Digitalization offers many opportunities, but at the same time it brings many challenges, especially due to the increasing number of end devices and their connectivity. Traditional industrial networks are often no longer able to manage the volume of devices. The fact that more and more mobile devices such as smartphones or handheld scanners are demanding access to internal company resources exacerbates this problem. In addition, personnel and budget resources are becoming increasingly scarce, as are new regulations. It is therefore difficult for operations and network managers to get to grips with the situation: They need modern network structures that can be managed and monitored efficiently.

Industrial networking: off the island

While many administrative business areas already have modern networks, the necessary structures are often lacking in industrial environments. This is because industrial communication networks have usually grown historically and differ considerably from the usual networks of administrative areas. Companies need to differentiate between information technology (IT) and operational technology (OT).

In the IT environment, typical office end devices such as PCs or printers are used. OT, on the other hand, is used in demanding industrial environments with fundamentally different applications. This often involves old hardware and software for process monitoring and control of machines, systems and processes. Developed as stand-alone solutions for the respective application, they were merely maintained over the years. There was no requirement for communicative networking, as this was simply not necessary. In times of digitalization, this has become a problem.

In order to prevent or solve communication problems, industrial companies must create convergence between IT and OT. In doing so, they should be aware of the three main challenges of industrial networks: Firstly, they need to extend centralized functions to the industrial network in order to save costs and integrate new devices more easily (automation and speed). Secondly, the entire network topology must be monitored in order to ensure targeted troubleshooting and initiate optimizations (management and monitoring). Last but not least, it is also about overcoming threats and vulnerabilities by rolling out uniform strategies to industrial environments (assurance and security).

Security in industrial networks

Security is particularly important: with the growing amount of data to be processed and increased networking, more and more attack vectors are emerging. At the same time, the issue of high availability of data and data streams is much more business-critical in industrial networks than in the rest of the company. Downtime - in the worst case scenario in the form of production downtime - can quickly result in immense costs and subsequently damage a company's reputation.

The fact that security still plays a rather subordinate role in industrial environments is demonstrated by the situation in companies. The main shortcomings include, for example, the fact that security updates are not installed in many places, employees still use the standard manufacturer passwords for logins and unauthorized remote access from suppliers is commonplace. The fact that there is often no separation between IT and OT networks also causes problems. The result: unnecessary, unblocked connections. In addition, computers with Windows XP are often still running in the individual industrial environments, which only communicate with the old protocol version SMBv1; this variant is also classified as a risk factor due to its old architecture.

Different requirements of IT and OT

Many of these security problems result from the fact that IT and OT have different security requirements. IT is primarily concerned with the security of systems, the scalability of the infrastructure, the visibility of components and simple management. The requirements of OT, on the other hand, first and foremost include the security of personnel and processes, the guarantee of operations, the reliability of components and ease of use. With this gap, it quickly becomes clear that companies can only create effective security solutions if they consider the requirements of both sides during implementation. Only then can the full operation of a security solution be guaranteed. Cyber security know-how (network knowledge, security guidelines, troubleshooting) and industry know-how (operational knowledge, criticality assessment, production operation) must come together.

Security solutions that monitor industrial networks, bring visibility to the production network and can trace communication are helpful. For example, device information and communication relationships can be displayed in easily traceable tags and events and changes to variables can be tracked. The integrity of the industrial process is monitored. External service providers provide assistance in the selection and implementation of such solutions if the necessary internal know-how is lacking.

Advantages of a successful IIoT strategy

If the combination of IT and OT is successful in terms of a successful IIoT strategy, operational efficiency improves and costs are reduced in production. Processes become faster and new business models can be implemented more easily. In other words, when used correctly, IIoT in combination with industrial networking has a positive impact on the growth, competitiveness and future viability of an industrial company.

Thomas Kugelmeier is Client Solution Executive at Logicalis / ag