind of been known for over time way back in the beginning of the, of the Eurotech history, we kind of worked with some people people that worked for Eurotech at the time developed a small protocol called MQTT. Anybody heard of MQTT, right? Yeah. There's a few people that certainly know MQTT, right. So over time we've kind of evolved from kind of a board manufacturer into a industrial automation solution provider for hardware and software. So we're very excited to now be part of the Alliance Program and out in a table 11 right across the hall here is the very first Ignition Edge, a piece of hardware that is certified to IEC 62443 IEC, ISA 62443 cybersecurity standards. And I'm gonna talk a little bit about what that means to get through some of this stuff. Our portfolio is pretty big, right? We build hardware from gateways for different applications for transportation, for industrial automation, for medical, all the way up to pretty beefy GPU-based processors that run AI and those kinds of things.

04:25
David Bader: So for any kind of application, including running Ignition on any of these devices almost, we can meet your needs. But again, the differentiator is that cybersecurity and that remote device access in a secure manner, right? So I would guess, right? I've asked a few questions already. How many people talk about cybersecurity with their customers on a regular basis? So a good portion, which I would guess, right? Because you're in this room and you wanna learn a little bit more about it. What I find really interesting is there's also an equal number of people that don't talk to customers about cybersecurity, right? They say, "Hey, that's an IT function." And I think we've passed that threshold in the space where we have to talk from an OT perspective about cybersecurity because there's a large percentage of cybersecurity efforts that are being, that are stemming from the OT space. So is that something that you guys, that resonates right from an OT space? 20% of all of the attacks are happening from an OT, from the factory floor, which when I put this deck together, I was knocked out by that number. I would have thought it was 2% or 3%. It's more than 20% now. It's pretty amazing.

05:41
David Bader: So when you think about that, what does that turn? What does that kind of mean in terms of dollars? It's significant, right? So the average financial impact from data breaches way back in 2018 was seven and a half million dollars. It's significantly more now. But why, right? The concept is we have more connectivity in the factory floor now. It's not relevant that the person on the floor, he's not missing anything. He's just not been trained necessarily in cybersecurity. It goes back to that conversation earlier where I said, most people aren't even talking about it. We've got PLC systems. They're out on the floor. Anybody got GE 90-30 back still running in their plants. Right. So these things were not designed with cybersecurity in mind. Right. So and now we're asking to put more SCADA, more capability, more MES in the plant floor that are opening up all kinds of vulnerabilities, if we don't think about it. Yeah, I messed that one up. So this is just a brief slide that you can't read, right?

06:46
David Bader: That's too small. But it's a timeline of things that have happened in the world in the last 10 years or so, right? Maybe 20 years. So Stuxnet, that resonates. Everybody's heard of Stuxnet, right? That was a, that was a cyber attack that came through an HMI, right. On a machining center. So all the way up through Target got hit, Jeep got hit, BMW got hit, the Ukraine power grid, right? That's a big deal. These things are significant impacts to the world. So I picked two, two unique applications that happened in the OT space, Brunswick Corporation, billion dollar company that makes boats. They got attacked in June of '23. So that's pretty relevant, right? Really close, only a year away. And it disrupted their entire facility and it cost them 85 million dollars, right? So that's just a small company. Well, it's a big company, but it took their quarter two financials. They saw a big impact in their quarter two financials. So if I'm a CEO, I'm pretty upset about the fact that somebody was able to breach my system through a, through the factory floor. Right. And then on another level, there's a company called Applied Materials, which are big company, right? Multi-billion dollar worldwide company. February '23, still relevant.

08:09
David Bader: They got hit through one of their suppliers. So one of their major suppliers was attacked. There was a vector that came through. They were, they had vulnerable, they had access to Applied Material's systems, and it, and the attack came through their vendor. And that one cost them 250 million dollars. So we're not talking about peanuts when we're talking about OT attacks, right? This is significant dollars and significant impact to the business. And if you're a systems integrator and you're not talking about cybersecurity, in my opinion, this is a line of, sorry, in my opinion, this is a line of business, right? This is a way for integrators to spin up a new, a new way, a new piece of business, right? Talk to your customers about cybersecurity and how you can elevate it. So I'm gonna go fast. We build, everything that we do, everything that we're talking about today is about certified cybersecurity. There's a lot of ways that people address cybersecurity in the OT space.

