By: Oliver Horn, Senior Solutions Architect - Alliances at Red Hat
The Internet of Things (IoT) will make Operational Technology (OT) – and hence the hardware and embedded software for monitoring and controlling physical devices, processes, and events – fit for the future. It has the potential to fundamentally transform almost every industry, whether production, energy supply and distribution, transport and haulage, or healthcare. The networked sensors, measuring devices, and actuators monitor and control the status of resources and machines.
For historical reasons, IT and OT still remain separate
Most IT companies still treat IT (Information Technology) and OT as separate areas and develop, maintain, and use the two for different purposes:
The CIO is responsible for general company applications, such as ERP, CRM, and BI solutions.
The operations or production manager is in charge of production control and other special applications, such as Manufacturing Execution Systems (MES), Energy Management Systems (EMS), and Supervisory Control and Data Acquisition Systems (SCADA).
IT and OT solutions emerge independently of each other over time. They solve different problems and use different system architectures and communication protocols. For example, IT systems were developed to connect applications and enable data sharing, and they generally use an open, standards-based architecture. Operational control systems, on the other hand, are devised as standalone systems and were not originally designed for connection to the outside world or for external access; OT systems are frequently self-contained and proprietary.
Interlinking OT and IT systems
Department managers and IT architects see the IoT as a catalyst for change. They want to deploy standards-based operational control systems as an important component of IoT projects, thereby replacing standalone measuring devices, sensors, and actuators with intelligent, IP-based devices. By interlinking OT and IT solutions on the basis of established protocols and modules, companies can link heterogeneous systems and processes, thereby eliminating redundancies.
When attempting to link OT and IT systems, system architects are faced with a number of functional requirements:
Scalability: Intelligent systems record and analyze large quantities of data from a variety of endpoints and require high-performance computing, storage, and networking capacities to do so.
Availability: Many intelligent systems are designed to be deployed in environments where system failure might lead to reduced productivity, unsatisfied customers, or even loss of revenue. In the case of critical applications such as medical applications, monitoring solutions, and smart grid implementations, system failure may even result in severe damage to health or the environment.
Security: Intelligent systems frequently depend on the publicly accessible Internet or use cloud-based computing and memory resources. To protect against loss or theft of data or a denial of service attack, the new solutions have to be optimally secured and easy to maintain. This means, among other things, that it must be possible to apply security patches quickly. OT is not traditionally configured to support this.
Ensuring high scalability and reliability
To achieve optimal scalability and reliability, Red Hat recommends using a hierarchical, intelligent system architecture consisting of a device tier, a gateway tier, and a data center or cloud tier. The device tier includes endpoints such as IP-capable measuring devices, sensors, displays, actuators, medical devices, antennas, machines, and vehicles, where data is collected and then transmitted. The data center or cloud tier consists of computing or memory capacities, for example, for industrial process monitoring and control. But it also includes integration into the existing IT infrastructure, the deployed ERP systems, and other business-oriented company applications. The connection to the company’s value chain is made here.
IoT gateways build a bridge between OT and IT systems
The gateway tier serves as an intermediary between the devices and the data center or the cloud. It aggregates device data and can buffer it before relaying it to the data center. In addition, it transfers controlling information to the device on the basis of open messaging standards. It also serves as a buffer for data that is required for tactical analysis or regulatory requirements. Furthermore, gateways can facilitate a direct, local reaction, as required – without going through the data center. Therefore, the gateways can be situated in the factory hall, a train station, or a hospital wing.
IoT gateways are the cornerstones of a convergent OT/IT architecture. They were especially developed to close the gaps between devices in the field o, as well as in central economic and industrial applications r. IoT gateways optimize the performance of a solution by collecting real-time data from operating procedures at the place of origin and performing initial processing. In this way, they disburden the applications in the data centers and the cloud and facilitate efficient development by introducing an abstraction tier between the devices and the application. Furthermore, by separating the devices from the applications, they enable new endpoints to be added more quickly and easily to a configuration.
The IIoT (Industrial Internet of Things) area provides a good example in this context: here, gateways are used due to different communication technologies and can deliver value-added services at the intersection of IT and OT. In this use case, data often needs to be converted between fieldbus systems - for example the Modbus - and TCP. In doing so, data can also be aggregated and machine conditions for example are only reported when there is a change.
Another example are building services where different communication technologies are used, for example power line communication, different radio frequencies and protocols as well as bus systems. Collected data can be transferred into an unified TCP communication and data can be enriched - for example from which building, which room, and which sensor does the data come from? Furthermore, data can also be aggregated, i.e. the gateway only sends a message when the temperature is changing. Here, reactions might be necessary locally and self-sufficiently in order to stick to required reaction times or to ensure reactions when connectivity to the data centre is interrupted.
Finally, there are use cases in the transportation sector. It might be necessary to amalgamate data from the tractor, the trailer and the cargo directly at the vehicle - again either to react locally, when having an unstable data connection to the data center or because there are heterogeneous technologies for vehicle, trailer and cargo that cannot be controlled by one tool.The hierarchical architecture addresses the strict requirements regarding IoT scalability, availability, and security. The number of gateways can be increased incrementally, thereby enabling cost-efficient growth. To avoid single points of failure, companies can implement redundant architecture components at every tier. This ensures service availability, for example, in cases where an individual component malfunctions. Specific security measures that cover a comprehensive spectrum of threats and vulnerabilities should be implemented at every tier.
Through a convergence of OT and IT environments, companies can improve their performance and reduce the total cost of ownership. However, detailed preliminary analysis and planning is required to reconcile various departments, disciplines, and business processes optimally with each other. In most companies, different organizational units have previously been responsible for OT and IT functions – with different targets, budgets, and strategies.
The OT department implements and supports highly specialized process control systems that ensure continuous availability of applications. Yet, the IT department implements and supports comprehensive, complex, open systems that depend on standards-based networks and servers running virtualized applications that partly rely on cloud services. The two organizational units have to coordinate their activities in order to benefit from a convergent OT/IT environment with a uniform IoT architecture.
Unlike traditional, manufacturer-specific control systems, modern OT solutions use standards-based IT infrastructures and communication protocols; as a result, they can achieve greater flexibility and scalability while remaining cost-efficient. Thanks to the convergence of previously separated OT and IT environments, companies might now be in a position to increase performance while reducing complexity and infrastructure costs.