Join the Insider! Subscribe today to receive our weekly insights
David (00:00)
Hello again and welcome to the IT OT Insider Podcast. Willem, so we have published 30 episodes until now. Yes, 30, already 30. And we did not talk about IoT yet. ⁓
Willem (00:08)
Okay, all ready? ⁓
How did we manage to have 30 episodes without mentioning IoT?
Ryan (00:18)
Hmm.
David (00:22)
Alright,
so welcome to episode 31 about drumroll, obviously, IoT and we’re joined by Olivier Bloch and Ryan Kershaw. Gentlemen, welcome. Hey guys, so you both have super interesting backgrounds. Let’s, know, Olivier, why don’t we start with yours? Maybe a good…
Olivier (00:35)
Thanks for having us.
Ryan (00:36)
Yeah,
thanks.
David (00:46)
Quick introduction in who you are and what you’re doing.
Olivier (00:50)
Definitely. So Olivier Bloch, I’m a partner director at Thing Zero, among other things, looking into OT, IoT, and all things fun. that’s to rewind my career and give you some more context. Fun and IoT has been part of my DNA and job forever. Started 27, or doing the math, 27 years ago as a developer for a real-time system, telematics and robotics and things like that.
David (01:14)
Wow. ⁓
Olivier (01:17)
and I happened to specialize in Microsoft embedded technologies, Windows CE, RIP, and other fun technologies like that. That got me hired by Microsoft, spent 17 years with a big company doing Windows embedded, doing open source, and doing Azure IoT. I spent seven years with the Azure IoT product team, looking after all the developer experience, all the…
device SDKs and fun stuff like that, trying to educate Microsoft people on how you do embedded and what embedded device is. I was kind of successful. I’m pretty happy with that. And it’s been a couple of years now that I’m involved in endeavors, advising companies on IoT, and now more involved with Thing Zero, ⁓ helping our customers understand the IoT realm and how it fits into that OT and IoT integration.
David (01:54)
Hahaha
Olivier (02:12)
that we’ll think about and care about.
David (02:15)
and you have a super interesting YouTube channel as well on IOT, which I highly recommend our listeners to take a look. ⁓
Willem (02:19)
Absolutely.
Olivier (02:23)
Definitely. It’s called
Willem (02:24)
I’m
pretty sure our listeners probably know it already.
Olivier (02:24)
the eye that can show.
David (02:26)
Yeah,
Olivier (02:27)
Maybe. You never know. never know. So the interesting thing,
David (02:28)
maybe.
Olivier (02:30)
we’ll talk about that. The interesting thing is that you’ve not talked about IoT, but you have. Because in all your talks, there were components that were related to connected devices, security at the edge, edge in cloud, and things like that. But we’ll talk about that more today, guess.
David (02:36)
Yeah.
No, absolutely, But
⁓ nevertheless, it’s good to have this dedicated IoT episode here. Hey, and Ryan, so obviously, we talked before this meeting, also looked at your LinkedIn profile, and then I saw this sentence, which actually made me laugh. You said that you’re equally comfortable with PNLs and PNIDs. ⁓ So what’s your story?
Ryan (03:06)
that you’re equally comfortable with PNLs. So much.
Yeah, so much like Olivier, partner and director over at Thing Zero, unlike Olivier, do not have my own YouTube channel. hey, who knows, maybe one of these days. ⁓ I kind of started the exact opposite of Olivier. So I started on the shop floors, instrumentation controls, spent my days wiring things up.
been figuring out applications on how to take the physical data and transform it into digital. And then I started moving up in the world, so to speak. I went into the enterprise and the connectivity side of things. ⁓ Started learning about this IoT thing. People started talking about it. was like, well, we’ve always been transmitting data. This is nothing new. It’s always gone up. But the more you dive into it, it’s like, wow, this is completely different.
David (03:57)
Yeah.
Ryan (04:01)
Yeah, ended up at a company that you guys might know. Well, you had him on the show a little while ago, Litmus. So I was there for a little bit. prior to that was running the business for a sensor company here in Canada. So that’s where I get my P and L side of things. And then the P and ID side of things, that comes from the sensors and controls and having to pour through those sheets and connect them, move one to beside the other and figure out where one line goes from one sheet to the other.
And then yeah, moved over to Thing Zero a little while ago. Haven’t looked back. Do a lot of work in the industry and associations. So I did some work with the Canadian Process Control Association, was there for a little bit, but have spent, and yeah, like all of you, was tallying this up the other day. Coming up on 25 years, I guess, with maybe a little bit of a gap over at the International Society of Automation. So done a lot of work with that. And I started with Toronto and moved up.
through and working with their operations and management technical advisory committee, which is a new way they’re trying to do technical information, passing in for technical information back and forth. They got rid of the divisions. They felt it was a little too stringent. So, hey, we’re trying this out and we’ll see how it goes.