09:08
David Bader: We think that being certified, building to standards, designing from secure by design is a significant piece, right? What we do is we have the ability from a remote access perspective to use VPNs. Everybody probably has the way to use a VPN, but we have an on-demand VPN capability that allows for automatic teardown, right? So if you're an IT guy, automatic teardown makes a big difference. Being able to connect, remotely access, do what you need to do, and then have the VPN shut down automatically. So you don't inadvertently leave it open and leave that attack vector space available. And please, Dave, jump in if there's anything that... So nobody wants to be this guy, right? Like it's not a good thing. So secure by design, right? The whole idea is if we do this right, everybody benefits, right? Suppliers of the hardware, suppliers the customer, and then we maintain that kind of security from the start, right? So again, I'm talking about secure by design. You have to build it from the beginning. It's not something necessarily that you walk in and say, yeah, I'm gonna create this really high level of cybersecurity in your plant without looking at the overall architecture.

10:31
David Bader: So you do a risk assessment, right? We don't do that. That's not what we do. I mentioned before, we provide enablement into the mitigation process. But you reach out to companies that provide cybersecurity risk assessments. They tell you where the vulnerabilities are. If you guys have that capability, that's fantastic. I think that that's a good way to do it. And then you build, you build these, you buy these features and these capabilities into the solutions that you have. So we provide hardware for running Ignition, right? But wouldn't it be great if you could buy the hardware that runs Ignition that also has this high level of cybersecurity and gives you this remote, this secure remote access capability. And that's the method that we are, that we're talking about. So we're doing it at 62443-4-2-1. So you're not gonna remember that specification. Excuse me, -4-2 as service level two, right? So Inductive Automation is already certified to 4-1. We're certified with our hardware to 4-2. And then the customer then can quickly and easily certify their entire system to 4-3. And that's really the enablement that we're offering is being able to have that customer get to a certified cyber solution in the field very quickly.

11:49
David Bader: And if we, if in the past, what you'd have to do is buy a piece of hardware that was hardened to a certain level. And it limited some of the functionality that you were able to load onto a server, onto gateway or other hardware. Right? So now with this wizard that we're going to talk about in a minute, is you can make these decisions in the field and work with the IT department to say, we wanna certify, or we wanna harden to this level. We wanna harden to 62443 right? Or we don't need to harden to that level, but we're gonna, we're not just going to leave everything open. And we'll show you, we'll walk you through a video that shows that, how that works. So what does secure by design mean, right? You wanna follow zero trust kind of principles and they're very standard and very well defined. So being able to say, we trust no one and nothing, right? So if you start to pass along keys and email certificates and all of that stuff, all of a sudden that becomes a real problem, right? That's not secure. If you're, if you have to email someone a certificate that's standing in front of a machine, inherently that's gonna be a problem because who knows who could get to his email, right?

13:03
David Bader: And then a continuous auditing and monitoring. So when we talk about zero trust, we talk about it from an entire ecosystem perspective. So we manage the certificates, the security certificates, from the TPM level, from the chip that's on our device all the way through to the IoT devices that are connected. We manage all of that. We maintain them. We keep them current and you don't have to worry about that as an integrator or as a customer or in any way. So I think that that's a really important piece. This slide, if anything you get from this presentation, the fact that Eurotech does this for you in an IoT perspective, and then also can do it all the way to the cloud. If your application calls for connecting to the cloud, that's super important, right? How am I doing? Okay. So I talk a little bit about 62443. I mentioned that maybe some have heard about it. There's a lot of things and you see here that I'm, talking about ISA and IEC 62443. Excuse me.

14:20
David Bader: So the, one of the key things is if you build to a standard, it's no longer subjective, right? So Eurotech many years ago decided that this standard was going to be kind of the worldwide, kind of the bar in which, which people should meet. Turns out that we were right. We made a good bet. It took us about two and a half years to become IEC 62443-4-2 SL2 compliant. And now we are the first and only, quite frankly, company that builds IoT hardware and enablement to that level. There's a lot of people that build to those standards, but have not yet gotten certified, right? We don't think we'll be the only ones. We think that we were the first, which is good to be first. So we use independent testing to validate that we're built to those standards. Again, what that does is it allows you to talk to your customers about building a secure system and maybe your customer doesn't want to certify. Maybe they don't wanna get to a 4-3, but you can say to them, "Hey, these are all of the components that you would need to, if you wanted to get to certify to a standard." Now, if anybody's from Europe, anybody here from Europe?

