1. What is OT?

Most people are probably familiar with the term information technology (IT). IT professionals usually work on the business side and cover the entire spectrum of computing science, such as software, hardware, communications technologies and related services. However, IT does not include embedded technologies and industrial equipment, so most IT teams have little experience with Industrial Control Systems and are unfamiliar with high voltage currents, Programmable Logic Controllers, and Computer Numerical Controls. Operational Technology (OT) is a relatively new term and as Gartner explains:

“OT is hardware and software dedicated to detecting or causing changes in physical processes through direct monitoring and/or control of physical devices such as valves, pumps, etc.”

— Gartner IT Glossary, as of Jan. 2019

In general, Industrial Control Systems (ICS) are environments that contain Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), Computer Numerical Controls (CNCs) and Programmable Logic Controllers (PLCs). Embedded systems are as much a part of industrial engineering as a variety of devices for scientific data acquisition, data modelling, and data processing.

IT and OT have distinct roles in a company. With the advancement of digitisation and the industrial internet, the boundaries between the two teams are blurring. More connectivity and integration is of course beneficial for intelligent analysis and control. While security has always been a priority for both IT and OT teams in traditional systems, these newly arising networked IT/OT systems represent new scenarios and risk profiles in both directions. Close collaboration would therefore be the ideal solution. However, the two areas still tend to work side by side rather than collaborative. It is precisely why this integration is necessary in order to take advantage of the opportunities offered by IIoT.

The main concern of both parties is to maintain control over systems and machines and ultimately to ensure the safety of their employees and customers. The new solutions should incorporate the following key components to satisfy both sides:

Identification and Authentication of all devices and machines in the system, both in production facilities and in the fields, to ensure that only approved devices and systems can communicate with each other. This would reduce the risk of unauthorised and untrusted devices compromising the network and taking control over systems or machines.

of all devices and machines in the system, both in production facilities and in the fields, to ensure that only approved devices and systems can communicate with each other. This would reduce the risk of unauthorised and untrusted devices compromising the network and taking control over systems or machines. Encryption of all communications between devices, machines, and operators to protect the privacy of the data being transmitted.

of all communications between devices, machines, and operators to protect the privacy of the data being transmitted. Integrity assurance of the data generated by these systems. Intelligent analysis is an important facilitator in the introduction of the industrial internet. But this analysis is worthless if the data itself cannot be trusted.

With the development of distributed ledger technology, a powerful protocol is now available that could bridge the gap between IT and OT in the future.

Using the measuring instruments as an example, which by definition are dependent on data integrity, tamper-proof data and complex measurement calibrations, a proof-of-concept was set up, which is supposed to bridge the gap between OT measuring devices and IT data services via IOTA.