David (05:14)
Thank
Willem (05:16)
Okay, Olivier, think for some, an introduction to IoT, you would be the perfect person. I mean, you started 27 years ago, basically in that space. Could you give like a sort of a helicopter view of what happened in those 27 years? Because I mean, that’s even before David and I started working. So how did we get to where we are today?
Ryan (05:23)
I mean, you saw it’s
Olivier (05:35)
Yeah, babies.
Ryan (05:38)
They’re making us feel old, Olivier. Jeez.
David (05:38)
You
Willem (05:40)
Sorry.
Olivier (05:41)
Yeah,
definitely. So let me rewind and tell you about the history of IoT. Ouch. So that’s really interesting. Everyone has their own definition. depending on when you started your career, you have different approach to IoT. So IoT, to me, my own definition is it’s been for a long time.
David (05:47)
Ha
Willem (05:48)
Come here, children.
David (05:50)
You
Ryan (05:50)
You
Olivier (06:08)
anything that has compute and is not a server or a computer. So that’s something that’s very broad, I would say, but that’s on purpose because IoT is really about the things that surround us that have electronics and software that can or cannot be connected. It depends. IoT doesn’t have always to be connected or not continuously.
but that sometimes contributes through connection to a broader system in terms of sharing their data, receiving commands. And so when we talk about IoT, we talk about the technologies that power these infrastructure. And we started a long time ago with infrastructure at the edge, ⁓ the first days of maybe industry 4.0, maybe 3, actually, with automation, where we started bringing intelligence on these machines that started
being able to implement some of their own safety limits, for example, thanks to some sensors and some actuators. And we went from these smart devices, devices were starting to be smart, to connected devices, to machine to machine, allowing them to communicate with one another, establishing protocols in between these different machines and equipments.
Then we added the cloud component that allowed to remotely monitor and control these equipments and assets. And then we added ⁓ even more on the cloud side with fleet management and the ability to deploy software over the air onto these devices. And this is where we’re at today. So pretty broad definition, I would say. But from my perspective, that’s the way I would describe that to my grandma. ⁓
still around and kicking and understands a little bit of bad IoT.
David (07:59)
Okay, so this is interesting because, and we’ll do some more digging in IoT and IT versus OT, but we’re sitting here with the…
I say we’re actually sitting with a real life demilitarized zone here, more or less, because Olivier from the IT side, Ryan from the OT side. So ⁓ Ryan, maybe how did you guys, how did you guys met? How did you break the IT OT silo?
Ryan (08:27)
Yeah, I mean, that’s, that’s interesting. Again, you we, we got involved in Thing Zero and started working there. And, I think at that point, yeah, you you start to, you start to compare notes about how things are done and it’s, ⁓ you know, it starts to make a little bit more sense, you know, coming from the top down and seeing what it’ll be a dozen, how things get put together on the enterprise level. I mean, that’s always been interesting. The amount of data that you have to deal with on there and a lot of the IT topics that, really in the OT side, you haven’t dealt with before, but.
from the OT perspective, it’s always been interesting over the past couple of years. I say couple, it’s like 20 years now. But you look at the amount of data coming out of the OT side. When I was starting out, way back when, because we’re comparing to you guys right now. When I started out, you get a sensor and it put out a primary value. So let’s talk like pH. So pH sensor would put out a pH value and that’d be it. Fast forward and now you’ve got a pH sensor, even a small sensor.
David (09:11)
You
Ryan (09:23)
And it puts out a dozen different values. puts out pH temperature. It puts out glass resistance. puts out time of life, time to calibration. And all of sudden you’re getting all this new information coming out. Now the question is like, how do you take that information and make it useful? And this is where, you know, all of you and I coming together makes a lot of sense. So now I can pass up that information. It’s now up to all of you to figure out, okay, how do I take this information and really make it useful? Like, can I take, you know, the time to calibration and port it over to the CMMS system, you know,
computerized maintenance management system to then have people go out and maintain equipment as needed, not just on a scheduled basis, which it works, but that’s the old way of doing things. That’s not the efficient way of doing.
David (10:08)
It is, yeah.
Olivier (10:09)
And if
I may add to Ryan’s answer, I think the divide or the cliff that’s or the gap that separates OT and IT is not at the people level. To me, it’s more at two different levels. There’s the data level that Ryan kind of touched on, where you have different types of data, different types of information, different types of formats that the IT world likes to deal with and that the OT world likes or can deal with. And then the other one is infrastructure.
David (10:23)
Mm-hmm.
