Do wrenches really need to be networked? Honest question
A network-connected wrench can be a component of process improvement or quality improvement.
Imagine network wrench situation:
“Ed, Jim is on door install duty today right? I thought so. The system threw an alarm for his work. The last two doors he’s installed were under-torqued by 50 lbs on each bolt. Head down to production line four where he is, and get him sorted out.”
Imagine non-network wrench situation:
“The FAA has grounded all Boeing 737 Max 9 jets today after a massive decompression event occurred on Alaska Airlines at 16,000 ft. The door plug blew out of the jet at altitude. United Airlines has reported, after inspection, loose bolts the door plug of several of its Boeing 737 Max 9 jets as it continues to inspect every one if its 79 jets in its fleet.”
Do wrenches really need to be networked? Honest question
The moment my wrenches at work need to be connected to WiFi so some bean counting manager can come lecture me about every nut and bolt I work on, is the moment I wheel my tool cart into the woods and setup a shack.
Prior generations likely said the same thing about putting video cameras in service bays. I know I said something similar if my employer ever required my fingerprints (for unskilled work). Yet both are commonplace today.
Also had them in my classrooms as a teacher and it was great. Not only was I able to close a door to help a single student, but it made a great thing to point to whenever kids were acting up! Lol
There’s no such thing as “unskilled work”. I’d no skill was required, why do you need to gave training to do it? Cooking burgers at McDonald’s? You need to know how long the burgers are to be cooked on each side. Stop calling certain jobs “unskilled”.
Yeah, pretending there’s no distinction is just stupid. Even from a leftist theory perspective, MDs don’t face the same struggles or need the same regulatory oversight to protect their rights as burger flippers.
Like, if they’re pissed at the term “unskilled” they’re welcome to propose an alternative but there’s obviously a meaningful difference.
Unskilled is a term bosses use to devalue a workers labor and value.
What is your acceptable term to describe “a level of competence most human beings have that an employer can spend a only a few hours of training with that person that the person will attend a level of acumen they can perform the job function” ?
Okay, how about “a level of competence most human beings have that an employer can spend a only a few hours of training with that person that the person will attend a level of acumen they can perform the job function.” Its kind of wordy, does that help?
So pressing the button on the timer built into the fryer, since the 70’s, is now skilled work?
There’s lots of unskilled work out there. I’ve done lots of it. From digging ditches to fast food to loading trucks and delivering parts.
None of those jobs require more than a few minutes of training, therefore “unskilled”. And fast food today is even more unskilled… Just follow the diagram in front of you. And you don’t make the burgers in fast food, they come in pre-made in boxes, usually frozen, and you load em up on the automatic cooking device (varies by company). I believe Wendy’s still grills their burgers, using a timer and a rotation methodology, so no skill rewuired.
Hell, even being a line cook is unskilled, and that can be a really demanding job from a time management perspective (I’ve been a line cook).
I’ve worked for the top 3 fast food places, a number of smaller restaurants, and a bunch of other jobs. I’ve had somewhere approaching 40 jobs in my life. Lots out there is unskilled.
“The FAA has grounded all Boeing 737 Max 9 jets today after a massive decompression event occurred on Alaska Airlines at 16,000 ft. The door plug blew out of the jet at altitude. United Airlines has reported, after inspection, loose bolts the door plug of several of its Boeing 737 Max 9 jets as it continues to inspect every one if its 79 jets in its fleet.”
What’s the ratio of boeing door decompressions to IoT devices being hacked?
So in other words, a dystopian nightmare where, for the sake of paying as low of wages as possible, corporations would rather use technology to oversee stupid employees instead of actually TRAINING and INCENTIVIZING actually qualified people.
Humans make mistakes with tools like this, and with the tracking systems.
BTDT with stuff completely unrelated but requiring verification and validation steps and initials. Mistakes will happen.
