After a solid decade of pursuing industrial IoT-enabled business process improvement and innovation, the value of the industrial Internet of Things (IIoT) edge tier within digitally transformed architectures is now widely recognized. Originally viewed as the point where information technology (IT) and increasingly cloud-based applications intersect with the operational technology (OT) environment, the edge functional definition continues to evolve in important areas such as edge-to-cloud integration, edge compute and the convergence of IT, OT and security.
Connectivity requirements continue to escalate as data-hungry analytics and other enterprise applications demand reliable, pervasive information from OT assets, processes, personnel and other components. Application requirements in key areas such as latency, security and on-premise execution are placing further emphasis on edge capabilities.
Also read: Where exactly is the network edge?
As this evolution continues, the role of the various edge components also evolves. This includes expanding compute and store capabilities in what ARC calls “thick edge” devices, as well as ongoing convergence of IT, OT and security at the network-centric “thin edge.”
Combined with the expanding capabilities of high-end endpoint devices, including increasingly mobile and autonomous devices such as robots and automated guided vehicles (AGVs), the choices of where to do what at the industrial IoT edge continue to expand.
ARC’s extensive primary research into the industrial IoT edge reveals that differing trends are developing within the thick versus thin components of the important industrial network infrastructure tier that customers should take into account when making decisions regarding edge implementations.
Differing requirements at the industrial IoT edge
Customers pursuing digitally enabled business-improvement strategies understand the need for deeper and more extensive connectivity throughout the enterprise. Cloud-based solutions for analytics, machine learning, new service-oriented revenue streams and other applications need data from assets, processes, personnel and automation and control equipment resident at the industrial IoT edge to generate meaningful business value. This reality has led to widespread industry recognition of the importance of the industrial IoT edge in achieving desired business outcomes.
Edge capabilities are necessary to enable the full spectrum of connected products, processes and services and provide rapid time-to-value.
Edge functionality is relied on for important tasks such as reducing response latency when sending data to the cloud and insulating clouds from the data deluge driven by the ever-increasing volume of data available in edge devices.
Edge devices play a critical role in supporting the OT environment by providing integration with and insulation from higher levels of the architecture. This is manifested in ways such as support for northbound and southbound connectivity and OT-friendly visualization and security.
The industrial network infrastructure portion of the industrial IoT edge is the flashpoint for delivery and increasingly conversion of data and information between physical assets and processes to digital transformation applications. Ongoing improvements in network performance, fueled by both standardization and innovation, along with an escalated emphasis on integrated operational security, are furthering the dynamic nature of this tier of the architecture.
This results in divergent functional emphases for the various categories of industrial IoT edge devices resident at the network infrastructure tier as well as careful consideration of where IoT functionality should reside. What ARC calls thick edge devices, such as IPCs, gateways and routers with significant compute and store capabilities, are increasingly focusing their emphasis on edge-to-cloud integration and edge compute.
Activities at the thin edge, where network-centric devices such as industrial Ethernet switches reside, remain focused on operational priorities such as network performance and reliability, while increasingly pursuing IT/OT convergence, particularly as it relates to integrated security. Availability of increasingly powerful endpoint devices with IoT functionality of their own further confounds the choice of where to do what within the industrial IoT edge (Figure 1).
Edge use cases impact device requirements
Traditional industrial IoT edge use cases in areas such as asset management, production optimization and predictive maintenance continue to be pursued, but impactful new applications are emerging in areas such as product and service innovation, competitive excellence and differentiation and response to “new normal” pandemic-driven business conditions. Examples include emerging use cases in areas such as enhanced field operations, connected remote experts, personnel tracking, safety and logistics and supply chain.
The advent of 5G and private wireless are likewise enabling step changes in innovative use cases, particularly for mobile, autonomous and remote assets and operations that in turn drive increased edge requirements.
New installations increasingly leverage emerging solutions in areas such as artificial intelligence/machine learning (AI/ML), augmented reality/virtual reality (AR/VR), video, analytics and digital twins in pursuit of these ends. Preprocessing for these applications at the edge addresses the necessary response times and computational requirements, particularly for operational and safety applications that generate immediate output rather than being relegated to off-line processing.
ARC‘s recently updated analysis reconfirms the roles of thick versus thin components of the industrial IoT edge in the context of these requirements. Thick edge devices are largely focused on edge-to-cloud integration and edge computing capabilities, while IT/OT convergence related to cybersecurity integration and centralized management capabilities are more prominent at the thin edge.
Thick edge = edge-to-cloud integration, edge compute and cloud native architecture
Digitally transformed enterprises have more opportunities to distribute functionality throughout the architecture because IT, cloud-native technologies and IP-based networking are descending closer to the edge. Enterprise cloud architectures are likewise descending to the edge in pursuit of their primary data sources and to overcome the limitations of cloud execution, particularly regarding latency.
Data processing at the edge reduces cloud-service fees for data-intensive installations and can address concerns about deployment, scale and management complexity of cloud-based solutions. The edge tier can also be used to generate, access and process data that is too difficult, too expensive or slow to access or to bypass control system architectures and send data directly to the cloud.
Analytics are one of the killer apps for edge computing due to their ability to deliver concrete business outcomes in areas such as reduced machine downtime and maximum asset utilization. This pursuit has extended into related functionality associated with AI, AR/VR, machine vision and video analytics. Extensive data pre-processing and reliability requirements, as well as the need for on-prem output, are pushing execution of these applications to the edge.
Analytics, video, machine learning and similar applications require significant data collection and compute power that makes direct integration with enterprise clouds prohibitive from the perspective of both cost and performance. The resulting escalation in edge compute and store requirements is driving this functionality into the thick edge, including IPCs, edge servers and industrial IoT gateways and routers.
