Sometimes, it doesn’t matter when something breaks or goes wrong: it’ll be fixed soon enough, and no real harm will be done. But other times, it really is a matter of life or death: the junction points on the rail network that need to be switched before the fast train surges past, or the power system that must always be in perfect balance to ensure the safe and reliable delivery of electricity.

Conventionally, running the operational technology (OT) that keeps railways running and electrons flowing safely – as opposed to the corporate IT that keeps the organization’s business running – can’t just be exported into the cloud. Yet, at the same time, the OT behind this critical infrastructure must start to incorporate IT technology as OT systems are becoming increasingly software-centric and data-driven.

That calls for a convergence of IT and OT, where IT might be in-house, in the cloud or (more likely) both. But intriguingly, clouds optimized for OT are emerging.

OT has largely been kept out of the cloud because, until now, cloud was largely optimized purely for fast, agile and cost-effective management of IT, while OT demands resilient and secure applications offering deterministic quality of service.

According to Hansen Chan, senior IP product market manager at Nokia, modernized cloud networks are starting to bridge this critical gap to meet the complex capacity demands for data center resources, and satisfy the needs of both enterprise IT, as well as mission-critical OT.

“The word ‘cloud’ has evolved. Initially, when people mentioned cloud they would immediately think of a physical location where public cloud services like Amazon Web Services (AWS) reside and where enterprise applications are run.

“However, since then it has taken on a deeper and richer meaning: it refers to a method of utilizing and consuming compute, storage and network resources that isn’t restricted to specific locations. It could be in the public cloud, like AWS, but it could also encompass on-premise data centers, or colocation facilities that you use out of convenience, bringing your own computing resources. Or it is a combination of all of these options, in a hybrid approach to enterprise cloud networking,” says Chan.

One of the earliest benefits of cloud was simply the ability to better handle surges in demand, especially driven by seasonal events, such as sales or public holidays. But OT, says Chan, is much less subject to huge spikes and troughs in demand, with usage typically more stable and predictable. OT clouds, therefore, require subtly different architectures.

“The absolutely critical nature of OT applications necessitates end-to-end visibility. Users aren’t just concerned with performance at individual levels, but overall systems performance from end to end. They need to understand the entire network connectivity and delivery in real time, and can’t wait for periodic reports from their service providers,” says Chan.

And, of course, missed service level agreements (SLAs) may not simply affect something as ultimately trivial as website response times, for example, but could cause lights to dim in far off suburbs, slow or stop railway movement, a hiatus in production systems, or much, much worse.

Ch- ch- ch- changes

Time moves slowly in the world of OT, with some infrastructures expected to last decades or more and many not necessarily easy to upgrade to accommodate new technology at a reasonable cost – water and sewage pipes, for example.

Hence, adding the kind of technology developed over the past 20 years that can help better monitor and manage critical infrastructure can’t be done overnight, but when they are implemented, the results can be revolutionary. Moreover, things are actually changing faster than you may imagine.

“Beneath the surface, there are a number of fundamental changes taking place, akin to the transition from the internal combustion engine to battery power. The shift is from electromechanical operation to microprocessor-based processes and, more recently, a focus on software-centric operations,” says Chan.

He continues: “Cloud technology is increasingly embraced by these software applications; OT apps are adapting to new requirements, including tough, new regulatory standards, net-zero efficiency demands, improvements in safety, or simply just adjustments to an evolving ecosystem.”

That evolving ecosystem, for example, might entail the changes now being made to power grids to better accommodate renewable power, from the more dispersed electricity generated by wind farms to households generating their own solar power and exporting their surpluses back to the grid.

“To keep pace with these changes, OT applications need enhanced capabilities. This involves accelerated software development so that capabilities can be delivered more quickly and effectively, and the use of cloud to host and deliver them. It entails leveraging software virtualization and moving away from traditional static environments, utilizing microservices in containerized computing environments,” says Chan. As a result, OT is becoming increasingly associated with cloud, even if the cloud remains in-house – at least for the foreseeable future.

