If you’re in IT, you’ve probably never heard of the secondary network. If you’re in OT, it’s most likely one of your biggest concerns.
Secondary network devices reside physically within the OT realm. However, the devices don’t exist on the primary OT network, creating the potential for data siloes. Many of these devices exist to feed information to IT applications. However, IT is often blocked by firewalls, diodes and even razor wire from the OT realm. One of the biggest stumbling blocks for IoT remains breaking down the cultural barriers between OT and IT.
Understand the secondary network
The secondary network is the name for the collection of sensors and devices deployed within the demilitarized zone of industrial operations, which is a physical or logical subnetwork that contains and exposes an organization’s external-facing services to an untrusted network. These assets aren’t connected to their SCADA systems, which function and serve as the nervous system in industrial environments by monitoring and controlling the robots, chemical reactors and critical systems to ensure productivity and prevent accidents.
Unfortunately, linking assets to SCADA networks requires highly reliable, redundant and fail-safe implementations that are not trivial or cheap. As a result, companies often circumscribe the number of devices they link to them. For example, a food manufacturer might link its ovens because cooking time and temperature is critical to safety and quality, but not its mixers which can be run manually or with a basic timer. In manufacturing facilities, robots will be linked to SCADA, but the HVAC system might be linked to a separate siloed system or not connected at all.
A sensor that monitors water flow of a remote pump owned by a water utility is also a secondary network device. In addition, a Raspberry Pi board that gets moved from part to part to study power consumption is also considered a secondary network device.
The secondary network continues to grow
Many pieces of industrial equipment that you’d think should be tied to SCADA are also part of the secondary network because they were put in place before the manufacturer adopted a more comprehensive automation plan. In 2018, Kevin Prouty of IDC surveyed manufacturers and found that 22.2% of OT equipment was still not connected to a network, compared to the 40.1% of equipment that wasn’t connected in 2016.
Calling the secondary network a network can be misleading because the actual network doesn’t yet exist. It’s just a dotted line where people think it should exist. Innovation, plummeting prices and new services are driving demand and deployment of these networks.
For example, Toyota Motors Europe is looking to better harness the ambient environmental data inside its production facilities to help the company achieve its goal of zero carbon contribution by 2050. In addition, startups like Petasense have developed services for analyzing real-time vibration analysis with the signals captured by moveable, relatively inexpensive sensors.
Wind developers are putting gateways and sensors on bearings and other components in their turbines to boost capacity factor and lower repair costs. Some companies have projected they can cut the cost of particular repairs by up to 90% by monitoring hydraulic fluid pressure or lubrication remotely with new sensors, or save 20 million euros a year at offshore wind farms by cutting boat trips in half.
Ten years ago, the primary technology for learning about power outages was the phone. Utilities would first learn about an outage when a customer called to complain. But sensors have allowed companies, such as DTE Energy, to reduce power outages by 3 minutes per year per customer. For example, DTE Energy has attached 3,000 sensors to its transmission lines to help it more rapidly detect power outages.
With 2.2 million customers, that means DTE Energy avoids 6.6 million customer minutes — cumulatively about 12.5 years — of darkness every year. By linking these through a secondary network and avoiding SCADA integration, DTE Energy believes it avoided $25 million in implementation costs.
To accelerate the adoption of these sensor and devices at the edge, open source project efforts such as Linux Foundation’s LF Edge have emerged and gained significant traction since the beginning of 2019. In addition, Dianomic recently contributed Fledge to the Linux Foundation’s LF Edge effort to accelerate further growth in the second network and in the smart devices serving industry.
Communication around secondary networks is key
Secondary networks are sometimes referred to it as a control and operations companion cetwork. To some, the term secondary implies that the network is secondary in importance. Calling something secondary could encourage more data silos, but the security requirements can be just as demanding. Some OT engineers call the secondary network the IoT network, but this too creates confusion. To IT, everything inside the OT zone belongs to an IoT network.
Secondary network devices reside physically within the OT realm. The devices, however, don’t exist on the primary OT network, creating the potential for data siloes. Many of these devices, in fact, exist to feed information to IT applications. IT, however, is often blocked — by firewalls, diodes and even razor wire — from easy access to the OT realm.
One of the biggest stumbling blocks for IoT remains breaking down the cultural barriers between OT and IT. That means adopting a mutual language and view of the universe.