Operational Technology (OT) Diversity: Friend or Foe?

Data Basics, Use Cases & Projects Christine Andrews

Large manufacturers have millions of pieces of equipment, categorized into thousands of asset classes, making hundreds or more stock keeping units (SKUs) across hundreds of sites. This level of heterogeneity reflects the needs to adapt to wide ranging markets and deliver differentiated products. But bounty and variety of this kind can also be — and is often seen as — one of the biggest impediments to scaling analytics across manufacturing sites. 

There’s good reason for this concern, especially when you take into account the diversity in the operational networks and technology that command and control processes and equipment. Ask ChatGPT or Google to list the top programmable logic controller (PLC) manufacturers and over 20 familiar names pop up. Add to this the number of variations and ages and it’s easy to understand why one of the most popular open platform communication (OPC) servers has over 200 drivers available to support shop floor connectivity and control.  Supervisory control and data acquisition (SCADA) providers number over 50. Then there are the distributed control system (DCS) providers. And we haven’t even talked about the more than 20 manufacturing execution system (MES) providers as well as hundreds of IoT solutions, where IT and OT start to converge.  

Simply put: In most enterprises, you will find a wide array of devices, protocols and software all bundled together in a single site — which is not even to mention all that gets combined across multiple sites. While the diversity of this array is seemingly unwieldy and even daunting, it can be a strategic advantage.

Security Through Diversity

The first and most obvious advantage is security. System homogenization might appear desirable at first glance: greater standardization means easier maintenance and control. But it also means more systems are subject to the same vulnerabilities. Most of the recent cybersecurity attacks on large manufacturers have come from email systems and spread to other IT-managed centralized systems from there. One of the most interesting examples of PLC level infiltration at the OT level is Stuxnet, and it was and is highly specific to a particular type of device and control logic: in the case of Stuxnet, non-Siemens controllers were unaffected by the virus.  

A core component of most OT security systems is using AI to monitor the communications among various different types of controllers and to establish normal — as opposed to “atypical” — harmonizing the outputs from a great variety in communication protocols and patterns. The more this diversity of controllers is homogenized into a central SCADA and DCS, the more the risk and vulnerabilities increase. Such was the case with a Florida water treatment plant in 2021: this wasn’t an attack on the controllers themselves, but rather on the centralized SCADA monitoring and controlling them. 

Reducing Supply Chain Disruptions

Security isn’t the only area that benefits from heterogeneous systems. Supply chain management is another area where diversification is increasingly important. Post-COVID-19, the entire world has become familiar with supply chain difficulties and disruptions. While that is most frequently considered in the context of raw materials shortages, capital equipment of all shapes and sizes is an important part of the supply chain subject to the same upheavals, lead time shortages, and constraints as other areas (if not more considering the reliance upon chips).  

Over-reliance on one particular vendor or device type subjects the organization to more risk and impedes resiliency. Delayed capital upgrades due to lack of equipment availability create greater inefficiencies in the best case, and production line shutdowns in the worst case. None of this is to mention the fact that diversification in the supply chain enables better cost control, risk mitigation, and supplier leverage.  

Heterogeneity for Better Analytics

Finally, let’s not forget about analytics. While that seems counterintuitive at first glance, since operational diversity makes standardized analytical techniques difficult if not impossible, diversity can actually be a strategic advantage. In the face of highly heterogeneous plant processes, products, and equipment, a manufacturer has essentially three options: standardize at the shop floor, abandon shop-floor-based analytics, or standardize an analytics methodology to tactically address OT diversity.   

The first option is cost prohibitive. Over time, organizations can put standards in place to create less diversity when upgrades and obsolescence occurs, but that’s a long-term strategy not easily implemented along shorter time scales. “Rip and replace” strategies are unfathomable when it comes to thousands of machines and controls. 

Assuming the manufacturer in question wants to do something and not nothing, this leaves the third option. To be clear, standardizing analytics processes to reflect a high degree of heterogeneity across processes and controls is not easy.  No operationally-minded person would make that case. 

But therein lies one’s ability to harness diversity as a strategic advantage. If it’s seemingly so difficult to standardize analytics in this way, will your competitors do it? And what kind of rigor and discipline could embarking on this journey bring to your organization as a whole? Physical exercise, for example, strengthens our bodies not because it’s easy, but because it isn’t. 

In the case of streamlined analytics on highly disparate data elements, the approach is to create a process-minded framework for connecting to diverse sources of data and then transforming them using common, standardized elements into common, semantically relevant, reusable components. Regardless of the OT protocol, device, software, or equipment, someone in the organization knows it and works with it day-to-day. The diversity of your OT environment is a reflection of the diversity of the workforce. It would be a mistake not to leverage the one in order to help simplify the other. 

Standardizing analytics across a diverse set of data elements means getting those OT-minded people involved early on and consistently in the analytics process. It can and should become part of their day-to-day work. Most are doing something with data and analytics already. But IT and line-of-business leaders may not have access to what they’re doing. The key is to provide centralized platform tools they can use to solve problems they live with every day. Incrementally, this can be used to harness the domain-specific knowledge that sprouts across the organization, improve efficiencies, and allow for collaboration across plants, teams and departments.

There is, of course, always the second option: do nothing. Abandon any attempt to harness the knowledge from your shop floor operations because the environment is so diverse and the task is therefore too difficult. But what is to be gained by laying down, except some effort saved in the short term? Better to head your competitors off at the pass and drive value for your customers in a proactive way. 

You May Also Like

Taming LLM Outputs: Your Guide to Structured Text Generation

Read More

No-Code ML and GenAI With Dataiku and Fabric

Read More

The Objects of an LLM Mesh for Building LLM-Powered Applications

Read More

Data Lineage: The Key to Impact and Root Cause Analysis

Read More