Original Source: Grain News
Agco announced in May 2022 it had been the victim of a ransomware cyberattack, which disrupted production at assembly plants. In May of this year, Germany’s Lemken announced it too had been attacked by hackers,
As OEM brands work to further secure digital systems to protect themselves from these problems, they must balance security concerns with the reality that thousands of producers need access to their platforms.
With that comes an important consideration: how much access should individual users get within a system?
For John Deere, for example, that means “making sure that people who use John Deere systems have the right access, but not more access than they need,” group engineering manager for identity and access management Heather Schladt says in one of the company’s digital information posts.
“It’s a delicate balance between security and usability. We’re focused on ease of use and efficiency of systems and processes through automation and intelligence.”
There is also another aspect of that balancing act regarding the level of access system users should be given, involving the machines themselves, and landing squarely in the heart of the right-to-repair (RTR) debate. Again, the question is: how much access is enough?
Brands have so far refused to grant owners the right to delve deeply into a machine’s central processing unit (CPU), insisting that’s off-limits.
RTR advocates, on the other hand, insist owners should be entitled to do anything they want with a machine they bought and paid for — including making modifications.
Many producers have been frustrated when their equipment breakdowns require only a simple fix, but they couldn’t access a CPU themselves to make any corrections or diagnose the problem. Some brands, such as John Deere, have promised to permit more access to some systems to help prevent those types of problems.
However, there is a risk in granting entirely unfettered access to the complex software controlling modern machines. And it’s a growing concern as machines evolve toward a future of autonomous operation.
“Farmers, producers, are used to being able to do what they need to (to keep going),” says cybersecurity expert Brennan Schmidt, a principle of AlEUS Consulting Group. “If they need to use baler twine and duct tape, they will. But now, there’s a lot of technology that’s not in their domain. They want to get hands-on with the tech.
“As a complexity to that, if you’re doing the equivalent of duct tape and baler twine in software, now there’s something you accidentally did and changed and all of a sudden the machine isn’t working. We can now see how manufacturers are not so eager to support that.”
If RTR initiatives succeed in obtaining widespread, unrestricted access to all the software in a machine’s CPU, and win the right for anyone, regardless of their knowledge level, to modify it, could that cause a general loss of confidence in the integrity of the onboard digital systems in used machines? Would that impact the used equipment market in a significant way? Could hackers gain access to a brand’s online system that way?
Schmidt says he believes manufacturers will eventually have to accept the pressure to permit more user access to machine digital systems isn’t going to go away. Being very proactive may be the key to a solution.
“The next question becomes, how do we strike the right balance?” he says. “We pave the way to say to folks ‘Here’s what you can make modifications to, here’s how you do it and how to do it safely.’
“I think this is a great opportunity for industry to get plugged into manufacturers and start asking those questions, and flip the question from ‘How do we prevent tinkering, potentially impacting a million dollar-plus machine?’ to ‘What can you as a manufacturer do so I (a producer) can do my business and start linking things up safely?’”
Schmidt believes the brand that eventually grants the best controlled access to digital machine systems may gain a significant marketing advantage — accommodating growing demand for more control over machine operations by a new generation of increasingly tech-savvy producers.