Path to OT success on the plant floor as described by users

By Stephen Malyszko, PE

These articles typically contain words of wisdom and advice from industry consultants or subject-matter experts. The content of this article, however, is from actual users who recently answered a series of questions by Malisko's IIoT lead, Mark Fondl. The responses that follow are in the user's own, unedited, words.

What are some pointers when explaining the different needs of the manufacturing networks to upper management?

"With today's typical level of automation, as the network goes-so goes the plant."

"If you lose your email it's annoying. If you lose your manufacturing operations, it's career limiting."

"We have told management that our most critical needs are: (1) uptime, (2) reliability, (3) security. However, IT has told their management that their most critical needs are: (1) security, (2) reliability, (3) uptime. Trying to get these priorities aligned between the groups has been an extreme challenge."

Suggest an approach to create a collaborative environment between information technology (IT) and the controls groups.

"Garner a mutual understanding that the control and IT networks are different. While some standards may apply equally across both environments, other standards may have a higher or lesser degree of importance or necessity in the other environment. Common differences lie in the level of architecture that the two groups are focused on. The IT systems, standards, support structures, and policies are typically more established than in the controls realm. As the need to integrate plant floor/controls data systems across the business, the controls group does not often have the same level of knowledge or infrastructure as the enterprise level. Adopting and learning the IT standards and policies are not a nice to have but a must."

"This has been one of the greatest struggles within our organizations. Unfortunately, this relationship is still extremely adversarial. My best advice is to have a single point of confluence where the IT and controls group meets. All needs from the controls group goes to a single person, who then figures out what IT group needs the information and funnels all technical requests back to the controls group. Get all needs and requests in front of each group with as much advance time as possible."

What should others know about security and the positive and negative effects it may have on performance or supportability?

"Higher security increases mean complexity of system architecture. However, [it] can provide higher reliability if designed correctly. Higher security has not impacted network performance; however, [it] has increased cost due to time required to approve access for contractors needing to support systems."

"From a security position, keeping firewalls and level 3 switches as impenetrable as possible is important."

Is it important that plant floor people be involved in support of the networks?

"Yes, especially process systems and packaging integration."

"Yes, they are ultimately the customer; they should have some say in the services to be provided."

"Plant floor people accept responsibility for the health of equipment in plant processes. Plant tech is the nervous system that assures that equipment runs safely and reliably. Establish agreement that asset care includes plant tech. Establish the role for plant floor personnel. Much of the support of plant tech is provided by remote resources. Remote support can be efficient and cost effective. Plant floor people are an essential part of effective support."

Is it important to create a demilitarized zone (DMZ) or boundaries in the networks?

"Yes, to limit who has access to systems they're not authorized to access or trained to support."

"Yes. Protocol changing across DMZ boundaries makes it more difficult for outside attacks on a specific protocol. When implemented with a firewall, it also provides additional visibility and auditing along with troubleshooting capabilities."

"Creating a DMZ helps keep unwanted network traffic from flooding the controls network and interfering with machine-to-machine communications."

Can you discuss the importance of using outside resources to help you and why?

"If you're not current with industrial network technologies, you may inadvertently install COTS-grade equipment and will pay dearly for saving a few pennies."

"The biggest issue is they have done multiple installations and learned from other's mistakes. In other words, experience."

"Deployment of industry best practices and ways to optimize cost and resource requirements."

What are the key capabilities you look for in a system integrator on your network designs or deployment?

"Are they smart enough to listen to me before they tell me how good they are?"

"OT and IT capability under the same roof."

"Solid understanding of network fundamentals (how is it constructed/configured and what makes it work), experience with similar or applicable applications, and ability to view application from design, installation, and maintenance viewpoints."

"Deployment of industry best practices following CPwE methodologies focused on cell, area deployment with server infrastructure on different VLAN/networks.".

 
 subscribe now jpeg

About the Author

Stephen Malyszko, PE, president, CEO, and cofounder of Malisko Engineering, Inc., has spent his entire 40-year career developing systems for manufacturing automation. Contact +1 314-881-5410 or www.malisko.com for more information.

Reader Feedback

We want to hear from you! Please send us your comments and questions about this topic to InTechmagazine@isa.org.