network-connected wrenches
Do wrenches really need to be networked? Honest question
Do wrenches really need to be networked? Honest question
A network-connected wrench can be a component of process improvement or quality improvement.
Imagine network wrench situation:
“Ed, Jim is on door install duty today right? I thought so. The system threw an alarm for his work. The last two doors he’s installed were under-torqued by 50 lbs on each bolt. Head down to production line four where he is, and get him sorted out.”
Imagine non-network wrench situation:
“The FAA has grounded all Boeing 737 Max 9 jets today after a massive decompression event occurred on Alaska Airlines at 16,000 ft. The door plug blew out of the jet at altitude. United Airlines has reported, after inspection, loose bolts the door plug of several of its Boeing 737 Max 9 jets as it continues to inspect every one if its 79 jets in its fleet.”
Do wrenches really need to be networked? Honest question
The moment my wrenches at work need to be connected to WiFi so some bean counting manager can come lecture me about every nut and bolt I work on, is the moment I wheel my tool cart into the woods and setup a shack.
Good thing they’re primarily talking about things such as aircraft, where this level of analness is sort of the bare minimum.
Prior generations likely said the same thing about putting video cameras in service bays. I know I said something similar if my employer ever required my fingerprints (for unskilled work). Yet both are commonplace today.
So in other words, a dystopian nightmare where, for the sake of paying as low of wages as possible, corporations would rather use technology to oversee stupid employees instead of actually TRAINING and INCENTIVIZING actually qualified people.
Using technology to overcome human mistakes is happening right now in hundreds of other industries.
corporations would rather use technology to oversee stupid employees instead of actually TRAINING and INCENTIVIZING actually qualified people.
Of course, its cheaper.
What began with self-checkout machines will inexorably expand into the more professional realm with tools like AI
The funny thing is, some companies are moving away from self checkouts because of “honest mistakes” by customers.
Why not have a two stage torque process?
I know aerospace ≠ automotive but many years ago I worked in a shop and any time the wheels came off a vehicle the mechanic/tech torqued the lug nuts to spec, then a second person independently verified and re-torqued the lug nuts.
It seems like adding a network connection and all that goes with it also introduces additional points of failure, no?
then a second person independently verified and re-torqued the lug nuts.
Labor costs are likely the highest input. That solution doubles labor costs for that process.
Hard to hack a person. Sounds like sacrificing security to save a buck if that’s the only reason, especially considering you’re not just paying for a tool when you network it.
While a second person would indeed reduce the number of issues, it’s still another human to fuck things up. What if the second person is lazy? Or they get tired of checking every door because “it’s never been off before, why would it be off now?”
Human error caused the issue in the first place, why are we assuming a human will always find and fix the problem on a second pass?
Human error caused the issue in the first place, why are we assuming a human will always find and fix the problem on a second pass?
I’m not sure why you should trust a piece of technology to be infallible.
I mean, if a networked tool can be hacked then should it be trusted to be accurate? How do you know it hasn’t been hacked and maliciously modified to report correct torque even when wrong?
Didn’t GM just suspend sales of their new cars without CarPlay because their new system had software issues? Trust a company trying to save money to skimp on the implementation costs of any technology they put in place too.
Imagine non-network wrench situation:
“The FAA has grounded all Boeing 737 Max 9 jets today after a massive decompression event occurred on Alaska Airlines at 16,000 ft. The door plug blew out of the jet at altitude. United Airlines has reported, after inspection, loose bolts the door plug of several of its Boeing 737 Max 9 jets as it continues to inspect every one if its 79 jets in its fleet.”
What’s the ratio of boeing door decompressions to IoT devices being hacked?
It makes sense for certifying torque specs. Every time the wrench tightens a bolt, it can tell the network and it can be certified.
With the added bonus of all the data potentially being compromised, specs modified, torque intentionally wrong, thereby invalidating every certificate.
Remember when skilled workers were competent, had the time to do their jobs properly, and could write shit down?
