There are significant differences in the equipment connected to an OT (shop floor) network than to an IT (office) network. There are also significant differences in the processes and procedures required to manage and support these networks. A topic that is often not considered is the differences in the performance requirements between the two network environments.
Generally, the near real-time performance of an IT network isn’t as significant of a concern as it can be on an OT network. In the IT environment, it would be considered normal and acceptable if there is a half-second delay in updating information on your screen or if there is a five-second delay when transferring a document to a printer. Depending on how an OT network is being used, similar performance may be totally acceptable or disastrous.
When security measures are applied to a network, every message that is transferred on that network passes through one or more security checkpoints. Passing through each checkpoint adds a small delay in the message. This delay may be a few milliseconds or can be more significant, depending on the type of security assessment implemented at each checkpoint.
Also, on an OT network, edge computing devices are commonly used to connect some of the equipment on the shop floor to the network. Depending on how an edge computing device is implemented, different delays can be experienced as messages are passed to/from these devices.
If the edge computing device is merely passing messages between the network and the piece of equipment (acting as a translator), then the delays may be minor.
If the edge computing device is also analyzing the messages for security threats, then some additional delays will be experienced.
In other implementations, the edge computing device is constantly gathering data from the equipment to create a local copy of the real-time data. Exchanges of information across the network are made directly to/from the edge computing device. When the edge computing device responds with data, the data most commonly comes from this local copy. There will be a latency (a delay) represented by the time difference between when the data was collected from the equipment and when it was used to respond to a message on the network. The amount of this delay is implementation specific.
The cumulative effect of these various delays will impact different OT networks in different ways. If the network is being used for basic data collection and monitoring of activity on the shop floor, these delays likely have no real impact on the quality or validity of the information being collected. However, if the network is being used for more real-time functions, like coordinating operations between pieces of equipment, then these delays can be very detrimental – to the point that they could represent safety issues in certain circumstances.
It is essential that IT professionals working in the OT environment fully evaluate the performance requirements of the shop floor network and factor the sources of delays in the flow of information across the network into their network design plans. Some of the technology choices that may make it easier to connect equipment (especially older equipment) to the network may lead to unintended consequences when it comes to the performance of the network.
When planning the implementation of an OT network, all aspects of the network must be fully understood and incorporated into a security strategy – the uniqueness of shop floor equipment, the types and sources of potential security threats, and the performance required to support the data management functions needed for a specific implementation.
