While DevOps practices have been tested and implemented in IT circles as a means of collaborating on code changes to improve application delivery, the same cannot be said for industrial automation settings.
As more software creeps into operational technology, the need to improve developer collaboration, and improve time-to-delivery and -remediation will become paramount—and the concept of industrial DevOps may soon be taking hold.
In this episode of the Nexus Podcast, Adam Gluck, founder and CEO of Copia Automation, describes his experiences with industrial DevOps, and why this practice is crucial as more cyber-physical systems come online and impact physical outcomes in the real world. Organizations are quickly realizing, he said, the need to have visibility into code changes impacting physical devices, and this will draw them toward formulating DevOps practices that fit their environments.
“The way I look at industrial DevOps is that there is a bunch of code that runs industrial sites, and code within OT technology is largely software driven,” Gluck explains, pointing at robotic arms, sensors, programmable logic controllers and other networked devices as examples. “Their logic is all code-based; people make changes to that code and they break things. There's a bunch of best practices from the IT software space to put [in place] good governance and controls to actually control how code gets on to production that can be applied to this space to prevent people from breaking things and drive uptime and quality.”
There are a number of challenges impeding widespread adoption of industrial DevOps, Gluck said, looking mainly at the complexity around OT, the proprietary nature of the technology, running numerous platforms and communicating over diverse, closed protocols. There’s an awareness of DevOps and its benefits, but version-control systems such as Git that are crucial to IT DevOps don’t perform as well in industrial environments.
“It's an industry-wide problem. Everyone knows that these environments are really messy and it's very much like the wild West in terms of how changes go into them, Gluck said, adding that as more IT/OT convergence happens and CIOs and CISOs will soon learn the status quo cannot continue.
“We can't keep operating this way you know and we can't have no visibility into what's changing and we can't have a lack of traceability and we can't have no auditing of code changes in these environments,” Gluck said. “I think it's becoming a very clear problem that people are tackling in a big way, and at the level of organization-wide initiatives to solve.”
One quick win, Gluck points out, are the benefits DevOps can bring to disaster recovery within an industrial environment. Practices such as backups are key to quick recovery from ransomware, extortion, and other malware-based attacks where a known-good state is required to resume operations. But those are reactive, drawn-out approaches, whereas DevOps may afford teams the ability to be proactive.
“We can't keep operating this way you know and we can't have no visibility into what's changing and we can't have a lack of traceability and we can't have no auditing of code changes in these environments.”
—Adam Gluck
“DevOps is proactive and prevents issues from happening before they actually happen,” Gluck said, conceding that those types of approaches are relatively few and far between within industrial automation.
“There’s very few companies that have adopted that, but we're starting to see more and more very aggressively look in that direction,” Gluck said. “And then on top of that, I broaden industrial DevOps to things like digital-twin testing frameworks, SIMs, and SCADA. Some of that stuff's been around for a long time which helps you to understand if something's breaking.”
Michael Mimoso is Director of Influencer Marketing at Claroty and Editorial Director of Nexus.