Information security in data exchange and integration along the entire value chain in mechanical and plant engineering presents many companies with major challenges. The secure connection of customers, suppliers and partners in development, production, assembly, sales and service involves complex processes. Clear legal requirements and guidelines stipulate how data security must be guaranteed along the entire value-added chain. Learn about solutions that ensure information security during data exchange and integration while adhering to all compliance rules.
Information Security – the Initial Situation in Mechanical and Plant Engineering
As a result of digitization, development, production as well as sales and services are now distributed across the globe. In recent years, companies in the mechanical and plant engineering sector have built-up complex process, organizational, data and service structures that provide the necessary support in all areas of the value chain. The associated exchange of information spans all departments of a mechanical and plant engineering company to customers, partners, suppliers and the authorities. It is a central element of this networked development, production and service landscape.
Important and often critical know-how about products and processes is thus available to many players such as customers, partners and suppliers around the world. To ensure that this information does not fall into the wrong hands during data exchange, organizational, legal and IT measures are required for data protection. This often poses a challenge, not only for the central EDP/IT, but for the entire organization of a mechanical and plant engineering company.
Information Security and the Opportunities / Challenges of Digitization for Mechanical and Plant Engineering
Digitization, and all the measures that go with it, offers many opportunities for innovation and efficiency gains in mechanical and plant engineering. This benefits not only the manufacturer, but also the customer, operator and supplier of machines and systems. However, in addition to the opportunities, new challenges also arise that affect all the players involved. In particular, ensuring the availability of machines and systems is becoming more and more important as networking increases. Information security, from the beginning of product development to service, is an essential aspect of the holistic security concept of manufacturers, operators and customers. Not only has the secure exchange of product-related data been a concern, but personal data (e.g. GDPR) has become increasingly important for mechanical and plant engineering in recent years.
Information Security and Compliance Right from the Start
The guidelines from the EU Cybersecurity Act also apply to a large extent to the manufacturers and suppliers of industrial components along the value-added chain in mechanical and plant engineering. In addition, the operators of machines and plants increasingly insist on guaranteeing information security right from the start of product development.
The exchange of data in product development, production, assembly, sales and services with customers, partners, suppliers or even authorities is complex and includes both product-defining and value-adding information. The challenge is to act in accordance with the company’s compliance rules as well as the legal requirements of IT security laws and GDPR. At the same time, it is necessary to maintain control over the regulated data exchange and integration and to create transparent processes.
Furthermore, it must be ensured that the data to be exchanged is additionally protected by different mechanisms even in the case of external data access. After all, all employees should be able to carry out their work in a secure manner both inside and outside the company, even when working remotely.
Information Security – the Holistic SEEBURGER Concept for Data Exchange and Integration
IT security for data exchange and integration is an elementary component for the implementation of digital transformation in mechanical and plant engineering. In particular, it is of elementary importance for cross-company collaboration in product development as well as for Industry 4.0, platform economy and digital services.
A holistic concept is required for secure and transparent data exchange along the entire value chain. The process steps to be passed through usually include organizational and legal as well as IT-technical aspects. Below you will find examples of use cases for information security in the exchange of development, production, logistics and service data as well as solutions from SEEBURGER.
|Product Lifecycle Phase||Use-Case||Examples of Data to be Exchanged||Possible Solution|
|Product development & technical purchasing||Networked, distributed engineering, connection of engineering service providers, OEM engineering portals and electronic product and parts catalogs, Engineering Partner Onboarding ‘Purchineering’ (Purchase and Engineering)||Market studies, NDAs, terms and conditions, offers, technical pictures, customer orders, specifications, tenders, CAD models, drawings, standards, guidelines, specifications, patents, sketches, drafts, functional and circuit diagrams, calculations, software, parts lists, Material orders||Managed File Transfer, OFTP2, ENGDAT, ENGPART, IT-Security, APIAPI management for connecting PLM/PDM, CAx format converter and CAx data validator, B2B, EDI/WebEDI, process monitoring for transparency and compliance|
|Production planning, manufacturing and assembly||Connection of extended workbenches, distributed production sites Integration of Shopfloor with Business IT, connection of RPA-Robot process automation||Work plans, specifications, quality data, operating data, assembly plans, Production plans, test plans, NC programs, firmware, software, production protocols, sampling documents, machine data, simulation data, operating and production process data||Managed File Transfer, OPC UA, MQTT, API/API management, Process Monitoring, Industry 4.0/(I)IoT|
|Logistics for goods and products||Connection to merchandise management, logistics, packaging, labeling, barcode, transport systems, tracking, SCM||Material movements, information on product or outer packaging, data for transport processing||B2B, EDI/WebEDI, API/API management, Managed File Transfer, Process Monitoring, BIS LINK|
|Sales||Connection to supplier portals, store systems, ERP, OmniChannel, various platforms for product sales, mobile apps||Order processing, quotation, order, invoice, marketing documents, simplified 3D models, product drawings, product images & brochures, data sheets, digital product catalogs||Managed File Transfer, B2B, EDI/WebEDI, API/ API management, Process Monitoring, BIS LINK, E-Invoicing, ZUGFeRD|
|Services||Integration of manufacturer platforms, operators and users of digital services||Repair orders, maintenance contracts, warranty services, operating instructions, maintenance manuals, customer service reports. Digital services, pay per use, subscription models, subscription models||Managed File Transfer, Industry 4.0/(I)IoT, API/API management, BIS LINK|
|Disposal||Connection of disposal partners, provision of necessary data and documents||Disassembly plans, recycling plans, Scrapping protocols||Managed File Transfer, API/API management, BIS LINK|
Figure: Information Security – Examples of use cases for the exchange of development, production, logistics and service data and solutions from SEEBURGER
Information security and the SEEBURGER solution
We support customers in mechanical and plant engineering in the:
- Identification of requirements and subsequent definition of a holistic concept for secure data exchange and integration
- Design of internal and cross-company processes and organizational structures
- Implementation of the defined concept with all necessary and associated solution modules (see table for use cases and solutions – excerpt)
- Sustainable optimization and adaptation of the implemented concept to changing conditions
As a central integration platform, the SEEBURGER Business Integration Suite (BIS) ensures a standardized exchange of information as well as data security and integrity between all players and other platforms.
Get in contact with us.
We are looking forward to your message.
Written by: Dr. Seref ErkayhanDr.-Ing. Seref Erkayhan is product manager for engineering (CAD/CAx) and product data exchange at SEEBURGER AG. He heads the division for mechanical and plant engineering.