The manufacturing industry, also, is governed by a strict set of regulatory frameworks and operating standards. These are essential to maintain appropriate levels of quality, health and safety, environmental protection, data protection and privacy and so on. However, because the IIoT is still a relatively new, immature and constantly evolving concept – and because of specific challenges pertaining to its technology and the organisations involved – the specific frameworks and standards applying here have not yet been set in stone.
How, then, can manufacturing organisations best navigate this complex, shifting and uncertain landscape? What do you need to know now in relation to IIoT standards, and what will you need in the future?
The importance of clear standards
In any setting, standards between different organisations and different parts of a sector are vital to ensure minimum quality standards and appropriate interoperability. This interoperability is particularly pertinent in the IIoT context because it ensures both scalability and growth. Since any form of the IoT fundamentally depends on connectivity, joining together disparate devices and sensors to capture and harness useful information, it is crucial for standards to be agreed between the different stakeholders involved.
In the Industrial IoT, that connectivity becomes even more pertinent, because the goal is to join up existing hardware, which may already be controlled and managed by diverse computing systems. As such, the IIoT will rapidly become unmanageably complex if standards for interoperability and systems integration and convergence are not settled soon. Standards are vital for future growth and scalability.
The barriers to agreeing standards
If, then, standards are so critical to the IIoT’s ongoing development and future reliability and stability, why have they been so slow to happen?
Many of the major IoT developers, vendors and suppliers are jostling for prominence in a highly dynamic and complex industry, competing to maintain intellectual property rights and their own dominance. This means that agreeing and adopting standards between them is not always a key priority.
As outlined above, ensuring interoperability is one of the key motivators for IIoT standards. However, it is also a barrier to adoption. The IIoT combines two different forms of technology: information technology (IT) and operational technology (OT), meaning that more interoperability and therefore more standards are required than in non-industrial settings. There is also the challenge of integrating legacy applications, which can be particularly complex and demanding in industrial and manufacturing settings – such as proprietary technologies or SCADA systems which were never intended to communicate with each other via the internet.
Organisations deploying the IIoT are essential adding hundreds or thousands of new endpoints to their infrastructures and therefore dramatically increasing their potential attack surface. This means that robust device verification and data protection processes are truly critical to protect those organisations from malicious cyberattacks, and these processes need to be formalised in yet another set of standards.There is still no internationally recognised and agreed-upon security architecture for the IIoT, and the 2018 SANS Industrial IoT Survey found that over half of OT security specialists are worried about their abilities to patch IIoT systems or devices.
Where are we now?
From a technical perspective, the foundations for a clear framework of international IIoT standards do exist. For example, IoT protocols for data transfer in field-area networks, such as the Constrained Application Protocol and MQ Telemetry Transport (MQTT), as well as more industry-specific protocols like Modbus, can be deployed in the communication networks required by many IIoT applications. In wide area networks MQTT and HTTP are most common, and communications to back-end applications tend to use messaging protocols such as Apache Kafka.
oneM2M, the global standards initiative for machine to machine communications and the Internet of Things, aims to ‘develop technical specifications which address the need for a common M2M Service Layer that can be readily embedded within various hardware and software, and relied upon to connect the myriad of devices in the field with M2M application servers worldwide’. Industrial automation is one of the organisation’s specialist focuses, where it understands the need for scalability and interoperability above all else.
Many other organisations, too, are working to smooth out much of the existing complexity and lay the foundations for a clearer standards system. These include the Industrial Internet Consortium (IIC), the Open Connectivity Foundation (OCF), the Industrial Internet Consortium (IEE) and the Internet Engineering Task Force (IETF), which runs multiple working groups.
In the US, three industrial groups – the Open Platforms Communication (OPC) Foundation, the Organization for Machine Automation and Control (OMAC) and PLCopen are collaborating to ‘develop and promote common standards’, bringing together the work they carried out individually for a more unified and interoperable future. The OPC Foundation’s Unified Architecture (UA) is an industrial interoperability framework. Which aims to deliver ‘information modelling with integrated security, access rights, and all communication layers to provide plug and play machine-to-machine (M2M) communication inside factories’. It is also designed to be scalable from the plant floor through to the enterprise IT infrastructure and cloud environments.
Meanwhile, the Gartner Hype Cycle for IoT Standards and Protocols lists 30 standards, around ‘connectivity, security, messaging and operating systems for the Internet of Things’. 15 of these are said to deliver ‘high business benefit’, and six are predicted to become mainstream over the next five years. Many overlap in terms of the functionality and target markets, suggesting that as the market matures, some will become more dominant than others. At this stage, it makes most sense for organisations working with the IIoT to familiarise themselves with these standards, but be aware that change is likely over the coming months and years.
In short, whilst clear international standardisation is yet to occur, many stakeholders understand the urgency of the situation and are working hard to change it. Additionally, there are sophisticated technical foundations in place to support an agreed framework of standards – once that agreement takes place.