Having a tool that’s configured specifically and can document the torque applied for every bolt makes a lot of sense. I’ve assembled stuff with 30 fasteners and had to check and recheck torque, because, being human, it would be easy for me to miss one, or not read the rorque wrench properly (if using a bar type), or mis-set it if it’s a click type.
Nevermind the time it takes me to verify the value, set/check the tool, etc. It’s clearly about reducing errors with a repetitive task and providing a record of the torque values. The folks using these tools probably really appreciate it, I would, and the stuff I’ve done is trivial in comparison.
The only problem with this system is the lack of planning for proper security. Firmware update able remotely is just silly. Add in the number of vulnerabilities… Sheesh.
OK, remotely updateable could be useful, but it should require a long password and a cryptographic pin (like the old SecurID devices that generated a pin once a minute) that is managed by multiple people, and the devices should only permit updates from a specific piece of hardware on the company network (say a vendor supplied firmware update injector) that has a hardware ID. So when devices are on boarded they get paired with that device and maybe a secondary. So it requires a pairing process that can only be done with physical proximity, combined with device IDs and a password/pin pair that’s cryptographically generated, and managed by a system requiring at least two people to check out the password from the repository.
Hell, I just thought up all this on the spot. I’m sure others did too, and got shot down by management.
Follow up question, could the same metrics be captured without a network connection? An alternative might not be as user friendly as an IoT device, but for the last what decade? It seems like investment in IoT is investment in security vulnerabilities.
I know aerospace ≠ automotive but many years ago I worked in a shop and any time the wheels came off a vehicle the mechanic/tech torqued the lug nuts to spec, then a second person independently verified and re-torqued the lug nuts.
It seems like adding a network connection and all that goes with it also introduces additional points of failure, no?
While a second person would indeed reduce the number of issues, it’s still another human to fuck things up. What if the second person is lazy? Or they get tired of checking every door because “it’s never been off before, why would it be off now?”
Human error caused the issue in the first place, why are we assuming a human will always find and fix the problem on a second pass?
Human error caused the issue in the first place, why are we assuming a human will always find and fix the problem on a second pass?
I’m not sure why you should trust a piece of technology to be infallible.
I mean, if a networked tool can be hacked then should it be trusted to be accurate? How do you know it hasn’t been hacked and maliciously modified to report correct torque even when wrong?
Didn’t GM just suspend sales of their new cars without CarPlay because their new system had software issues? Trust a company trying to save money to skimp on the implementation costs of any technology they put in place too.
It’s not so much the technology as the people running a business that worry me, VW programming emission modes is a great example. Relying on companies to regulate safety is a sure fire way to get corners cut so they can make a cent. The network wrench may be a good idea but only if regulated by the FAA and not the company.
In my experience its more prone to mistakes, because people just accept what computers tell them as infallible unless its something so massively, egregiously wrong that it shatters what little common sense they have… and even then its only 50/50.
Hard to hack a person. Sounds like sacrificing security to save a buck if that’s the only reason, especially considering you’re not just paying for a tool when you network it.
People are actually the easiest to hack. That’s why social engineering is such a huge security risk, why employees have minimum amount of access required to systems, why corporate laptops are so locked down, and why huge phishing assessments are done.
It’s just that we are more accustomed to monitoring people, and it also gives a focus that everyone understands that can take the blame for mistakes.
Sorry, I assumed the context was obvious, but it’s hard to hack a person standing there turning a wrench.
What’s easier to hack? That person standing there turning a wrench or a network connected wrench? Especially considering the points you made; the wrench turner probably has access to less than the network connected wrench.
God, I hope the wrench has access to less of the network than the employee.
It’s an IoT device.
You never trust IoT.
It should be on an isolated vlan dedicated to the wrenches that allows it connect to its storage server, only.
Putting the wrenches on a pvlan would further limit the scope of any breaches to a single wrench.
Any access to the wrench vlan/pvlan should be from a trusted management vlan. Any traversal of the firewall for this access should be logged.
