Feature article

Bridging the IT and OT divide

,
Contributing Writer, Automation World
Fewer than 10 percent of companies have combined their IT and OT departments, according to a recent Automation World survey. But with integrated tools and common protocols coming to the fore, that could change.

In the age of connected operations, it’s more important than ever for plant personnel to work more closely with their IT counterparts. However, though IT and operations technology (OT) appear to be working together more frequently than in the past, they’re still far from being a united team, according to Automation World’s latest reader survey.

Results show that IT and OT continue to operate separately, with only 7.5 percent of respondents saying their IT and OT departments have been combined into one. In fact, nearly a quarter (24 percent) of those surveyed say the two departments have very little if any interaction at all.

The amount of cross-training being done between the two departments is still quite low as well. Although 27 percent of respondents are doing some cross-training, less than half of those include actually shifting employees between departments. For a significant majority (61 percent), there is no cross-training being done now, even on an exploratory level, and the two groups interact only as necessary.

Though departmental separation will likely continue for some time, OT and IT linkage ultimately makes sense from an operational standpoint, according to Don Pearson, Inductive Automation’s chief strategy officer. Like letting the genie out of the bottle, once departments begin to intermingle, the trend will not abate. The pairing allows for access and acquisition of important plant data at far greater speeds than possible today. It also gives companies the capability to connect the entire enterprise, including at the executive level; it is just too beneficial for companies to turn down, he says.

The readers surveyed see those benefits as well, and they far outweigh the downsides. Every single one of the benefits listed in our survey came in with a higher rating than even the highest-ranked negative experiences of respondents.

Benefits of IT/OT integration include easier integration of systems (37 percent), better communication between IT and OT departments (35 percent), more knowledgeable IT and OT staffs (30 percent), improved selection and sourcing of technologies (26 percent) and improved project implementation speed (25 percent).

About 24 percent of respondents noted that IT and OT still do not understand each other’s technologies well enough. Among the downsides to this disconnect: Project implementation times have expanded (13 percent), system integration projects are more difficult (11 percent), selection and sourcing of technologies are not as good (8 percent) and communication between IT and OT has worsened (6 percent).

More to come
Despite the benefits of closer IT/OT integration, Pearson is not surprised by the disconnects that appear in the survey results. Nor is his colleague Travis Cox, Inductive Automation’s co-director of sales engineering. Bringing the departments together is not a simple thing, Cox says.

Broadly speaking, the two departments tend to distrust each other. Traditional SCADA/HMI software is proprietary and licensed, and that can make that software and the operations information it holds hard for IT to access, Cox says. “And OT doesn’t know how to get the information to IT,” he adds.

Occasions where IT and OT work together more are driven by increased connectivity. A significant driver has been the Industrial Internet of Things (IIoT)/Industry 4.0, according to 18 percent of the survey respondents. “The primary driver for the departments to work together is demand for data, which is synonymous with IIoT,” Pearson agrees.

But another kind of connectivity—increasing use of Ethernet on the plant floor—actually came in higher, leading the list of significant drivers with close to 21 percent of the votes.

Where IT and OT are coming together is largely for special projects, according to 43 percent of those surveyed. Cox contends that corporate-led initiatives often qualify as special projects, and that’s where he’s seeing a lot of IT/OT interaction: corporate initiatives to bring plant data to the IT side where it can be leveraged for business intelligence, machine learning or other uses.

“When raw plant data needs to be turned into business information, there’s just no choice,” Cox says. “Then OT and IT have to come together and figure out the right approach to get the information into IT systems.”

Companies might be holding out on integrating the two departments while they assess solutions and free up spending. But as talk continues around IIoT, these companies are realizing they can’t afford to be left behind, says Ian Fountain, director of application segments at National Instruments (NI).

Suppliers show the way
So, how can companies get their disparate technology groups speaking the same language?

Automation suppliers are helping to pave the way by bringing IT suppliers onto their own teams—in some cases via acquisition. Belden’s purchase of Tripwire in 2014 is one example. Tripwire makes a software security and data integrity tool, bringing an important security element to Belden's portfolio of end-to-end signal transmission systems, says Jeff Lund, Belden’s senior director of product line management for industrial IT.

“It comes down to appreciating what the other side knows that you don’t,” Lund says. “Tripwire people know how to architect segmented networks and protect network zones with a firewall—a practice OT is trying to adopt.”

The two groups of technologists must understand the other’s needs, he stresses. Tripwire employees can’t assume, for example, that they can easily fix OT security issues for Belden clients, Lund says. “That attitude won’t make people listen to you,” he says. “It’s not that OT doesn’t get security; it’s just that availability is their first focus.”

