USE CASE 2
Fagor: manufacturing machinery - automotive mechanical and hydraulic presses
FAG is a world-leading specialist in designing, manufacturing, and supplying a wide range of products, ranging from forming machine tools, from presses and complete stamping systems to manufacturing lines for processing, creating, or cutting complex sheet metal parts. These products incorporate high levels of quality and reliability because their customers come from highly demanding sectors, such as leading automotive manufacturers, stampers, home appliances, or metallic furniture producers. This kind of customer requires high-quality manufacturing assets and rapid response in case of failure due to the high cost of production downtime.
The challenge from safety measures
FAG produces its own software, including safety measures to protect people from machines. Gaining full privileges to install malicious software on a machine or the injection of false sensor data to affect a safety-related application would have a huge impact on customers’ financial losses and FAG’s brand reputation, even causing human deaths. Cyber risks and their potential economic impact are increasing in a hyperconnected world. The transition to the servitization of the company's assets requires solutions with a reduced cost of deployment and operation because these costs are assumed by the company. This is of paramount importance in the case of cybersecurity, as cyber threats and incidents are increasing in number and complexity, and then deploying optimal countermeasures requires considerable domain knowledge and expertise.
Within the Industry 4.0 paradigm, FAG has led the development of its own IoT platform both in edge and cloud scenarios (see figure below) Within this strategy, FAG has started to handle new roles and VeriDevOps 10/70 challenges in software development areas, such as continuous integration, continuous delivery, good practices, cybersecurity and so on. These days, it is a strict requirement that FAG’s software is developed and deployed on customer products and that the assets are guaranteeing cybersecurity aspects, as the OEM and TIER1 companies are also evolving on their own digital transformation and their requirements on these aspects are more and more strict.
How VeriDevOps can support FAG
VeriDevOps results can change FAG’s processes reducing time and costs of total production, which can also create a differentiation aspect with respect to competitors. For example, during software development, VeriDevOps outcome will help in testing patches before deploying them to the entire network, then reducing time and effort. On the other hand, during machine operation, VeriDevOps will produce automatic detection of vulnerabilities, analysis of root-cause and provide effective automatic countermeasures (reaction), or manual recommendations for decision support. As a result, VeriDevOps methods and tools will facilitate FAG’s digital transformation, expanding and improving the offer of secure digital services. This will be important and beneficial since the failure or interruption of a machine service can cause very serious consequences throughout the production chain that result in a series of economic losses among others.
Therefore, another impact of the project will be on FAG’s own DevOps security enabling a productive DevOps ecosystem, while helping in the identification and remediation of code vulnerabilities and operational weaknesses long before they became an issue. Introducing DevOps security early in the product lifecycle will ensure that security underpins every part of application and systems development. This, in turn, will enhance availability, will reduce the possibility of data breaches, and will ensure the development and provisioning of powerful technology
to meet business needs.
Within this project, FAG aims to respond to the needs of the companies of its sector, needs, and goods, with a clear Digital Transformation strategy. These needs have been raised in terms of cybersecurity as FAG needs to enter a market safely where cybersecurity is already considered an obligation. Especially when the complexity and training of the attacker nowadays are extremely high, and the industrial supply is clearly insufficient. This situation forces industrial technology companies to incorporate a cybersecurity framework that meets customer requirements and the need for staff training for efficient system management.
New value-added digital services that boost company competitiveness
The transition of production systems to Industry 4.0 is led by the digitalization of products and industrial processes, with the aim of not only supporting the processing of data on operational processes and improving the efficiency and quality of these processes but also of analyzing the condition of the machine, detecting outliers and finally predicting machine failures before they happen. By integrating new methods of data analysis, VeriDevOps 11/70 generates new valuable information, creating important advantages for end customers. For example, these advantages are productivity improvement, leading to a generation of new value-added digital services that boost company competitiveness.
In other words, the development of new services under the umbrella of the cybersecurity DevOps concept will allow for a multi-domain digital solution, autonomous, flexible and adaptable to any interoperable, secure and intelligent industrial environment, in order to generate replicable services and 4.0 products.