Use Cases
OT-to-IT connectivity

OT-to-IT connectivity

Uncover operational insights & make faster business decisions by integrating data from industrial equipment & sensors securely to your analytics, AI & cloud platforms.

Companies in operationally-intensive sectors such as manufacturing, energy and transportation, often have two distinct environments:

  • Operational Technology (OT): where an company’s industrial operations exist for the management, monitoring & securing of physical assets. This includes front-line robots, production machines, PLCs, sensors & more.

  • Information Technology (IT): the technology backbone of a company. This includes monitoring, managing & securing core units such as applications in the data centre & cloud as well organizational functions such as finance, human resources (HR) and more.

The benefits of OT-to-IT connectivity

IT and OT systems have historically operated in isolation, with separate processes, technology stacks, standards and governance models. But this siloed approach limits the agility of a company to have complete visibility into their operations, control maintenance costs & limit downtime, and reduces the scope of automation.

Integrating IT and OT systems together brings a myriad of opportunities for organizations:

  • Supercharge OT teams: OT personnel are experts at making critical & nuanced decisions on how to manage & utilize their equipment. OT-IT convergence helps OT teams reduce routine processes and gives them predictive capabilities to better plan actions in advance - ranging from predictive troubleshooting to optimizing maintenance schedules based on equipment performance.

  • Enhanced visibility into operations: OT-IT convergence helps OT teams rapidly react to problems as they arise due to real-time data feeds. IT teams benefit from being able to integrate critical operations data into other systems within the IT domain such as data analytics to surface key insights to other parts of the business.

  • Reduce costs: OT-to-IT connectivity helps companies reduce on-site maintenance costs by enabling technicians to reduce the amount of time they spend tending to operations. By tackling problems faster, technicians can minimize the amount of unscheduled downtime & reduce material wastage.

The challenges of OT-to-IT connectivity

This critical digital transformation pathway for companies however brings unique challenges that are key for organizations to be able to handle:

  • Technical complexity: Setting up & securing OT-to-IT connectivity requires cross-functional expertise across hardware, security & cloud domains, increasing the cost of OT-IT convergence projects. Ferry’s automated workflows & deep integrations with the leading cloud providers accelerate the deployment of OT-to-IT connectivity solutions, reducing costs & development time.

  • Security: OT systems are the lifeblood of the organization, often difficult to secure, and are prime targets for bad actors given their potential proximity to IT systems. Ferry utilizes best-in-class security practices integrated within your own Microsoft Azure or AWS cloud provider accounts to ensure that you have complete control over your security posture, cloud resources, data & devices at all times.

  • Interoperability: Data from OT systems often needs to integrate with an organization’s existing IT set-up, such as cloud systems, ERPs and analytics platforms. Ferry’s native integrations with both AWS and Azure allow an organization to seamlessly extend their existing cloud infrastructure to OT systems, giving companies full control over how they manage & process their data.

How can an organization use Ferry for OT-to-IT connectivity?

Mountains

In the example architecture above, there are two distinct environments, one for OT and one for the organization’s IT systems (hosted on a cloud provider which can be either AWS or Azure).

The two environments historically have been siloed. The OT environment cannot accept any inbound connections, whether that be from the outside Internet or other systems - protecting it from external threats. The OT environment has three production machines, with local IP addresses that can only be accessed within the OT environment itself.

The task of the organization is to be able to collect & process data from the three machines & send it securely to cloud systems for further analysis.

With Ferry, organizations can achieve this by deploying Ferry onto an “edge gateway device”. An edge gateway device is any piece of hardware (i.e. Raspberry Pi, Nvidia Jetson etc.) that connects locally to other devices on a protected network, and provides authenticated & authorized communication to services residing outside that network. It is the bridge between the OT and IT systems.

Ferry can be deployed to any device that supports an OS system such as Linux (including Ubuntu & Debian) and Windows.

To use Ferry, organizations connect their cloud accounts in AWS or Azure via our native integrations. Ferry automatically orchestrates and configures your cloud provider’s IoT resources to extend your cloud systems to be able to securely communicate with any edge gateway device which you choose to deploy with Ferry.

Deploying an edge gateway device

To quickly & securely deploy an edge gateway device with Ferry:

  • Create a “Node” within Ferry’s simple-to-use dashboard which represents the edge gateway device that you want to set up.

    • This creates a one-time token that can be used to register the edge gateway device with your chosen cloud provider.

  • Connect your edge gateway device to the Internet (either by Ethernet or WiFi), download the Ferry installer & run it with the one-time token (see our Quickstarts here (opens in a new tab) for AWS and here (opens in a new tab) for Azure).

  • Ferry will automatically install the appropriate edge runtime (AWS Greengrass, Azure IoT Edge), and provision & register your device with your chosen cloud provider for secure communication using X.509 certificates.

  • Deploy your software applications to the edge gateway device!

With Ferry, you can quickly create software applications that you can deploy in one-click to your edge device, no code required. You deploy anything from data ETL scripts to Docker images. Ferry manages the deployment of your applications through our integrations with your chosen cloud provider.

Edge gateway devices communicate to your cloud provider using AWS Greengrass or Azure IoT Edge, depending on whether you integrate AWS or Azure with Ferry. Both AWS and Azure support bi-directional communication between devices and their cloud platforms with the Transport Layer Security (TLS) protocol to ensure encrypted communication channels that guarantee data confidentiality.

Updating the applications on an edge gateway device

Ferry allows organizations to quickly & seamlessly update their applications running on their devices.

In our reference architecture above, the organization can for example:

  • Update a Python script to connect to the three machines over the local network (via Ethernet, WiFi, cellular etc), collect telemetry data, and stream it to any of their connected cloud resources (i.e. AWS S3, AWS Kinesis etc).

  • Build a software application that runs data ETL scripts on each machine, pre-process the data locally on the edge gateway device stored on a local database, and then batch update cloud systems periodically.

  • Run a machine learning model on the edge gateway device deployed through via a Docker container to analyse local machine telemetry data and generate alerts when an anomaly is found.

Summary

Ferry enables organizations to connect their OT and IT systems to gain real-time visibility into their operations, to reduce cost & foster innovation. Ferry extends your existing AWS or Azure cloud infrastructure to physical devices, allowing organizations to easily & securely deploy software applications to devices at the edge with full interoperability with your existing systems.