Increasing Product Complexity Tests the Limits of Legacy
Systems
Making the Connection: The How-To’s of Connecting Suppliers,
Partners, and Manufacturers
2 Making the Connection: The How-To’s of Connecting Suppliers,
Partners, and Manufacturers
Product complexity has skyrocketed over the last ten years and it
continues to rise as
electronics and software dominate and IOT becomes a reality.
According to Gartner, the
shift in product complexity has resulted in more than 8.4B
connected “things” signing
online in 2017 with 20.4B online by 2020. To conquer product
complexity, manufacturers are
undergoing a digital transformation to develop and market connected
products and remain
competitive.
As companies undergo digital transformation, they are realizing
that their tools and
processes were designed for a simpler, more mechanically focused
era and are unable to
accommodate the demands of modern product development—especially as
more of product
design is outsourced to external suppliers and partners.
This white paper will explore how to improve collaboration between
suppliers, partners, and
manufacturers via Product Innovation Platforms.
3 Making the Connection: The How-To’s of Connecting Suppliers,
Partners, and Manufacturers
THE GROWTH OF OUTSOURCING In the last couple of decades, two major
trends have played out in manufacturing companies
across all discrete manufacturing industries—e.g. automotive,
aerospace, industrial, and
electronics—increasing product complexity and the growing role of
the supply chain in design
and manufacturing. The convergence of these trends has created a
significant challenge
that impacts productivity and operational excellence every
day—design collaboration with
outsourced manufacturing partners.
In the last decade, many products have evolved into software-driven
systems, driven by the
availability of ubiquitous networking, ultra-fast, low cost
processors, cloud processing, and
storage. At the same time, new materials such as composites, and
manufacturing techniques
such as additive, are changing the way the products are designed,
manufactured, and
serviced. Many observers view the trends as being interrelated—the
increase in product
complexity has been enabled and accelerated by the deep expertise
within the supply base.
However, OEMs retain responsibility for the overall
product—requirements, high-level design,
quality, safety, compliance, customer experience, etc. This
mandates that they must be
closely involved in every aspect of the product design—either
undertaking design themselves
or collaborating with suppliers to vet their designs.
According to a recent report published by Supply Chain Management
Review, companies that
outsource manufacturing have realized valuable improvements (see
figure):
• For nearly half (44 percent)
of respondents, operating
margins have grown
seeing earlier new product
introductions
However, the same report also notes that “one continuing challenge
is increased lead times”
but adds that “improved collaboration could help companies manage
to this constraint.”
benefits have accrued from outsourcing, suppliers
and partners have struggled with data sharing,
communication, and alignment for decades. Legacy
systems put into place failed to establish secure,
efficient workflows and, in their absence, home grown
tools and workarounds became the standard way
of working. Today, most design data, drawings, CAD
files, etc. are shared via manual approaches involving
email, FTP, and file sharing services.
These approaches may have been adequate before,
but as product complexity has risen, more of product
design has been outsourced; therefore, the amount
of data shared between suppliers, partners, and
manufacturers has increased exponentially. Using
these manual approaches has resulted in:
• Increased product development costs due to
product quality issues, increased cycle times, and
more scrap parts
that is out of date, or from sourcing sending the
wrong version
To close the disconnect and resolve these costly
issues, manufacturers need to connect disparate
systems internally and develop a secure approach to
sharing data that adheres to security standards.
5 Making the Connection: The How-To’s of Connecting Suppliers,
Partners, and Manufacturers
Step 1: Rethink tools, data, and processes across disciplines
Before data can be shared externally, it’s critical to ensure that
the organization has
internally developed the tools and processes that ensure data is
stored effectively. For
example, this means storing data with appropriate context and
having effective change
management protocols to ensure accuracy.
Organizations with disparate systems and
multiple instances of PLM should rethink
their strategy and implement an enterprise-
wide foundation to connect all producers and
consumers of product lifecycle information.
Product Innovation Platforms provide a unified
environment that allows all users of product
information to collaborate around a single
set of processes and data. Once this type of
environment is established, it becomes possible
to break down the disconnect between suppliers,
partners, and manufacturers.
Step 2: Connect suppliers and partners via a secure, efficient
portal
Once a single environment for data has been achieved, the next step
is to configure a secure
means of sharing the information that is easy to access for
partners and suppliers. Best
practice dictates that all data and files are accessed and created
as normal PLM items, in
conjunction with access restrictions needed to keep sensitive data
and company intellectual
property (IP) secure.