15:39
David Bader: Yeah, there's a few, right? It's not a guessing game anymore. It's required, right? You, you have to develop, you have to deliver 62443 standard products just to meet the law, just to meet the requirements. So we're an Italian company. We build in Italy and in Germany, all over the world, quite frankly, but we know that this standard is going to permeate not just in Europe, but beyond Europe, right? So what does that mean to us in the U.S. or in Canada? It's not mandated. It's not something that they're saying that we have to do, but quite frankly, it's an ROI conversation, right? It's something that when we talk to customers about this, we can put dollars and cents. I just showed you 250 million dollars right? It's pretty hard not to show the ROI on an investment in a piece of software that has a little bit more cost to it to get to that standard. But it's helping to prevent that 250-million-dollar hit, right?

16:37
David Bader: So even if the U.S. isn't mandating it, although we do mandate cybersecurity now in a lot of ways, right? It's suggested in a lot of ways. I think this ROI discussion in this line of business discussion for the integrators in the room is super important, right? We can now talk to customers about a higher level of cybersecurity at their OT level, at their OT floor. Make sense? How am I doing?

17:00
David Woodard: Fantastic.

17:05
David Bader: Okay, good. I like constant feedback. How am I doing? You guys feel pretty good so far? Okay. Nobody's left the room yet, which is very unusual actually. So I mentioned about how long it's taken and we like to show this slide on like every presentation that we do because it's actually a physical document that you get when you get to certification, right? It's not, oh I built to this standard, but I didn't get certified. No, we've actually gone through the certification. It is a physical document that we can send to you and, and say to your, to the IT team, look, we're buying product that is built to these standards. So how does this resonate worldwide? Right? There's a bunch of teams, people from Europe here. Obviously we talked about that. And then in vertical industries, right? In vertical industries, the 62443 standard it kind of travels to different areas, right?

18:00
David Bader: So if you're in industrial automation it's 62443, if you're in rail, it's Shift2Rail, energy is 62351, and so on and so on. Right. So there's, TSA is involved. So there's a lot of different almost, every standard is actually adopting 62443 as the core to the standard and then put it, putting it into individual, their individual requirements for their particular vertical industry. So I would say that in this slide, there, we'd be hard pressed not to touch every person in this room at some point in one of these verticals, right? Everybody's touching something in these verticals, right? And if we can meet the 62443 requirement, then these are all reciprocal standards that view 62443 as a, as kind of a guide, right? So if you've got a customer that's in a process automation and they're saying we need to meet TR 63069, then we can go in and have a conversation about 62443 and how that is actually 63069 at the core.

19:10
David Bader: For medical, I think medical is... Medical up there, we have medical 60601, 100% copy and pasted from the 62443 standard. So if you're in the medical space and customers are saying, "Ah, you gotta build something to 60601 standard," we can do it. We can help you. Make sense? Okay. So then I mentioned that we're certified to SL2. What does that mean, right? So I thought it was important to kind of make sure that people understood what that means. So the idea, right, is the SL1 is the components, right? To protect the components from casual access, casual mistakes and things like that. One of the things that the standard actually does is also includes tamper resistance, right? So if somebody goes in and messes with the server, there's a switch inside the server or inside the gateway, that is a bit, that ties back to our software that you can enunciate in Ignition or send an email from our software or any of those kinds of things.

20:08
David Bader: So if somebody inadvertently, a maintenance guy comes in and says, "Hey, I gotta upgrade the firmware or something on this," they can immediately get a response. You can literally shut the computer down if it's an onsite breach. So there's lots of ways that you can use that tamper resistance piece. And then SL2 is actually designed to mitigate and kind of prevent generally acceptable or generally recognized attack vectors. So Eurotech again felt that it was important enough for us to get certified to the SL2 standard. Not too many people have considered that. All the standards that we meet, not all of them, but many of them. So today, I thought that it was important that we talk about how do you get there, right? Like how do you put a... Take a computer, put it on a shop floor, what do you have to do to get to maintain that 62443?

21:08
David Bader: And these are all the steps. I'm not gonna go through every one of them, but there's at least 10, maybe more, steps that you have to do to build and harden an industrial IoT device to this standard. So what we've done is we've said, "Okay, you know, let's build something. What are these capabilities, right? So what are the advantages of having this?" There's a lot of words here, but the bottom line is that it's maintaining and monitoring to a rigorous standard the integrity of the environment, right? And then, can I ensure that it maintains that? So, yes. Right? So the idea is that when you certify, all of this gets continuously updated and as you keep your hardware and software current, it gets updated. So again, I mentioned this wizard that we're... Dave's gonna do a demo on.