Gotta call bullshit here.
Skilled workers make mistakes. Give them all the time in the world and they will still make mistakes because they are human. The trick is to give them feedback loops, as short as possible, so they can recognize their mistakes. This should be part of process controls based on risk.
Don’t get me wrong, I would not want to validate this network wrench solution. There is a fairly narrow band where it makes sense to me which would require a fair amount of DFM (design the assembly to have unique bolt heads for each torque setting etc). But when you are making things that people rely on for their life… You have to have layered systems and these are a legitimate layer.
it can tell the network and it can certified
Not without paying some bitcoin.
That’s actually really clever.
Might be more in addition to it, but usually it’s as part of a fancy inventory system to keep track or who checks in/out what tool. They’ll have GPS sometimes too.
Power tools are expensive and have a tendency to “disappesr”, so on a big enough scale I can see where it’s helpful.
The cordless device, which wirelessly connects to the local network of organizations that use it, allows engineers to tighten bolts and other mechanical fastenings to precise torque levels that are critical for safety and reliability. When fastenings are too loose, they risk causing the device to overheat and start fires. When too tight, threads can fail and result in torques that are too loose. The Nutrunner provides a torque-level indicator display that’s backed by a certification from the Association of German Engineers and adopted by the automotive industry in 1999. The NEXO-OS, the firmware running on devices, can be controlled using a browser-based management interface
Interesting ok
Unionized!
Sorry boss, the wrench is on strike again.
Innovators always ask whether or not they could rather than if they should smh.
You know, for all the important statistics and so on.
And the server has an AI thingsamabums to calculate your averages!
I’m just here because I can’t fucking believe it’s named “Nutrunner.”
Must be an oblique cyberpunk reference. Whatever it is, it’s fucking ridiculous.
I will twist your nuts so fuckin hard
After a firmware update of course
And after paying the 0.1 BTC ransom
Get screwed choom
I refuse to believe there’s much sensitive data on a wrench, but I am curious… Would it be faster to pay the ransom to get the wrench unlocked, or to reflash it?
The fact that they could manipulate the tightness and display output so that it could leave the bolts loose while saying that they aren’t, seems like a bigger problem.
Maybe the ransom was designed to be ongoing. I.e. as soon as you factory reset the wrench, it gets hit again with the same message, and you’d have to find some other part of the network that was messing them up.
Well, yes. There would be a root infection point outside of the wrenches themselves. The entire network would likely need to be inspected before you’d just reflash and move along like everything was better.
Why the fuck does someone need a wrench connected to the internet in the first place?
I went appliance shopping recently and the salesman tried to get me on board with a WiFi connected fridge, his sales pitch was that I’ll get a push notification on my phone when the air or water filter need to be changed, and there’s a camera so if I’m at the store and I can’t remember if I need to buy milk, I can open the camera app and view the inside of my fridge and see my milk level. GTFO, not everything needs to have an app or internet service.
It might measure resistance in a specific way, tell the conveyor belt to move on once a certain parameter happens… I have no idea, but these wrenches are clearly made for manufacturing and not individuals
You could read the article and find out.
Modern fridges need filter changed? Our old one just runs.
If you’re too lazy to read the article:
For normal consumers, it is absolutely a useless and stupid feature.
For safety-critical assembly line and maintenance applications, having the torque wrench networked enables a high degree of auditability. A highly pertinent current example would be the 737 MAX9 fuselage plug issues - if this device were incorporated into production and maintenance processes, it could enable manufacturing and maintenance audits down to the precise torque value used for each fastener, which likely could have prevented the issue entirely. Or… considering the timing, maybe they were being used, and the wrenches were compromised.
