Traditionally, even within the same enterprise, operational technology (OT) and information technology (IT) represented separate domains with different components, objectives, characteristics, management practices, challenges, and organizational and reporting structures. While OT typically focused on the safe operation and control of physical devices and processes, IT typically focuses on data, information, information management, and communications. ITOT convergence is being seen and felt in companies across the world.
Today, we’re seeing a dramatic convergence of the two domains, particularly within the industrial, infrastructure, and smart cities spaces. This trend is disrupting traditional processes, approaches, and business models, leading to more effective use of technology and both human and physical assets.
As we’ll see, IT/OT convergence helps:
Reduce both capital and operational expenses through application of generally lower cost and readily supportable consumer/commercial technologies in industrial applications. However, in some cases, the additional expense incurred to bring consumer off-the-shelf (COTS) technology up to “industrial grade” for critical applications could potentially dilute these savings to a significant degree
Support application scalability both within individual plants/facilities and across enterprises
Leverage connectivity, Big Data, and advanced analytics to optimize operations management, asset management, and supply chain management
Combine the advanced computing capabilities, high performance, and networking acumen of general-purpose IT with the robustness and embedded “mission-awareness” of dedicated OT
Improve collaboration to align operations with the business
Operational Technology (OT)
In the past, most operational technology (OT) tended to be built for purpose and often proprietary to the technology supplier. This applied to operational technology for both factories and other discrete product manufacturing plants as well as to continuous process plants. Interoperability with other OT suppliers’ devices or systems was rarely a major consideration, much less with devices, systems, or networks outside the OT realm. Interoperability challenges were overcome as needed by either creating custom software drivers, through the efforts of industry organizations that focused on interoperability such as the OPC Foundation, or industrial networking technologies such as Modbus, ODVA, Profibus, Profinet, CC-Link, etc. One positive side to this is that, until recently at least, its closed nature, limited interoperability, and general obscurity reduced the vulnerability of OT to external intrusion by unauthorized parties; a critical concern in many industries and across infrastructure.
To this day, with just a few exceptions, most OT devices, controllers, I/O, fieldbuses, HMI and application software intended for the industrial plant floor or field environments tend to be both proprietary to the technology supplier and designed, built, and implemented to meet specific industrial or other application-specific requirements. These typically relate to performance, fault-tolerance, and reliability, and/or power supply and quality; environmental conditions (temperature, moisture, dust, corrosives, etc.); and safety. The latter is particularly important in industrial environments that are explosive or otherwise hazardous to humans, physical assets, and the surrounding communities. These specialized requirements, combined with the relative low volumes involved, typically make OT significantly more expensive than equivalent products designed for commercial or consumer markets. Also, unlike most IT, OT components typically have relatively long lifespans, often measured in decades. This leads to both technology obsolescence and migration issues.
So, while most current OT typically excels at performing the specific tasks it was designed to perform, it also has some clear limitations, particularly related to interoperability, obsolescence, data processing, and large-scale information management. These limitations have come to the forefront in recent years, leading to government initiatives such as Industrie 4.0 and end user initiatives such as NAMUR Open Automation, and the Open Process Automation initiative spearheaded by ExxonMobil.
The inherent limitations of OT, combined with dramatic advances in (generally lower-cost) information technology (IT), has led to increasing acceptance of general-purpose IT in industrial plants. This applies to even some highly critical industrial applications.
Information Technology (IT)
Other than some proprietary and/or purpose-built information technology (IT) commercialized in the earlier years, most IT tends to be more open, interoperable, and multi-purpose than OT. Most IT today can also be readily configured or otherwise adapted for multiple applications. This generalization applies to modern operating systems, computing hardware, networks, and application software. And since there’s a much larger user base for most commercial off-the-shelf (COTS) IT components, the economies of scale typically result in much lower costs than corresponding OT. In just two examples, consider the price discrepancies between commercial and industrial sensors, and between commercial PCs and hardened industrial PCs or workstations.
Until recently, IT was associated almost exclusively with business, commercial, and consumer applications such as enterprise resource planning, human resources, supply chain management, customer relationship management, enterprise asset management, product lifecycle management, telecommunications, and consumer electronics. As we’ll see, this too is changing, and with increasing velocity.
ITOT Convergence Accelerating at a Rapid Rate
Recognizing that the inherent limitations of conventional OT were not up to the business and regulatory challenges facing their industrial customers, beginning in the late 1980s, several leading automation suppliers started making selective use of commercial IT in their industrial OT systems. The goal here, of course, is to ensure that both work together seamlessly to add value and in a manner that is transparent to applications and users.
