Privacy: Eyes Off My Data
By Michael Ford, Aegis Software
It is human nature that we choose to share our personal or private information only with those very close to us, sharing with others only that which is appropriate and relevant depending on our relationships. This becomes particularly challenging in the digital world, as we can lose track of very detailed information so easily and quickly. In manufacturing and the supply-chain, certain facts must be shared, whilst the sharing of other information brings little external value, and can even be harmful to business. As we progress through our respective Digital Transformations, how do we resolve the Smart vs. Secure vs. Privacy conundrum, with customers who demand “open visibility” to manufacturing?
We have all, “messed up” once or twice in our lives, and when it happens, our instinct drives us to perform a certain amount of damage limitation. In short, we look around to see whether anyone has noticed. Rules and procedures are there to oblige us to own up, but still, if there are reasons to be found that might mitigate the effect, all the better. Let’s consider a really simple, shop-floor to top-floor example from the SMT manufacturing world.
Level 1: Shop-floor
In the not-so-distant past, when SMT placement machines stopped, a red lantern lit up, as the machine innocuously requested help. This literally became a red flag against the operator, as it appeared that they were allowing the machine to remain in a stopped condition. Management wanted to ensure that visiting customers would not see the impression of waste, thus putting pressure on supervisors, that in turn, put operators under intense pressure to ensure that everything looked good. The result? A re-wiring of the lanterns. White now means, for example, stopped, but it’s okay.
The core issue is that machines do stop from time to time, and when they do, it is a complex situation, even in the case of our machine stopped while, for example, requesting a replenishment material. In order to process the event correctly, we have to set it into context. There is a logical sequence of questions to consider before making any judgement:
- Was the machine in active production mode in which it was supposed to be running, or was it in a non-production mode, such as maintenance, changeover, no schedule etc.
- Has the operator responded within the time expected against the nature of the stop, for example, within 3 minutes to deal with a replenishment?
- Did the event happen while the machine-operator was at break, or dealing with another issue with equal or greater importance?
- Was the responsibility with the materials-operator, who had failed to deliver the replenishment material, or the material was somehow damaged or incorrect?
- Does the stoppage have significance? If the line is ahead of schedule, then less significant tasks may be appropriate for the operator to do rather than attend to the machine.
- Is the machine waiting for another upstream or downstream station outside of the operator responsibility to resolve an issue?
These are just some of the simpler reasons why it is seen as irresponsible today to automatically blame a machine-operator for a stopped machine without considering the entire context in which the event has taken place. An assessment of the entire context of events as they happen in manufacturing should be done before jumping to conclusions which can be very harmful to the relationship and hence effectiveness of management.
Level 2: Software Automation
In today’s modern factory, data is collected and exchanged between machines and systems automatically, without the opportunity for human-based contextualization, or, “making excuses” as I used to hear when working in production. It therefore falls upon the software to accept the responsibility to assess the context of situations correctly. “Point solution” based MES or individual solutions more often than not, do not have seamless and simultaneous access to the holistic picture of manufacturing and supply-chain, as well as the understanding of the product design mandate or production configuration limitations. As such, the human once again has to step in to interpret results and reports, to try to make sense of the data, whilst themselves being removed from the context. You had to be there. As such, users of these systems have gained data, but lost value as compared to having to manage manually with human contact. Many companies going through their Digital Transformation are left disappointed by early results, realizing that simply extracting and moving data around out of context achieves very little. Only the truly holistic, single platform approach to MES is capable of making an intelligent digital representation of any situation, using a comprehensive contextualization approach.
At a factory level, decisions and actions need to be guided by contextualized events. Issues need to be explained in terms of root causes, immediate impact, and potential consequence, with actions taken with confidence that the issues will be resolved. It is the result of contextualization that is important to act on, not just a conglomeration of apparently disparate data points.
Level 3: Customer Exchange
Where adequate contextualization has not been done within the factory, it becomes apparent to customers that there is risk associated in their business. Compliance reports are often mandatory, as is the agreed exchange of traceability data, that includes the ability to form proof that expected operations were carried out as required. On the back of this, customers often request more and more highly detailed information. The more that traceability data has to be shared, the greater the risk that the manufacturing company loses control of the interpretation of that data, and certainly, the context is very difficult for the customer to reverse engineer and understand. The result ironically, is that as more data is shared, the more the distance between the manufacturer and their customer increases. Another result is that potentially, the manufacture’s IP and private data is exposed, information exchange which made very little, if any, difference to the manufacturing performance, but could cause relationship issues, especially if sensitive data were used for purposes other than simply a traceability record.
Where data has been properly contextualized within the factory, rather than sharing all of the traceability data, it should be possible to define what are the key facts to share, which are backed up by the trust and responsibility placed on the owner of the data. The manufacturer’s customer has what they need to know in order to satisfy compliance, conformance, and product authentication, supporting any related actions needed in the event of compromise of the supply-chain through cybersecurity incidents, counterfeit components, or simply material and process related quality problems.
This is a similar scenario to that which we experience in our personal lives. On entry to a bar for example, we have to show our eligibility. One method would be to show our ID, such as a driver’s license, ID card, or passport, which often discloses personal information, such as address, date of birth, gender, height, and weight etc., as well as more recently, COVID vaccination status, with vaccination dates. Any and all of this private information when even briefly disclosed, can be copied, and misused by criminals. Since the government already has all of these records, an application based on, “Verifiable Credentials” technology could simply take our immutable ID, such as a fingerprint at the point of entry, and then ask for confirmation of permission through a Verifiable Credential algorithm. The answer that comes back to the bar is only whether we are eligible to enter or not, but without disclosing any of our private data. If the answer had been “No”, the bar would not have known why, as they have no need to know. Such Verifiable Credential-based technology is now being considered as part of the IPC Digital Twin and the IPC Component Level Authentication standards, that are shaping the architecture of how data can be shared and exchanged throughout the supply-chain, to support security, agility, and quality assurance, without leakage or exposure of private data and IP.
As part of the Digital Transformation, the approach of sharing and exchange of data based on local contextualization, with security and privacy in mind, is the only sustainable way forward. Without this, the near random approach to sharing of data soon reaches a tipping point, where serious potential consequences outweigh the benefits, and Digital Transformation stalls.
Are we at that point yet? Yes, in many cases we are. We all need to focus now on the contextualization of our data and think about the Verifiable Credentials that we need to adopt. For those interested in contributing to this innovation, please join the Digital twin (IPC-2551) and Component Level Authentication standard (IPC-1783) committees. There is much work to do, and time is of the essence!