Apacer and Advantech Collaborate To Improve Edge Security For Smart Manufacturing, Minimizing the Risk of Ransomware Attacks

Jun 29, 2021

The worldwide spread of the pandemic caused issues for many manufacturers. In order to reduce community infection, it became necessary for factories to carefully control the movements of employees in certain production areas. Unfortunately, this sometimes led to manpower shortages or shutdowns, and by extension, imbalances in the global supply chain. Faced with these challenges, more and more factories explored the advantages of digital transformation by introducing cloud-based operation and smart remote management, allowing them to maintain normal operations with the minimum amount of human intervention. 

In order to help companies accelerate the implementation of smart manufacturing, Apacer and Advantech embarked on a collaboration. Apacer is a leading global manufacturer of industrial SSDs and DRAM modules, while Advantech is a top supplier of industrial computer networks. In 2020, they joined forces to create the Double-Barreled Solution: Cloud Edition (DBS: CE) with the goal of improving remote device management in smart factory applications. Apacer’s CoreSnapshot SSD one-second backup and recovery firmware technology is being integrated into Advantech’s WISE-DeviceOn for Azure solution. This allows factories to realize the benefits of quick backup and recovery, avoid OS crashes, and minimize exposure to data loss or ransomware attacks by hackers, which could disrupt production line schedules. 

As Factories Become Intelligent, SSDs Must Become More Secure

Rison Yeh, Senior Manager of Advantech's Embedded IoT Business Group, pointed out that in the past, factories were hesitant to transfer operations to the cloud. Nowadays, the situation is reversed for several reasons, including the gradual disappearance of owners’ doubts about cloud security. At the same time, factory owners understand that if they stick to the traditional stand-alone operation mode, it is difficult to roll out deployment of thousands of production lines across various geographic regions. But thanks to the high expansion, high availability, and security of cloud operations, an intelligent management mechanism can be distributed equally. Therefore, the maintenance, control, debugging, and software updating of a large number of devices can be performed remotely and simultaneously, greatly reducing labor costs.

In addition, when talking about edge device management, data security was rarely discussed. However, in recent years, global factories have been frequently attacked by hackers employing ransomware, and information security incidents caused by improper operations in factories have also been documented. These can lead to system crashes which will impact production. Owners now focus on making the production line as free from ingress points as possible, while also deploying strategies to resolve a hack if it occurs despite their best efforts. The cloud must be used as the medium for accelerating the integration of edge devices into security protection solutions.

Jerry Hsu, Project Manager of Apacer's Industrial Storage Application Dept., said that after factories transition to smart manufacturing, production line equipment control and large data stream processing will rely heavily on industrial computers (IPC). Therefore, the goal of operators is to do everything they can to prevent IPCs from crashing. For this reason, most factories have transitioned from HDDs to SSDs, since the latter have advantages in terms of shock resistance, temperature resistance, long operational lifetimes and high stability. Each IPC uses an SSD to store its OS and data, and independently drives specific factory functions. By connecting a series of IPCs, the entire production line can be supported by digital control.

Obviously, knowing the status of every SSD in the factory is becoming more and more important. Any failure of an SSD may trigger a domino effect and cause the factory to stop operating. Therefore, the factory must ensure that all SSDs are operating smoothly. This can be done by remotely monitoring each SSD’s health status and taking preventive maintenance measures to prevent SSDs from failing unexpectedly. If, despite these efforts, a failure should occur, factory operators need to try to recover SSDs as quickly as possible. A quick recovery from an unexpected crash can minimize downtime and keep production lines on schedule.

Resuming Production Without Fearing Ransomware Attacks

Jerry Hsu said that at the beginning of last year, Apacer cooperated with Advantech’s WISE-DeviceOn development team to create Apacer’s DBS: CE. This software solution to assists users in real-time analysis and monitoring of SSD status, including factors such as write/erase count, operating temperature, unexpected power failures and other important indicators. Having all these stats easily viewable in a simple dashboard is DBS: CE’s advantage.

Now the scope of cooperation between the two parties has further extended to edge security, and the key is Apacer's exclusive CoreSnapshot technology. Under the CoreSnapshot architecture, an Apacer SSD is divided into two partitions: a user area and a hidden area. All data will be written to both areas identically until the operator sets a backup point. At this moment, the data in the backup area will be frozen, and only the user area will be written to. Users will not be able to see or modify any content in the hidden area.

Apacer’s CoreSnapshot technology allows the system to return to normal operation within one second, meeting the needs of enterprises for more efficient remote management and maintenance, and reducing unnecessary manpower and material expenditures. If the data in the user area becomes corrupted or is subjected to a ransomware attack, the operator can trigger the recovery process with just one click. At this moment, the SSD will ignore the original user area and make the hidden area the new user area. Since the data in the hidden area was pristine and uncorrupted when the backup point was set, the IPC will then be able to boot using the data and OS from this area without any problems. Apacer can also provide customers with customized value-added services to help with analysis of the virus used to attack the user area, with the goal of preventing similar ransomware attacks in the future.

Rison Yeh added that Advantech is continually developing and improving the WISE-DeviceOn for Azure remote device management solution. It has already successively integrated Apacer's DBS:CE, CoreSnapshot and other technologies. WISE-DeviceOn for Azure also includes a number of other security functions, including the use of defense mechanisms on the Microsoft Azure platform to protect cloud services, and the use of McAfee whitelist application control technology to protect edge devices. These preventative efforts have proven invaluable to Advantech’s customers.

Even if the system is unable to prevent a virus attack, operators can use Apacer’s CoreSnapshot technology to quickly restore it, and all affected equipment in the factory can be fully restored to production status. It is worth mentioning that users only need to use WISE-DeviceOn to issue the CoreSnapshot Recovery command through the Azure cloud platform, and maintenance personnel will not need to be dispatched to the IPC’s real-world location. During this worldwide pandemic, this reduction in manpower is truly an advanced deployment solution for remote factory operators.

CoreSnapshot  Double-barreled Solution  SV25C Cloud Series SSD