Logistics Robots: IT/OT Convergence

As technology expands at an increasingly high rate; Logistics Robots have become a critical component in Distribution Operations to increase agility and speed with less errors; so, what’s the next steps?

Warehousing has become complex and there has been a growing need for agility to reduce costs, increase accuracy, maximize throughput (24/7 if required), and eliminate bottlenecks. Robots can reduce overall costs by being available 24/7, increase productivity through automated work flows and streamlined processes, and greater workplace safety. Robots increase accuracy through identifying mistakes and real-time fact checking, and precision pre-determined accuracy. Robots maximize throughput through intense labor levels. Robots eliminate bottlenecks through pre-determined processes mathematically formed.

There are several ways in which robotics can increase performance: Automated unloading and goods receipt; Automated goods movement (including outdoor); Robotic sorting; Conveyance; Order picking; Palletizing and more. Robotics can include stationary pick/place, Automatic Guided Vehicles (AGV) and Autonomous Mobile Robots (AMR). Additionally, systems can be synchronized for streamlined and seamless operations through connectivity with other machines and Business Technology Systems such as Warehouse Management System, Order systems, Manufacturing Resource Planning systems and more.

As businesses look to scale operations to plan, robotics makes it easier to deploy a limitless workforce that can scale as needed without the pains of scaling up personnel and dealing with limited work schedules, pay closer attention to personal safety, or even lessen benefits costs. Humans must create build sequences from the inside out with limited tools. Robots can lift heavier objects, reach into tiny spaces, and sort through information faster, capable of inhuman feats. Robotics are comparable to the physical actions that takes place following the identification of inefficiencies and can be applied to the compute aspects of supply chain processes, even though human inputs are still necessary.

Robotics Systems can also be connected to other Operational Technology (OT) systems to eliminate problems in operations. For example, battery & system monitoring for proactive maintenance; Overall Equipment Effectiveness; Manufacturing Execution System, Quality Control or Quality Management systems or OT mail relays for email messaging. Maintaining operational visibility and proactive decision-making are also key to effectiveness. Sending email messages or text messages from robots through relays can be critical in case robots encounter obstacles or need immediate maintenance.

As supply chain continues to expand with Robots, there is a growing need to link and integrate business systems with distribution operations systems to create efficiencies. However, it is critical to note that this convergence between IT and OT carries risk because Industrial Control Systems (ICS), which are used in almost every machine or infrastructure including Robots. These physical devices are often unpatched and do not play nice with anti-virus software so they are highly susceptible to attacks if they are not properly segregated. Organizations responsible for critical infrastructure take cyber security very seriously. This requires businesses to start planning to secure infrastructure environments and proper segregation between IT and OT (Robots).

Most Business Technology Systems have proper antivirus and anti-malware capabilities with standard connection protocols which puts them at less risk than OT systems. OT systems such as robots, do not have the ability to protect against many of the threats from viruses or malware that business systems do primarily due to their Industrial Control Systems (ICS) software and operating system; this is why it is so critical to segregate them and control connection protocols. OT systems use a wide array of UDP/TCP/IP protocols, many of which are specific to either function, industries, geography, etc. which must be closely controlled to maintain security. Each connection to each robotic system should be controlled.

First, OT systems should be using true HTTPS (not HTTP that resolve to HTTPS) connection protocols as a critical step to keeping businesses safe. The infrastructure containing robotics servers or virtual machines should also be sure in a DMZ layer (ref; ISA 95 – blue zone) and separate from business systems Virtual Machines or servers. A Zero-Trust policy should be put into place to eliminate most threats with physical firewall devices; only allowing connection from specific IP to specific endpoint: For example, the Robot IP address (yellow zone industrial network) to the Virtual Machine IP address on the segregated hardware. The DMZ servers should also have zero trust into the green zone (business systems).

“Robots can lift heavier objects, reach into tiny spaces, and sort through information faster, capable of inhuman feats”

Threat actors are an IMPORTANT consideration when deploying OT systems. Many OT devices are frankly terrifying because many of these devices are plugand-play without the need for passwords or secure configurations which essentially makes security optional. In fact, many of these types of devices are shipped with commonly known default passwords to provide easy access to configuration panels. Could you imagine that it is common for hackers to create botnets to trigger distributed denial-of-service (DDoS) which freezes or disables systems? You should understand that these types of attacks have complex mechanisms that are undetected due to the nature of how they disguise themselves as encrypted and how they profile processes. Poorly secured OT environments are more easily attacked and can enter your business systems to exfiltrate organizational data and threaten to leak it or steal proprietary information.

Now that we know that the devices are not secure and pose threats to organizations, but there are additional concerns regarding IT/OT convergence that need to be mentioned such as the accidental insider who makes simple mistakes; external actors who make mistakes; or malicious insiders or outsiders. If this sounds alarming or terrifying, it should; this is why it is so critical to segregate and control and monitor. Yes, this will cost money to add additional hardware and hardening processes initially; but you will need to ask yourself, what is the cost of a breach or shutdown? (Especially with less employees to perform manual processes)

So do yourself a favor and create a detailed process flow map that can lead to architecture discussion, which will lead to system needs, which leads to secure environments and real organizational value.