Ultimately, this is a device being used by a company that requires per-bolt certification of torque. You can bet that every part of their process has an equivalent level of scrutiny, including certification of network security/auditing.
In fact, following sensible IoT network security mitigates all of the CVEs listed - because they need the attacker to have network access.
Sure, most of the CVEs are the stupidest “my-first-web-app” level of mistakes (csrf, xss, directory traversal) and shouldn’t exist. But it’s still an IoT device, and should always be treated as a black box of leaky security regardless of the manufacturer.
Best practice ≠ real world application. Based on my 10+ years in IT I’d be very unsurprised to find that the networked wrench has greater access than the person.
The network thing is great until Ed finds out the torque wrench Jim uses doesn’t operate properly because it has been infected with malware for an undetermined period of time.
That said, this is a very niche device. Almost nobody should ever own one for themselves, these are the kind of devices that are provided by the company you work for.
No, don’t you try to come up with some ridiculous scenario to justify this shit.
There is no justification for a fucking network connected wrench.
Its more expense and stupidity to solve a problem that shouldnt exist with proper procedures, and if you arent following proper procedures your wrench being able to update its goddamn fucking facebook page wont make a goddamn difference.
With the added bonus of all the data potentially being compromised, specs modified, torque intentionally wrong, thereby invalidating every certificate.
Remember when skilled workers were competent, had the time to do their jobs properly, and could write shit down?
Skilled workers make mistakes. Give them all the time in the world and they will still make mistakes because they are human. The trick is to give them feedback loops, as short as possible, so they can recognize their mistakes. This should be part of process controls based on risk.
Don’t get me wrong, I would not want to validate this network wrench solution. There is a fairly narrow band where it makes sense to me which would require a fair amount of DFM (design the assembly to have unique bolt heads for each torque setting etc). But when you are making things that people rely on for their life… You have to have layered systems and these are a legitimate layer.
It’s for where bolts have to be tightened to a specific amount, and certified. Faster than writing it down. Faster to track down an error.
As others have pointed out, you’d want every single bolt on your airplane tightened to computer level precision and error control. If some stray cosmic ray strikes the wrench during the tightening process then that’s the universe telling you it’s time to go.
Might be more in addition to it, but usually it’s as part of a fancy inventory system to keep track or who checks in/out what tool. They’ll have GPS sometimes too.
Power tools are expensive and have a tendency to “disappesr”, so on a big enough scale I can see where it’s helpful.
The cordless device, which wirelessly connects to the local network of organizations that use it, allows engineers to tighten bolts and other mechanical fastenings to precise torque levels that are critical for safety and reliability. When fastenings are too loose, they risk causing the device to overheat and start fires. When too tight, threads can fail and result in torques that are too loose. The Nutrunner provides a torque-level indicator display that’s backed by a certification from the Association of German Engineers and adopted by the automotive industry in 1999. The NEXO-OS, the firmware running on devices, can be controlled using a browser-based management interface
Yes, in factories where the tools are programmed to do a job like tightening the bolts for an airplane plug door or your car engine head. The quality assurance gains are enormous (the tool does the job and logs it).
Problems occur when the customer cuts IT security costs or tampers with the tools to increase production rates.
Do wrenches really need to be networked? Honest question
A network-connected wrench can be a component of process improvement or quality improvement.
Imagine network wrench situation:
“Ed, Jim is on door install duty today right? I thought so. The system threw an alarm for his work. The last two doors he’s installed were under-torqued by 50 lbs on each bolt. Head down to production line four where he is, and get him sorted out.”
Imagine non-network wrench situation:
“The FAA has grounded all Boeing 737 Max 9 jets today after a massive decompression event occurred on Alaska Airlines at 16,000 ft. The door plug blew out of the jet at altitude. United Airlines has reported, after inspection, loose bolts the door plug of several of its Boeing 737 Max 9 jets as it continues to inspect every one if its 79 jets in its fleet.”