Olivier (10:37)
or you need to have some computer, you need to have some communication. And that infrastructure that will span across the IT world and the OT world is where there’s a lot of debate and contention because we don’t know what needs to be open and connected. We don’t know what needs to be accessed and so on. And the tools that each side are using are very different. We’re coming from the IT world where we have basically, you know,
TCP and HTTP on top of that and all the encryption layers and everything that comes on top and then with every types of protocol. then on the OT side of things, sometimes you don’t have a wire. Sometimes you have a very lean protocol. Sometimes you have protocols that are not even encrypted because you didn’t need to because it was like between two machines in the same room that no one cared about anyways. And so this divide to me is not really much at the people level.
OT operators need to understand, they know they need to understand IT and work with IT and vice versa. ⁓ It’s just they don’t speak the same language most of the time.
David (11:36)
Mm-hmm.
I thought we were fully standardized now on OPC.
Ryan (11:41)
Yeah, I don’t
yeah, yeah.
Willem (11:46)
You can
be everywhere. ⁓
Ryan (11:48)
I was going to say, mean, there’s, you know, there’s the divide, you know, there’s not a divide on the people, uh, prioritization, uh, between IT and OT cybersecurity is a huge example, like a green example of this, you know, there’s the CIA model within cybersecurity confidentiality, integrity, availability. And, know, if you’re talking to an IT guy, Hey, that’s the priority, you know, that’s the low levels are going to give them the priority on there. You talk to an OT guy and they’re going to flip that on its head. They want availability first, integrity, second, confidentiality, third.
David (11:56)
Mm-hmm. ⁓
Ryan (12:18)
And safety’s got to be up there along with availability. Like they’re not as concerned with confidentiality. You know, the, old OT side of things was like, Hey, if I put a wire between these two devices, it’s, it’s solid. Like nothing’s ever going to happen. And when we get into some of the IT tools, like they’re trying to bring this stuff down, but that’s a big problem when we get to the OT side is, you know, there’s not that expertise when we get down to the field level, you know, there’s still a lot of people that love those four to 20 million devices because.
David (12:33)
Yeah.
Ryan (12:48)
You know, a new electrical grad can go out with the multimeter and triage it. It’s, you’re not trying to bring in networking guys to handle everything down there. The networking guys have all been picked up by IT anyway. So, you know, there’s this, this weird little dichotomy of priorities between the two sides, which is, is kind of interesting.
David (13:07)
This touches upon something we’ve been also writing about is the difference between, so people always say IT-OT convergence, but we split that into ⁓ technology convergence or infrastructure convergence and data convergence. And one of the things, say no if you don’t like it, but one of the things we tend to say is that from, I would say technology convergence, this happened way sooner already years ago where we started.
interconnecting IT and OT, where we started using IT protocols or IT servers, et cetera, et cetera, in OT as well. And now we are more in the data AI world. We’ll touch upon that later. But I wanna go back to the ⁓ infrastructure convergence thing is what made, I would say, IoT work. Because obviously in the beginning, we struggled with connectivity and we struggled with security and…
and this cloud thing was then like all operators went like, yeah, no. So we’ve passed through several gates. ⁓ What are the things which made infrastructure convergence work over the last years?
Olivier (14:24)
So my point on this one is the fact that we have all the technologies lined up. All the bits and pieces exist. All the LEGO bricks. Sorry for using a trademark name here, but everyone understands that. All the LEGO bricks are out there. Assembling them to build a solution that is fit for your needs is what’s hard. That’s the complex part.
Right? Because you are addressing solution or building solutions that need to address the OT priority at the same time they’re addressing the IT ones, like Ryan was saying. And building that is hard because there’s not many people out there who understand both sides and are able to assemble these bits and pieces. Some have tried to create generic platforms, like the IoT platforms that were hosted in the cloud and able to remotely manage all your assets and traverse your
network layers of security on your OT infrastructure. we’ve tried that. I spent many years at Microsoft trying to put together something like that. All these big companies that try to put together these ⁓ IoT platforms, whether decided to go vertical, providing a solution for a specific industry with a specific scenario in mind and do it well so that you would address this problem of OT folks, not all people on the field.
David (15:38)
Yeah.
Olivier (15:42)
not understanding IT, they don’t need to because that solution comes all integrated. You want to do asset monitoring or tracking today or fleet management, you have turnkey solutions, SaaS based. you don’t have to understand anything. You put the tracker, put it on your whatever. You log in online and someone gives you credentials and that’s it. But there’s no such thing as a generic IoT platform that works for everyone. And so
David (15:46)
Yeah.
Yeah.