Initially, he adds, cloud technology was adopted in industrial communication systems, such as mobile radio and private wireless, with the aim of offering more scalable 5G services to consumers. Now, even control applications are starting to shift to the cloud.

“Traditionally, control systems were quite distributed, with controllers spread across various zones in the infrastructure. This decentralized configuration led to complexities in management, but the transition to cloud has enabled more centralized, uniform and, therefore, more manageable models to emerge.

“For example, in a railway, network communication flows from the tracks to the stations, and then to the data center of the company running the railway. This communication involves the trains and onboard control interfaces transmitting location, status, and other information to the train management system, which may be located in the cloud due to the changing OT paradigm,” says Chan.

The OT cloud, therefore, is a concept that encompasses a dedicated pool of compute power specifically intended to support OT applications that in most cases are quite literally mission-critical and therefore need cloud resources designed and specified accordingly. But it has to be supported, end-to-end, by the right technology.

“OT cloud is a solution designed to meet the stringent requirements of reliability, availability, and resilience for OT applications. Consistent performance is paramount, of course, and access to real-time or, at least, near real-time information is crucial.

“For instance, monitoring the temperature of train bearings as the train is running to ensure it remains within safe parameters, and ensuring high availability so that no information – not even the location of the train – is lost for a single unexpected moment,” says Chan.

It is not just about the data center, he adds, but all the information being communicated across the network, whether that’s the private network belonging to the railway company or a public 5G network that might be relaying business-essential, but not mission-critical information.

Right fabric

The quiet revolution in OT requires a reliable cloud network that encompasses every aspect from the furthest node in the OT infrastructure, all the way back to the compute power in the data center. The cloud network comprises the mission-critical wide area network (WAN) that OT systems are running on today. What is novel is that the data center network, also known as the fabric, which is a group of purpose-built data center switches to connect servers, is now an integral part of the mission-critical communication path.

“Of course, these switches must offer high-speed, high-density interfaces, ranging from gigabit to 400Gbps to support increasing capacity. More importantly, the network operating system (NOS) of these switches must be field-proven, reliable, and scalable, and it needs to be interoperable with the WAN too,” says Chan. Nokia’s SR Linux is a modern NOS for data center routers and switches that is built on an unmodified Linux kernel that is open and extensible which allows customization of the OT cloud.

“In the past, there were fewer demands on the fabric in terms of resilience and reliability, but now it has become as critical as the WAN backbone network,” says Chan.

“Organizations know that they are accountable for the overall system and application layer performance, which relies not only on the wide-area network, but also on the performance of the fabric. As a result, more attention is being paid to the design and implementation of the fabric within the data center, too.”

Nokia has dedicated OT cloud networking solutions for critical infrastructure, including its Utility OT cloud for power grids and Rail OT Cloud enabling the digitalization and automation of railway operations, right down to signaling and traffic management. These suites encompass Nokia’s Data Center Fabric, interconnect routers, optical networking switches and service routers.

And it is running today with many different organizations. The Public Transport Authority of Western Australia, for example, is modernizing its railway communications network with Nokia's end-to-end solution portfolio, including Data Center Fabric and mission-critical IP/MPLS backhaul.

“The application's primary goal is to understand and control train running conditions, including determining location, to enable more efficient traffic scheduling,” says Chan. In the future, this digitalization will also enable new features to be added without having to send engineers out in all weathers to physically upgrade the infrastructure.

Isn’t it ironic?

But what is it all for anyway? What does it enable?

Rail networks, power grids, water facilities, airports and other elements of critical infrastructure are already shifting from old-style operational technology to new OT, supported in on-premise or off-premise clouds so that services can be delivered and run more efficiently and reliably.

According to Chan, the shift will help organizations tasked with building, managing and maintaining infrastructure to digitalize their operations in a way that the rest of the corporate world has been doing over the past decade or so.

They will be able to gather and analyze much greater volumes of operational information, not just to improve safety and reliability, but to identify bottlenecks and potential issues in their systems, improve service and increase efficiency.

To find out more about the OT cloud and everything behind it, go to Nokia's dedicated Enterprise Cloud Networks web pages