22:00
David Bader: But the idea is, how does this work during deployment, right? So you can load all the software, whether it's Ignition or other software that you want. Then you walk through this wizard and it guides you to the level of security that you wanna provide at this OT space. Unheard of. Literally takes all of those steps that we talked about before. Excuse me. Now we can do it in the field and then can we be... Can we maintain that security with Ignition? Make sense? Lot of words, but pretty important. So Dave's gonna go through the video, he's gonna talk to that, and then we're gonna do questions and answers. So we went pretty quickly. Hopefully this touched a little bit. It wasn't just commercial. It was about providing some relevance to the market and where secure by design and standards really matter.

23:00
David Woodard: Great. So now that Dave's finished, we can come back to reality of doing all this, right? 'Cause if you wanna do this for a new customer or existing customer, doing all that level of security is really difficult. I think it's one of the most challenging parts of what we do, 'cause we have to understand the IT side and the OT side and how to do like, you know, understanding like that bridge is incredibly complicated and is very hard to do well. So that's why we came up with this, right? So, 'cause what I see a lot when I do integrations or when I do deployments or installations, is you don't do it. You say, "Okay, we need to get the POC working. We need to get this application working. We'll do security when once they buy in." Right? So once they say, "Yes, we wanna do it," then we do security. And then you realize that security is breaking what you did. So the wizard, what it will do for you, I'm just gonna play this video.

23:49
David Woodard: And I'll just talk while it's playing. So basically it's just a web application that's running on these gateways. So all of our gateways from the edge devices up to our more server class boxes, provides you with this walkthrough interface of setting up networking, enabling the secure elements that you need, and being able to do it while you're doing the deployment, right? Or if you say, "Okay, we just wanna get it working, but then we wanna see what happens if we enable this SSH policy. We wanna see what happens if we try to do this other thing." You can come back to this wizard, enable that feature, and see if it still works. So there's nobody on the command line, there's nobody like hacking your Linux file system stuff. There's nobody doing that crazy stuff in a working factory or in a pilot.

24:38
David Woodard: You do it in this wizard. Let the... Let our software manage it. And so here you can see it's doing the... All these things are relevant for the certification Dave was mentioning. So if you want to come here and just say, "Hey, I just wanna be IEC certified," you can click one button. It enables all those features and you're done. This video I think is three or four minutes, but you can do it in less than a minute. And I think even more importantly than that is this is not even necessary, right? So once you do this, once you say, okay, this is the standard that we want, these are the settings that we need, this is just a configuration for us, right? So you can say, okay, now I need to order 10 of these boxes, or a hundred, or a thousand. They can come preinstalled with all these settings already on there.

25:19
David Woodard: You don't have to worry about it anymore. I think the other cool thing about this, so you'll see now they're actually going through some provisioning with AWS. We can do the same thing for Azure. We can do the same thing for custom cloud endpoints. It is an extensible interface, right? So if you say, "Oh, but you know, we need this custom thing for our cloud services or for our customer," it is an extensible platform that you can add on to. So think that's it. We do have it running on this box I have here in front of me. So if you wanna come by our booth, I can plug this in and show you live what it does. We didn't wanna do that here just for timing, but, I'm happy to show that to you if you wanna come by the booth. So I think leave time for questions.

26:01
David Bader: Yeah. We have plenty of time for questions actually. Yeah. I think we have a half an hour for questions.

26:06
David Woodard: No.

26:08
David Bader: I'm just kidding.

26:10
David Woodard: Okay.

26:10
David Bader: Yeah. I'm making the guys in the booth nervous. Go ahead. Yes, sir.

26:15
Audience Member 1: So you are saying you're providing a software stack only for the remote device, the edge device, or there is also a kind of some cloud platform?

26:23
David Woodard: It's both. So there is the edge and there's a cloud platform.

26:25
David Bader: So the question, just to repeat the question, are we providing a software stack just for the device or is there a cloud platform? And Dave's answer is yes, it's both, right? So there's a component that loads to the software or to the device itself, and then there's a cloud-based product that allows you that remote device... The remote access and the remote device connectivity. Yep. And that, you know, we can shape and manipulate that depending on the scale. I mean, the whole concept going back to that first slide is, is we wanna be able to do this at scale, right? If it's one piece, two pieces, that's great. We're all for helping with that. But if it's a 100 or 200, we wanna make it super easy. See, I told you there's always somebody that leaves early. I'm just kidding. Any other questions? Come on. There's gotta be. Yes, sir.

27:13
Audience Member 2: So your own network that's used to update the unit themselves, can they, you can you use your own wire in the private cloud network as an input?

27:25
David Woodard: Yes. Yes.