Olivier (16:08)
The other category, besides the ones going verticals, are the ones stepping out of the last mile and saying, hey, I’m going to bring as much of my part, which usually is the cloud part and IT technologies. I’m going to bring all of that as close as possible to where the data is produced, because what’s interesting to most people is the data. That’s the goal. That’s where you’re going to extract insights from.
And that’s what you need. But you need to go collect it and eventually start managing, transforming, unifying the data as close as possible to where it’s produced. And so that’s the second camp that I’m seeing out there. And that will certainly help make that integration work because you come to a point where you have an infrastructure that is an IT one managed by IT people that offer tools to
OT world that allows them to deal with the OT infrastructure, OT data, and so on. And they’re no longer in conflict. They are actually collaborating. But you still need to have the ones around you that will be able to understand where these needs to go, how much of this cloud technology needs to come to the edge. And is it on super heavy edge servers? Is it on a heavy gateway? Or do you need to have some compute on some lighter type of edge infrastructure and devices?
And there’s no, once again, there’s no one solution that fits all. And so you need to understand the problem and you need to create an architecture that is adapted and that will work then. And once again, you need specialists for that. That’s one of reasons Ryan and I are very optimistic about what’s going on with Thing Zero is because we assemble a group of people who coming from the different worlds and they can talk to each other and communicate and help customers build these solutions that are customized to their needs.
And then also educate them on being autonomous on managing this solution ⁓ and having your own infrastructure and IT team dealing with security and all of that and having your own operators being able to operate these infrastructures themselves. So that’s really my take on this one.
Ryan (18:14)
Yeah, no, think, uh, you know, all of you nailed it. I mean, it’s, uh, you know, we’re seeing some really interesting players out there. And I think some of the, the previous previously it centric guys, uh, you know, look at the three hyperscalers, you know, Google, Microsoft, I mean, one of the greatest things that they’ve done over the past little while is, you know, only trying to do kind of what they feel is good with sort of the cloud and kind of getting down a little bit further, but then opening up their systems to a lot of different tools to come in.
Willem (18:14)
Yeah.
Ryan (18:42)
So we see like, you know, the high bytes integration into AWS. We see Litmus and Site Machine integrating into Azure. I mean, these are the guys that specialize in that certain area. And the hyperscalers have kind of realized, okay, we do really well up top, but when we get down a little bit further, you know, that’s kind of where we ended up failing a little bit. Let’s bring in these specialized tools. You know, I think the other big thing has been, you know, the rise of edge PCs. You know, we see Dell starting to produce.
industrially hardened PCs, putting them out into the field. And that really creates this nice little split between the IT and the OT side of things where, you know, the OT guys can run everything into the edge PCs. The IT guys can then take that information out, make sure it’s secure and everything else like that. And, know, like Olivier said, hey, this is, you if you look at the team we’ve got, I mean, we’ve got everybody from, you know, myself that’s been around the manufacturing floor to Olivier on the IoT side.
data guys, everybody. mean, it’s a huge swath of different people that need to come together to make this work. ⁓ I think that’s a big thing going forward for sure.
Willem (19:49)
Now you guys work also on concepts like zero trust and bringing them into OT. So ⁓ my first question is, what’s wrong with a big fat firewall keeping the world separate? I mean, it’s much easier. You stay on your side. I stay on my side and we’ll just negotiate when we need to open a port and ⁓ avoid all that complication of people of data talking to people of production. mean, it’s already hard enough as it is.
David (20:05)
you
You
Olivier (20:20)
Yeah, you go ahead. Ryan, want to take a at this one?
Ryan (20:20)
Yeah, sure.
Yeah, I’ll take first crack and then you can correct me on this one. But yeah, no, I think the whole idea behind the firewall, firewalls are great. We always see looking at the ISA 95 stack, you always started back in 1995 when it was developed. You had levels zero through four and that was it. And all of sudden, yeah, it’s the OT way of doing things.
Willem (20:42)
It’s been working for 30 years! Jesus!
Ryan (20:46)
Yeah, if it keeps working, don’t even blow on it just in case that that causes it to fail. But you had this stack on here and people started putting in like level 3.5. That was the firewall between the manufacturing operations and the business systems. You had level five that people kind of tagged in all this unofficially, of course, but they put it in as the cloud and that firewalls are great ⁓ for that sort of a stack. But there’s two big issues. Hey, once you get past the firewall,
You you get into the room, you’ve got full access if it’s not zero trust. Uh, the other side of things is the changing architecture. So now we move away from, you know, the ISA 95 stack where you had, you could only go up and down once one step at a time. You’re into UNS, you’re into data hub, whatever you want to call it, however you want to put it. But now you’re into this area where you need to have data moving around the organization a lot more flexible, like, you know, connecting.
a sensor directly to an ERP system that, you know, ISA95 doesn’t really allow that. Well, they’re starting to. It’s taking a little while. It’s like pulling teeth to change stuff. It’s blasphemous, I know. just,
Willem (21:50)
last comment, Ryan, what are you saying? I need to
change protocol every layer and I need middleware upon middleware before I get to the ERP.
