USE CASE 2
Fagor: manufacturing machinery - automotive mechanical and hydraulic presses
FAG is a world-leading specialist in designing, manufacturing, and supplying a wide range of products, ranging from forming machine tools, from presses and complete stamping systems to manufacturing lines for processing, creating, or cutting complex sheet metal parts. These products incorporate high levels of quality and reliability because their customers come from highly demanding sectors, such as leading automotive manufacturers, stampers, home appliances, or metallic furniture producers. This kind of customer requires high-quality manufacturing assets and rapid response in case of failure due to the high cost of production downtime.
The challenge from safety measures
FAG produces its own software, including safety measures to protect people from machines. Gaining full privileges to install malicious software on a machine or the injection of false sensor data to affect a safety-related application would have a huge impact on customers’ financial losses and FAG’s brand reputation, even causing human deaths. Cyber risks and their potential economic impact are increasing in a hyperconnected world. The transition to the servitization of the company's assets requires solutions with a reduced cost of deployment and operation because these costs are assumed by the company. This is of paramount importance in the case of cybersecurity, as cyber threats and incidents are increasing in number and complexity, and then deploying optimal countermeasures requires considerable domain knowledge and expertise.
Within the Industry 4.0 paradigm, FAG has led the development of its own IoT platform both in edge and cloud scenarios (see figure below) Within this strategy, FAG has started to handle new roles and VeriDevOps 10/70 challenges in software development areas, such as continuous integration, continuous delivery, good practices, cybersecurity and so on. These days, it is a strict requirement that FAG’s software is developed and deployed on customer products and that the assets are guaranteeing cybersecurity aspects, as the OEM and TIER1 companies are also evolving on their own digital transformation and their requirements on these aspects are more and more strict.
How VeriDevOps can support FAG
VeriDevOps results can change FAG’s processes reducing time and costs of total production, which can also create
a differentiation aspect with respect to competitors. For example, during software development, VeriDevOps
outcome will help in testing patches before deploying them to the entire network, then reducing time and effort. On
the other hand, during machine operation, VeriDevOps will produce automatic detection of vulnerabilities, analysis
of root-cause and providing effective automatic countermeasures (reaction), or manual recommendations for
decision support. As a result, VeriDevOps methods and tools will facilitate FAG’s digital transformation,
expanding and improving the offer of secure digital services. This will be important and beneficial since the
failure or interruption of a machine service can cause very serious consequences throughout the production chain
that result in a series of economic losses among others.
Therefore, another impact of the project will be on FAG’s own DevOps security enabling a productive DevOps
ecosystem, while helping in the identification and remediation of code vulnerabilities and operational weaknesses
long before they became an issue. Introducing DevOps security early in the product lifecycle will ensure that
security underpins every part of application and systems development. This, in turn, will enhance availability, will
reduce the possibility of data breaches, and will ensure the development and provisioning of powerful technology
to meet business needs.
Within this project, FAG aims to respond to the needs of the companies of its sector, needs, and goods, with a clear
Digital Transformation strategy. These needs have been raised in terms of cybersecurity as FAG needs to enter a market
safely where cybersecurity is already considered an obligation. Especially when the complexity and training of the
attacker nowadays are extremely high, and the industrial supply is clearly insufficient. This situation forces
industrial technology companies to incorporate a cybersecurity framework that meets customer requirements and
the need for staff training for efficient system management.
New value-added digital services that boost company competitiveness
The transition of production systems to Industry 4.0 is led by the digitalization of products and industrial processes,
with the aim of not only supporting the processing of data on operational processes and improving the efficiency
and quality of these processes but also of analyzing the condition of the machine, detecting outliers and finally
predicting machine failures before they happen. By integrating new methods of data analysis, companies can
VeriDevOps 11/70 generate new valuable information, creating important advantages for end customers. For example, these advantages are the productivity improvement, leading to a generation of new value-added digital services that boost company competitiveness.
In other words, the development of new services under the umbrella of the cybersecurity DevOps concept will
allow for a multi-domain digital solution, autonomous, flexible and adaptable to any interoperable, secure
and intelligent industrial environment, in order to generate replicable services and 4.0 products.