Cybersecurity in Operational Technologies consist of defensive software (and sometimes hardware) solutions that protect physical devices, processes, and events in production and logistics value chains in internet. It connects physical life safely to IT systems.

Sometimes OT is called also as Cyber-Physical System (CPS).

According to Gartner®, CPS is “engineered systems that orchestrate sensing, computation, control, networking and analytics to interact with the physical world (including humans). When secure, they enable safe, real-time, reliable, resilient and adaptable performance.”

Operational technology (OT) assets consist of several different technologies developed over last decades

• ICS: Industrial control system cybersecurity focuses on ensuring the security and safe function of industrial control systems. This includes the users and applications often still with proprietary hardware and communication protocols of the following systems:

  • DCS: Distributed Control Systems for continuous production processes like oil and gas production

  • PLC: Programmable Logic Controllers like SIMATIC from Siemens or Allen‑Bradley® PLCs from Rockwell for discrete automation like automotive production

  • RTU: Remote Terminal Units are geographically distributed computers connected to a control center. Thy are used in electricity production and distribution, oil and gas pipelines, transportation.

  • SCADA: (Supervisory Control And Data Acquisition) Scada system is an application managing RTUs and sensors in the field over telecommunication network or VPN connections in internet.

  • PAC: Combination of the abilities and technologies of distributed control systems (DCS) and remote terminal units (RTU) extended with PC applications

  • I/O: Sensors (input) and actuators (output)

  • ESD: Emergency Shutdown System oversees DCS control system and shuts it gracefully down if it recognises unsafe conditions. Europe uses SIL-2 and SIL-3 (Safety Integrity Level) standards, In USA Triple Modular Redundancy is often preferred safety architechture (similar to SIL-3) which was originally developed by Triconex (now part of Schneider).

Digitalisation has created the IOT (Internet of Things) market that provides non-critical connectivity from coffee machines to saunas. This technology is also entering the OT market with applications for data collection and non-critical control under the term Industrial IOT.  There the level of cybersecurity varies a lot and is very vendor dependent due to the embedded solutions combining often proprietary hardware and software:

• IIOT: Industrial Internet of Things extends internet of things (IoT) to industrial sectors and applications

  • IIOT: Industrial Internet of things uses for example intelligent sensors, instruments and autonomous devices connected through the internet in industrial applications. It consist of connected devices, such as motion sensors, Intelligent sensors and security cameras in production facilities, production lines and related auxiliary systems:

  • IoMT: Internet of medical things are IT system connected clinical devices like health monitoring systems, MRIs, CTs, and infusion pumps.

  • BMS: Building management systems like HVAC systems, Electronic lock systems, connected elevators and fire alarms,  that support the safety, efficiency, and habitability of smart buildings