Purdue Model: Standard Industrial OT System Architecture
While IT architecture has fancy system design pattern like microserivces, event-driven, monolithic, microfrontend and service oriented architecture, OT world has completely different architectural point of view as it comprises both industrial equipment such as compressor, valve, pipeline, PLC, production machine, etc and industrial system such as SCADA, DCS, ICSS and so on where IT are mostly only deal with server and software. Hence, it create a diversed architectural style and pattern.
Due to the safety risk of altering and controlling equipment, a strict layered security is introduced on the OT (operation technology) area. Even a small hacking attempt to modify the PLC logic which often connected directory to the sensors and actuators can disrupt production process or even cause HSSE incident or worse an accident. Hence, in early 1990s, OT engineers council led by Theodore J. Williams introduce a framework called as “the purdue model” which specifically address those risk by enforcing strict security goverment on the OT automation side which utilize computers and has intersection to the IT network system.
Purdue model is often combined with ISA95 in the actual practices. While purdue model standardizing the network segmentation for maximum cyber security protection, ISA95 is governing the data and information that can be passed from one layer to another layer.
Practical Purdue Model Framework
Purdue model is a framework which govern the architecture of OT network layering or segmentation based on the functionality. Two distinct devices that doesnt have same group function can’t exist in same network to ensure strict data access and enforcing maximum security.
Below are the six network layer as per purdue model guidelines:
L0: [OT] Physical process (sensor, actuator, field devices)
L1: [OT] Basic control (PLC, RTU, SIS/safety instrumented system)
L2: [OT] Supervisory control (SCADA, DCS, ICSS, ICS)
L3: [OT] Site Operations (MES, MOM, Historian, IT/OT Bridge)
L3.5: [IT/OT] Demilitarized zone for ITOT convergence. NO direct IT to OT is allowed. Only OT to IT.
L4: [IT] Enterprise network(ERP, CRM, etc)
L5: [IT] External Network (cloud/etc)
ITOT Convergence Middleware on lv 3.5
Eventhough purdue model not mentioning about lv 3.5, in the real practice, those layer is exist to host ITOT convergence middleware that has reponsibility to collect data from lv 3 historian or OPC-UA server and forward it to the cloud/IT network with or without any business logic (just pass through the data to cloud/IT network).
Those middleware will integrate OT data to IT network (for example to iot gateway or data lake) and often placed under DMZ(demilitarized zone) as it require super strict security. IT network should not be able to control the OT system to prevent security breach that can affect operations and productions.
Key player on ITOT Convergence Middleware
Below are the player on ITOT convergence middleware / Edge Gateway segment / Industrial Data Integration
| Category | Software | Maturity | Advantages | Disadvantages |
|---|---|---|---|---|
| AWS - Hyperscaler | AWS IoT Greengrass, AWS IoT Core | High | Strong cloud native especially on AWS environment | Lack of pre-existing OT Model |
| Azure - Hyperscaler | Azure IoT Edge, Azure IoTHuB | High | Strong cloud native especially on Azure environment | Lack of pre-existing OT Model |
| Industrial Data Integration Platform | KEPServerEX | Very High | Rich industry protocol connector (pre-existed), proven reliability, can be integrated to hyperscaler (AWS/Azure) |
Limited OT modelling Still better than hyperscaler solution |
| Industrial Data Integration Platform | HighByte | Very High | Rich industry protocol connector (pre-existed), proven reliability, can be integrated to hyperscaler (AWS/Azure) |
Small ecosystem |
| Industrial Data Integration Platform | Ignition | Very High | Rich industry protocol connector (pre-existed), proven reliability, can be integrated to hyperscaler (AWS/Azure) |
beyond than just an industrial data integration |
Note: eventhough azure and AWS are the leaders in the OT markets, some big brand such as VW (volkswagen) & shell publicly mentioned about their success story of implementing hyperscaler as their ITOT convergence middleware especially for certain analytics use cases that use hyperscaler (cloud).
Native hyperscale is preferred if only if the only use cases is just to collect process, event and alarm data from OT and integrate it the hyperscaler iot gateway (AWS iotcore or azure iothub) unless it require following use cases:
- standardized asset modelling using UNS (unified namespace) that base on ISA95 model.
- multisite industrial data standardization
- cross vendor OT environment (different PLC brand, scada brand, ICS brand, etc)