This sentiment is echoed by some survey respondents, who don’t seem to appreciate the attitude sometimes coming from the IT side of the business. “Our experience is that the IT side takes over,” one respondent says. “They believe that the OT side is doing it wrong and has nothing to offer.”

That same respondent notes that IT rules are typically applied without regard to the effect they could have on the OT system. Lund expresses this concern as well: “Both groups have the same end goal—they want the system to be secure,” he says. “But with a security threat, IT would say, ‘Immediately shut down the plant, don’t let the stuff get stolen,’ where OT would determine it’s much more important to shut the system down safely, even if the shutdown isn’t immediate.”

Several survey respondents emphasize how important it is to get IT involved with OT early in the process, preferably during the quoting phase of the project or even earlier. But then: “IT needs to listen to the requirements of OT and process engineers to understand their needs and concerns,” one says.

Employees from both Belden and Tripwire meet often for seminars and workshops to learn from one another and better understand each other’s priorities and needs.

Representatives from IT and OT are often present at client meetings, Lund says, and the pairing works. One oil refinery customer, for example, was already using Tripwire on its financial side, but has called on Belden to implement Tripwire on its industrial network for a comprehensive industrial cybersecurity solution.

In 2016, NI teamed with Hewlett Packard Enterprise (HPE) to co-develop and sell the HPE EdgeLine Converged IoT System. NI’s OT experts teamed with HPE’s IT leadership to develop a system for acquiring data and performing computing and analysis at the edge of the network, Fountain says.

To work together, both IT and OT technologists will need to understand the importance of the middle level, where OT data aggregation happens before transfer to IT, says Craig Lentzkow, IIoT business development manager at Hilscher North America.

For such applications, Hilscher makes its netIOT Edge Gateway, which takes field data and transmits it into IT and cloud-based applications. The gateway sits on an automation network and either passively or actively gathers the data remote services need to deliver fresh insights into plant operations.

“What brings both IT and OT into play here is that our edge gateway is taking that operational data, doing some preprocessing of it—like with data semantics—and feeding it into the IT network on the cloud space,” Lentzkow says. Developments and partnerships like these, which truly connect OT and IT systems, have only started cropping up over the past five years, he adds.

Leaders on both the IT and OT side continue to wrap their heads around what those connected systems could mean for their plants and have begun working out how to implement the tools on their already-existing operations side, Lentzkow adds.

A protocol OT can use and IT understands
Both sides of the business wouldn’t be able to share information if it weren’t for standards and protocols, Fountain says. Right now, it looks like MQTT, a lightweight messaging protocol, could be the most popular of the protocols that allow OT and IT to communicate.

In April, the SmartFactory plant in Kaiserslautern, Germany (established as a German government/industry/academia Industry 4.0 project), announced all operational data—such as process and equipment data—will be published via the MQTT communication protocol. The OPC UA communication protocol will provide the basic connection between the integration bus and the plant equipment. The SmartFactory initiative is a research platform to test and develop information and communications technologies and their applications.

The factory’s data, published via MQTT, is then made available to other applications that run in the cloud, such as data analytics, or on mobile devices, such as smartphones and tablet PCs.

MQTT is a natural choice because IT employees and students are very familiar with it, says Arlen Nipper, who co-developed the protocol with Andy Stanford-Clark in 1999. Because the pair developed the protocol for a pipeline control system, “it has a heritage that takes it from running on a real-time, mission-critical SCADA system to running on a Raspberry Pi in hobby shop mode,” Nipper says.

Plant automation is facing the same conundrum today that those in IT did about 20 years ago, Nipper says. It was then developers realized that when they wrote applications hard-coded to other applications, they couldn’t make changes without rewriting the code. “Automation is in the same vein today, where we’re connecting devices to applications,” he says. “We don’t want to do that anymore. We want an intelligent device to be publishing all the devices’ information and we can subscribe to it with different applications.”

MQTT can help decouple devices from applications, Nipper says. But it’s also a tool that today’s college graduates have worked with. So whether they head to the OT or IT side of the business after graduation, they have a familiarity with the protocol that today’s OT engineers might not know.

The future of OT and IT integration—in terms of both tools and workers—is being written. Though it’ll be a while before it shakes out, this coming together is interesting for all involved.

When OT and IT groups can work together, it often leads to better success. As one survey respondent put it, “Certain IT groups in our company collaborate very well with OT, and these projects go very well. Other IT groups in our company do not collaborate, but instead are striving to take complete ownership and control. These projects lead to problems.”

Joyce's Voice Newsletter

Subscribe now to receive Joyce Fassl’s weekly e-newsletter focusing on the industry’s most pressing manufacturing and operations stories.