JAN-FEB 2019

Issue link:

Contents of this Issue


Page 13 of 55

14 INTECH JANUARY/FEBRUARY 2019 WWW.ISA.ORG PROCESS AUTOMATION security techniques, such as switchport security and intrusion detection on the backplane, are common approaches on corporate networks, they might not work in the plant. Switches may be configured to work with specific equip- ment and have specialized scan rates, throughput, or other settings. Chang- ing something may interfere with a controller talking to a workstation. Although not optimal for working with defensive strategies, leaving part of the network in a suboptimal state may have to suffice until a more com- prehensive solution can be found. These situations demand balance and require working with all the stakehold- ers to avoid making a network more se cure but unable to perform its pri- mary function. Once IT technicians have spent some time in the plant, they might be assigned a specific task that will mean using their new knowledge to find and extract some low device-level network data. Say the task is to create a soft sensor, using data from a group of five process instruments installed in a pro - duction unit to support calculating a value that can be used to help optimize the process. The instruments are all installed and operating, so the assign - ment is simply finding a way to extract the relevant data streams, so they can be sent to a controller with the new an - alytical algorithm. However, in the OT world things are not always as simple as they seem. What's all this analog stuff? The IT technicians begin to examine the situation and find a complex situation: Windows XP." "Where do I find a driver for a dot-matrix printer? I do not even know what that is." "What's Modbus?" "Is everything this old?" Once the initial shock has worn off, the OT guide may have to restrain some of the new person's enthusiasm. "We can't replace that Windows XP machine, because the software on it is necessary to run this part of the production unit. It was developed by vendor X and has never been updated to run on later ver- sions of Windows. If you update the OS, it won't work correctly anymore, and this part of the production will stop. We haven't rebooted this computer in four years, so don't touch it." The OT guide will also have to re- mind the new person how intercon- nected things are in the plant, and how changing something in one area can ripple through and affect others. Gradually IT technicians begin to see and understand their actions in a larger systemic context rather than thinking of each task in isolation. The notion of how a change might affect safety or pro - duction will, hope- fully, begin to sink in, and the larger picture will take shape. Going in unarmed For many IT techni- cians, moving into the plant means leaving their favorite networking tools be - hind. While standard the realization that cybercriminals can disrupt networks and hamstring man- ufacturing, whether they are trying to steal data or not. Although the IT and OT triads still have their differences, they are not as pronounced as they used to be. None- theless, each department tends to be evaluated against its own set of success metrics. For IT: l data security l risk reduction l cost savings l data visibility For OT, it is more about production: l overall equipment effectiveness l operational safety l production uptime and availability l product quality Putting aside differences So, when the two areas work together, what are the biggest adjustments that have to take place? To begin with, "working together" means IT people moving into the plant. Such together - ness is often imposed on the OT folks, like a shotgun wedding. Situations where individuals from the plant are brought in to work in IT are far rarer— OT stays off the carpet. OT tasks are more specialized and there are gener - ally fewer of those people. When IT people come into the plant for the first time, they are usually shocked by what they find. Many of the younger technicians have never seen some of the technologies they encoun - ter. "This computer is still running Figure 2. A WirelessHART adapter can be added to any HART 5 or later instrument. It does not interfere with the wired connection, so the added capabilities do not affect its initial and essential task of sending process variable data to a real- time control system. Figure 1. The triads representing the areas of concern for IT (on the left) and OT (on the right) are becoming less distinct as technologies and responsibilities become more similar. Source: Cisco

Articles in this issue

Links on this page

Archives of this issue

view archives of InTech - JAN-FEB 2019