The term ‘Critical National Infrastructure’ (CNI) is often bandied around without much explanation of what it entails. Put simply, CNI is the engine that keeps the nation’s wheels moving forward. It’s the backbone of the UK, comprising the facilities, systems, sites, information, networks and processes upon which daily life depends, whether that’s the water coming out of your taps, or the electricity powering your computer. Key services including utilities and transport all fall under critical national infrastructure, with their continued availability being absolutely critical to the UK economy.
You would think, given its significance in the life of almost every UK citizen, the sector would be at an advanced stage of digitalization. The reality is somewhat different. Despite considerable advancement in some areas, the technical challenge of implementing a digital solution to cope with the demands of a critical system is enormous.
Why is that the case? There are many reasons, including the sheer scale of UK infrastructure, and other socio-political factors that impact and influence investment decisions. But they can usually be boiled down to one key factor: the risks associated with the convergence of IT (information technology) and OT (operational technology). It’s a process that is critical to increasing control over and transforming the efficiency of critical assets, but is undeniably tricky and hard to get right.
Understanding the difference between OT and IT in CNI
OT, a term initially applied to networked control systems within the utility industry, is now used across the industry to describe all industrial control systems (ICS) and emerging Internet of Things (IoT) or Industrial IoT (IIoT) solutions. Specifically, an OT network includes any device that monitors, reports on, and controls, a mission-critical function.
The priorities of OT networks in CNI fundamentally differ from those of IT networks, however. Confidentiality and integrity are always the priority for IT networks when considering connectivity, ahead of service availability. For OT networks on the other hand, ensuring network availability for the exchange of data between mission-critical control assets is the absolute priority.
So given the risk and complexity associated with integrating these two fundamentally different network environments, the question for infrastructure organizations is: what do I actually gain?
OT networks in the sector are reactive by nature. They use local task-specific information to make fast real-time decisions. Visibility of the huge amounts of data captured and held -whether on-premise, or in the cloud – is needed to facilitate more accurate decision-making, and improved operational efficiency. Linking the production-based OT side of industry to internal, IT-based business functions also helps businesses bring together two historically disparate environments, and enables businesses to enjoy the benefits of full digitalization, including predictive analytics and automation.
Putting together the connectivity puzzle
Let’s take the power sector as an example. The introduction of smart metering is a great first step, but the end goal is to be able to accurately predict demand for energy, and optimize its generation and consumption, via smart infrastructure. Efficient and seamless control of distributed energy resources (DERs) is critical to realizing this ambition, and supporting eco-initiatives such as electric vehicle charging, and the fulfillment of net carbon zero targets.
However, previously closed OT systems need visibility of real-time “big data”, often hosted in enterprise IT environments, to impose this control. That means the sector needs smart infrastructure and intelligent security to safely traverse between OT and IT networks before it can reach its nirvana – the continuous, and sustainable provision of critical public services.
This infrastructure is important because it provides the ability to access and harvest a wider seam of relevant network data, analyze and act upon it at speed. But bringing IT and OT together isn’t straightforward. Legacy infrastructures are still omnipresent across most areas of CNI and overlaying digital services directly onto operational networks – even when mandated by regulation – doesn’t produce the kind of instant results that digitalization promises.
Laying the foundations for smart infrastructure
So how do we create the bedrock for this technological evolution in CNI?
• Real-time data availability:
The ability to collect and control data in real-time is critical. It enables fast and informed decision-making, which not only delivers improved operational efficiency, increased customer satisfaction, and greater sustainability across CNI-related services, but makes it easier to predict the demands of the future.
Making this a reality requires careful network planning and engineering process. It also requires a hybrid approach to network connectivity that supports the slick and secure transfer of critical data between IT and OT environments, and guaranteed uptime of IoT and IIoT edge devices, particularly those in remote locations.
Upgrading legacy infrastructure, through the provision of evolving mobile, leased line, and SD-WAN services is essential. If designed correctly, they ensure the centralized control and secure connection of intelligent data, creating an optimal base from which CNI organizations can start their digital transformation journey.
• Constant service continuity:
Maintaining the provision of critical services to citizens and local communities is critical in the event of disruption, and many firms in the sector lack the ability to access systems remotely, identify single points of failure, and vulnerabilities. Increased contingency planning is needed to mitigate loss of service or outages during large-scale infrastructure changes. End-to-end telecommunication networks that support decentralized structures are critical in this context, as not only do they enhance service continuity, but also enable digitalization while doing so.
• Consistent compliance:
Industry regulations. standards and protocols govern how connected edge devices should be introduced, and their use. Ensuring compliance requires a full end-to-end review of infrastructure to ensure interoperability between systems, guarantee new technologies are secure, and test resilience.
It also demands best practice in the storage, transfer and security of mission-critical data. That’s why hosting is so important, and why many organizations are prioritizing data centers that promise high levels of security and resilience, whilst enabling fast access to that data, so they can analyze and act on it, at speed.
Charting a course to connectivity in CNI
We have all heard examples of how digitalization projects have not been completed on time, run over of budget, or failed to deliver the promised efficiency, consistency and sustainability benefits.
Critics often cite ‘overambition’ at the outset as the reason for their failure, but we shouldn’t be put off; being innovative and agile requires vision, and the CNI sector must continue to be ambitious, and adopt an approach that leverages advancements in edge and core technology, ensures integrity through design, and doesn’t compromise on security.
An approach which above all prioritizes and justifies digital evolution with a purpose, and creates a connectivity framework for the future and benefit of all stakeholders. From those responsible for operating our CNI, to every UK citizen benefitting from it.
Peter Clapton, CEO, Vysiion