Industrial IoT gateways and routers, for example, have evolved from their traditional role in serial-to-Ethernet conversion to platforms for IT/OT convergence, edge-to-cloud integration and edge computing. Standardization on IP-based wireline and wireless networks is eliminating the need for hardware-based protocol conversion, particularly in new installations, and driving this functionality into software containers. These devices in turn increasingly incorporate standard CPUs from ARM or Intel, the Linux OS or derivatives, contain larger amounts of memory, and provide software support for containers.
Gateway and router suppliers continue to add compute capabilities to their devices. As a result, the value emphasis in the industrial IoT gateway and router market has evolved from one based on automation protocol conversion to one more reliant on differentiation via software-enabled functionality and application execution, including edge-to-cloud integration and edge compute.
Cloud-native architectures at the edge
Descent of cloud-native architectures to the edge has brought improvements in scalability, flexibility, ease of use, self-service and centralized management, among other benefits. Cloud-native functionality, including hardware/software virtualization, container utilization and use of open-source software, enables desirable capabilities such as centralized management, zero touch provisioning and agile application development, regardless of the target system’s network topology, geography or hardware diversity.
Adoption of IT and cloud native technology is likewise driving a trend toward service-based offerings at the thick edge. This is currently manifesting as CapEx hardware sales coupled with OpEx software and services offered via subscription contracts.
Thin edge = convergence of IT, OT and security
While thick edge industrial IoT devices are focused on edge-to-cloud integration and edge compute, trends at the thin edge remain firmly rooted in continued improvements in performance and reliability. This trend is increasingly accompanied by an emphasis IT/OT convergence, particularly as it relates to technologies employed, as well as industrial network infrastructure visibility, management and security.
One primary contributor to the divergent paths for the thin versus thick edge is that only a certain range of applications can run on an industrial Ethernet switch or conventional industrial router due to compute and storage resource constraints. In cases where this capability is available in thin edge devices, for example the ability to run software containers, it is frequently for a constrained class of applications such as security visibility.
IT/OT convergence focused on security, management
Cybersecurity is now top of mind for most enterprises as operational networks increasingly become targets for cyberattacks. The move to digitalize all aspects of the enterprise, including operations, brings with it greater risks from cybersecurity breaches.
Cybersecurity will remain an integral component of industrial network infrastructure strategies going forward. Networks can provide the first line of defense against external attackers by controlling network access, providing visibility into assets and vulnerabilities, detecting unauthorized devices and messages, and enabling defenders to quickly block suspicious actors and isolate assets.
The well-documented rash of cyberattacks targeting production operations has fueled the descent of IT-oriented security technologies to the OT environment and consequently escalated the role of IT organizations in securing operations. Cybersecurity is typically the realm of the IT department as most OT organizations lack the people, skillsets and technologies needed to implement enterprise-wide policies or manage sophisticated attacks on digitally transformed architectures. Regulation and standardization of industrial networks is likewise accelerating, fueling IT/OT technology integration in areas such as network management and security.
Security as network selection criteria
Security certifications are rapidly becoming important industrial network infrastructure selection criteria. Customer approaches to OT cybersecurity strategy development typically rely on a combination of standard and proprietary mechanisms. IEC 62443 is gaining traction, particularly as its mandated use expands beyond critical infrastructure and into manufacturing operations. Some customers combine approaches, such as NIST Cybersecurity Framework, ISA 99, Center for Internet Security (CIS) and/or International Organization for Standardization (ISO), with IEC 62443.
Integrating IT approaches to cybersecurity into the OT environment, as well as related technical developments in emerging areas such as management of 5G and private wireless networks, inherently requires a more holistic software-oriented approach compared with past OT practices. Examples from the IT realm include SDN-based management, defense in depth, which is part of the IEC 62443 certification, and zero trust for pre- and post-connect.
TSN, SPE and APL drive Ethernet further into the architecture
Performance and reliability in demanding environments remain the hallmarks of industrial networking. Along with the overall trend toward IT/OT convergence, Ethernet continues to benefit from its status as a standard IEEE technology and associated ongoing performance improvements.
Recent improvements to this end include standardization of time-sensitive networking (TSN), IEEE 802.1Q; single-pair Ethernet (SPE), IEEE 802.3cg-2019; and advanced physical layer (APL), an adaption of the IEEE 10BASE-T1L standard optimized for the process industry. This is in addition to the ongoing increases in bandwidth, port density, availability of higher power-over-Ethernet (PoE) wattage, expansion of available form factors and other improvements.
Adoption of SPE and APL will ultimately drive industrial Ethernet further down to the field level and contribute to its ongoing descent in the architecture, while TSN standardization promises to bring real-time determinism to standard Ethernet. At issue is how long it will take for these new technologies to exert their impact, particularly as standardization of the important industrial automation profile needed for TSN implementation in industry lingers on and the number of available new versus retrofit installations is limited.
SPE will have the earliest and largest impact, followed by TSN and APL. This contention is driven not only by the differing availability timelines, but also due to the relative ease of SPE implementation relative to TSN.
Chantal Polsonetti is vice president, advisory services, at ARC Advisory Group. She is a member of ARC’s Digital Transformation team and leads the company’s coverage of the industrial IoT edge. Polsonetti's primary focus areas include industrial IoT edge hardware and software infrastructure and related open-source solutions. Examples range from industrial network infrastructure, such as Ethernet switches, routers, gateways, Wi-Fi access points (WAPs) 5G, private wireless and cellular, to industrial IoT edge software, edge-to-cloud integration and edge compute. Contact her at [email protected].
The information in this article was drawn from ARC Advisory Group’s ongoing coverage of the industrial IoT edge.