Military Embedded Systems

Manufacturing status report: Legacy software infrastructure can hurt security, ability to change


October 15, 2020

Manufacturing status report: Legacy software infrastructure can hurt security, ability to change

By Matt Medley, IFS

There are many pitfalls to keep an eye on when assessing whether a current or potential enterprise resource planning (ERP) system is fit-for-purpose in defense and aerospace manufacturing. Making the wrong choice could leave a manufacturer hamstrung when looking to transform their operations, with existing software requiring expensive customizations, providing limited deployment options, offering little business intelligence or – a very bad situation – compromising security.

Defense and aerospace manufacturers are no strangers to a market where progress is demanded first and rewarded second. When a military organization, tier-one original equipment manufacturer (OEM), or industry regulator shifts the goalposts or a new technology comes to the fore in an open competitive advantage, agility becomes the name of the game.

Sometimes external market forces can also apply pressure on defense and aerospace manufacturing operations, including such upheavals as the current COVID-19 pandemic. This disruptive situation is having a serious impact on supply and demand, and has resulted in some serious government action, for example the invocation of the Defense Production Act: The Act – usually required during wartime – mandates that manufacturers must shift operations to producing goods in short supply. Some defense manufacturers have really set the bar here: BAE Systems, for example, quickly shifted its production focus to design more than 100,000 face shields and work on developing a ventilator from scratch.

With defense and all kinds of manufacturers currently experiencing an extreme stress test, this can put real strain on the enterprise resource planning (ERP) software underpinning their operations. In fact, in a primary research poll taken at a recent IFS webinar – attended by a roll call of blue-chip aerospace manufacturers and aviation organizations – almost half of the respondents (46%) said that their current ERP platform was hindering their ability to adapt to changing market demands.

In this arena, failure to react to changing market climates, modernize business processes, and meet ever-moving security requirements can mean being left behind. This reality has been thrown into stark focus during the current COVID-19 crisis, where some agile trendsetters have led the charge.

Securing operations now and into the future

Due the nature of the sectors they operate in, defense and aerospace manufacturers must meet some of the world’s strictest security requirements and regulatory measures. Obtaining the required level of security sophistication applies not only to the physical products manufacturers deliver, but also their digital presence. Witness the compliance mandates required by defense operators before they can even supply a defense customer: the International Traffic in Arms Regulations (ITAR) and the newly released U.S. DoD Cybersecurity Maturity Model Certification (CMMC) Version 1.0 being just two examples.

The U.S. government explains in the latter document that “the CMMC is intended to serve as a verification mechanism to ensure appropriate levels of cybersecurity practices and processes are in place to ensure basic cyber hygiene as well as protect controlled unclassified information (CUI) that resides on the department’s industry partners’ networks.” Failing to adhere means defense and aerospace manufacturers are shut out of valuable military RFPs and bid situations.

Meeting digital security requirements

Enterprise software plays a key role in meeting digital security requirements; it’s here where “one-size-fits-all” ERP systems do not contain the industry specificity to keep defense and aerospace manufacturers compliant. Without a fully integrated application suite allowing data to flow seamlessly between different functions such as supply-chain management, manufacturing, engineering, and customer relationship management (CRM), it is difficult to know which products, parts or transactions may put a defense manufacturer in jeopardy. (Figure 1.)

[Figure 1 | Cyber hygiene = enhanced data security.]

A business dealing in regulated materials or involved in sensitive military contracts must be able to quickly and efficiently assemble all critical compliance information from within its ERP system and combine that information with external regulatory data to ensure compliance as the company processes orders, shares information, and conducts other transactions. Such a company also must be able to share it with overseas partner companies in a frictionless environment. It will become more and more important to ensure any ERP solution used for defense and aerospace manufacturing has functionality specifically designed for export control and cybersecurity regulations; tagging this on an as afterthought can be costly in more ways than one.

Industry expertise and customer choice must drive software

Enterprise software cannot be a jack of all trades and master of none. The baseline ERP functionality delivered by large incumbent providers – who develop a single platform and customize it to support as many industries as possible – may well be good for operations such as finance, HR, and payroll. Running aerospace and defense manufacturing operations is not the same as managing the day-to-day processes of a retail business, for example.

Far too often, defense and aerospace manufacturers set out on an implementation strategy and find that costly, complex, and confusing customizations must be made to their software infrastructure to accommodate critical manufacturing processes such as precision-part engineering and intensive quality control. Defense and aerospace manufacturers need to be confident that their underlying systems infrastructure actually supports the specific business needs of their industry now and into the future – not simply dances to the tune of the software supplier.