The moment my wrenches at work need to be connected to WiFi so some bean counting manager can come lecture me about every nut and bolt I work on, is the moment I wheel my tool cart into the woods and setup a shack.
Good thing they’re primarily talking about things such as aircraft, where this level of analness is sort of the bare minimum.
Prior generations likely said the same thing about putting video cameras in service bays. I know I said something similar if my employer ever required my fingerprints (for unskilled work). Yet both are commonplace today.
Those cameras saved my ass more often than not.
Also had them in my classrooms as a teacher and it was great. Not only was I able to close a door to help a single student, but it made a great thing to point to whenever kids were acting up! Lol
There’s no such thing as “unskilled work”. I’d no skill was required, why do you need to gave training to do it? Cooking burgers at McDonald’s? You need to know how long the burgers are to be cooked on each side. Stop calling certain jobs “unskilled”.
There’s a big difference between needing 6+ months of training and needing only a day or two of training.
Yeah, pretending there’s no distinction is just stupid. Even from a leftist theory perspective, MDs don’t face the same struggles or need the same regulatory oversight to protect their rights as burger flippers.
Like, if they’re pissed at the term “unskilled” they’re welcome to propose an alternative but there’s obviously a meaningful difference.
Unskilled is a term bosses use to devalue a workers labor and value.
What is your acceptable term to describe “a level of competence most human beings have that an employer can spend a only a few hours of training with that person that the person will attend a level of acumen they can perform the job function” ?
Bwhahahahaha.
Boy you swallowed the whole thing, didn’t ya?
minutes of training for things like making a burger at McD’s. You just follow the info graphic.
It’s unskilled work, in that it requires no specialized skill.
or 6+ years for certain things…
Okay, how about “a level of competence most human beings have that an employer can spend a only a few hours of training with that person that the person will attend a level of acumen they can perform the job function.” Its kind of wordy, does that help?
Hahahahshsha
So pressing the button on the timer built into the fryer, since the 70’s, is now skilled work?
There’s lots of unskilled work out there. I’ve done lots of it. From digging ditches to fast food to loading trucks and delivering parts.
None of those jobs require more than a few minutes of training, therefore “unskilled”. And fast food today is even more unskilled… Just follow the diagram in front of you. And you don’t make the burgers in fast food, they come in pre-made in boxes, usually frozen, and you load em up on the automatic cooking device (varies by company). I believe Wendy’s still grills their burgers, using a timer and a rotation methodology, so no skill rewuired.
Hell, even being a line cook is unskilled, and that can be a really demanding job from a time management perspective (I’ve been a line cook).
I’ve worked for the top 3 fast food places, a number of smaller restaurants, and a bunch of other jobs. I’ve had somewhere approaching 40 jobs in my life. Lots out there is unskilled.
deleted by creator
What’s the ratio of boeing door decompressions to IoT devices being hacked?
1 to 786
surely we’re in the billions of IoT devices with malware by now right
By the end of its first day, Mirai had infected over 65,000 IoT devices. By its second day, Mirai already accounted for half of all Internet telnet scans observed by our collective set of honeypots, as shown in the figure above. At its peak in November 2016 Mirai had infected over 600,000 IoT devices.
And that’s just 1 botnet out of many.
And 8 years ago, while IoT has grown exponentially
So in other words, a dystopian nightmare where, for the sake of paying as low of wages as possible, corporations would rather use technology to oversee stupid employees instead of actually TRAINING and INCENTIVIZING actually qualified people.
Using technology to overcome human mistakes is happening right now in hundreds of other industries.
Of course, its cheaper.
What began with self-checkout machines will inexorably expand into the more professional realm with tools like AI
The funny thing is, some companies are moving away from self checkouts because of “honest mistakes” by customers.
Humans make mistakes with tools like this, and with the tracking systems.
BTDT with stuff completely unrelated but requiring verification and validation steps and initials. Mistakes will happen.