Just a few examples include Ethernet-based networking using a variety of different protocols (to reduce network latency and increase the distances supported); Unix- and then Window-based workstations (to improve visualization and performance); lower-cost, commercial real-time operating systems for controllers; and more powerful, compact, and generally lower cost COTS microprocessors.
In almost all cases, these commercial IT components had to be “industrialized” in some manner. And often, the IT had to be cleverly renamed to mask its origin. At least one well-known automation company, for example, referred to its redundant/fault-tolerant Ethernet-based control network as a “serial backplane.” And it’s widely known that PLCs (programmable logic controllers), industrial, real-time computing devices introduced in 1968, were so-named so that they would fall under the OT rather than IT domain within industrial organizations. Automation suppliers embraced commercial standards such as XML to digitize data and make it transportable across industrial applications and systems. A handful of automation suppliers also explored the potential of object-oriented data management approaches for industrial applications. Also relatively early on, Microsoft worked with automation suppliers to develop and commercialize the first-generation OPC (OLE for Process Control) standards in 1996 (COM/DCOM) to support “plug-and-play” data transfer between industrial devices on the plant floor and Windows-based industrial HMI/SCADA software applications. That was known as OPC DA version 1.0. Today, the OPC Foundation is promoting its latest standard, OPC Unified Architecture, or OPC UA as a platform for the Industrial IoT.
Initially, cultural, organizational, operational, and technological constraints slowed the convergence of OT and IT for plant- and field-level automation. But over time, many of these constraints have either faded away or largely been overcome and IT/OT convergence is proceeding at a rapid pace. Examples in place today include:
Wireless field devices and plant networks
Virtualized hardware and applications
Cloud computing, software-as-a-service (SaaS), and product-as-a-service (PaaS)
Advanced simulation and digital twins
3D scanning and additive manufacturing
IIoT-enabled remote asset monitoring
Predictive/prescriptive maintenance, and
Advanced operational analytics
The above are just some of today’s advanced technologies and solutions being deployed in industrial environments. None would be possible without the convergence of operational and information technologies. In addition, IT/OT convergence is a key enabler for important industrial initiatives such as Industrie 4.0, NAMUR Open Automation, and Open Process Automation (OPA).
By unifying the previously separate IT and OT domains into a common data, application, and technology environment, IT/OT convergence also plays a key enabling role in the overall digital transformation that will be a prerequisite for industrial (and other) organizations to thrive and remain competitive in the years to come.
But challenges remain…
While many technical barriers have been overcome, the convergence of operational and information technology across industry and infrastructure is not yet complete. (This not necessarily a bad thing, since it’s likely that there will always be a handful of plant- and field-level applications that don’t lend themselves to IT solutions.) Organizational, technical, and human challenges remain.
From an organizational perspective, IT and OT groups traditionally have had different reporting structures and objectives. IT groups traditionally report to an organization’s chief information officer (CIO) and OT groups to the Chief Operating Officer (COO). Traditionally, the primary objective for the IT group was to maintain data integrity and data flow across the organization. This differs from the primary objective of the OT group of ensuring production availability and safety, which often entails keeping industrial processes running 24 hours per day, 365 days per year…with only infrequent and widely spaced scheduled production shutdowns to perform maintenance, modifications, and/or upgrades.
A good part of the problem is that, until recently, most IT personnel had little if any understanding of what happens on the plant floor; and – at best – only a handful of control or plant engineers from the OT side of the organization had any understanding of or appreciation for what the corporate IT group did. This frequently resulted in “ownership” issues, functional siloes, and mis-communication and led to a number of well-known procedural mismatches between the two groups. These include the impracticality of frequently restarting computers to install the latest anti-virus patches or software updates on the systems that monitor and control industrial processes, reinstalling the operating system to clear malicious software, or frequent scanning of already bandwidth-constrained industrial networks to monitor network performance. While these are common practices in the IT world, such practices are simply not acceptable in industrial plant operations.
Organizational and procedural challenges such as these are gradually being resolved through closer cooperation between the two groups. This begins with establishing a “shared vision” between the two constituencies, leading to assignment of experts from the IT group to work directly with enterprise- or even plant-level OT groups and vice versa. Although far less common, there are also examples of assignment of operations personnel to the IT function to help develop the needed skills.
