Most people are familiar with the term Information Technology (IT), which covers the spectrum of technologies for information processing, including software, hardware, communications technologies and related services. Operation Technology (OT) is a relatively newer term that refers to hardware and software that detects or causes a change through the direct monitoring and/or control of physical devices, processes and events in the enterprise. For example, OT networks connect industrial control systems such as programmable logic controllers, supervisory control and data acquisition systems, distributed control systems, process control domains, safety instrumented systems, and building management and automation systems.
Traditionally, OT networks have operated separately from IT networks. For example, OT networks utilized proprietary protocols optimized for the required functions, some of which have become adopted as ‘standard’ industrial communications protocols (e.g., DNP3, Modbus, Profibus). More recently, IT-standard network protocols are being implemented in OT devices and systems to reduce complexity and increase compatibility with more traditional IT hardware (e.g., TCP/IP). This has led to a demonstrable reduction in security for OT systems as well as a significant potential increase in network traffic load.
Security approaches that are appropriate for IT networks may be inappropriate for OT networks. Also, existing security approaches for OT networks fail to bypass security policy-based inspection of traffic, responsive to traffic load.