With this approach, partners and suppliers can access data directly
from within PLM,
ensuring that they are receiving up-to-date information.
Manufacturers can also implement
their specific processes and data structures, without imposing
artificial restrictions in the
way data is exchanged.
6 Making the Connection: The How-To’s of Connecting Suppliers,
Partners, and Manufacturers
THE ARAS PLM PLATFORM WITH SECURE EXTERNAL ACCESS Aras offers a
flexible approach for connecting partners, suppliers, and
manufacturers to the
heart of product information: the Product Innovation
Platform.
Secure External Access (SEA) with the Aras PLM Platform connects
external partners to
PLM data, while providing highly secure access controls for IP.
Conceptually, SEA provides
direct data access, with no artificial data packaging, allowing
natural access to data and
processes. To the external user, it appears just as simple as
this:
After appropriate access is granted by the main company’s IT
administration, external users
are able to access items and files, update items and files, and
participate in processes such
as workflow and collaboration.
7 Making the Connection: The How-To’s of Connecting Suppliers,
Partners, and Manufacturers
THREE DIMENSIONS OF FLEXIBILITY To achieve this deceptively simple
data access, Aras offers three dimensions of data control
that support a variety of possible portal architectures, all of
which will satisfy modern IT
requirements. These three dimensions are Data Access, Data
Location, and Client Access.
Each of these represents a specific capability of the Aras PLM
Platform. Experience has
shown that leveraging the advanced capabilities of at least two of
these dimensions
simultaneously provides a satisfactory level of access control.
Think of this as the “belt and
suspenders” approach to controlling IP access from outside your
four walls.
Dimension 1 - Data Access
The Data Access dimension involves the access granted to a user,
based on the user’s
authentication and on controls defined on the data itself. There
are three types of access
control supported by the Aras PLM Platform, which in order of
increasing sophistication are:
Standard permissions, Mandatory Access Control (MAC Policy), and
Domain Access Control
(DAC).
Standard Permissions: The Aras standard permission model is a form
of Role Based Access
Control and sets permissions based on the user’s defined
identities. These permissions
are additive based on the full set of identities (role, groups,
etc.) that apply to the user,
and specify whether actions like Get, Update, and Delete can be
performed by members
of specific identities for a certain state on a certain type of
item (object). While this is
perfectly suitable for most access control within an organization,
it is generally regarded as
insufficient to serve as the basis of external access
control.
8 Making the Connection: The How-To’s of Connecting Suppliers,
Partners, and Manufacturers
Mandatory Access Control: The next level up is known as Mandatory
Access Control or “MAC
Policy.” It is a form of Attribute Based Access Control, and is
commonly used by government
organizations such as the military. The basic premise of MAC Policy
is that the clearance
level of the subject (the user) must meet or exceed the
classification level of the item (object)
being accessed. Of course, this means that items have to be
identified with their classification
level and rules have to be established. Aras provides the
capabilities to do so. Users are
granted access to items only if both the MAC Policy rules and
standard permissions permit.
MAC Policy is one viable option to support external access
control.
Domain Access Control: The most sophisticated
level of access control is known as Domain
Access Control or “DAC.” It is a form of
Relationship Based Access Control, whereby
security can be inferred based on the
relationships of items to other items, rather
than being specified directly as in MAC Policy.
DAC involves the establishment of domains or
“Compartments” which are described using
derived relationship families. The derived
relationship families are defined using Aras
Query Definitions—a powerful technology for
defining all kinds of relationships between items. This approach is
well suited to project-
based work and so is typically best suited to be used for external
access control.
9 Making the Connection: The How-To’s of Connecting Suppliers,
Partners, and Manufacturers
Dimension 2 - Data Location
The Data Location dimension of SEA describes where the data that
the external user
accesses is physically located, either inside or outside your
company’s firewall. The choice
for this dimension tends to be strongly dictated by corporate
policy, and necessarily drives
decisions about the other two dimensions.
Inside the Firewall - Single Database: Data is contained
in a single database inside of the firewall, meaning that
external users are directly accessing your internal Aras
PLM database. This approach can be very powerful, but
the most advanced options of the other two dimensions
should be used to ensure adequate protection.
