Justin Garski, Americas OEM segment manager—packaging, converting, print and web, Rockwell Automation: Most of the time the real-time portion gets a dedicated core to avoid interrupts and other things that normal PCs are affected by.

Furthermore, these systems often split responsibilities between machine control and edge computing, with the two complementing each other. The PLC is still part of the system responsible for fast, dependable control tasks, while the edge environment is better suited for things like data collection, analytics, visualization and application hosting.

When evaluating performance, the key question is not whether the edge side can replace the programmable logic controller (PLC), but whether the system is using each part for what it does best. For OEMs, that approach enables them to make the best use of data and technology, without compromising the control layer that keeps their systems reliable and consistent.

How does the controller manage resource partitioning between the PLC and the Linux-based edge environment?

Justin Garski, Americas OEM segment manager—packaging, converting, print and web, Rockwell Automation: For us at Rockwell Automation, the goal is to keep that split clean. The PLC runs the machine, including key tasks like machine behavior and sequencing. The Linux-based edge side is there for tasks like data management, remote connectivity and analytics. Keeping those separate helps manufacturers add more intelligence at the machine level without overloading the control system itself.

Striking this balance provides manufacturers the data and insight they increasingly need, while keeping the machine stable and reliable. If too much is pushed into the control layer, it can introduce unnecessary complexity or risk slowing down operations. By keeping control and edge tasks separate, OEMs can add new capabilities through analytics and remote monitoring, without potentially introducing too much that leads to downtime or disruption.

By using application programming interface (API) calls, we can communicate between the two to allow for seamless interaction, enabling the user to dig as deep as they want.

What cybersecurity mechanisms, such as secure boot, certificate management, encrypted communications and role-based access control, should be implemented?

Justin Garski, Americas OEM segment manager—packaging, converting, print and web, Rockwell Automation: At a minimum, OEMs should look for security features such as secure boot, encrypted communications, certificate management and user access controls that limit who can do what. These functions need to be part of the machine design itself, no longer viewing cybersecurity functions as something off to the side.

By taking this type of layered approach, OEMs demonstrate cybersecurity as a priority, which their customers are increasingly looking for. With recent Rockwell Automation research among leading OEMs indicating that 63% expect cyber risks to continue, this prioritization shows leading OEMs are reacting to market shifts. This can help them not only secure new customers but expand into markets they typically have been able to gain access to, with cyber as their competitive differentiator.

Edge controllers often run much hotter than traditional PLCs because of their high-performance processors. Why is it important to know thermal limits?

Justin Garski, Americas OEM segment manager—packaging, converting, print and web, Rockwell Automation: It matters because heat affects both reliability and predictability. Edge controllers are often doing more than a traditional PLC through AI-related workloads or managing more complex tasks like visualization and analytics. That compute load produces more heat. If the hardware is pushed beyond its thermal limits, performance suffers, component life can shorten, and unexpected behavior becomes more likely. The compute choice must match the workload and environment.

Understanding thermal limits is far from a hardware detail for OEMs; it’s critical to understanding for business needs. When an edge device overheats and causes downtime, that disruption can be costly. Rockwell Automation research shows the average downtime event now lasts 40 hours and costs about $3.6 million, with every extra hour adding roughly $92,000 in losses. That’s why understanding thermal limits upfront is about protecting uptime and reliability.

What environmental and industrial certifications—temperature range, vibration resistance, IP rating, UL/CE compliance—does the hardware need for on-machine deployment on factory floors? What about inside machines?

Justin Garski, Americas OEM segment manager—packaging, converting, print and web, Rockwell Automation: The specific requirements depend on where the hardware is installed and the conditions it will be exposed to in that environment. If the hardware is located outside a cabinet, environmental protection ratings of IP65, IP66K or IP69K may be required for harsher environments or for food and beverage or life science operations with washdown applications.

Machines can live for 20 years or longer, but software moves much faster. A clear update path is essential to keep the machine from becoming a security liability. What should be the guaranteed long-term support (LTS) window for a Linux kernel and security patches?

Justin Garski, Americas OEM segment manager—packaging, converting, print and web, Rockwell Automation: This one is tricky and depends on the application requirements. If you truly need 20 years of zero change, then this is not a great solution for you. But if you are used to the typical migration path then using containers or virtual machines, you can achieve a high degree of success with a long-term path forward for the life of the machine.

What containerization or virtualization technologies, such as Docker or Kubernetes-based frameworks, are supported for deploying applications at the edge? How does the operating system support standard Docker runtimes, and how is the persistent storage handled to prevent SD card or EMMC wear-out from frequent log writes?

