The digitization of industry means several things – from less downtime and better machine/device/systems analysis to better remote access for diagnostics, troubleshooting and repair. And while numerous technologies underlie the transition to industrial digitization, perhaps the most important components are the industrial networks that enable the connectivity and transmission of data required for the digital transformation of industry.
Amidst all the changes taking place on the journey towards greater digitization, according to Paul Didier, solution architect for IoT (Internet of Things) at Cisco, three key trends stand out: the shift from proprietary to commodity networks (e.g. Ethernet), the Leveraging zero-trust security models and software-defined networking (SDN).
During his presentation at the 2021 Rockwell Automation Fair, Didier said the industry is “moving from siled networks and connectivity-driven, end-to-end, manually operated networks to controller-based policy automation and service-driven networks that cater to it Business goals.” With the goal of “creating intent-based networks that continuously align with dynamic business needs in all areas of an organization”.
According to Didier, in order to achieve these goals, digitization requires a new class of networking. These demands include:
- More bandwidth for video, automated guided vehicles, thermal imaging, and the 3D sensors commonly used in robotics for object detection, collision avoidance, and inspection. Acknowledging this need for increased bandwidth, Didier noted that Cisco is no longer developing new switches at sub-gigabit speeds;
- Robust, low-latency communications to support transmission of large data to industrial applications;
- Greater cybersecurity due to the increased threat surface emanating from more connected devices;
- Simplified scaling – the ability to deploy and manage more devices in more locations; and
- Edge computing, which provides the ability to process large amounts of data closer to the source.
The IT/OT interface
“All of them [network] Requirements are driving the need for collaboration between IT and OT,” Didier said.
In response, Cisco and Rockwell Automation have worked together on the Stratix line of managed switches, specifically the new 5800 series. Part of this collaboration is the extension of Cisco’s IOS (Internetwork Operating System) to IOS-XE. According to Cisco, IOS-XE is designed as a single operating system (OS) for enterprise wired and wireless access and WAN to reduce network complexity.
This represents “a fundamental shift in our operating system to a software-defined model,” Didier said. “It (IOS-XE) has numerous built-in cybersecurity features to provide a playbook for IoT success today and tomorrow with the 5800 series.”
Stratix 5800 series switches features include:
- All Gb ports for Layer 2 access or Layer 3 distribution switching;
- expandability from 10 to 26 ports;
- Support for precise time synchronization (e.g. PTP)
- Support for Cisco TrustSec to enable secure network access and Cisco’s Cyber Vision sensor agents; and
- Copper, fiber optic and Power over Ethernet ports.
Didier explained that Cisco’s Cyber Vision sensor agent collects data from all ports and analyzes network traffic to determine what types of devices it’s coming from, who and what devices it’s communicating with, and what type of protocol it’s using. “It’s a tool that tells you what’s on the network and who’s talking to whom,” he said. “It can passively or actively probe a device and help lock down operations on the network to achieve a zero-trust model and provide intelligence for SIEM (Security Information and Event Management).”
Zero trust basically means that devices, users and applications should be validated on the network and only communicate with other systems on the network that they are supposed to. “It secures all user and application connections and limits the impact of devices potentially affected by malware,” Didier said. Cisco Secure Zero Trust provides visibility into who and what is on the network and enables segmentation to shrink trust zones and grant access based on least privilege and containment.
Although SDN is an important component of digital transformation, it is not yet as widespread as the use of Ethernet with zero-trust security. According to Didier, SDN was originally designed to make IT easier by automating the process of adding and configuring new devices for the network.
“We now have a handful of customers working with them, but there are still concerns that these tools will work as expected and not impact production operations,” he said.
One reason for this caution about SDN is that operations staff often don’t have access to IT tools for network management, Didier said. “They typically have poor insight into the health of the network, leading to uncertainty that a network outage is caused by network or control system problems.”