Will IT and OT Converge?

It’s no secret down on the shop floor, or in the upper echelons of management, that IT and OT don’t always see eye to eye. For decades, the business computing world of Information Technology (IT) has been growing and evolving separately from the Operational Technology (OT) world. Plant engineers and system integrators working in the OT sphere are happy to keep their distance from the requirements and constraints of the IT department, going so far in many cases as to function on completely separate physical networks. Most executives, for their part, are reasonably satisfied to let the OT people do their work, and simply receive regular production reports from an ERP or possibly a MES system.

There are good reasons why these two siblings of IT and OT have grown up separately, despite their common parentage in computing technology. Yet now, increasing demands within and outside the enterprise are starting to force them to cooperate, and possibly even live under one roof. Exactly when and how this will happen may vary depending on the company and other factors, but it’s a trend that analysts such as Gartner and ARC Advisory Group predict will increase significantly in the next few years.

Much of this anticipated overlap (or collision) of IT and OT is due to advances in technology. On the OT side, Industry 4.0 and the Industrial IoT have become viable as the Internet becomes more reliable, and the cost of connecting devices drops exponentially. In the IT world, the lure and promise of Big Data and the analytical tools needed to extract value from it are moving quickly from the status of luxury to necessity. Heeding the lessons learned from the demise of Kodak and Blockbuster, executives understand the need to stay competitive in the digital age, or suffer the consequences.

Two Worlds of IT and OT

It is no accident that IT and OT seem to occupy two different worlds. You can trace this back to the primary goal of each. The focus of IT people is business improvement—to support accounting, logistics, human resources, and all other areas of the business to make it more effective and productive. In a sense, for IT, the product is the business itself. Upgrades to computer systems and improvements in skills pay off with immediate results in the success of the business. And it’s easy to make improvements because critical data is relatively static, providing ample opportunities to upgrade the tools and skills needed to manipulate the data.

In the OT world, the focus is on doing or making things. The production process is paramount. Complex factory systems, pipelines, power grids, and chemical plants cannot be switched on and off easily. Many systems run 24/7, and cannot be put on pause for software upgrades. Every hour of lost production time can cost millions. It may take months or years to build such a system, and once it is running, few engineers are willing to risk swapping in a piece of untested software. Computer skills are just one aspect of a project where the bulk of the expenditure and expertise is focused on the machinery and devices needed to do the work. OT is one of several players in the game, and not the star of the show that IT often becomes in its world.

Be that as it may, these two worlds are now poised to make contact. Businesses are waking up to the value of the data that’s coming from the production systems. Managers are discovering within OT data opportunities to harness real-time analytics and leverage predictive technologies that IT can provide. In a recent article, The Internet of Things: Bridging the OT/IT divide, John Pepper, CEO and Founder of Managed 24/7, said, “Unless organisations actively bridge the gap between OT and IT, the real operational benefits of the digital business will be lost.”

Bridging the Gap

As we understand it, there are at least three approaches to bridging the gap between IT and OT:

  1. Insert IT into OT. You can either import IT staff and expertise into the OT world, or build it in from the ground up. So far, this has not been a popular approach.
  2. Absorb OT into IT. Essentially this means expanding the IT world to encompass OT. Again, it may sound interesting in theory, but apparently the differences are too great, because we don’t see this happening much in practice.
  3. Allow OT and IT to communicate. For now, data communication seems to be the favored approach. Time will tell if this becomes a permanent necessity, or whether the two worlds can eventually merge.

For the foreseeable future, any convergence of IT and OT will continue to take place through data communication. What form does and will this communication take? Clearly OPC plays and will continue to play a major role. The key to OPC’s success to date has been its ability to foster communication between disparate systems. The large installed base of OPC Classic provides an easy way to obtain data from a wide range of systems. OPC UA is positioned as the data protocol for Industry 4.0 and the Industrial IoT. Whatever protocol may be used, and whatever form it takes, successful data communication between IT and OT must provide security, integration, and real-time performance.

Security is a major concern for OT professionals when considering connections to IT systems. For decades OT has usually been either physically separated from corporate IT networks, and/or functioning under the “security through obscurity” principle. The increasing number and sophistication of hacks to online industrial plants and power systems, along with the ability of viruses like Stuxnet to contaminate even an isolated system, underscore the need for an active and educated approach to security.

