Wednesday, October 18, 2017


Goran Novkovic, MESA Member, CQA, CSQE, ITIL, APM, PMP, PEng

This blog is part of a series called Manufacturing in the Cloud. This series aims to assist manufacturing organizations to evaluate how they can overcome challenges and maximize cloud computing benefits. As cloud computing services mature both commercially and technologically, this is likely to become relatively easier to achieve.


Manufacturing organizations can have their own, private clouds running on their own infrastructure that they fully control. The cloud infrastructure is provisioned for exclusive use by a single manufacturing organization. Generally speaking, cloud infrastructure can physically exist on or off premises, and it can be managed by the organization or by a designated third party. The emphasis here is that the manufacturing organization governs and controls the use of the cloud for its own purposes. Accountability implementation, operation and use of the cloud is managed solely by that organization. 

Cloud services are managed internally to maximize efficiency and they are available to business and operational users. Cloud services are hosted on equipment owned by the manufacturing organization. 

What kind of costs come with private cloud? 

The manufacturing organization needs to make capital investments. They will be spending money on cloud infrastructure, if it doesn't already exist. This model is most closely related to traditional, on-premises model that we see in most organizations today. With cloud computing and digital transformation of manufacturing, this picture will certainly change in coming years. 

What would be the responsibility of the manufacturing organization who wants to go with a private cloud? 

The answer is everything. As we already said, the manufacturing organization would be responsible for acquiring the network equipment, computer hardware and software, software licenses and so on. Furthermore, manufacturing organization would be responsible for making sure all these components are integrated and work in concert, including hardware and software installation, setup and configuration, upgrades and patches, and everything else. 

Why would manufacturing organizations want a private cloud if they need to make a big investment in infrastructure and keep all the resources to manage the private cloud? What would be the main advantage? 

The main advantage is the control. With the private cloud, the manufacturing organization has control over everything, because it is their own cloud running on their own equipment. So, there are no questions where manufacturing data is, where data is stored, whether it is encrypted or not and who accessed data. Everything is in the house and it is under complete control of the manufacturing organization.  

Such level of control provides better utilization of internal IT resources in terms of security, efficiency and customization. Since every manufacturing organization has unique set of business and operational needs, level of hardware and software customization offered by private cloud makes them a good choice for manufacturing. In addition to this, an internal IT teams can monitor applications and services in the cloud and use advanced analytics to predict and prevent bottlenecks, issues and eventual downtime. This makes private cloud a good option in terms of providing disaster recovery and ensuring business continuity for manufacturing organizations that decide to utilize private clouds. 


Public clouds are where cloud computing services are provided by Cloud Service Providers (CSP) and available to any Cloud Service Customers (CSC) over the Internet. The cloud infrastructure is provisioned for open use by the general public. Public cloud customers can concurrently share cloud computing resources such as processing power, data storage space and software applications. This implementation model is well suited for generalized capabilities that are not specific to any specific industry sector or organization. Any manufacturing organization can sign up to cloud computing services. 

What are the main benefits of using public cloud?

Cost and convenience. Public cloud computing services run off the equipment provided by Cloud Service Providers who made the capital investments in the computing infrastructure. This means they are less expensive and manufacturing organizations only have to pay for what they use instead of paying the upfront costs for hardware and software. And, less investment upfront means simply subscribing to public cloud services and consuming at your convenience.  

Why does private cloud seem more complicated than public cloud? 

Public cloud services are considered easy to use because they use web browsers as a familiar interface to provision and de-provision services. Also, a lot of manufacturers and businesses don’t have IT in-house so this is the easiest solution for beginners of code and infrastructure as it relates to automation, data storage, and scheduling. 


The hybrid of public and private clouds is called Community Clouds are where the cloud infrastructure is provisioned for exclusive use by particular communities of the organizations that have shared interests. Cloud services are used exclusively by a specific collection of cloud service customers or manufacturing organizations from specific geographic area, trade association or industry sector that have a common connection and the same needs. 

The community cloud model allows Cloud Service Provider (CSP) to provide cloud tools and applications that are customized to the needs of the community. Cloud infrastructure is shared between similar customer organizations with mutual benefits to sharing services. The services provided are typically focused on the shared tasks of the community. 

What’s an example of a community cloud?

An example is when a CSP may offer the water industry specific cloud services in certain regions around the world. So, the water industry cloud is considered a community cloud where they have the same set of security standards they need in order to ensure public health.

Community clouds pool CSP resources together for different manufacturing organizations or cloud consumers with specific common needs. 

What kind of common needs might those be?

Needs for community clouds can be related to regulatory compliance needs. For example, we might have multiple cloud customers that work in the nuclear energy field and as such they might have very specific requirements for the storage of data. For them, we can have a community cloud that meets those compliance requirements. 
Needs can also be about computing performance. Manufacturing organizations may require fast access to software applications or data stored in the cloud. It is especially important for time sensitive manufacturing processes. So, for those organizations that need those requirements, community clouds may be the solution. 

What about security issues? 

In terms of security, we might have multiple Cloud Service Customers (CSC) that require data, for example, to be stored on a data center server within a nation’s boundaries. So when we have multiple manufacturing organizations with very specific needs that are the same, community clouds make sense.


A hybrid solution is two or more distinct cloud infrastructures that remain unique entities, but are bound together by standardized or proprietary technology that enables data and software applications’ portability. Manufacturers choose this when they want to leverage the advantages of private, public and community clouds.

Can you give an example of a hybrid solution?

If we say that hybrid clouds are both public and private clouds, this means that manufacturing organization would already be in the possession of the private cloud that they want to integrate with a public cloud. So there are either on-premises infrastructure, or private cloud that would be integrated with the public cloud infrastructure provided by Cloud Service Provider (CSP). 

Why would manufacturing organization want to look at a hybrid solution? 

One reason a manufacturing organization might want to integrate private with public cloud is because it can be a good interim solution. Your organization might want to end up entirely in the public cloud, but those kinds of things can’t happen overnight. It should be well planned and well-managed so that it goes smoothly and without any interruptions of critical manufacturing services. 

As an interim solution you might integrate some private cloud services with the public cloud, and continue with migration process until the end. The manufacturing organization may want to use private cloud for its mission-critical applications, community cloud for collaboration with business partners, and public cloud for business applications and services. 

The hybrid implementation model is most often found in environments where cloud services provided cover a broad spectrum of the characteristics of privacy, governance and deployment. With hybrid clouds, the manufacturing organization may have some aspects of its technology deployed in private cloud model, other aspects of its operational and business need met in community cloud models, and the most generic of its needs met by use of public cloud services. 

Goran Novkovic, CQA, CSQE, ITIL, APM, PMP, PEng

Goran Novkovic has over 15 years of experience in various regulated industry sectors. His expertise is in industrial control systems (ICS) cybersecurity, control systems engineering, computer systems validation, software security and test management, cloud security and regulatory compliance. Goran has a formal education in Electrical Engineering and Project Management and possesses a master's degree in Information Technology. He has number of professional licenses and designations. He is holder of CQA (Certified Quality Auditor) and CSQE (Certified Software Quality Engineer) certifications with ASQ (American Society for Quality). Goran is certified ITIL, certified Agile Project Manager and Project Management Professional with PMI (Project Management Institute). He is licensed Professional Engineer with PEO (Professional Engineers Ontario). Goran is focused on ICS cybersecurity and he is helping organizations to establish ICS cybersecurity governance and develop effective ICS cybersecurity programs from scratch. E-mail contact:

No comments: