Every day, multiple technologies work in the background to make modern life possible. Two of the most important examples include Information Technology (IT) and Operational Technology (OT). While most of us recognize IT as a term that broadly encompasses digital computing, what about OT?
OT can be difficult to understand, but that’s only because most of us are unaware of the nomenclature. In recent times, exciting developments are bringing about a convergence between OT and IT that have big implications for technology and industry.
In this article, we’ll define what it is, and how it relates to other terms.
OT or Operational Technology encompasses the computing systems that manage industrial operations. This includes monitoring of Oil & Gas, the Electric Utility Grid, manufacturing operations, and more.
Simply put, OT runs the networks that allow common civilized norms to continue like the electricity turning on in your house or the clean running water coming out of your faucet.
Industrial Control System
Industrial Control System (ICS) is an umbrella term that includes both SCADA and DCS. An ICS network can monitor many infrastructure and raw material systems. For instance,
- Conveyor belts in a mining operation
- Power consumption in the electric grid
- Valve pressures in a natural gas facility
ICS networks are mission critical, requiring immediate and high-availability. In many ways, this emphasis represents the main difference between IT and OT/ICS systems. For IT, security is high priority preserved by the Confidentiality, Integrity, and Availability (CIA) triad. In OT/ICS networks, both integrity and confidentiality come second to availability.
Supervisory Control and Data Acquisition (SCADA) is a systems architecture for managing large and complex processes. SCADA systems are normally found in utility providers such as natural gas and electric power transmission, where control functions are distributed over a large geographic area.
SCADA systems consist of three main components:
- A central command center consists of all the servers running SCADA software
- Multiple, remotely located local control systems directly control and automate process equipment
- Communication systems connect the servers at the central command center to the remote locations
The main purpose of SCADA is data acquisition: the networks consist of multiple remote terminal units (RTUs) that are used to collect data back at the central command center, where they can be used to make high level decisions.
Distributed Control System
Distributed Control System (DCS) is a type of process control system that connects controllers, sensors, operator terminals and actuators. The data acquisition and control functions are performed by distributed processors situated near the peripheral devices or instruments from which data is being gathered.
While DCS and SCADA are functionally very similar, DCS is generally employed at large, continuous processing facilities. Operations are almost always controlled onsite rather than remotely.
Harry Thomas is a senior level cyber security consultant who works with industries that require security in high availability networks such as Electric Utilities, Healthcare, Oil & Gas, etc. He enhances security programs through methods of vulnerability assessments, penetration testing, reverse engineering, and security research. Harry harnesses his experience from both enterprise security and ICS security to build secure networks that enable organizations.
Securicon offers comprehensive digital security and compliance solutions to organizations. Our services include penetration testing and social engineering assessments which are trusted by critical infrastructure companies across the U.S and other critical organizations to find vulnerabilities and maximize safety. In 2019, there’s no room to be lax about security – contact us today!