The paper describes an evidence based construct hierarchy for engineering asset management based organisations to effectively bridge the great divide of operational (OT) and information technologies (IT) for data driven, automated asset management decision making. The research followed an interpretive epistemology conducted as case studies of seven mining, utility and defence based organisations and over fifty Technology and Engineering practitioners to establish TOP constructs through Delphi study survey rounds and interviews. The research findings suggests that end to end technology governance from asset to office is a complex, holistic, information governance driven system. The research highlights that governing of technology, organisational process and people (TOP) constructs in such a complex holistic system of converged OT and IT technology environment is beneficial to Engineering Asset Management (EAM) based organisations for value chain automation by consistently governing data. Without a framework to manage the complex system constructs organisations are unable to achieve timely, reliable, sustainable automated decision making and cost effective use of existing technology staff, hardware, software, networks and governance processes. The research findings prioritised TOP information governance based constructs across applications, telecommunication networks, data, tag and people management aspects of organisational ISA95/MES technology stacks. The resulting framework is an easy to apply conceptual framework for practitioners
AUTOMATING DATA FOR IIOT ASSET MANAGEMENT & CONTROL - A HOW TO FRAMEWORK
1. Data governance driven TOP
integration framework for
Industry 4.0
Dr Anastasia Kuusk
University of South Australia Futures Institute/School of Computer
Information Science
Adelaide University Infrastructure Mining Engineering Research Centre
2. DATA GOVERNANCE = TOP CHALLENGES
PLC
REPORTING
DASHBOARD
MES/ERP
HISTORIAN
SCADA
FIREWALL
4. CORPORATE
GOVERNANCEWhich
standards does your
organisational context need
to comply with?
INFORMATION
Data modelling
MIMOSA
ISO 15926
NOTE:
Records/Knowledge
management standards
such as
ISO16489/legislationhave
little influence
TECHNOLOGY
Network
communication
internet protocols
UDP/IP and DNP3.0
ENGINEERING
ASSET
MANAGEMENT
PAS55
ISAM
NERC
INTEGRATION
ISA95
COMMON GOVERNANCE
BUILDING BLOCKS
DRIVERS
Inaccessibility or costly asset access in
remote areas.
Timely at asset data access for
maintenance decisions in competitive
environment.
ENABLERS
Single internet protocol , open source
telecommunication network.
Enterprise wide data modelling
standards.
OUTPUTS
Automated monitoring of network
health.
Efficient exchange of information and
management of information.
OUTCOMES
Engineers can access remote data
seamlessly between OT/IT
environments.
Automated monitoring of network
health.
Decreased asset travel costs
ALIGN
Joint technology, engineering
meetings
Planning of strategy and agreement on
standards (Organisation)
Technology, Asset, Information
strategies people, process &
technology aligned
CONVERGE
Technology hardware (Vendors)
INTEGRATED
Seamless asset to office information
flow across single OT/IT
telecommunication network protocol
INFLUENCING GOVERNANCE FACTORS GAP CHECKLIST
TECHNOLOGY
Interoperability and standards
IT computer hardware and
applications such as windows
operating system, pc’s, data backups,
UPS and SQL server consistent
across OT and IT environments.
Some OT hardware such as PLC’s,
I/O cards not consistent.ISO/IEC
12207/2008 software engineering,
SI2100 “Standards‐Based asset mgt
system interoperability
IT architecture/infrastructure
Single platform open source internet
protocol telecommunication network
(UDP/IP) across OT (DNP3.0 comms
protocol/ IEC61131-3 RTU
programming) and IT, data
historian/loggers, data models agreed
COBIT, service oriented data bridge
NOTE: Citrix remote access impedes
seamless asset to office transfer
Enterprise data modelling
XML schema, ISO 15926 MIMOSA
enterprise asset management
adapters, ISO15926 data
mapping/modelling
Technology security and reliability
ISACA Security standards not
impede data flow by separate
networks.
Automated monitoring of
asset/network health.S1301
Integrated Reliability Management
Hardware and software
Single network across OT and IT,
data historian/loggers, SQL
servers/database backends, OT
controllers and interface cards
different
ORGANISATION
Resources and return on
investment
Integration compared to
travel costs
Project management
Project Management Office
in place.
Dedicated Engineering
Project Management role
DOD2167 agile development
Risk management
Risks documented and
mitigated in plan
Information Quality
Management
Technology alignment to
business strategy
Technology, information
and asset management
strategy documented,
updated and reported against
in single strategy document
or all three aligned in
objectives, roles,
investment, technology
protocols and outcomes.
Quality Management
System guideline
(ISO10013).
Organisational culture
Operations and management
approaches vary from one
business to another – what
type of
organisation/management
approach is used by your
organisation?