Justin Garski, Americas OEM segment manager—packaging, converting, print and web, Rockwell Automation: Containerization is being used in industrial edge hardware to support application deployment alongside control systems. Some edge platforms are built on Linux-based operating systems and support standard container runtimes such as Docker. This type of architecture allows multiple applications including third-party tools to run locally at the edge while remaining isolated from core control functions.

Get your subscription to Control Design’s daily newsletter.

Can Ethernet ports be physically or logically isolated, and how can you configure a demilitarized zone between the factory floor and the corporate WAN?

Justin Garski, Americas OEM segment manager—packaging, converting, print and web, Rockwell Automation: Isolation at the port level can be achieved through segmentation, which divides a network up into smaller zones with communication between them tightly controlled. An industrial demilitarized zone (IDMZ) is commonly used to segment the industrial and enterprise zones. The IDMZ is typically enforced using firewalls to manage and secure the traffic from either zone. Additionally, the IDMZ network can be segmented into multiple VLANs, each aligned to a specific service.

How can you calculate an acceptable round-trip latency for a data packet traveling from the high-speed I/O backplane to a local C++ or Python application and back to the output?

Justin Garski, Americas OEM segment manager—packaging, converting, print and web, Rockwell Automation: This is another one where the definition of real time varies from user to user. What is needed for a diaper machine may not be the same as what is needed for an oil and gas skid, so the acceptance is really situation dependent.

What are the advantages or disadvantages of an open or closed edge environment?

Justin Garski, Americas OEM segment manager—packaging, converting, print and web, Rockwell Automation: Edge hardware based on open industry standards creates greater freedom and flexibility for users, while simplifying integration across their systems.

In closed environments, users can be locked into and limited by whatever a single technology supplier determines is best for them. This limits their ability to use new tools or technologies.

With an open approach, users can choose the technologies that best meet their needs and integrate them using common standards. Such interoperability is important at the edge, where systems need to connect across a mix of devices, platforms and applications. This makes the promise of edge hardware, like real-time analytics and predictive maintenance, more practical to deploy.

Why is it important to know which industrial communication protocols an edge controller natively supports and whether additional protocols be added through software or middleware?

Justin Garski, Americas OEM segment manager—packaging, converting, print and web, Rockwell Automation: Edge hardware supports a variety of industrial communication protocols, including OPC UA, message queuing telemetry transport (MQTT) and REST API, to meet different application needs. Native support for these protocols simplifies system design and reduces custom development by allowing data to be accessed and shared in a consistent way across the edge environment. Understanding what is supported out of the box helps reduce complexity and surprises down the line.

How does an edge controller handle data buffering and store-and-forward functionality if connectivity to the cloud or enterprise systems is interrupted? What should the local storage capacity be for that data in case of a signal drop?

Justin Garski, Americas OEM segment manager—packaging, converting, print and web, Rockwell Automation: Some edge platforms have optional store-and-forward functionality to store data when communications are unavailable. Data is retained and then transmitted after connectivity is restored. This functionality can also buffer data that is entering a database at higher speeds than the data is forwarded. 

How can supported methods for remote management, firmware updates and device provisioning across large fleets of edge controllers be implemented?

Justin Garski, Americas OEM segment manager—packaging, converting, print and web, Rockwell Automation: The cloud is transforming how organizations access, configure, monitor and manage assets across the enterprise. Organizations can use software-as-a-service solutions that specifically allow them to manage all of their edge devices as a fleet. But they can also use the cloud in more robust ways, such as to monitor the health and improve the reliability of assets, provide permission-based remote access to partners across the supply chain, remotely manage software updates and patches and deploy more proactive maintenance strategies.

The cloud enables organizations to know what’s happening across their operations from anywhere, as well as stay on top of mission-critical activities like keeping software and firmware up to date.

How can edge controllers integrate with existing SCADA, MES or cloud platforms for data exchange and system orchestration?

Justin Garski, Americas OEM segment manager—packaging, converting, print and web, Rockwell Automation: Some edge hardware is designed with “premier integration” to connect directly to control systems and data sources using native interfaces. This reduces the need for multiple configuration tools and allows engineering to be performed in a more unified workflow. It also supports more consistent configuration and reuse of application elements across systems to help streamline development.

At the same time, edge hardware that supports common industrial protocols and standardized interfaces such as OPC UA allows data to be accessed and structured consistently across different systems when multiple vendor technologies are used.

Leveraging protocols like MQTT, some edge solutions offer built-in tools to configure data flows and provide real-time data to dashboards or analytics platforms. Combined with support for containerized applications, this allows users to adapt how data is processed and shared.