May 3, 2021
Identifying IT/OT Convergence Challenges
Information Technology (IT) and Operational Technology (OT) convergence in industrial operations is driven by the need for: better data visibility and utilization, full realization of system and software ROI, and enhanced cybersecurity. It’s also a key enabler for industrial companies to achieve their digital transformation goals. While the value of the business drivers is increasingly apparent, executing IT/OT convergence remains challenging.
Early in my career, I configured control systems in a polymers plant. At the time, there was total separation between IT and OT. We didn’t want IT anywhere near our industrial networks because from our perspective they didn’t prioritize plant operations, didn’t understand the differences between control systems and business systems, and so on. Similarly, IT didn’t want us anywhere near their networks either because they didn’t feel we understood networking and cybersecurity concepts to the level they did. The clashes in mindsets created an adversarial environment. Looking back, we did little to learn from each other or establish a network and cybersecurity policy ready for future organizational needs.
In industrial companies today, there is less of a hard line drawn between IT and OT — as technology is becoming essential to productivity. However, IT perspectives, expectations and priorities can still vary greatly from those of industrial operations. One example is response time, which tends to be much more critical in OT environments and impactful to production than in IT environments.
In addition to IT and OT cultural mindset differences, other challenges complicating IT/OT convergence include:
- – Distinct software and troubleshooting tools
- – Wireless ownership
- – Nomenclature variances
- – Differences in how technology standards are applied to IT and OT Network Architectures
- – Approach to cybersecurity policies and network maintenance
Industrial companies can benefit from addressing these challenges by taking a proactive approach to IT/OT convergence. Following are three ways to improve IT/OT convergence and help achieve success.
Working Together to Develop a Plan
While technology is essential, people are the biggest key to the success of IT/OT convergence. An early step of the IT/OT convergence process is getting key stakeholders from IT and industrial operations together to develop common policies. Industrial companies are more likely to see both technical and organizational success when they break down organizational and cultural barriers by having IT and OT collaborate.
Three tips to get started:
- – Outline specific business outcomes driving IT/OT convergence
- – Identify and address IT/OT cultural convergence challenges
- – Proactively develop a well-defined IT/OT convergence policy
Rockwell Automation and Cisco have been Strategic Alliance Partners for over 13 years. IT personnel typically have a familiarity and trust in Cisco, and OT personnel have a similar familiarity and trust in Rockwell Automation. Our teams deliver value to industrial customers by facilitating IT/OT conversations and giving credibility to both perspectives as an IT/OT convergence policy is developed.
Creating a Common Architectural Blueprint with Consistent Terminology
The differences in IT and OT often extend to network architecture and technology implementation approaches. For example, network segmentation, cybersecurity, and access protocols can vary greatly between IT and OT. And OT network terminology is often not consistent with IT terminology. Establishing an agreed upon blueprint early in IT/OT convergence planning encourages architectural and technology alignment and provides a guide for common terminology. A reference architecture can also help IT and OT gain a common view of the world.
Rockwell Automation and Cisco have created a collection of tested and validated blueprints called Converged Plantwide Ethernet (CPwE). CPwE provides IT and OT organizations a starting point for designing and deploying reliable and secure industrial network infrastructure.
A fundamental question that arises during IT/OT convergence discussions is: who will own the OT network? This question is important because the software toolsets that IT uses to monitor, analyze, and troubleshoot networks and cybersecurity are not the same as OT software toolsets. Much of the time, OT uses software that is part of their control system vendors offering.
The answer to OT network ownership often drives decisions about switch hardware. For example, if IT is going to own the network then they tend to deploy IT-centric switches that they already know how to troubleshoot and manage. But, there are problems with this approach. Let’s assume a manufacturer decides IT owns the OT network and installs IT-centric switches. At 2:00 a.m. when industrial operations go down, who will be called out to troubleshoot? In many cases, OT personnel will get that call. Unless they have undergone additional training, they will not necessarily have the software tools or knowledge to troubleshoot those IT-centric switches.
Rockwell Automation and Cisco have worked together to address this scenario with Stratix switches. Stratix® industrial Ethernet switches make the question of OT network ownership less relevant. They contain Cisco technology inside and work with familiar Cisco software tools IT uses, and Rockwell Automation FactoryTalk® Network Manager and Studio 5000 Logix Designer® software that OT uses. Both IT and OT can manage and troubleshoot the industrial network without having to learn new tools.
Industrial companies that take a proactive rather than reactive approach to addressing IT/OT convergence policies are more likely to have success. Understanding OT network needs is an essential part of developing an IT/OT convergence policy that works and that both IT and OT embrace.
Ultimately, IT and OT networks must work together to provide industrial companies the full benefits from the systems and data in which they have invested. Whether you are at the beginning stages of planning for IT/OT convergence, or are currently in progress, experienced consultants can provide beneficial guidance. Working with teams who have been through IT/OT convergence projects with other industrial customers can help you avoid common points of failure and establish a roadmap for success.