How do you determine where your limited capital funds will be spent? What control systems should be upgraded first? Second? Analyzing and prioritizing upgrades is important. Unnecessary funds ought not be spent on upgrading unused or supported systems. Furthermore, even systems unsupported by a vendor may be retained if more important systems should be upgraded first. An exhaustive risk analysis could be performed on all systems using manufacturer-provided MTBF (mean time between failure) rates and detailed proprietary financial forecasting models. In many cases however, this level of detail is an inefficient use of money and time. Those resources may be better spent on executing the upgrades and migrations. We suggest that there is a simpler way to evaluate risk which will provide insight and justification for timing your Industrial Control System upgrades.
Asset Identification
To start, all assets to be evaluated need to be identified. Similar devices should be grouped together. Typically, this means all PLCs are on one worksheet, all HMIs are on a second, and all PCs are on a third. This identification should be detailed enough to identify obsolescence dates, but broad enough to not be onerous. Product families are enough for some evaluations. For others, specific part numbers are more appropriate. If there are multiple part numbers with a specific “device” they should be grouped in a way that makes sense for site personnel. Each device should also be identified with a system. This is the system that will fail if the component fails. Multiple devices can be assigned to the same system. In most evaluations there will only be a single system for any device.
System Risk
The next step is to evaluate the business risk due to system failure. This is done for each system. If there are multiple components in each system, they will usually share the same system risk. If there are system dependencies, this needs to be accounted for in the overall risk. For example, if a controller failure can cause the interruption of a plant-wide utility, it will rank highly. If the failure causes the stoppage of an individual line, it will rank lower. If that line’s production can be shifted to other lines, it will rank lower yet.
Obsolescence Risk
The second risk to categorize is that of obsolescence. A complex analysis incorporating cost of support, Cybersecurity risks, and other obsolescence and deprecation risks is possible. ACE suggests a simplification where the availability of spare parts as a proxy for overall risk. An obsolescence risk factor is applied based on the availability of spare parts. Note that these categorizations should be regularly updated to include any changes . For obsolete parts, it is often helpful to further differentiate between those that are accessible via third market (such as EBAY or an industrial clearing house) vs those that are not regularly obtainable. Also, at this time it may be pertinent to understand one’s corporate stance on re-sale. Some purchasing departments require time-consuming paperwork to acquire components from unapproved vendors.
Overall Risk Evaluation
For a basic analysis such as this, it may be more important to have differentiation than to have precision. If you have all “4’s” you don’t have any insight. If each device is likely to have its own number, comparisons are possible. After the devices are identified by risk and spare parts availability, the two values are then combined. The sum (or product, if you prefer an exponential graph) is then recorded as a total factor. Each device’s overall risk factor can then be prioritized based on the risk severity identified. Typically, a value on the top 40% of the scale chosen should result in a planned upgrade, and those systems identified in the top 15% of the range usually result in immediate risk remediation.
Additional Considerations
Naturally, this rough outline approach can be expanded to incorporate other aspects of a migration strategy. Using a phased approach may result in increased spare parts from components previously used on production equipment. Additional detail can be added for the categorization, such as PLC card part numbers instead of general families. Internal knowledge may be another factor as well. If two systems have a similar risk factor, it makes sense to upgrade the technology/system that has fewer experts at your company or in industry. All these aspects (price, knowledge, and features) can be incorporated into the decision process alongside the initial risk evaluation.
Keep in mind this analysis does not evaluate benefits and features of a new system that are not available with the current system, such as network connections to MES, MOM, and/or ERP systems. It also does not directly evaluate the importance of improved safety and efficiency, though that can be included abstractly.