Ryan (21:55)
Yeah.
Exactly. Yeah. And then you need so many different tools on there. But I think, you know, we’re starting to see this change and getting away from sort of hardening with a firewall and into more of a zero trust architecture. I mean, I think that’s got to be the way it goes to make things a lot more flexible.
Olivier (22:14)
back to my previous ⁓ point about the fact that you need to have people helping you implement a solution that fits your needs. think security aspect of a solution is definitely something that is there’s no one rule. ⁓ Zero trust might be the one rule. The only common denominator is that you have to be careful with everything.
But there’s no rule that says everything needs to be connected. There’s no rule that says you need to switch everything from a non-TCP protocol to a TCP protocol. And there’s no rule that says everything needs to be logged in and whatever. And so it really will depend. And you need to work with what you have, which is existing assets and infrastructure that’s been here for few years and will be here for a few decades moving forward.
would cost more to update and modify than to just operate with the risk of failures or risk of intrusions and data being stolen or equipment being hijacked. so it’s all a matter of understanding what kind of needs you have when it comes to actual connectivity. Do you really need to connect everything? That’s one of first questions I usually ask customers who are coming, don’t know IoT, that’s just like, well, we need to do IoT.
Do you need to connect everything? Do you need to have? Maybe not. Maybe what you need is to ⁓ not touch your existing assets and add a little non-intrusive sensor that will do the work that maybe you could have done by recoding your PLC and whatnot. So maybe.
David (23:34)
Yeah.
Olivier (23:53)
maybe what you’re looking for is not ⁓ transforming everything. Maybe you are just looking for an additional tiny device that is not intrusive and that will do its work and it will be modern and all greenfield, all good. And so it’s something that if you do these kind of things in certain cases, you don’t even need to consider, hey, what do I need to do to secure that? Because you will get it by default in whatever new modern IoT platform you’re using for adding that sensor.
So that’s just an example of the use case of, know, your trust is something that might be the only common denominator when comes to security. And yes, you need to be careful, but do you need to connect everything? That’s the first question you need to ask yourself, in my opinion.
David (24:39)
Absolutely. It is a bit of a paradigm shift. This also maybe comes down a bit to Greenfield versus Brownfield or so. I can imagine that… I’ve seen it myself. When you are in a Brownfield installation and you adhere to…
to the good old Purdue model and joke side. It’s everywhere around us, but that’s a different starting point than when you’re starting from a greenfield plant, you go like, ⁓ we have this nice idea. We’re gonna build a new production line for such and such. where, if we talk about…
about IoT, but more specifically about securing IoT. ⁓ What difference do you guys see between brownfield versus greenfield? What are, I would say, the right approaches? Is it a similar approach? Is there one approach? ⁓ Are there different approaches?
Olivier (25:55)
Yeah, can take it first. Take it this one. There is no one approach. Once again, I think that’s going to be my motto for today. There’s no one approach. That said, ⁓ what I would recommend is to consider starting small. Start with your business case, what you’re really trying to achieve. Start with something simple. Could be that eventually you have a set of equipment that are from different manufacturers.
and that you want to monitor in a unified way that everything is up and running and at what pace it’s producing. And this is a very practical example that we’re actually, without naming anyone, working on at Thing Zero. And here, instead of trying to go super wild, was like, wait, we have all these PLCs, and they’re going to give us all these data points from all these assets and so on. And then you’re wondering, OK, so let’s assume I’m able to get all that data and do all my
security work of making sure everything comes encrypted and I don’t open too many ports and I know exactly what’s going on, which is a lot of work. what will I do with all that data? What kind of information am I going to extract? How is it going to enhance my production? How is it going to enhance whatever? Is it opening up for a new business model? And you need to ask yourself these questions because if you take it from that perspective, you’re not
David (27:12)
Yeah.
Olivier (27:20)
starting with dropping all these LEGO blocks here and saying, hey, now we have a problem with security. You’re really in the opposite saying, hey, I want to start with that data point. How do I get this from these two machines in that one factory? And then eventually from two factories. then you start asking yourself the questions as they come, which is first on that one factory, maybe I can do everything on site. I don’t need to be connected to a cloud, right?