27:25
David Bader: So let's repeat the question. Can we load our remote access capability onto a private cloud or onto a server or something like that? Yes. You know, it's Dockerable, it's containerized, and you can load it almost anywhere. Yeah.

27:41
David Woodard: Yeah. We have use cases where the cloud's actually running just in the factory. Like just, no, none of the data leaves that factory. It's all isolated there. So we just run the cloud directly in that factory.

27:49
David Bader: Inherently, you know, out of the box, it's running in the cloud, it's running in AWS, but we can work with you to do it anywhere. Yeah. And in fact, we have customers that build other components that buy that capability and load it onto their devices themselves and run it in their private cloud so it doesn't have to just be on our device. Yes, sir.

28:15
Audience Member 3: This is probably a dumb question, but does this only apply to your end devices?

28:22
David Bader: No.

28:24
David Bader: No. So that's what I just said.

28:25
Audience Member 3: Some of yours, but I might already have an installed base of a thousand of some other manufacturers, Linux based, whatever controller, can your software widget be configured so that I can use your software to just secure everything?

28:42
David Woodard: It is my favorite answer in the world, and I'll say it depends. So if you want that level of security, it would require you recertifying those devices. So at least taking one and saying, "Okay, we put your tech software on here, we've done all these same steps, but you have to have it re-certified."

28:56
David Bader: That's a 62443 requirement.

28:57
David Woodard: That's not... That's just a requirement. But what I'll say is, as long as your box is running Linux preferably, but we have the ability to understand how your operating system works and that we can tie into it and make these changes, then yes, we can run on other people's hardware relatively easily.

29:14
David Bader: Yep. Not a dumb question at all quite frankly.

29:15
David Woodard: No, it's a great question.

29:16
David Bader: It's a really good question.

29:17
Audience Member 3: I might not want to replace everything.

29:19
David Woodard: No...

29:19
David Bader: Exactly.

29:19
David Woodard: Yes. And if you don't need that level of security, we can also run in Docker, right? So if you just wanna deploy it and use it for remote management and use it for some of the, some security features, but not all, that's a really easy way to deploy it and at least try it and test it and see if it works.

29:34
Audience Member 3: You sell your software...

29:36
David Woodard: So that would be a service you... We don't do, right? So that is not what we get into. So we actually, we use two external companies. I'm blanking. Two, Nord is one, but I can't remember the other. But we do our own audits, so we have to send products to them. It is periodic, I think it's three times a year, four times a year. We send them new devices, they test them to say, "Yes, you're still certified." So you would have to do something similar. And those companies, and that's how they make their money, right? So it's...

30:01
David Bader: Yeah, I thought it was in here somewhere, but it's not. So yeah, I mean that's a normal thing that customers do on a regular basis.

30:08
David Woodard: But we do have contacts with these companies, so it's also, we can help you like at least make those contacts and have that discussion.

30:15
David Bader: Yeah. There's one down here.

30:18
Audience Member 4: So that's the box that you... It's also running Ignition?

30:21
David Bader: No. No, go ahead. You go.

30:23
David Woodard: So this is more... This was the first device that we certified. But this is definitely more of a what you call like a gateway or like a, I say gateway in an Ignition audience. You all think about the software, but this is like a hardware gateway. So this would be running very close to like your PLCs and stuff. You know, the box we have that's running Ignition is a more server class and if you come to our booth you'll see it. So it's got like a Intel processor. It's got more resources. You can run Ignition on this but it'll probably more for like the Ignition Edge product. Yeah.

30:56
David Bader: Yeah. Okay. We have time for one more question. Alright. Looks like it.

31:02
Audience Member 3: Sorry to ask a second question. So I'm with the utility grid sector and you have IEC 62351 TC57. Have you ever heard of NERC CIP?

31:13
David Bader: NERC CIP? I have not. NERC, NERC, but not NERC CIP. Yeah. No, but I'll tell you what, if you would, if you take a minute and when we're done, we'll go back out there and I'll write that down and we'll get you some answers on that because it just may not be on this slide and I may not have run into it. Yep.

31:34
David Woodard: There's so many certifications and regulations that's... Especially in energy, it's...

31:37
David Bader: And that's why I put this slide into deck two is to tie it all together around that core. But I think we hit the time almost perfectly, right? So we're good. We're, again, the booth is right across from this door. If you guys have any other questions or if you want people to send you a lot of emails, come see us. Yeah. Thank you.

31:55
David Woodard: Thank you.

31:56
David Bader: Great job. Great job.