Clear up cloud confusion

This caution even applies to the deployment model for enterprise software. Many ERP vendors are pushing their customers to the cloud as a prerequisite which, again, may seem like a sensible choice for industries with less-heightened security requirements. But defense and aerospace manufacturers are involved in a sensitive supply chain, where they must prove compliance with strict military security requirements. When researching the challenges of cloud adoption in aerospace and defense organizations, market research firm Tech-Clarity found that two-thirds of defense and aerospace companies highlighted security as a “significant risk.” When looking specifically at OEM respondents, the research found that this figure rises to almost three-quarters.

In fact, the IFS webinar poll also showed a limited appetite for fully cloud-based ERP deployments: Again, with questions of security and compliance weighing on the mind, just 3% of respondents currently deploy ERP software through cloud technology only, whereas 64% said they use their software either on-premise only or use a hybrid of on-premise and cloud-based deployments.

Ultimately, manufacturers of sensitive materials need to have full control over how they decide to deploy supporting enterprise software. Where business processes dictate, this could be a physically secure on-premise installation, a full SaaS [software-as-a-service]-based deployment, or a hybrid environment spanning both.

Connectivity through all levels of project

Defense and aerospace manufacturers are behind some of their other-company peers on the “Industry 4.0” or smart manufacturing curve. During another recent webinar, which zeroed in on the impact of Industry 4.0 for defense/aerospace manufacturers, 140 defense and aerospace decision-makers answered specific questions to gauge views on Industry 4.0 adoption. Only 20% of participants were actively looking to leverage 4.0 technology, identifying it as an enterprise-wide priority. The majority – 68% – were still researching how these technology advances can help achieve their digital transformation goals.

Opening up smart manufacturing

Smart factories and intelligent assets deployed in the field will generate many terabytes of data. Simply extracting this data – let alone mining it to truly inform business decisions and better take advantage of aftermarket service revenue – is something this industry is still trying to master.

This is no surprise. Many legacy ERP suites used in defense organizations are using multiple software products comprised of disparate applications, developed separately, and stitched together with a common user interface. No software can exchange data with every sensor, and those defense and aerospace organizations with inflexible deployments will need to customize and add to their existing implementation to gather information from every available sensor.

RESTful APIs: catalyst for connected operations

Such inflexibility can be avoided by deploying industry-specific manufacturing ERP software built on application programming interface (API)-driven architecture. To a certain extent, defense manufacturers and services companies today are becoming software companies themselves. They may have developers who write software to do things such as introduce data from the IoT [Internet of Things] and enable other systems to interact with enterprise software. RESTful APIs – a software architectural style for designing networked applications that uses HTTP requests to handle data – make it that much easier for them to link valuable data streams into the core ERP system.

Turning data into decisions

Once data is introduced into a supporting enterprise solution, half the battle is won; the next stage is analyzing that information to gain insights into operational and business performance. Manufacturers are moving data analytics from a tool for observation to a tool for optimization, from proactive to predictive intelligence, and to help meet the demands of rapid industry changes.

By actively monitoring the performance of assets and processes, manufacturers can make faster and better-informed decisions, which ultimately lead to productivity improvements, cost savings, and added maintenance predictions. But this is impossible to achieve if data exists in a heavily customized and fragmented arena. Siloed sources cannot be harnessed to paint a full 360-degree view spanning frontline manufacturing operations and back-end business processes.

Aligned with goals

Intelligent enterprise software should bring together solutions that visualize information to support decision-making at both strategic and tactical levels, providing insight and context when and where it is needed. This approach includes integration with other programs vital to defense and aerospace manufacturing.

By combining enterprise architecture, business-activity monitoring, intelligent business-process management, business intelligence, and reporting capabilities, a unified platform can be created that enables an end-to-end picture to be built in line with manufacturers’ security, technology, and business goals.

Matt Medley is senior product manager at IFS, ensuring that solutions meet the demanding needs of defense service and support organizations, defense manufacturers, and defense operators and helps bring these solutions to market. He has served as a consultant, program manager, and project manager in aerospace and defense organizations. Matt – a graduate of the U.S. Air Force Academy and a certified flight instructor – served for 12 years in the U.S. Air Force, achieving the rank of major and compiling 2,500 flight hours in the C-130 aircraft. He holds an MBA from Kennesaw State University and a master’s degree from Webster University, and is a certified project management professional.