Outside the Firewall - Multi-Database: This approach involves
setting up a separate Aras
server and database instance in a location outside the firewall,
either in the DMZ (an isolated
network positioned between the
or in the cloud. Data required for
the external users is physically
copied to the Aras server via the
Aras Data Synchronization Service.
This platform service provides
administrator functions to identify, submit, and monitor the data
being synchronized. Note
that this is not a complete “database replication,” but rather a
selected data synch based
on identification of the necessary data. As with DAC, the Aras
Query Definition capability is
employed here to specify complex, relationship-based definitions of
the sets of data to be
shared. Both uni-directional and bi-directional synch are possible.
Uni-directional (from
internal to external server) is perfectly adequate for read-only
portals and is easier to set up,
while bi-directional supports data updates by partners, as well as
process integration using
workflow and collaboration (including Aras Visual Collaboration
view and markup). Many
architecture options are possible with Data Synchronization
Service, depending on the need
to separate partners from each other, rather than from the internal
server. For example, you
can have one Aras server and one database, one server and multiple
databases (one for each
partner), or multiple servers each with multiple databases.
10 Making the Connection: The How-To’s of Connecting Suppliers,
Partners, and Manufacturers
Dimension 3 - Client Access
clients are predominantly used, although other types
are possible, including mobile clients and authoring
tool connectors such as CAD Connectors. The types
described here are intended for general-purpose
access to PLM data.
client, suppliers and partners can make use of full
functionality within Aras, including access to all Aras
item types (including those with complex editors such
as Tech Docs and Quality Planning) and web-based
file viewing, markup, and collaboration provided by
Visual Collaboration. This approach is simplest to
implement, however due to the inherent openness of
AML communication (Aras’ XML syntax), this option
is not recommended for use if the “Single Database”
approach for Data Location is chosen—that is if
external users are coming in through your firewall.
Web Services Portal Client: This alternative provides partners
access for simple browsing,
searching, and downloading/uploading of files. By using a web
service for communication
across the firewall instead of AML, additional filtering is
provided such that no unintended
data can be accessed. Overall, this results in a more secure option
for client access, with
another benefit being the ability to provide a simpler user
experience for those cases where
the full Aras web client is not necessary.
By combining these three dimensions, a wide variety of
architectures can be supported for
Extended Enterprise Access. Aras can work with your organization to
find the best fit for you.
Below are some specific examples already in place at a few of Aras’
leading customers.
11 Making the Connection: The How-To’s of Connecting Suppliers,
Partners, and Manufacturers
PRACTICAL CONFIGURATIONS USING SECURE EXTERNAL ACCESS An American
multinational technology company
leverages the Aras PLM Platform with Secure
External Access to share data with suppliers and
partners. They configured their solution using:
• Data Access: Domain Access Control (DAC)
• Data Location: Single Database
A multinational corporation in Japan, manufacturing heavy equipment
and aerospace and
defense equipment, configured Secure External Access to work with
partners with:
• Data Access: Domain Access Control (DAC)
• Data Location: Synchronized Multi-Database
The external server configuration is
one server with multiple databases.
Synchronization is initially uni-
directional but moving to bi-directional
in the Phase 2 implementation.
12 Making the Connection: The How-To’s of Connecting Suppliers,
Partners, and Manufacturers
A BETTER WAY TO PARTNER The Aras PLM Platform provides a unified
environment that allows all users of product
information to collaborate around a single set of processes and
data. With a Platform
approach, manufacturers can trust that data is up-to-date and
maintained in context,
ensuring partners and suppliers receive accurate data. With Secure
External Access using
the Aras PLM Platform, manufacturers can create a secure means of
transferring this data
while adhering to their unique IT requirements.
For more information, we encourage you to contact us at
www.aras.com.
competitive edge. Aras’ open, flexible, scalable, and upgradeable
PLM
platform and applications connect users in all disciplines and
functions
to critical product information and processes across the
extended
enterprise. Aras customers include Airbus, BAE Systems, GE,
GM,
Hitachi, Honda, Kawasaki Heavy Industries, and Microsoft.
Download Aras Innovator today.
978.691.8900 |
[email protected] | www.aras.com
© 2018 Aras. All rights reserved. This document is for
informational purposes only. Aras and Aras Innovator are either
registered trademarks or trademarks of Aras Corporation in the
United States and/or other countries. The names of actual companies
and products mentioned herein may be the trademarks of their
respective owners. REQ-0152-1810