Paul Nuss, the Industrial Networking, Software, and Cybersecurity Portfolio Manager at Siemens, addresses the principles, benefits, and challenges of IT/OT integration, suggests some solutions, and introduces the Siemens SCALANCE portfolio of industrial communication products.
Integrating information technology (IT) and operational technology (OT) systems can help industrial organizations of all sizes unlock incredible benefits and overcome persistent operating challenges. Successful IT/OT integration produces vast amounts of data that operators can use to improve efficiency, troubleshoot problems, and reduce or eliminate costly downtime. But integrating these two systems, which often have competing priorities, can present some complex challenges.
Paul Nuss, the Industrial Networking, Software, and Cybersecurity Portfolio Manager at Siemens, joined us to discuss IT/OT integration. Here, he addresses IT/OT integration principles, benefits, and challenges, suggests some solutions, and introduces the Siemens SCALANCE portfolio of integrated industrial communication products.
Hi Paul. Please introduce yourself and tell us about your role at Siemens.
I’m a portfolio manager at Siemens. I earned a bachelor’s degree in electrical engineering from Michigan State and recently completed the ISA/IEC 62443 Cybersecurity Certificate Program. I’ve been with Siemens for 17 years. Early in my career, I held roles in manufacturing, operations, and R&D. I’ve primarily been in strategic marketing and product marketing management, and now I’m a portfolio manager for the U.S. region. All of these roles have involved industrial automation and manufacturing. For the last six years, I’ve focused on industrial networks, including hardware, software, and cybersecurity.
You joined us today to talk about IT/OT integration. So, let’s dive in. What should people know?
This has been a hot topic for years, and the discussions often include different terminology, like integration, collaboration, and convergence. They’re all useful terms that allude to different elements of the wide-ranging IT/OT topic, which is usually centered around utilizing data from an industrial process (OT) in an IT environment to solve challenges, implement new processes, and ultimately realize significant gains or savings. That’s the common thread those terms share.
Implementation of a successful IT/OT strategy can help operators leverage data from industrial systems and devices that were designed and implemented when end-to-end enterprise data visibility wasn’t feasible due to technology limitations, standard practices, or lack of resources at the time. As the technology and accompanying strategies advance, that data can be used in new ways that weren’t previously thought possible or necessary. Operators are doing more with OT data to save time and money.
The goal, whether you’re discussing integration, collaboration, or convergence, is to establish vibrant digital threads of data running transparently, seamlessly, and securely through businesses — from factory floors to boardrooms and everywhere in between — enabling quantum performance gains. Amazing benefits can be achieved when the right OT data is identified, accessed, and analyzed in the right way at the right time. To get there, you must establish the right industrial network infrastructure, architecture, and configurations. Collaboration between IT and OT is a must to ensure that data is delivered to the right place at the right time, securely, in the right format, and without disrupting the operation.
Most of our customers operate in discrete and process automation markets, ranging from automotive, aerospace, intralogistics, and metals to chemical, oil and gas, and food and beverage — almost any industrial market with physical industrial processes and machinery. Many have implemented an IT/OT strategy and reaped the rewards. One example is a customer that tracks their component and feedstock levels with smart devices and reliably transmits that data through their OT network to their IT network and enterprise systems to seamlessly place replenishment orders, eliminating manual effort and potential errors and delays. We’ve seen customers measure processes on the plant floor, tracking the movements of automated guided vehicles (AGVs), and then use that data in cloud- or IT-based applications to optimize AGV movements to reduce time and energy costs. We’ve also seen them use real-time production tracking data to provide accurate and up-to-date delivery estimates to end customers. Using analysis and implementation to realize production efficiencies becomes more feasible when your data includes key indicators from the plant floor in combination with enterprise tools, like an enterprise resource planning (ERP) system.
The industry has seen a variety of IT technologies adapted for implementation on the plant floor over a long period of time, including industrial Ethernet, industrial Wi-Fi, industrial PCs, cloud applications, advanced analytics, and AI. In my experience, the technology is usually welcomed in applications where it can be helpful, but it’s crucial that users closely evaluate, test, and potentially adapt any new IT technology considered for OT use to ensure it’s in alignment with industry standards, regulations, and change management procedures. The main reasons for this are the starkly different operating environments, processes, and priorities of IT and OT technologies.
What are some key concerns that industrial organizations looking to facilitate IT/OT collaboration and achieve end-to-end digitalization need to consider and solve for?
One key consideration is the different natures of the systems and the associated consequences of system disruption. With OT, the top priorities are safety, availability, integrity, and confidentiality (SAIC), in that order. For IT, it’s typically confidentiality, integrity, and availability (CIA). Because there are similarities between the communication networks in IT and OT, some of the crucial differences in priorities may be overlooked if IT and OT are not working closely together. The good news is that we’re increasingly seeing this collaboration lead to successful outcomes.
When it comes to OT priorities, in addition to physical safety, there are often different OT network considerations, including redundancy requirements, communication protocols, topologies, data flows, and maintenance programs. Deterministic communication is extremely important in many industrial processes, but it’s not typically as crucial in IT communications. If machines are orchestrating physical movements, they must often coordinate within milliseconds. If they don’t receive the data on time, there could be physical safety incidents. With IT, it’s not a concern if an email arrives a few seconds — or even minutes — after it’s sent.
