Anik Bose, General Partner with Benhamou Global Ventures (BGV), shares his perspective on the digital transformation of manufacturing and the challenges associated with mingling the worlds of information technology and operational technology. Anik’s blog was previously published here.
The explosive growth in sensors, data and analysis is bringing asset intensive industries into a new era of unprecedented connection and information. This transformation offers these industries the ability to significantly improve their operations and achieve higher levels of productivity. It is estimated that every 1% increase in production efficiency in manufacturing represents $200,000 saving per day per plant in a large manufacturing operation. This specific example was illustrated by FANUC, a top two industrial robot vendors in the world (e.g., if the utilization rate of a large factory goes up from 85% to 88%, the factory will save $600 K per plant per day). The greater the complexity of the supply chain, the higher the value creation potential. To unlock this value manufacturers are increasingly looking to adopt big data and analytics to improve operational efficiency and increase product quality, across multiple verticals such as pharmaceuticals, chemicals, energy and automotive systems.
However, this comes with some inherent challenges due to the complexities of mixing the Information Technology (IT) and the Operational Technology (OT) worlds. To deliver on the promise of the inherent value creation potential we need to build stronger connections between IT and OT at both the technology and organizational levels. The challenge lies in the fact that each system was purpose-built, but neither was designed to work with the other.
Technology Challenge
In today’s enterprise, there is a substantial communication gap between IT and OT technologies. Each uses its own method of connectivity, from the physical connectors and buses that data rides on, to the language each uses to convert bits and bytes into human readable and actionable information. Industrial devices have been designed for long life cycles and as a result use varied physical communication layers, mostly proprietary to their industry. The first step to connect such legacy industrial systems to the IIoT (Industrial Internet of Things) is to provide some type of conversion from these application specific physical buses to open, ubiquitous physical interfaces such as Ethernet and wireless. There is also a need to aggregate smaller, simpler devices like non-networkable sensors or electric circuits into a networked gateway device, in order to transmit the sensor level signals onto standard network interfaces and then into the primary Internet communications protocol – TCP/IP. The biggest challenges to this proposition come from the:
While a custom protocol can be useful in a single given application, it creates a hurdle in accessing the data required to realize the benefits that digital manufacturing offers.
In contrast, IT networks use the same open standards and protocols found on the Internet. The Internet was founded on open standards like TCP/IP. Application specific protocols are layered on top: HTTP/S, SMTP, SNMP, MQIT etc. The Internet uses programming languages like JavaScript, Java and Python and presents information using technologies like HTML5 and CSS, all of which are open.
To achieve the promise of Digital Manufacturing, OT and IT technologies must converge, allowing connection and communication. Today, the existing systems and protocols have created “islands of connectivity” caused by the lack of interoperability between open and proprietary protocols. This convergence between them is likely to be enabled through an evolutionary transition beginning with solutions such as protocol gateways, OPC servers and middleware. In the long run, OT/IT convergence will demand a flattened architecture and seamless communication between assets, utilizing open, standards-based protocols and programming.
Another area, which is critical for this IT/OT convergence, is the security aspect. The OT systems had inherent built-in security due to the physical separation of the networks – these systems were “air-gapped” from the IT systems. Connecting OT systems creates points of failure that can cause real disruption to the business. Imagine a ransomware attack holding up a factory floor for ransom. Enabling the convergence of IT and OT systems in a secure way is essential for this transformation.
People Challenge
The above challenges are further compounded by the different skill sets and resistance to change that exists between IT and OT teams. Traditionally there have been separate departments for IT and OT – with different people, goals, skills and projects. Continuing to operate separately not only creates a significant barrier to the adoption of technologies that fall outside the operations- teams’ comfort zone but also exposes companies to fault or security risks that could significantly impact production. To rectify this situation, the strategies of the IT and OT departments need to be aligned and IT and operations managers need to have some common and goals and targets. Joint projects will harmonize duplicate or overlapping systems and processes, and promote the development of the interdisciplinary skills now missing in most companies.
This is a significant cultural shift that requires time, trust and a progressive plan. Simple pilot projects are a great way to offer tangible value, train resources and progressively develop the skills of IT/OT skills in the team members.
Getting started
BGV portfolio company Bayshore Networks enables industrial enterprises to connect to the internet securely while protecting the manufacturing assets from cyber-based threats. The company’s product enables asset intensive industries that are seeking operational efficiencies to bridge their IT and OT environments, collect the big data and apply the analytics required to unlock the value of digital manufacturing and mobilize its workforce into the connected world. One key use case is granular secure remote access to industrial devices. While traditional VPN allows a remote maintenance technician to dial into the OT zone, but the problem is that once that maintenance technician is inside the OT zone, they have access to all industrial devices (Siemens, ABB, Yokogawa, etc), which is a major security problem. This is why traditional VPN is not a viable tool to enable secure remote access for the OT networks. Bayshore’s granular Layer 7, secure remote access solution allows remote workers to dial into specific PLC’s, without giving access to all industrial devices. Other use cases range from providing CIP compliance for Utility customers (i.e., ability to enforce/block NERC-005-5), protecting data and systems from attacks initiated through IOT apertures for Data Center customers and safely/securely connecting IT/OT to enable OT data transformation for Manufacturing customers.