PEOPLE
Training
Ease of use, reliable application,
obvious what need to do next,
enterprise wide implementation,
common interface, thorough
testing before implement,
workshop to get data required
and how to use interface
Skills and knowledge
Joint technologist/engineering
meetings/Engineer PM
Roles
Technologist –security standards
and udits, backups and
telecommunication network
implementation, pc/hardware
procurement, convergence,
maintenance, upgrades.
Engineers – OT hardware
(proprietary/Programmable
Logic Controllers/SCADA) and
software , implementation,
procurement programming,
upgrading, maintenance, project
manage.
Joint role – Data modelling and
information communication
transfer protocols agreement
Vendor – provide hardware and
software
Consultant – audit, advice,
program
Researcher – latest algorithm
programming technical expertise
NOTE: Office of CIO and
records management staff have
little influence.
Figure 5.3 An OT/IT information governance framework for the EAM context
Gartner, 2008
RESEARCH
FRAMEWORK
6. TECHNOLOGY CHALLENGES
Structured and Hardened
IACS Network Infrastructure
Flat and Open
IACS Network Infrastructure
Smaller Connected LANs to Create
Boundaries and Segmentation
Large LAN, Lacking Natural Boundaries
and Segmentation
7. PROCESSING AT THE NETWORK EDGE
Industrial IoT
Operational Technology
Industrial IT
Information Technology
Internet of Things
Physical or Virtualized Servers
• FactoryTalk® Application Servers and
Services Platform
• Network & Security Services – DNS,
AD, DHCP, Identity Services (AAA)
• Storage Array
Remote
Access
Server
Physical or Virtualized Servers
• Patch Management
• AV Server
• Application Mirror
• Remote Desktop Gateway Server
Distribution
Switch Stack
Cell/Area Zone - Levels 0–2
Redundant Star Topology - Flex Links Resiliency
Unified Wireless LAN
(Lines, Machines, Skids, Equipment)
Cell/Area Zone - Levels 0–2
Linear/Bus/Star Topology
Autonomous Wireless LAN
(Lines, Machines, Skids, Equipment)
Industrial
Demilitarized Zone
(IDMZ)
Enterprise Zone
Levels 4–5
Industrial Zone
Levels 0–3
(Plant-wide Network)
Core
Switches
Phone
Controller
Camera
Safety
Controller
Soft
Starter
Cell/Area Zone - Levels 0–2
Ring Topology - Device Level Ring (DLR) Protocol
Unified Wireless LAN
(Lines, Machines, Skids, Equipment)
Plant Firewalls
• Active/Standby
• Inter-zone traffic segmentation
• ACLs, IPS and IDS
• VPN Services
• Portal and Remote Desktop Services proxy
Safety
I/O
Instrumentation
Level 3 - Site Operations
(Control Room)
HMI
Active
AP
SSID
5 GHz
WGB
Safety
I/O
Controller
WGB
LWAP
SSID
5 GHz
WGB
LWAP
Controller
LWAP
SSID
2.4 GHz
Standby
Wireless
LAN Controller
(WLC)
Cell/Area Zone
Levels 0–2
Cell/Area Zone
Levels 0–2
Drive
Distribution
Switch Stack
Wide Area Network (WAN)
Data Center - Virtualized Servers
• ERP - Business Systems
• Email, Web Services
• Security Services - Active Directory (AD), Identity Services (AAA)
• Network Services – DNS, DHCP
• Call Manager
Enterprise
Identity Services
Identity Services
External DMZ/
Firewall
Cloud
Access
Switches
Access
Switches
IFW
IFW
Drive I/O Drive I/O
I/O I/O I/O Robot
Servo
Drive
10. CONVERGE
IT & Engineering staff
agree framework for
collaboration - standards
and protocols
ALIGN
Align strategies, single open
integration protocols for data
transfer, hardware and
communications infrastructure
INTEGRATE
Efficient integration &
management of
information between PCN
and office environments
OUTPUTS
Efficient exchange of
information and
management of data
DRIVERS
Remote distance to
asset & Plant Asset
Engineering Manager
OUTCOMES
Decreased cost
Increased reliability &
security
ENABLERS
Single telecommunication
protocols/network enabled
by interoperable,
standardised data
communication protocol
RESEARCH FINDINGS INSIGHTS
11. MOVE FROM LINEAR TO HOLISTIC DATA GOVERNANCE
People Process
Technology
Data
governance
EDGE
Ethernet IP
hardware
data
processing
EDGE -
Sensors on
product
FOG
EDGE
Mobile vehicle/cloud
database reporting
EDGE
Web data/
weather
PLC
REPORTING
DASHBOARD
FUTURE
CURRENT
MES/ERP
HISTORIAN
SCADA
VLAN VLANVLANVLAN
FLAT NETWORK
WITH CYBER
ACTIVITY
MONITORING
FIREWALL
DMZ