In some cases, government regulations are also helping drive increased organizational convergence. For example, the Federal Energy Regulatory Commission (FERC) in the US requires IT and OT staffs in this industry to work together to manage cyber and other risks collaboratively.
The increased connectivity and interoperability that comes with connecting plant- and field-level OT systems, networks, and applications to enterprise IT greatly increases the cybersecurity attack surface. This, in turn, increases the risk that hackers, cyber-criminals, or even malevolent nation states could access sensitive data and information or, even worse, make unauthorized changes to the control systems that monitor and control critical infrastructure and industrial operations such as power generation, transmission, and distribution; rail networks; municipal water works; refineries and petrochemical plants; and oil and gas pipelines.
While some current IT solutions may have been designed with cybersecurity in mind, this was not often the case for OT. Legacy OT in particular was designed and implemented before cybersecurity was even a concern. As a result, rather than being “baked in,” cybersecurity must be patched onto or layered over OT systems and applications. The good news here is that as legacy OT is gradually being replaced by current, “IT-infused” solutions, the principal of “secure by design” is being extended into the operational domain. Industry standards such as ISO 27001 and IEC 62443 are helping address these requirements. Clearly, this remains a work in progress, but a promising one.
Across industry and infrastructure, we’re seeing a crisis in human resources. While, in the past, innate intelligence, being “good with your hands,” and a strong work ethic were frequently all it took to get a good job and perform well in industry or infrastructure; this is no longer the case. In a converged IT/OT industrial environment, new skillsets are required, and these don’t necessarily come easily and often can’t be developed quickly.
The highly experienced Baby Boomers who understand industrial processes, operations, and operational technology have either been laid off during recent (and largely ill-advised) cost-saving initiatives or are retiring from the workforce at an alarming rate. At the same time, the younger generation of Millennials, many who have grown up with and are intimately familiar with much commercial IT, frequently don’t perceive industry as an attractive place to work and, even if they did, lack industrial experience. Compounding this problem, the technical schools and universities that could help fill this skills gap are just beginning to gear up to provide the appropriate knowledge and training. Clearly, industry alone can’t solve this problem. It will require close collaboration between industry, academia, and government.
While there’s certainly no shortage of models and standards in both the IT and OT worlds, there’s currently not a lot of “cross-pollination” between these. Most IT models and challenges apply mostly to IT, and most OT models and standards apply to OT. But this is changing and there are some notable exceptions.
The Perdue Reference Model identifies the various functions within an industrial enterprise, organizes these into hierarchical layers, and attempts to define the interfaces between them. New models are emerging that reflect today’s more converged environment.
For example, the familiar (but non-prescriptive), ISA 95 Enterprise-Control System Integration standard is based on the Perdue Reference Model for CIM (computer-integrated manufacturing) developed back in the 1990s. The Perdue Model identifies the various functions within an industrial enterprise, organizes these into hierarchical layers, and attempts to define the interfaces between them. Back then, the concern was how to integrate (rather than converge) the IT and OT domains to enable a degree of interoperability to improve manufacturing (and thus business) performance. As explained on the ISA95 web page, “The interface initially considered is the interface between levels 3 [Manufacturing Operations & Control] and 4 [Business Planning & Logistics] of that model. Additional interfaces will be considered, as appropriate. The goal is to reduce the risk, cost, and errors associated with implementing these interfaces. The standard must define information exchange that is robust, safe, and cost effective. The exchange mechanism must preserve the integrity of each system's information and span of control."
Today, with the increasing convergence of IT and OT, and the new business models made possible by new manufacturing approaches such as Industrie 4.0, NAMUR, Open Automation, and the Industrial Internet of Things, these hierarchical models are becoming noticeably flatter and new data/interoperability interfaces - such as OPC UA - are emerging.
The Industrial IoT (IIoT) has emerged as a focal point for IT/OT convergence and the Industrial Internet Consortium (IIC) has been working hard to develop both a practical reference architecture and real-world testbeds to accelerate growth and promote best practices in this area.
IT/OT Convergence and Digital Transformation
According to Andy Chatha, ARC’s president and founder, “We’re seeing signs of positive disruption via digital transformation everywhere we look. Today’s smart, connected, information-driven industrial enterprises are making better use of their assets and data to improve business and regulatory performance. We’re seeing a similar transformation across infrastructure and within municipalities.”
The ongoing convergence between the previously separate information technology and operational technology domains supports this positive disruption.