When OT and IT collaborate, users have to consider safety versus security in all applicable scenarios. In OT, safety trumps security. For example, if there appeared to be an issue with a physical process in an OT environment and someone needed to manually intervene by logging into a workstation, that workstation access would need to be available immediately. Severe consequences could occur if someone on a plant floor was locked out of a workstation while attempting to mitigate an urgent safety risk due to multiple incorrect password attempts, which is a common IT policy. IT and OT would need to collaborate and identify the appropriate policy to address that risk.
What’s one solution that can help organizations address these concerns and become a secure, fully digitalized industrial enterprise?
It starts with building an IT/OT collaboration team. One of the team’s top priorities must be to establish a well-designed and well-configured industrial network, because it’s essential to achieving a fully digitalized industrial enterprise. This goes back to that very first topic we discussed. When IT and OT work together, they can produce some incredibly positive outcomes for improved processes by reliably transmitting industrial data through the OT network and delivering it to enterprise systems that can turn data to insights and actions.
But before those benefits can be achieved, we need to place the OT network and data in a position where it can be safely and securely accessed for IT environments. That’s where industrial network design and a system architecture really come into play. Let’s consider two example use cases: a technician who can log in remotely to fix a machine halfway across the world and the automated monitoring and replenishment of feedstock inputs. Both of these scenarios require an OT network designed and configured in alignment with industry standards to ensure that the data can securely travel where it needs to go without disrupting production. Suboptimal industrial network configurations can delay an IT/OT implementation and even cause downtime if not addressed.
The key components of these networks are typically industrial switches, routers, access points, clients, and industrial security appliances — technologies designed to manage and protect the flow of OT data that determines what gets done, and when, on a plant floor. For example, the industrial network infrastructure enables PLCs to send signals to machines in production and transmit key production data through the switches, routers, and security appliances to the enterprise network for analysis without impacting production. That production data may track cycle times that lead to preventative maintenance, identify quality defects, log track and trace data, or a variety of other useful information.
Please introduce us to the Siemens SCALANCE portfolio of integrated industrial communication solutions.
The Siemens SCALANCE portfolio encompasses our industrial network offering. It’s one of the most complete industrial networking portfolios on the market, offering switches, routers (DIN rail and rack mount), industrial wireless LAN, Industrial 5G and industrial security appliances.
We also offer OT software designed to help configure, deploy, manage, and report on industrial networks at scale. Our SINEC software serves as a strong and necessary companion to the industrial networking hardware in our SCALANCE portfolio. Our SINEMA Remote Connect secure remote access and management platform is also designed to integrate with SCALANCE industrial communications solutions to facilitate flexible, secure industrial network infrastructures.
The breadth and capabilities of our SCALANCE industrial networking portfolio and enabling software is unmatched. Our SCALANCE solutions are also designed for ease of use and convenience. They can be configured with web-based management, command line interface (CLI), or SINEC software, and they support removable media that allows users to backup and load configurations from one device onto another, or configure at scale, which can be a huge time-saver.
Please tell us more about SCALANCE industrial Ethernet switches.
We recently expanded our SCALANCE range of industrial Ethernet switches with the launch of the SCALANCE XC-300. The range offers solutions with multiple port densities, including a DIN rail device with 32 fixed RJ45 ports, which is currently unique to the market. In the right application, that port density can drastically reduce the price per port and reduce the number of devices that require configuration. XC-300 switches also offer advanced features and compatibility with a variety of industrial protocols that make them a core element of well-configured OT networks.
Another core component of almost any OT network (per industrial cybersecurity standards) is network segmentation. This is where the SCALANCE S industrial security appliance comes into play. The rich feature-set of the SCALANCE S includes enforcement of industrial network boundaries by only allowing authorized traffic. But that’s just the start with the SCALANCE S. It’s a key solution for secure remote, user-, and role-based access; it’s compatible with physical key switches; and it offers additional system hardening.
Are there any success stories you’d like to share about the SCALANCE portfolio?
One of the world’s largest brewers had an industrial network that was experiencing some issues and wanted to expand their facility. Our team of network experts worked with them to assess their network and identify opportunities to improve the architecture and segment the network to meet industrial standards and properly handle the new configuration.
It was a real challenge to ensure that the network could transmit data seamlessly, avoiding things like packet collisions, to enable both time-saving secure remote access and the company’s fleet of laser-guided vehicles (LGVs). Our services team redesigned the network with SCALANCE devices, including managed switches, routers, wireless devices, and industrial security appliances. We also deployed secure remote access software and network management software to improve overall performance. LGVs depend on data to be delivered in real time so they can execute the right movements at the right time. We used Siemens SCALANCE W industrial wireless devices on the LGVs to enable reliable communication with their traffic manager as well as the plant’s manufacturing execution system (MES), which assigns pickup and delivery points.
Unlock your facility’s potential with IT/OT solutions from Siemens and RS
Siemens designs and develops solutions engineered to help customers exploit the potential of their data by securely connecting the real and digital worlds and bringing previously separate processes into a single data flow to optimize performance. Siemens enables more efficient factories, more resilient supply chains, and smarter buildings and grids with a wide and ever-expanding range of advanced technologies.
RS offers an extensive selection of Siemens products, including IT/OT solutions like the Siemens SCALANCE portfolio and its comprehensive range of industrial networking solutions, ranging from switches, routers, and industrial wireless LANs to industrial security appliances. RS also offers a wide range of other Siemens industrial data communications solutions, as well as motors and motor controls, circuit protection, industrial controls, PLCs and HMIs, power products, and relays. For assistance identifying, procuring, deploying, and maintaining Siemens solutions designed to improve your industrial operations, please contact your local RS representative at 1.866.433.5722 or reach out to the RS technical support team.
