kras99 - Fotolia
Industrial IoT processes increasingly base IoT implementations on the ISA-95 standard, which means organizations must understand what the standard does and doesn't define.
Anyone involved in developing industrial IoT (IIoT) products should be familiar with ISA-95, the standard from the 74-year-old International Society of Automation (ISA), but what is ISA-95 and how does it work?
How to define ISA-95 for IIoT
As the name implies, work on ISA-95 started in 1995 and it continues to this day. ISA-95 defines the software interface between enterprise and control systems. Specifically, it defines semantics and operational models for how industrial control systems -- also called manufacturing execution systems -- exchange information with enterprise resource planning applications. ISA-95 comprises six key components, each of which builds on the other:
- Part one defines common terminologies, including hierarchy models, functional data flow models, object models and operations activity models.
- Part two defines attribute and structure tables for every object defined in part one.
- Part three moves beyond defining the components to defining the activities or interactions between the components. It specifies the manufacturing operations management (MOM) that creates integration between the enterprise and control systems.
- Part four defines detailed models and information flow between MOM categories and activities.
- Part five describes the information exchanges -- including information collection, transfer, retrieval and storage -- among the enterprise systems and the manufacturing production and automation systems.
- Part six defines a model for messaging services that connect business and manufacturing applications.
The six parts of ISA-95 create three key takeaways. First, ISA-95 is exclusively a software and information model. It describes how the underlying software applications and infrastructure -- such as databases -- should interconnect. Second, most manufacturing applications, software and services in the past 25 years have implemented ISA-95. Finally, experts continue to work on ISA-95. Parts two and five have been updated in 2017 and 2018 respectively to include capabilities required by IoT. These three takeaways lead to three tips that IoT architects and technologists must understand.
3 tips to use ISA-95 for IIoT
No need to reinvent the wheel. ISA-95 is already widespread in manufacturing and industrial organizations. Even though IIoT is in some respects new, it doesn't require rethinking the software, database and information structure from the ground up. That work has already been done and organizations considering IIoT adoption have likely already implemented the structure. IIoT architects should think in terms of integrating into ISA-95, not supplanting it.
ISA-95 is silent on hardware and lower-level infrastructure, including network, security, compute and storage. A fundamental divide splits IT between software and infrastructure people. Even though organizations can implement infrastructure through software, the logistics of getting data from point A to point B, then processing and storing it effectively still comprises infrastructure. Similarly, virtual machines and containerized applications have replaced servers, and software-defined networks and software-defined WANs replace traditional appliance-based networking.
For most software developers, infrastructure stops at the database; they assume the mundane functions of data transport, storage and compute are handled elsewhere. In the world of IoT, there is no "elsewhere" yet. Developers must consider factors such as whether the factory-floor network should be 4G, 5G, Bluetooth or wireless, if IoT analytics should happen in the cloud or on-premises, or where edge computing fits in.
IoT architects and engineers should focus on infrastructure and cybersecurity requirements. Given the established framework of ISA-95, architects can best spend their efforts on network, compute, storage and cybersecurity for IoT and IIoT. The ISA has developed cybersecurity framework IEC 62443 that aligns with ISA-95, but it focuses more on the information and modeling or conceptual level and requires enhancement and extension to cover the entire IIOT. There's not yet an accepted cybersecurity framework governing how these underlying components work together securely and effectively. Standardization efforts are still nascent and chaotic. Organizations should aim to develop a consistent working infrastructure to slide in underneath and around ISA-95, rather than to replace it.
ISA-95 forms an excellent starting point for IIoT architects. However necessary, it's not complete per se, and architects should think in terms of supplementing ISA-95 with the appropriate infrastructure and cybersecurity.