And then I need two factories. OK, so now I need to get the data from these two factories into a central point, right? Is it going to be private cloud? Is it going to be public cloud? And the security questions are piling up on top of this very practical, simple use cases. And instead of having the very complex problem from the get-go, you build up from there. And I think to me, this is the one best approach, keeping in mind the long-term goal.
which might be to have a fantastic digital twin of all your factories and all the assets that give everyone information about everything and you automate everything. Like we used to say everyone when I was at Microsoft, which is, we’re going to solve all the digital transformation problem and you’re going to have this factories, digital twins. Technology from the technology perspective, yes, it exists. All the tools are there. You can do it. It’s possible.
David (28:22)
Yeah.
Mm-hmm.
Olivier (28:40)
You can build that digital twin that has a 3D representation that you monitor using your HoloLens and you interact with all these temperature sensors, whatever, using all virtual reality. then you can have this information flow into your business automation and reporting to the CEO and then triggering the maintenance using the AI and whatever. You can do all of that. It’s not the question. The big question is, do you need it? Because it’s going to take some time, a lot of money.
A lot of people to implement all of that. It’s not going to happen overnight. So do you need it? Is it really?
David (29:13)
and many points
on our buzzword bingo.
Olivier (29:18)
Yeah,
Willem (29:18)
I’m
Olivier (29:19)
ding, ding, ding, ding. ⁓ Yeah, so that’s to me the best approach to securing your IoT infrastructure and solution is to start with very simple approach, very simple business and use cases. Look at the ROI. Don’t go further if you think the ROI is not there. Like Ryan said, don’t blow on it.
Ryan (29:45)
Yeah, that’s, mean, it’s interesting to deal with some of the, you get the guys, guys on the OT side of things that sit there tinkering with, you know, things day in and day out. And now it’s the question of like, oh, hey, we can do this. You know, we can connect all this stuff up. Okay. The next question is like, should we do this? Like, do you need all of this information to Olivier’s point? mean, like, should you do this rather than can you do this? You know, looking at the different business cases, you know, Olivier mentioned, you know, one case, one item we’re working on right now.
And we’re starting small in there. It’s going to be just two simple parameters we’re getting out of here. But it all started with the business case. Okay, why are we going to put this in? When you get stuff being driven from the top down, they start to look at problems like, okay, we need to control our capital costs. If we can avoid putting in a new machine that’s going to save us millions of dollars over the next couple of years, you bump that out. You get a whole bunch of different costs, opportunity costs and all that other fun stuff. We can throw the money at something else if we need to.
But okay, how do we figure out what areas we need to actually invest in and where can we defer investment a little bit longer? ⁓ Everybody has a love hate relationship with OEE depending on who you are. And I’m sure that crosses off another one on the bingo card, ⁓ but it’s a good way to say, how much are we actually using this piece of equipment? Is it being used as much as it can? Is it now become a bottleneck within the process or,
David (31:00)
Yes.
Ryan (31:12)
Is this a critical piece of equipment, but we’re only using it like 25 % of the time. Like, can we adjust our processes to take better advantage of this equipment? And even just looking at like on off data and throughput, that’s a very easy way to identify whether that piece of kit really needs to be, you you need to expand upon it, duplicate it, anything like that. It helps solve the business cases. And the nice thing is if you’re solving the business cases first,
Then the guys that are controlling, you know, controlling the budget. mean, they’ll start to see returns on investment. They’ll start to see money coming back in off this. start to gain some confidence that, you know, when you suggest that crazy IOT application, they’re going to be like, okay, you know, the last little baby steps we’ve taken really worked out well. Hey, these next ones will too. From the cybersecurity standpoint, mean, if we look at like a big Brownfield application, paper machines, you know, maybe you guys walked around a paper mill.
I mean, the length of a, well, I’ll say football and that could mean something depending on which side of the Atlantic you’re on, but they’re about the same length, right? So something, the length of a football, big anyways, yeah, about a hundred odd yards slash meters, but they’re big machines. You know, they get put in, they stay there for decades. They get improved upon a little bit here and there, but other than that, you know, they, they stay running. Are you going to rip and replace the, the PLCs and skater systems that running it? No, like you’re not going to do that.
David (32:16)
Big anyways.
Ryan (32:35)
But as Olivier was mentioning, start small. Hey, AWS had those great little, and I think they actually discontinued them, which was a shame, but they had those great little like vibration and temperature sensors you could just toss on a bunch of things. And that gives you a bunch of information without having to do all this extra stuff, trying to either rip and replace a big system or try to implement it in a way that might be opening you up because you’re trying to fit old technology into new process.
Olivier (33:03)
And one thing to add is it’s not because you start small that you start quick and dirty. You actually need to start small, but correctly do things right. And so don’t open everything up. Don’t go for the big hammer to just put something down there. ⁓ It’s something that I’m seeing often and often, which is the extremes.
