One really good podcast and website about all things “Internet of Things” is Stacey Higginbotham’s Stacey on IoT. In a post, There are 3 different versions of the IoT, she highlights the three versions, consumer IoT, enterprise IoT, and industrial IoT. We spend quite a bit of time on the third one, IIoT.
From this post, she received several responses:
…ranging from thoughtful insights into the security implications of how I tried to break down each type to calls for even more categories.
In a follow up newsletter (link to email subscription), Stacey shared some of this feedback including some from Emerson’s Michael Lester and Mike Boudreaux. In the post, Stacey highlighted the importance of documentation in enterprise IoT. Michael shared:
I agree with your comments and will add this is evolving beyond documentation methods of the past and more toward the need for automated versions of device management that include audit trail and configuration management capabilities to ensure changes to the enterprise environment are quickly identified and assessed for risk. Larger enterprises will need to employ such automated tools to manage the associated cyber and operational risks. Provisioning and de-provisioning and lifecycle management of anything connected to your network are key to scalability and successful integration.
About Industrial IoT, Stacey wrote:
The biggest question I have about industrial IoT is whether or not I should consider including it in the same category as older industrial protocols such as SCADA, PROFINET, or HART. None of them connect to the internet, but rather to a special controller that automates or alerts workers to problems.
Here’s a portion of Michael’s feedback to this question:
The data consumption model really determines if it is IIoT from my perspective. There are typically three operational areas data live in this model: Safety; Control and Analytics. From an IIoT perspective any data living in the Safety and Control areas should be for monitoring or read only and sometimes data diodes or other security controls are used to ensure this is strictly maintained. The separation of capabilities relative to the operational areas is paramount to maintaining the operational integrity and security in each. In the Analytics area, it is paramount that architectural and operational security be maintained to not allow access to safety or control functions as a primary imperative… or “do no harm”.
Here is a portion of what Mike Boudreaux added to this question:
In the industrial domain, control systems are decades old and they are not directly connected to the Internet. They use older digital protocols like CANBUS (cars), BACnet (buildings), and standard multi-core wiring on A/C systems. The underlying control systems in the cars, buildings, and A/C systems are still based on these old paradigms. It’s the smart edge interface that is new, and along with that comes the ability to send telemetry data to the cloud, layer on more user-friendly UI interfaces, remotely push firmware updates from the cloud, and embed new data storage and processing software locally in the edge device. It’s the smart edge interface that is new, and along with that comes the ability to send telemetry data to the cloud, layer on more user-friendly UI interfaces, remotely push firmware updates from the cloud, and embed new data storage and processing software locally in the edge device.
Visit the Industrial Internet of Things and Plantweb digital ecosystem sections on Emerson.com for more on IIoT products and solutions. You can also connect and interact with other IIoT experts in the IIoT & Digital Transformation group in the Emerson Exchange 365 community and/or at the September 23-27 Emerson Exchange conference in Nashville.