Having a tool that’s configured specifically and can document the torque applied for every bolt makes a lot of sense. I’ve assembled stuff with 30 fasteners and had to check and recheck torque, because, being human, it would be easy for me to miss one, or not read the rorque wrench properly (if using a bar type), or mis-set it if it’s a click type.
Nevermind the time it takes me to verify the value, set/check the tool, etc. It’s clearly about reducing errors with a repetitive task and providing a record of the torque values. The folks using these tools probably really appreciate it, I would, and the stuff I’ve done is trivial in comparison.
The only problem with this system is the lack of planning for proper security. Firmware update able remotely is just silly. Add in the number of vulnerabilities… Sheesh.
OK, remotely updateable could be useful, but it should require a long password and a cryptographic pin (like the old SecurID devices that generated a pin once a minute) that is managed by multiple people, and the devices should only permit updates from a specific piece of hardware on the company network (say a vendor supplied firmware update injector) that has a hardware ID. So when devices are on boarded they get paired with that device and maybe a secondary. So it requires a pairing process that can only be done with physical proximity, combined with device IDs and a password/pin pair that’s cryptographically generated, and managed by a system requiring at least two people to check out the password from the repository.
Hell, I just thought up all this on the spot. I’m sure others did too, and got shot down by management.
Follow up question, could the same metrics be captured without a network connection? An alternative might not be as user friendly as an IoT device, but for the last what decade? It seems like investment in IoT is investment in security vulnerabilities.
Why not have a two stage torque process?
I know aerospace ≠ automotive but many years ago I worked in a shop and any time the wheels came off a vehicle the mechanic/tech torqued the lug nuts to spec, then a second person independently verified and re-torqued the lug nuts.
It seems like adding a network connection and all that goes with it also introduces additional points of failure, no?
While a second person would indeed reduce the number of issues, it’s still another human to fuck things up. What if the second person is lazy? Or they get tired of checking every door because “it’s never been off before, why would it be off now?”
Human error caused the issue in the first place, why are we assuming a human will always find and fix the problem on a second pass?
I’m not sure why you should trust a piece of technology to be infallible.
I mean, if a networked tool can be hacked then should it be trusted to be accurate? How do you know it hasn’t been hacked and maliciously modified to report correct torque even when wrong?
Didn’t GM just suspend sales of their new cars without CarPlay because their new system had software issues? Trust a company trying to save money to skimp on the implementation costs of any technology they put in place too.
It’s not so much the technology as the people running a business that worry me, VW programming emission modes is a great example. Relying on companies to regulate safety is a sure fire way to get corners cut so they can make a cent. The network wrench may be a good idea but only if regulated by the FAA and not the company.
You are erring dangerously close to the classic “computers don’t make mistakes” argument.
Not at all. A human plus a computer is going to be less prone to mistakes than a human plus a human though.
In my experience its more prone to mistakes, because people just accept what computers tell them as infallible unless its something so massively, egregiously wrong that it shatters what little common sense they have… and even then its only 50/50.
Labor costs are likely the highest input. That solution doubles labor costs for that process.
Hard to hack a person. Sounds like sacrificing security to save a buck if that’s the only reason, especially considering you’re not just paying for a tool when you network it.
People are actually the easiest to hack. That’s why social engineering is such a huge security risk, why employees have minimum amount of access required to systems, why corporate laptops are so locked down, and why huge phishing assessments are done.
It’s just that we are more accustomed to monitoring people, and it also gives a focus that everyone understands that can take the blame for mistakes.
Sorry, I assumed the context was obvious, but it’s hard to hack a person standing there turning a wrench.
What’s easier to hack? That person standing there turning a wrench or a network connected wrench? Especially considering the points you made; the wrench turner probably has access to less than the network connected wrench.
God, I hope the wrench has access to less of the network than the employee.
It’s an IoT device.
You never trust IoT.
