Rethinking Data Security in Ultrasonic Welding and Manufacturing
Digital technologies can help drive performance improvement throughout your operations, but without the right cybersecurity safeguards and approaches in place, your plant and enterprise could face the increased risk of a crippling cyberattack causing significant manufacturing downtime, a loss of consumer confidence in your product, or the loss of crucial quality or regulatory data.
Implementing a cybersecurity program begins with recognizing risks and responding by integrating essential, practical security solutions to ensure system security, data security and data integrity. Effective cybersecurity requires staying up-to-date on the latest threats, performing real-time asset inventory, improving threat-detection capabilities, ensuring equipment and devices have the latest defense measures, patching and updating systems, and enhancing incident response capabilities.
In addition, policies and procedures, workforce upskilling and periodic training are all key aspects of cybersecurity that should be deployed to protect critical systems by following a risk-based approach. Putting the basics in place gives you the flexibility to deploy more sophisticated measures as the need arises.
One critical area is the protection of vital manufacturing data. Consumer trust in manufactured products is built on accumulated experience and data that validate product performance, as well as the capability of a manufacturer to maintain consistent and controlled manufacturing processes that ensure repeatable, high-quality production.
For Emerson Assembly Technologies, these processes include the ultrasonic welding of plastics with traceability and digital controls, which are essential to the function of medical and drug delivery products and devices; food, beverage and snack products; computer products; automotive under-hood and interior components; and consumer electronics. All of these products are manufactured and used in the tens of millions every day, with each product reliant on the demonstrable quality, safety and consistency of the manufacturing processes that produce them.
With the ongoing digitalization of the manufacturing floor, manufacturing data is now an essential part of the “proof” that businesses, consumers and regulators demand to see when they consider the safety, value and performance of a product. Any threat to the consistency of the manufacturing process or the integrity of manufacturing data can represent a direct threat to product approval or market acceptance.
This is why data integrity is so important, yet equipment controls, industrial control systems and associated networks historically have not been designed with data integrity and security safeguards foremost in mind.
How to Collect High-Integrity Data
Virtually every product or service requires the support of high-integrity data, though the requirements and implications associated with that data vary. For example, because any inconsistency or error in producing approved medical products and drug delivery devices could threaten human health, the Food and Drug Administration (FDA) and other global regulators demand these products be uniquely traceable.
Traceability requirements, embodied in the FDA’s Code of Federal Regulations (CFR) Title 21 Part 11, extend to all forms of manufacturing data: data that provides a complete audit trail, data that can trace finished devices by lot or individually, data about component parts and data about the quality of individual ultrasonic welds—right down to the day, time and operator in charge.
To comply with this regulation, it is essential that the integrity of manufacturing data be safeguarded not only during its creation and storage, but also through features that limit access and assure complete, secure data transfer from the point of manufacture to remote global locations for use by corporate systems or global regulators.
While it is true that the suppliers and makers of electronics and automobiles do not face precisely the same type of manufacturing regulation as approved medical products, the quality and success of their operations demand essentially similar, high-integrity manufacturing data to ensure production efficiency, validate the quality and consistency of their products and ensure significant levels of product traceability to support everything from customer service to product warranties.
To ensure operational quality and success as well as the availability of secure, high-integrity manufacturing data from one important piece of many manufacturing processes, Emerson’s software development team took a look at the security needs of automated ultrasonic welding systems. Ultrasonic welding systems play a major role in the manufacturing of a wide range of medical, electronic, automotive and consumer products and are vital to the production of personal protective equipment and a wide range of packaging for foods, beverages, snacks and other products.
To ensure that its newest ultrasonic welding platform, the Branson GSX-E1, would not only meet the stringent FDA data-integrity requirements but also deliver the high quality and volume of secure production data demanded by other manufacturers, Emerson determined that this welding platform would be upgraded to provide security features modeled on those of typical “front-line” IT equipment—computers and servers connected directly to the internet.
Through these software upgrades, the welding platform is capable of supporting 21 CFR Part 11 standards for data integrity, which include validating users for system security, storing data for up to 200,000 individual product welds, creating audit trails capable of identifying data manipulation and delivering data to meet FDA traceability requirements. The platform is also capable of meeting the most stringent demands of high-value, high-volume manufacturing processes worldwide.
A second and related upgrade to the ultrasonic welding platform gives it market-leading encryption technology that ensures the integrity and security of data transfers. After authenticating the identity of the data recipient, this technology assures secure data transfers from welders on the manufacturing floor to local or remote enterprise quality management systems, to customer systems or to regulatory bodies. The authentication process ensures that the data is coming from a reliable source (the welder) and that the welder is not sending data to an unidentified fraudulent attacker.
In short, improving the security and safeguarding the integrity of data generated and shared by vital manufacturing assets are critical responsibilities for every producer of capital equipment.
Tom Ayars is software engineering manager for Branson ultrasonics at Emerson. In this role, Ayars overseas global embedded software resources for the Branson ultrasonic product lines. He holds a Bachelor of Science in electrical and computer engineering from Rowan University in Glassboro, N.J.