Not too lazy to read the article, I think its a stupid feature. For decades industries have managed with high skill employees and manual torque wrenches. Somehow logging torque specs in a data base is going to solve problems or being able to remotely access said data base to make sure the tourque setting is correct? How about hire competent people with the right skills and give them the time they need to do a good job. How about having floor supervisors that actually know, and have done the job they’re overseeing to regularly check the torque specs. Boeing QC and safety has been on a downhill slide for decades, right around the time that the merger with McDonnell Douglas happened.
Right, if your factory is dependant on robotic wrenches for manufacturing, wouldn’t you have that backed up? You probably don’t only have one wrench with the code.
You’d be surprised how often critical tools don’t have backups.
More than once I’ve been to sites where the software needed to service a critical piece of equipment only existed on a single 15+ year old banged up laptop, or a 40+ year old PLC handling a critical part of a production line couldn’t be turned off because there was a risk that it wouldn’t be able to turn back on, and it was EOL’ed over a decade ago but they still hadn’t ported the program to a newer platform.
It has your location data for the Find My Device app and we both know your wife would love to see where you screwed during lunch break
What manufacturer allows you to reflash equipment?
I’m just speculating here, but because we’re talking about stock firmware and nothing third party, probably many. Maybe not.
The fact that it was able to be flashed with ransomware over the network to begin with, insinuated that flashing is a feature on these devices.
I would hate to submit a report to a federal agency that said, “we paid the hackers and they said we could use our equipment again.” Wrenches would be trash after this, (maybe send the back to the factory and ask them to recert them).
Here is more about the vulnerability from the people who found it. I looked up these wrenches and they cost roughly $9,000. Imagine your factory uses 100 of them to certify torque specs on X number of cars per day. Now imagine finding out they’ve been compsomised. What do you even do? I’m glad I don’t work in that field.
https://www.nozominetworks.com/blog/vulnerabilities-on-bosch-rexroth-nutrunners
I was today years old when I learned that networked wrenches were a thing.
Call me Adama, my wrenches will remain un-networked.
This is the best summary I could come up with:
Researchers have unearthed nearly two dozen vulnerabilities that could allow hackers to sabotage or disable a popular line of network-connected wrenches that factories around the world use to assemble sensitive instruments and devices.
The vulnerabilities, reported Tuesday by researchers from security firm Nozomi, reside in the Bosch Rexroth Handheld Nutrunner NXA015S-36V-B.
The cordless device, which wirelessly connects to the local network of organizations that use it, allows engineers to tighten bolts and other mechanical fastenings to precise torque levels that are critical for safety and reliability.
The Nutrunner provides a torque-level indicator display that’s backed by a certification from the Association of German Engineers and adopted by the automotive industry in 1999.
The malware could then be used to disable entire fleets of the devices or to cause them to tighten fastenings too loosely or tightly while the display continues to indicate the critical settings are still properly in place.
The vulnerabilities found on the Bosch Rexroth NXA015S-36V-B allow an unauthenticated attacker who is able to send network packets to the target device to obtain remote execution of arbitrary code (RCE) with root privileges, completely compromising it.
The original article contains 344 words, the summary contains 187 words. Saved 46%. I’m a bot and I’m open source!
With root privilleges? These things are running a full fat operating system? On a wrench too, what? Not even 3D printers run a full OS 🤦♂️
WHY IS THERE NETWORK CONNECTED WRENCHES?!
ITS A FUCKING WRENCH!
IT DOESNT NEED THE NETWORK!
WHY THE FUCK DO THEY PUT NETWORK CONNECTIVITY IN THIS SHIT THAT DOES NOT, IN ANY CONCEIVABLE FASHION, NEED IT!?!
I swear to god one of these days my head is literally going to explode in thermonuclear ball of rage over the absolute stupidity of this shit.
Auto torquing wrenches that connect to a network to know exactly how much torque to apply to a bolt or screw that can be updated on the fly to fix issues or change spec without much effort. They’re pretty common in manufacturing.
Heh… Kinda funny that by making them idiot proof, they’ve opened up vulnerability to someone who isn’t an idiot.
How do I train to be an IT wrench administrator?