David (33:11)
Yeah.
Olivier (33:30)
whether you go full blown with an entire IoT platform and everything in there, the shebang, you’re never going to use and you don’t even know it’s there. It’s like using Word to write a little letter. ⁓ And so you don’t need that. You can use Notepad or whatever simple text editor there. ⁓ And so it’s something that… And the opposite is like doing quick and dirty.
Yes, you can prototype a very interesting solution with a Raspberry Pi and open everything up and use whatever open source technologies there on top of that Embedded Linux OS, and then SSH and with the password and all the bad practice, but that will get you to a point where things are kind of working. And then you have the problems with security, with resilience, with scalability.
It’s not because you start small or should start small that you should start quick and dirty. You can start small but correctly with, once again, the long-term or mid-term and long-term in mind and where you’re going to go. Data unification is a good example of that. How you’re going to start shaping your data in formats that will work when you have more than two data points and you have hundreds. Instead of having to redesign everything when you get to that point,
you design things from the get-go with two data points with something that might be a little bit more over-engineered than what you could do, because you will think about UNS, you will think about some form of digital twin, but you will be resilient and you will be able to scale afterwards without too much effort, which is what you’re looking for. Same thing for security. If you start with good practices from the get-go, you will be less in trouble and will be…
not as hard to secure the at scale solution that you want to have.
David (35:23)
Yeah.
Ryan (35:25)
out.
Olivier (35:26)
And one term was not used, but I think it’s not just marketing, which is risk management. What kind of risk you want to take? Because when you’re looking at the technology and at what pace it evolves, what are the bets you’re going to take for your future infrastructure and architecture and so on? You cannot leave on the past all the time. Yes, you will address brownfield and still
have to deal with things that are robust and do work, right? ISO 95 has been here for a long time for a good reason. And so it’s not about just dumping all of that, but it’s not either about adopting what’s not even like, we like to say, GEA, right? Things that are in preview, that are in just being talked about. So it’s great because it has a nice promise. Like UNS is one of these things where nice promise, it’s community-driven, industry-driven, and
David (36:09)
Yeah.
Olivier (36:17)
It’s good concept and so on. Do you want to put all your eggs in that one basket? Do you want to bet your entire business on the fact that this technology is the one that’s going to stick and that there’s not going to be another one that will become the standard that everyone will have to comply with or adopt? So you also need to be careful and measure the risk you’re taking. ⁓ risk is not just about security. Risk is about the choices you make when it comes to adopting technology.
⁓ to digital transform. And that’s something that you need to have, once again, support from people who understand both that technology and your domain sufficiently enough so that it can guide you, that they have the insights, that they have the understanding. Sometimes they have the guts as well. Say, hey, that thing, I wouldn’t go there for now. I would wait a little bit more. And sometimes you should try and afford to wait, wait and see what’s going on, right?
because some of these very fancy cool technologies, you don’t know, like we’re talking about security, we didn’t talk about post-quantum. Once we have quantum computers out there, they’re to break or I say, or elliptical curves and things like that, where we say, hey, this is very secure, and then suddenly, so much.
David (37:25)
Yeah.
Olivier (37:36)
Is it or is it not? Like should we bet on adopting a new encryption model today is going to be super expensive and you need to change your hardware and so on or maybe not? I don’t know. You know, we don’t know yet, but you need to think about it.
David (37:47)
It’s a difficult, yeah, there is always something. ⁓ let’s suppose that we were able to convince the management team to buy in this, I would say, investment. Yeah, there is no ROI yet, but we’ll start small. Let’s suppose that the right platform has been selected. ⁓ Next problem, data management. ⁓ Because I’ve…
Anyways, I’ll let you, I you guys explain, but what I find very interesting here is, so we’re starting somewhere. And then the first thing is, okay, should we now start talking or thinking about how are we going to unify or how are we going to structure our data? Are we going to adapt IZ95 or something similar? ⁓
or should we just go with the flow? Any thoughts?
Olivier (38:51)
Go ahead, Ryan. I’m sure you have thoughts on this one.
Ryan (38:54)
I mean, I was going to say it’s, you know, if they’re throwing money at me, I’m going to take a nice vacation. It’s going to be great. I’ll tell you, it’s perfect. Data management is an issue from the ground up. You know, even when we’re starting out, starting out small, mean, like the first thing is again, going back to, you know, reliability and reliability, reputability, contextualization, all that fun stuff.
David (39:00)
Fair enough, fair enough.