With this in mind, the best way to convince a prudent OT manager to share data with IT is to ensure the most secure connectivity scenario that is realistically achievable. The data communication protocol, such as OPC UA, should provide robust connectivity over TCP, and implement SSL and certificates. Keeping the plant’s firewalls closed and utilizing DMZs and proxy servers are essential for eliminating potential points of entry. Ideally, the system should be secure by design, and not need to rely on VPNs or additional security hardware. In fact, there is no need for IT to have any access to the plant at all, just the data. And access to that data should be restricted to just those in IT or management authorized to use it.

Seamless integration of data protocols is a second requirement for IT / OT convergence. OPC provides a way for the vast array of industrial protocols to be integrated into a single protocol. Converting OPC Classic to OPC UA will be needed to include legacy equipment in the conversation. To fit into the IT world of SQL databases, the ability to convert to ODBC is a must. And let’s not forget the IT world’s personal tool of choice: Excel. These are some of the more popular data protocols as a starting point; there may be others. The better the integration of OT data into familiar tools for IT, the more likely the IT and OT worlds will get along.

Finally, real-time performance is a big plus, if not an absolute necessity. Real-time data coming directly from the factory floor is one of the primary reasons for the whole project. This is the data that will power the real-time analytical engines and predictive technologies that management envisions, and that IT will be implementing.

Will we ever see IT and OT converge? It is difficult to say at this early stage. The trend right now is to open channels of data communication between the two. Success in these initial endeavors may inspire players on one side or the other to expand beyond their limited domains, and work towards a more fundamental level of integration. For now, professionals in both OT and IT can start by implementing secure, integrated, real-time data communication, and see where that leads.

New Whitepaper: Will IT and OT Converge?

It’s no mystery what “IT” stands for: Information Technology, the computing power used to run businesses and corporations. Fewer people might know that “OT” in this context stands for Operational Technology, the computing power behind modern industrial production systems. A new white paper from Skkynet asks whether IT and OT will converge.

These two, IT and OT, are worlds apart in most businesses. The IT people use computing resources to support accounting, logistics, HR, and all other areas of the business. In a sense, the product of IT is the business itself. IT becomes a star of the show. In the OT world, the focus is on doing or making things. The product is the process, or the manufactured output. OT is one of several players in the game, operating primarily in a supporting role, to ensure that mechanical systems function as designed.

For a long time, OT and IT have functioned separately from each other. OT has been hidden away in the deep recesses of the plant or out in the field, using its own proprietary data protocols, and often physically disconnected from the rest of the corporate network. IT has been content to get occasional updates on factory floor status through paper reports, database entries, or ERP (Enterprise Resource Planning) systems.

Now these two worlds are beginning to make contact. Businesses are waking up to the value of the data that’s coming from the production systems. Managers are discovering within OT data opportunities to harness real-time analytics and leverage predictive technologies that IT can provide. John Pepper, CEO and Founder of Managed 24/7, recently wrote, “Unless organisations actively bridge the gap between OT and IT, the real operational benefits of the digital business will be lost.”

Our new white paper, Will IT and OT Converge? takes a closer look at some of the concepts introduced by Pepper. It clarifies the distinctions between IT and OT, presents current thinking about how they might converge, and highlights three critical requirements from the OT side for bridging the gap: security, ease of integration, and real-time performance.

Connecting the Worlds of IT and OT

Ever since the dawn of computing for commerce and industry, there has been a wide gap between the world of IT (Information Technology) and OT (Operations Technology).  Most of us are more familiar with IT—crunching numbers for financial applications, building databases for personnel records and corporate assets, and printing out sales reports, monthly earnings, and year-end statements.  The world of OT is more remote and esoteric—hidden behind firewalls and DMZs, sometimes on completely independent networks, mission-critical systems oversee the real-time processes that control a company’s production equipment and machinery.

Now, with the advent of Industry 4.0 and the Industrial IoT, these two worlds are being brought together.  In a recent article, The Internet of Things: Bridging the OT/IT divide, John Pepper, CEO and Founder of Managed 24/7, makes the case that the business value of operational data will be lost unless IT and OT learn to co-operate.  He said, “Unless organisations actively bridge the gap between OT and IT, the real operational benefits of the digital business will be lost.”