It should be on an isolated vlan dedicated to the wrenches that allows it connect to its storage server, only.
Putting the wrenches on a pvlan would further limit the scope of any breaches to a single wrench.
Any access to the wrench vlan/pvlan should be from a trusted management vlan. Any traversal of the firewall for this access should be logged.
Ultimately, this is a device being used by a company that requires per-bolt certification of torque. You can bet that every part of their process has an equivalent level of scrutiny, including certification of network security/auditing.
In fact, following sensible IoT network security mitigates all of the CVEs listed - because they need the attacker to have network access.
Sure, most of the CVEs are the stupidest “my-first-web-app” level of mistakes (csrf, xss, directory traversal) and shouldn’t exist. But it’s still an IoT device, and should always be treated as a black box of leaky security regardless of the manufacturer.
Hahahahahaha!!! Does solarwinds123 sound familiar?
Best practice ≠ real world application. Based on my 10+ years in IT I’d be very unsurprised to find that the networked wrench has greater access than the person.
Nah. Usually the double checking is added onto a list of another person’s tasks with no increase in wages or allocated time! Lol
Also QA, issue tracking, and litigation protection. This includes worker protection.
“Those bolts? We have the record right here from the very wrench that tightened them that shows they were tightened to spec on that plane.”
The network thing is great until Ed finds out the torque wrench Jim uses doesn’t operate properly because it has been infected with malware for an undetermined period of time.
That it’s admittedly a pretty good point.
That said, this is a very niche device. Almost nobody should ever own one for themselves, these are the kind of devices that are provided by the company you work for.
No, don’t you try to come up with some ridiculous scenario to justify this shit.
There is no justification for a fucking network connected wrench.
Its more expense and stupidity to solve a problem that shouldnt exist with proper procedures, and if you arent following proper procedures your wrench being able to update its goddamn fucking facebook page wont make a goddamn difference.
It makes sense for certifying torque specs. Every time the wrench tightens a bolt, it can tell the network and it can be certified.
With the added bonus of all the data potentially being compromised, specs modified, torque intentionally wrong, thereby invalidating every certificate.
Remember when skilled workers were competent, had the time to do their jobs properly, and could write shit down?
Gotta call bullshit here.
Skilled workers make mistakes. Give them all the time in the world and they will still make mistakes because they are human. The trick is to give them feedback loops, as short as possible, so they can recognize their mistakes. This should be part of process controls based on risk.
Don’t get me wrong, I would not want to validate this network wrench solution. There is a fairly narrow band where it makes sense to me which would require a fair amount of DFM (design the assembly to have unique bolt heads for each torque setting etc). But when you are making things that people rely on for their life… You have to have layered systems and these are a legitimate layer.
Not without paying some bitcoin.
That’s actually really clever.
It’s for where bolts have to be tightened to a specific amount, and certified. Faster than writing it down. Faster to track down an error.
As others have pointed out, you’d want every single bolt on your airplane tightened to computer level precision and error control. If some stray cosmic ray strikes the wrench during the tightening process then that’s the universe telling you it’s time to go.
deleted by creator
Might be more in addition to it, but usually it’s as part of a fancy inventory system to keep track or who checks in/out what tool. They’ll have GPS sometimes too.
Power tools are expensive and have a tendency to “disappesr”, so on a big enough scale I can see where it’s helpful.
Interesting ok
Unionized!
Sorry boss, the wrench is on strike again.
Yes, in factories where the tools are programmed to do a job like tightening the bolts for an airplane plug door or your car engine head. The quality assurance gains are enormous (the tool does the job and logs it).
Problems occur when the customer cuts IT security costs or tampers with the tools to increase production rates.
Or connects the tools network to the net.
No.
Innovators always ask whether or not they could rather than if they should smh.
The article provided some great details.
You know, for all the important statistics and so on.
And the server has an AI thingsamabums to calculate your averages and a blockchain score for NFC emeralds!