Featured Image

Protecting an OT vs. IT Network: Performance Differences

A topic that is often not considered is the differences in the performance requirements between the IT and OT network environments.
Dec 08, 2021

There are significant differences in the equipment connected to an OT (shop floor) network than to an IT (office) network. There are also significant differences in the processes and procedures required to manage and support these networks. A topic that is often not considered is the differences in the performance requirements between the two network environments.

Generally, the near real-time performance of an IT network isn’t as significant of a concern as it can be on an OT network. In the IT environment, it would be considered normal and acceptable if there is a half-second delay in updating information on your screen or if there is a five-second delay when transferring a document to a printer. Depending on how an OT network is being used, similar performance may be totally acceptable or disastrous.

When security measures are applied to a network, every message that is transferred on that network passes through one or more security checkpoints. Passing through each checkpoint adds a small delay in the message. This delay may be a few milliseconds or can be more significant, depending on the type of security assessment implemented at each checkpoint. 

Also, on an OT network, edge computing devices are commonly used to connect some of the equipment on the shop floor to the network. Depending on how an edge computing device is implemented, different delays can be experienced as messages are passed to/from these devices.

  • If the edge computing device is merely passing messages between the network and the piece of equipment (acting as a translator), then the delays may be minor. 

  • If the edge computing device is also analyzing the messages for security threats, then some additional delays will be experienced.

  • In other implementations, the edge computing device is constantly gathering data from the equipment to create a local copy of the real-time data. Exchanges of information across the network are made directly to/from the edge computing device. When the edge computing device responds with data, the data most commonly comes from this local copy. There will be a latency (a delay) represented by the time difference between when the data was collected from the equipment and when it was used to respond to a message on the network. The amount of this delay is implementation specific.

The cumulative effect of these various delays will impact different OT networks in different ways. If the network is being used for basic data collection and monitoring of activity on the shop floor, these delays likely have no real impact on the quality or validity of the information being collected. However, if the network is being used for more real-time functions, like coordinating operations between pieces of equipment, then these delays can be very detrimental – to the point that they could represent safety issues in certain circumstances.

It is essential that IT professionals working in the OT environment fully evaluate the performance requirements of the shop floor network and factor the sources of delays in the flow of information across the network into their network design plans. Some of the technology choices that may make it easier to connect equipment (especially older equipment) to the network may lead to unintended consequences when it comes to the performance of the network. 

When planning the implementation of an OT network, all aspects of the network must be fully understood and incorporated into a security strategy – the uniqueness of shop floor equipment, the types and sources of potential security threats, and the performance required to support the data management functions needed for a specific implementation. 

PicturePicture
Author
John Turner
Director of Technology for FA Consulting & Technology (FAC&T) and member of the MTConnect Institute.
Recent technology News
Regardless of whether or not there is a single or multiple points of connection between the two network environments, the objective of the security functions applied at these connection points is to control the flow of information across that barrier ...
The types of equipment connected to OT networks (manufacturing) are fundamentally different than the equipment connected to an IT network (office). This difference represents a whole new set of challenges for IT professions attempting to extend their ...
The quality and fidelity of simulation have evolved so dramatically that many manufacturers don’t even know what is possible to accomplish using simulation.
These are tools to achieve an end such as a reduction in cost or new opportunities that lead to more revenue. But what happens when the results are less than expected?
Entities working toward continuous improvement and smoother operations management as well as users, builders, and developers of additive, automation, subtractive, workholding, and metrology have been making manufacturing technologies change...
Similar News
undefined
Technology
By Dr. Chinedum Okwudire | Feb 07, 2014

As you drive around town, you’ve probably noticed an increase in the number of hybrid electric vehicles (HEVs) on the road. Chances are you own one yourself. What is it about HEVs that is making them increasingly popular?

10 min
undefined
Technology
By Dr. Chinedum Okwudire | Nov 08, 2013

Sustainable manufacturing technologies must aim to improve (or at least to maintain) performance while reducing economic, environmental and social costs. This goal can be achieved by investing in the development of new technologies.

11 min
undefined
Technology
By John Turner | Jan 06, 2022

Regardless of whether or not there is a single or multiple points of connection between the two network environments, the objective of the security functions applied at these connection points is to control the flow of information across that barrier ...

5 min