RTA's Blog
The IT/OT Network Divide
Jun
OT (Operational Technology) comprises the processes, equipment, and materials that produce products. That product can be electricity, water, automobiles or any other of a million different products. IT (Information Technologies), on the other hand, comprise the collection of assets and technologies that allow the business of a company to be transacted.
Many years ago, OT used stand-alone processes for manufacturer products. But today, with the advent of things like Industry 4.0, it has become increasingly dependent on networking technology to closely coordinate the operation of processes and equipment and uses Cloud applications to increase efficiencies, quality and speed. The worlds of OT and IT are coming together, and it has been difficult.
One of the factors that make it difficult for IT and OT staff to work together is that each has different goals, different kinds of technologies and different operating philosophies. Each team has very little knowledge of the other team and difficulty understanding what they do and what they are trying to accomplish. OT uses technologies like EtherNet/IP, PROFINET IO, and Modbus TCP. IT relies on complicated devices like managed switches, routers, and special protocols like DHCP and SMTP. Though they both have the goal of making the company successful, they have vastly different technologies, operating philosophies, and processes.
There are many facets to this divide, but in the following table, I am going to focus on the networks: IT networks vs. OT networks – what they have in common and the differences:
1. TERMINOLOGY
| OT: | Devices that make connections are usually Clients. Devices that receive connections are Servers. Clients typically make exclusive connections to a large group of Servers. In some protocols, Clients and Severs have special names. In EtherNet/IP, Clients are known as Scanners; Servers are known as Adapters. |
| IT: | Servers are devices that provide resources to Host devices. A Host device is a Client that makes a connection to a Server. Many Clients make unexclusive connection to the same Server. |
2. OPERATING PHILOSOPHY
| OT: | The network is an integral component of the operation of the machine or the manufacturing systems. The network is single purpose and it exists to accomplish a specific goal: production. Assets outnumber workers in these systems. |
| IT: | The network is a utility that provide services and access to resources for users to use as they see fit. IT is the organization that manages and provides network services to users who use the network to accomplish the goals of the organization. Workers equal the number of assets on the network. |
3. TRAFFIC TYPES
| OT: | Traffic over OT Networks is regular and dedicated using specialized industrial protocols. Bandwidth is consistent. Traffic can be whitelisted. Traffic is local to a few switches. |
| IT: | Traffic over IT Networks is almost random with varying bandwidth requirements as users and applications consume at an almost random rate. Almost all traffic is routed through a router to a distant enterprise internet server. |
4. PERFORMANCE
| OT: | Systems are designed to minimize jitter and provide near real-time deterministic behavior down to the millisecond. OT systems often operate 24 hours a day, 7 days a week with no varying behavior. |
| IT: | Systems are designed to provide response time in seconds. Systems see peak loads during normal working hours and little demand at other times. |
5. MONITORING AND TROUBLESHOOTING
| OT: | Many vendor-specific tools that operate on specific equipment supplied by that vendor. Few general tools for troubleshooting, monitoring, and software management. |
| IT: | General, well-known, and well-understood tools for network management, monitoring, and software management. |
6. NETWORK GOALS
| OT: | Safety, Reliability, Quality, Security |
| IT: | Protection of Corporate Asses, Availability, Reliability, Performance |
7. DEVICE ADDRESSING
| OT: | Devices have fixed IP addresses. Clients embed these IP Addresses in their memories and expect server devices to use those same addresses without change. |
| IT: | Devices have no fixed IP addresses. Clients and Servers are named and get their IP addresses are from special servers. Devices make connections to those names using network servers that translate computer names into IP Addresses. |
8. APPLICATION LAYER PROTOCOLS
| OT: | Highly specific, industrial network protocols and many that do not use Layer 2, Link Layer Ethernet communications. |
| IT: | Applications use a wide range of application layer protocols for communications. |
9. FLEXIBILITY
| OT: | OT networks are static, fixed entities with a consistent number of devices. Manufacturers prefer to “lockdown” an OT network, meaning that no changes to devices or software are allowed once a machine network is functioning properly. |
| IT: | IT networks are dynamic. They are constantly adjusted, augmented, and re-programmed in countless ways to fit the evolving users, networks, and applications. |
10. FAILURE MODES
| OT: | Most device failures are generally catastrophic, stopping manufacturing production. Critical manufacturing systems add redundant devices to continue processing after some device failures. |
| IT: | Device failures are generally not catastrophic. Critical routers and switches are installed with redundant capabilities. |
11. RISKS
| OT: | Failure of OT networks can result in bodily injury or environmental disasters. |
| IT: | Failure of IT networks can impede business operation for short periods of time causing financial damage to the corporation. |
12. DEVICE TYPES
| OT: | Unique, specialized, and sometimes proprietary with long lifetimes. |
| IT: | Standardized on a few operating systems and virtual environments with short lifetimes. |
It is clear that in some companies, the age-old lines separating OT and IT are being blurred. Ethernet is now the dominant link layer in factory floor systems. The digital transformation is forcing many organizations to either combine their IT and OT staff or at least force them to work together. Differing objectives, standards, tools, missions, and the rest will probably continue to make that process difficult.