A risk of losing the prize

According to their research, companies are jumping on the IoT bandwagon and increasing their number of networked devices, but due to a lack of an overall policy to bridge the IT/OT gap, there is a real risk of losing the prize.  Critical OT information that has been unknown in the past is now becoming available, but only to those who know how to connect to it, and are willing to do so.

“Indeed, while the vast majority of new control systems used in buildings and factories – from water pumps to energy systems – include an Ethernet connection,” says Pepper, “few organisations are actively using this real-time insight to support CxO decision-making.”

Pepper’s call for deeper integration between the real-time data flowing through the OT world and the analytical capabilities of the IT world is a need that Skkynet was created to meet.  The predictive technologies that Pepper recommends can be realized and fully supported by Skkynet’s Industrial IoT technologies.  The vision of end-to-end monitoring and self-healing technologies that Pepper shares can become reality when we effectively connect the two worlds of IT and OT.

Bridging the IT Resource Gap

An interesting study has recently come out of the UK that points to a broad gap between the IT requirements of a large number of companies, and their available resources to meet the needs. What’s more, the top priorities for the coming years include cloud computing, big data, mobile computing, and security. Altogether, these findings suggest there may be significant potential for Skkynet’s SkkyHub service to bridge the IT resource gap.

The report, Digital Leaders Survey from BCS, The Chartered Institute for IT in the UK, presents the results of surveys circulated among BCS members, clients, and non-member companies, addressed specifically to CIOs, digital leaders, IT managers, and CEOs. Among the key findings are:

  • For the next 12 months, the 3 top IT concerns will be mobile computing, security, and cloud computing.
  • For the coming 3 to 5 years, the concerns are similar: security, cloud computing, and big data.
  • When asked what concern most keeps them awake at night, the overwhelming response was security–how to implement the various technologies in a secure way.
  • Close to 90% of the companies surveyed felt they do not have the resources needed to meet these priorities. About half of them said their existing workforce needs to upgrade their IT skills, or they require more manpower, or both.       Over a third said they could use a bigger budget.

Keeping it Secure

Maintaining security at all phases of implementation of cloud and mobile computing is high on everyone’s list. Mission critical industrial systems must not be compromised in any way, or it could mean significant damage to infrastructure and possibly even human life. Financial systems risk ruin if data confidentiality is breached. No major corporation is immune from attack. Just look at the recent chaos at Sony Picture Entertainment resulting from a breaches in security.

Clearly, any cloud, mobile, or big data services offered must be secure. And as this is a relatively new area of IT, old approaches to security may not be sufficient. Industrial and financial cloud applications represent a special case, as their security requirements are higher than most, and yet they also require high-speed data throughput, as close to Internet latencies as possible.

This is why SkkyHub has attracted such interest in these markets. Secure by design, it takes a unique approach to security that requires no additional hardware or VPN, and yet opens no firewalls, leaving no attack surface exposed to the Internet. Data can flow through the system at speeds approaching real time, making it an ideal solution for industrial and financial cloud systems.

Doing More with Less

Valuable as it may be, a secure, mobile-friendly cloud and big data service may not be snapped up so quickly if there is no way to bring it on board. According to the survey, the vast majority of companies don’t have the budget or personnel to carry this off.

Wait, did I read that correctly? Aren’t we talking cloud systems? Isn’t one of the main draws of cloud computing cost savings? You shift your costs from capital expenses to operating expenses. No up-front investment, no amortization calculations. Just pay as you go.

And doesn’t a good SaaS solution reduce the need for highly qualified programmers? The purpose is to leave the specialty programming of data communication and connectivity to the experts, freeing up your people to do your work. So where is the problem?

Our vision at Skkynet is that with cloud computing you should be able to do more with less. The service should provide end-to-end connectivity with no programming required. Just sign up, configure, and start working with your live data. It should work transparently beside your existing systems, providing you and any other authorized user with secure access to the data you need. Software as a service should reduce your dependence on in-house IT resources, while saving you money.

We invite the respondents to the BCS Digital Leaders Survey, and anyone else, to try out SkkyHub and see. SkkyHub addresses the key issue of security, and bridges the IT resource gap by providing real-time software as a service in a way that is affordable and easy to implement.