What struggles do you see between IT and OT?
“There are struggles from IT with OT, and vice versa. Despite the fact that IT people do their job well, they are mainly focused on people and on products that convert data for human interaction: ERP, CRM, you name it. You put your customer order in ERP, ERP processes what has been sold and that often includes an invoice. In other words, data: equals value. In the world of OT, data is in the service of physical manipulation: product operations, etc. Data transforms into movement, which creates a physical product that has value. In other words, the physical product equals value and data serves physical manipulation.”
“You eventually get to the point where the value of data changes from money to supporting production. That’s the point where you have to treat both worlds differently. Where confidentiality is most important with IT, with OT it is availability. Updates in IT can jeopardize the uptime of your machines, for example with virus updates or the customization of Windows services. OT programs can crash there, OT is not designed for the speed with which IT updates Windows updates and viruses. In addition, the failure of OT systems can lead to dangerous situations.”
What is the struggle from OT to IT?
“From the world of OT, you could say that IT has made much faster steps towards professionalization, such as quality standards for software design and CMDB solutions such as ServiceNow. OT has often not yet made that move, you sometimes come across process engineers who know the process and the machine specifications and then started programming applications themselves, sometimes even as a hobby. Without making a clear software design beforehand or logging it into a database. This has created fragmentation in the OT landscape: different applications to connect other applications. That is no longer manageable and if something breaks down you get a domino effect.”
“In summary, you can say that the speed of change within IT is much higher and that OT is still very unknown within IT. OT cannot change as quickly as IT and the OT landscape becomes fragmented as a result, so that you can disrupt the production process with updates. Certainly without good insight into the application and systems landscape, the impact cannot be predicted. OT lacks a holistic approach, it is not viewed as a whole and something different is bought or invented for each solution. We also see that knowledge is often lacking, in IT about OT and OT about IT.”
How do you make IT and OT work together better?
“If you set it up properly, you can coordinate IT and OT. Both have their own needs and associated functionality. For example, if MES functions are performed by ERP from an outsourced data center: the more components between the executive function and your production, the more unreliable the chain. The chain falters, the correct production data does not come in, so you cannot make the right decisions and production stops. As a result, you see a less robust production system with some customers and that they have to deal with unplanned downtime.”
Source: https://www.incibe-cert.es/en/blog/itot-convergence
“On the basis of the model above, you can also separate data flow and dictate how data should flow, which is also important when applying Cyber Security. You sometimes see that a PLC is connected to the same network as office applications. This not only makes your production controllers more vulnerable to hackers and viruses, but you also increase the risk of slowness in your PLC communication (‘latency’). This can be at the expense of the availability of your system.”
“So the data flow also has to run correctly, otherwise the machines could get into trouble. By separating the ‘levels’ in the model, you can better control the data flow. Let OT also determine their own architecture, an IT person builds architecture differently than an OT person. An OT’er looks much more at the availability of the various systems, so that the design is in the service of the availability of the production process.”
Will IT and OT ever integrate?
“Since the advent of the computer and the internet at the beginning of this century, IT and OT have increasingly merged. If you let people with only IT glasses make choices, however, functionalities are not always on the layer where they belong. These choices usually do not benefit the availability or efficiency of the production process.”
“You often see that IT people understand the process up to and including MES and also think that it belongs to IT. Everything underneath is often not their ‘packie an’, and vice versa you see the same with OT’ers. It is therefore important to approach the system holistically, and that is exactly what we do at Greywise. We recognize the differences between IT and OT, and also bridge the two worlds until we have an integrated architecture.”
