Home arrow News & Events arrow EM Sleuth arrow Sleuth Foils an EMS Network Hacker
Sleuth Foils an EMS Network Hacker PDF Print E-mail
Eddie Haskins, a CNC machine operator on the second shift at Shifty Equipment Company, is highly skilled and no-nonsense sort of a guy.  His daily plan is to get all of his work done, square away his equipment, and launch himself out the door as fast as humanly possible to hook up with his buddies or spend some time with his girlfriend.

Recently he had been working on the horizontal mill to make prototype engine parts for the new Trailbounder III snowmobiles. At predetermined intervals he also checked his work on a nearby CMM. One evening, much to his surprise, the CMM told him that the holes he’d been cutting were out of spec. This couldn’t be true, because the holes lined up perfectly with ones in same parts he made last week and those parts checked out perfectly.

If Eddie went by the book, he might have to work very late following the company’s annoying procedures for trouble-shooting the problem. Instead, Eddie decided the problem must be with the CMM program.  Having had a little training in that area, he got into the network, and rewrote the master CMM program for the part by changing the nominal data dimensions to compensate for the out-of-spec measurements. He downloaded the modified program back to his CMM once again and his parts were checking out perfectly. At the end of his shift, he was out the door in a flash.

It all hit the fan the next morning. According to procedure the CMM operators downloaded the master programs they would be using to check their parts that day. It wasn’t long before several operators discovered that the prototype engine parts they had been testing successfully all week were being rejected. This caused a big stir and it took Quality Manager Bob Sturgess many hours of troubleshooting to determine that the cause of the problem was a faulty CMM program on the server. 

hacker_sleuth-1.jpgBack at work the next evening, Eddie Haskins encountered the same problem. His parts were not checking out using the measurement program he thought he had “fixed” the evening before. Determined individual that he is, Eddie attempted to log into the CMM program area on the server and “fix” the problem again.

This time, however, the server was password protected. No problem— Eddie knew where one of his buddies on the day shift—a guy with a higher level of security access—stored his passwords. Eddie purloined the access code, rewrote the offensive CMM program and shot out the door on time as usual.

For Bob Sturgess, next morning was like déjà vu all over again. After correcting part program again, changing the password and restricting network access to just a handful of trusted people, he reported to management that someone was corrupting measurement programs (and who knows what else) on the EMS network.

That afternoon an emergency meeting was convened to address the problem.  Top management, Bob Sturgess, and Sleuth attended. Marketing VP Fred Jones, who thinks the future of the company depends on his Trailbounder III introduction, went ballistic. He insisted that the security problem was intentional, malicious and most likely an attempt on the part of industrial saboteurs to put Shifty Equipment out of business.

Bob Sturgess didn’t think so, but he did not the slightest clue about what was actually going on. “But I’m sure we’ll figure it out,” he offered.

“That’s not good enough,” retorted Jones. “We need to attack this problem head on. We’ll need better software, custom log-in procedures with special data encryption, more secure hardware and around the clock security guards until we get to the bottom of this.”

“But that will cost us tens of thousands of dollars, I don’t have that kind of money in my budget,” Sturgess replied.

“Then maybe you should shut down that enterprise metrology network and load your programs the old fashioned way. Anything wrong with that?”

“That’s brilliant. Why don’t we just measure everything with hand tools too, ” said Burgess.  “What do you think, Sleuth?”

Sleuth looked up from the doodles on his engineering pad and yawned. “Oh I think we can get to the bottom of this in about a week’s time with a little effort and out-of-pocket expenses of say 150 or maybe 200 .  .  . dollars.

The out-of-pocket expenditures were for three jump drives which were loaded with the pristine versions of measurement programs in question and issued to the three shift supervisors. They were instructed to reload the programs on the CMMs if any corrupted programs turned up. That way the operators were back on track with the proven programs with little time loss if there was a breach. 

This actually happened several times until Eddie was tracked down and confronted. It wasn’t that hard. There were only a handful of people with the access, opportunity and training needed to get on the network and botch things up royally. It turned out that Eddie’s CMM had a fixture with a poorly designed spring clip that did not always engage the part in the proper orientation for measurement. Hence, the bad results that Eddie blamed on the program.

Sleuth spent the next week fool-proofing the enterprise metrology network so that this sort of thing would not happen again. Security codes were reissued. Server access was automatically monitored so that there was a clear trail of who made what changes on the server and when.

Sleuth also fixed it so that measurement programs are invisible to the operators. Operators can only run measurement routines and generate reports, but not alter the programs themselves. When a CMM operator finishes the shift, the programs used at his device are completely erased. That means that the most current program has to be downloaded from the server when the next operator takes over.

Before that happens, however, the server automatically checks the engineering database to make sure that the most current CAD model for the part is the one used to create the current measurement program. So parts, measurement programs and CAD versions all match. Finally, measurement fixtures were fixed so that there is no way to misalign parts and create false bad measurements or false good ones for that matter.

“So quite a bit of good came out of this little mishap,” thought Sleuth. “Shifty Equipment has invested a lot of time fool proofing manufacturing procedures. It only makes sense to do the same with measurement systems and the enterprise metrology network.”

As for Eddie Haskins, he was given a severe reprimand. Eddie was genuinely sorry for all the problems he’d caused. He is still working for Shifty Equipment, but not in the Quality Department anymore.


EM Sleuth is sponsored by Wilcox Associates Inc, (www.pcdmis-ems.com), part of the Hexagon Metrology Group and makers of PC-DMIS measurement software. Contributors to this article include: Steve Logee, Business Development Manager, Wilcox Associates, This e-mail address is being protected from spam bots, you need JavaScript enabled to view it ; Rob Fabiano, Sleuth iIlustrator, This e-mail address is being protected from spam bots, you need JavaScript enabled to view it and Joel Cassola, Writer, This e-mail address is being protected from spam bots, you need JavaScript enabled to view it

Our Contest Winner

This column was based on a suggestion from our “Save the Sleuth Contest” winner Peter Wolf, Quality Engineer, Briggs & Stratton, Auburn, AL.  Peter insisted on our reminding readers that the events and people described in this column bear no resemblance to anything or anyone within a hundred miles of Auburn. For his efforts, he wins a TESA digital tool set.
 
< Prev   Next >
Wilcox Associates, Inc.
250 Circuit Drive
North Kingstown, RI 02852

Toll Free Phone: 800.343.7933
Phone: 401.886.2000
Fax: 401.886.2727
 
logo_hexagon_small.png

© Wilcox Associates, Inc. | All Rights Reserved

Privacy Statement | Terms of Use