IT/OT convergence has enormous potential on the factory floor. The ability to use predictive maintenance to optimize the health of machinery could help companies save a staggering $630 billion by 2025, according to McKinsey. It could also cut downtime in half.
Convergence will enable the use of "digital twins," which simulate the physical performance of equipment, generating data that can be modeled to optimize servicing intervals. By 2020, Gartner predicts that we’ll see a 25 percent re-allocation of manufacturers' spending from "procure and maintain" capital equipment programs to "dynamic service models," where a recurrent fee is paid to suppliers for predictive maintenance to increase up-time on the factory floor.
Not good friends
OT has traditionally supported the factory infrastructure, powering the production lines, while IT takes care of back-office functions, such as procurement, invoicing and payroll. And they typically don’t play well together: IT is dominated by standardized platforms, OT by customized systems.
With the arrival of Industrial IoT (IIoT), the integration of OT and IT is essential to enable the monitoring of complex machines and their components. This will bring manufacturers greater insight into operational processes, enabling them to take continuous improvement programs to the next level, optimize output and increase margins.
"Operating IT and OT as two separate entities holds back transformation and can expose organizations to growing security risks," explains Werner Reuss, Head of Industrial IoT & Analytics at Orange Business Services. "But the big challenge is that the environment is so inhomogeneous. We’re dealing with legacy architecture running operating systems based on proprietary standards. Having so many standards and components increases complexity, making integration a big effort for a while to come."
Reuss stresses that while these challenges are surmountable, they "should not be viewed as simply merging network resources." IT and OT need to sync to ensure that governance, compliance issues and risk management don’t fall through the gap.
The way IT and OT have been created is very different, adding to the challenge. IT environments are dynamic. IT updates, for example, can be initiated in a relatively quick, simple automated way across the network. OT, however, is built on stability, safety and reliability. Manufacturers can’t rip out one component that supports another one, as they’re often inter-dependent. Some production lines have been in place for decades. Instead, a gradual, synchronized shut down is required, which can take days, and sophisticated ramp up, which can take even longer.
Factory floor retrofits are possible, but they are complex and require careful end-to-end thought. Not only does opening a factory’s infrastructure affect worker safety, it can also expose highly-critical information, such as intellectual property details.
"OT issues are very different from IT," explains Reuss. "If the computers controlling huge machinery shut down, the factory could, quite literally, go out of business. Unexpected outages could also endanger workers. Toxic fumes from chemicals being used could leak, for example."
New production lines tend to integrate IT/OT from the start. Daimler Trucks North America, for example, coordinates the production of all parts on its truck manufacturing line using its IT/OT platform. Each truck is built to the customer's exact specification, which is complex in a mass production scenario. Convergence has enabled the greater use of big data analytics, boosted security and enabled the introduction of instructional videos for shop floor workers and the RFID tagging of components.
The role of cooperation
At the heart of successful convergence is cooperation between IT departments and OT teams responsible for monitoring and controlling the physical machinery and processes in manufacturing. This will require the nurturing of a new skills base, the development of interdisciplinary skills and the alignment of duties.
"As more companies work towards IT/OT convergence, the CIO and the IT organization will be at the forefront of fostering relationships and changing the culture of the organization," says Kristian Steerstrup, Distinguished Analyst, Gartner. "This will require a hybrid of traditional IT and OT skills and development of new intellectual property, while experience external to the company will be tapped into to assist with cross-topic education."
"IIoT is the glue between IoT and OT, but the two departments will need to sit down and talk to each other to make a convergence strategy work," explains Reuss. "This is where Orange Business Services expertise comes in, as we have expertise in both areas and can facilitate such discussion."
As well as managing cultural change, organizations will need to work with external service providers with proven OT service portfolios. Gartner forecasts that by 2020, half of OT service providers will strike up partnerships with IT-centric providers to deploy IIoT offerings, bringing benefits in the form of more advanced, accurate sensors that deliver cost savings.
Securing the converged environment
Companies want to accelerate connectivity between IT and OT to improve business productivity, but they must be mindful of security issues, warns Reuss. "In going through this transformation, it’s critical that organizations have well thought out IT and OT security policies and governance in place. This is an important area of expertise for us," he says.
There have already been situations where the OT environment has been compromised by cybercriminals via the IT environment, such as the cyberattack on a power grid in the Ukraine in 2015.
IT and OT together create a far greater threat vista and several new challenges. Security solutions, for example, may not run in an OT environment. There is also a lack of standards in the IoT space to contend with, while malware in the IT environment can also have a detrimental impact on OT. Yet, according to the 2017 Sikich report on manufacturing, only 19 percent of respondents said they are "very ready" to address cybersecurity risk.
There is no silver bullet, but close collaboration between IT and OT is essential to protect against security breaches using proactive cyberdefense mechanisms. This involves identifying and mitigating process, procedural and human risks, as well as technical vulnerabilities, in a holistic way.
Reuss advises that at executive level, it’s crucial to have one individual owning both IT and OT security to ensure continuity and cover all bases. Regular risk assessments should be run as a matter of course to highlight any potential vulnerabilities.
While IT is accustomed to working with cutting-edge security solutions, OT is often looking after infrastructure that has been deployed way before the Internet. Equipment has its own proprietary protocols and doesn’t generally come with security controls, such as encryption. Incident detection and response is therefore a very different exercise indeed.
Integrating IT and OT security and risk management is central to maintaining a competitive advantage for manufacturing organizations moving forward. To be successful, Gartner underscores the importance of security and risk management leaders having "solid strategic roadmaps that will enable business continuity and improve cyber resilience and decision making."
Unlocking new opportunities
IT and OT have a key role to play in digital transformation, helping industries become more efficient and secure. The market, however, is becoming highly competitive with numerous suppliers from various disciplines "trying to join the dots," according to Reuss. It is therefore imperative that manufacturers work with partners who have a deep understanding of the processes in both the IT and OT worlds. "Convergence will take time and will not be without growing pains, but it is how it is approached that will determine its success," concludes Reuss.
Find out more about the journey to smart manufacturing in this brochure.