Ryan (39:19)
It’s always an issue. I think for many companies, I mean, going back and even just making sure that the data they’re getting is the right stuff that’s coming out. been in many applications where they thought they were getting certain numbers out and it turns out that even low down they weren’t. But I mean, there’s so many different things that can come out of that and so many different ways of pulling data out. It’s a big issue. we see, I think, high byte was formed on the whole premise of like contextualization and model development.
you know, that’s how big of a problem it is that you can have a really nice successful company like high bite being spun out of something like that. Um, but yeah, it’s, you know, it’s something that really needs to be, really needs to be worked on. Um, you know, it’s, yeah, it’s a problem. It’s something that I think if you’re going to do that, it needs to be addressed. If, know, if management’s throwing a ton of money at you for all this new infrastructure, the next big thing is like, okay, how are we going to manage it? What models are we going to put in into there? And, you know, how are we going to standardize on everything? You know, even, uh,
we were kicking one conversation around ISA about a week or two ago, error codes. Error codes might seem like the stupidest thing out there, but if you’re trying to figure out what’s broken and why, how do you develop standardized error codes that are gonna be replicated across the enterprise? ⁓ There’s no standard out there. From what I hear, IT has one on the HTTP side of things, but there’s nothing on the OT side to say like,
hey, why does machine break down? Was it just because the operator needed to go in or there was like an oil leak or something like that? And even worse, you know, I’ve seen applications where they put these error codes in, they hand the tech, tablet, and they say, okay, every time the machine stops, I want you to press the button that corresponds to Y. And they started looking at it, they’re like, man, this one reason keeps coming up all the time. And they realized that it was only because that reason was in the top left hand corner of the screen.
And they kept pressing that one over and over and over again just to get the machine up and running. it’s, you know, it’s that is standardizing. And it’s also trying to convince the guys on the shop floor. Hey, you need to put in an extra second or two just to give us this information so we can have the data to make better decisions further down the line.
Olivier (41:31)
Yeah, definitely. one thing that ⁓ I noticed is the fact that we already have a lot of data. We’re talking about IoT and modernizing equipment and so on. But diagnostics generated by machines these days, it exists. We have historians of huge amount of data that have never been analyzed or looked at because there’s too much of it. It’s not unified as well. So across two different branded of the same device, you might have the same type of data. So it’s super hard.
David (41:51)
Yeah.
Olivier (42:01)
correlate that and to understand what’s going on there. But I think we have lots of tools that allow us to first eventually look at these historians. ⁓ We can also leverage general VI, LLMs to start deciphering all of that, making sense of it. So UNS is great because it’s about formatting and formalizing data from the get-go when it’s produced. But we need to think also about what do we do with this huge amount of raw data, its existing knowledge that is out there.
on existing brownfield machines that no one does anything with. And one thing I’ve learned working recently, especially on edge AI rather than just pure AI, so AI running in the cloud versus AI running at the edge where you need to optimize your models for running at the edge, is that if you have bad data, you’re to have bad models. So going back into this huge amount of data that has been produced, that exists already, and being able to clean that up, understand that,
David (42:52)
Yeah. ⁓
Olivier (42:58)
Sometimes you don’t even need to implement any sophisticated IoT ⁓ solution, especially to fix this existing machine infrastructure or whatever. And you might realize by analyzing that huge amount of data that, well, I had this problem for a long time. Didn’t realize that it was due to this or that. And now I can improve my production by 20 % by doing this little tiny change. And you could not do that because you don’t have the tools to analyze that huge amount of data.
I think my point is, because I’m going on tangents, my point is you might not need more data. You might not need a lot more data. Maybe what you need is a couple of additional data points that will address or that would help you address the problems you have at hand that have an ROI. So you’re really focusing on the ROI and the fact that you have use cases in mind and you will deal with the data based on that. What kind of data?
How do I clean it up, analyze it, unify it, create new data, store it somewhere? Storage is not free, by the way. ⁓ Not in the cloud, not on premise. It has a cost. ⁓ Exactly. And then securing on top of that, once again.
David (44:03)
No, no, no, no, no, no, no, no, no,
no, no, no, no, no, no, no,
to our, yeah, as a 31st episode. But still, thank you so much. Another great episode in the books. Olivier, Ryan, thank you both for joining us.
Olivier (44:39)
That’s a one.
Ryan (44:49)
Hey, thanks for having us.
Olivier (44:49)
Thanks for inviting me.
David (44:51)
So you can find both gentlemen, of course, on LinkedIn, on their website, I would say, their thingzero.com. I guess it’s dot com. Yeah. We’ll add a link to the show notes. ⁓ As I said, Olivier has a very active YouTube channel on IoT. Just look for the IoT show, and I’ll also put a link in the show notes. ⁓ And yeah, to our listeners, thank you again for tuning in. Make sure to subscribe and… ⁓
via itotinsider.com and until we meet again, bye bye.