IT and OT in the industry: Ensure separation & collaboration
“OT’ers know very well how to program a machine, but don’t know how to configure the platform to host it, for example. On the other hand, IT professionals often do not realize how changes to the platform will affect Operational Technology.”
Sander Koelewijn, as a Business Consultant at Greywise, regularly detects the differences between IT and OT: “I see that customers often struggle with the fusion of IT and OT. I help them to separate IT and OT again and to bridge the gap in the data need in the right way.”
What struggles do you see between IT and OT?
“There are struggles from IT with OT, and vice versa. Despite the fact that IT people do their job well, they are mainly focused on people and on products that convert data for human interaction: ERP, CRM, you name it. You put your customer order in ERP, ERP processes what has been sold and that often includes an invoice. In other words, data: equals value. In the world of OT, data is in the service of physical manipulation: product operations, etc. Data transforms into movement, which creates a physical product that has value. In other words, the physical product equals value and data serves physical manipulation.”
“You eventually get to the point where the value of data changes from money to supporting production. That’s the point where you have to treat both worlds differently. Where confidentiality is most important with IT, with OT it is availability. Updates in IT can jeopardize the uptime of your machines, for example with virus updates or the customization of Windows services. OT programs can crash there, OT is not designed for the speed with which IT updates Windows updates and viruses. In addition, the failure of OT systems can lead to dangerous situations.”
What is the struggle from OT to IT?
“From the world of OT, you could say that IT has made much faster steps towards professionalization, such as quality standards for software design and CMDB solutions such as ServiceNow. OT has often not yet made that move, you sometimes come across process engineers who know the process and the machine specifications and then started programming applications themselves, sometimes even as a hobby. Without making a clear software design beforehand or logging it into a database. This has created fragmentation in the OT landscape: different applications to connect other applications. That is no longer manageable and if something breaks down you get a domino effect.”
“In summary, you can say that the speed of change within IT is much higher and that OT is still very unknown within IT. OT cannot change as quickly as IT and the OT landscape becomes fragmented as a result, so that you can disrupt the production process with updates. Certainly without good insight into the application and systems landscape, the impact cannot be predicted. OT lacks a holistic approach, it is not viewed as a whole and something different is bought or invented for each solution. We also see that knowledge is often lacking, in IT about OT and OT about IT.”
How do you make IT and OT work together better?
“If you set it up properly, you can coordinate IT and OT. Both have their own needs and associated functionality. For example, if MES functions are performed by ERP from an outsourced data center: the more components between the executive function and your production, the more unreliable the chain. The chain falters, the correct production data does not come in, so you cannot make the right decisions and production stops. As a result, you see a less robust production system with some customers and that they have to deal with unplanned downtime.”
“On the basis of the model above, you can also separate data flow and dictate how data should flow, which is also important when applying Cyber Security. You sometimes see that a PLC is connected to the same network as office applications. This not only makes your production controllers more vulnerable to hackers and viruses, but you also increase the risk of slowness in your PLC communication (‘latency’). This can be at the expense of the availability of your system.”
“So the data flow also has to run correctly, otherwise the machines could get into trouble. By separating the ‘levels’ in the model, you can better control the data flow. Let OT also determine their own architecture, an IT person builds architecture differently than an OT person. An OT’er looks much more at the availability of the various systems, so that the design is in the service of the availability of the production process.”
Will IT and OT ever integrate?
“Since the advent of the computer and the internet at the beginning of this century, IT and OT have increasingly merged. If you let people with only IT glasses make choices, however, functionalities are not always on the layer where they belong. These choices usually do not benefit the availability or efficiency of the production process.”
“You often see that IT people understand the process up to and including MES and also think that it belongs to IT. Everything underneath is often not their ‘packie an’, and vice versa you see the same with OT’ers. It is therefore important to approach the system holistically, and that is exactly what we do at Greywise. We recognize the differences between IT and OT, and also bridge the two worlds until we have an integrated architecture.”
About Sander Koelewijn
Sander has more than 15 years of experience in the OT domain. He started as a programmer of PLC, SCADA and DCS systems in various industries. From there he moved on to the design and realization. Sander has experience with various industrial networks and integration with systems such as ERP and MES.
As an independent consultant, Sander supports its clients in the design, selection and implementation of process control systems. These are of course integrated into the total OT application landscape, which also includes MES and Historian. Where necessary, Sander also helps with setting up the OT organization at the customer.
Do you have a particular challenge that you would like to discuss with Sander?
The importance of good management processes for Manufacturing Execution Systems, or MES for short, is often underestimated. I've seen several situations where that led to problems. In a MES project a few years ago, I...
The difference between IT and OT is best explained with different levels of automation. The IT and OT domains each span different levels and have their own focus areas and priorities. The different levels of...
Pharmaceutical companies are required to maintain batch records so that authorities can confirm proper procedures are being followed. Modern Electronic Batch Records (EBR) can help with this and help companies comply with FDA regulations. An...