Secure Data Access for Industrial AI

Summary

The year 2025 shows no signs of slowdown for industrial artificial intelligence (AI). Early adopters are forging ahead, and those who took a wait-and-see position are now scrambling to catch up. At whatever point you find yourself on the AI adoption curve, it is important to keep your process data secure. Thankfully, there are ways to establish secure, real-time connections from the plant to an AI system running in-house or on the cloud.

The best approach, mandated by the NIS2 Directive and NIST CSF 2.0, is complete network segmentation. The operational technology (OT) system should be fully isolated from the Internet and any cloud system. This is best done using a demilitarized zone (DMZ), which keeps the production network behind closed firewalls.

Protocol challenges

Moving production data to a cloud-based AI system in real-time through a DMZ requires two steps, plant-to-DMZ, and DMZ-to-cloud. However, two of the most popular industrial protocols, OPC UA and MQTT, were not designed for this type of data transfer. Although often used in Industrial Internet of Things (IIoT) and Industry 4.0 systems, they were conceived in the early 2000s, long before people were thinking of secure ways to access industrial data from outside the plant.

The OPC UA protocol by itself is simply too complex to reproduce well in a daisy chain across multiple servers. Information will be lost in the first hop. The synchronous multi-hop interactions required to pass data across a DMZ would be fragile on all but the most reliable networks and would result in high latencies.

MQTT, on the other hand, can be daisy-chained but it requires each node in the chain to be individually configured and aware that it is part of the chain. The quality of service (QoS) guarantees in MQTT cannot propagate through the chain, which makes data at the ends of the chain unreliable. Therefore, MQTT is best used as the last step only to move data from the DMZ to the cloud.

Getting data securely from the plant to the DMZ is the challenge. Using OPC UA for that step has a serious pitfall: It requires opening a firewall on the production network. Any OPC UA client on the DMZ would need to connect through the firewall to the OPC UA server in the plant. Opening a firewall into the plant for this is far too risky. Most security administrators will not allow it.

Tunnel/mirroring

Since neither OPC UA nor MQTT alone, or together, are sufficient for passing data through a DMZ, another approach is needed—one that integrates well with both protocols. Secure tunnel/mirroring software with a unified namespace provides a solution (Figure 1). It can make the connections at both ends and pass the data along the daisy-chained connections necessary for DMZ support.

Firewalls and data diodes

As mentioned previously, all inbound firewall ports on the production system must be kept always closed. The tunnel/mirror system must be able to make outbound-only connections from the production network to the DMZ. Going a step further, some high-security, critical infrastructure applications require a hardware data diode to ensure that not a single data packet gets back to the industrial network. The tunnel/mirror system would need to provide data diode support for that level of secure architecture.

Other AI implementations may call for bidirectional data flow to enable hands-off supervisory control or similar data inputs back into the production system. The tunnel/ mirror technology should be flexible enough to support that, if needed. In any case, there should be no access to data beyond what the AI system uses. Plant engineering staff must have full control over which data will be made available.

To optimize production systems, many companies today are turning to industrial AI. The challenge they face is accessing the data they need without compromising security. This is difficult, but not impossible. You can have a zero-attack-surface OT network and still provide data to AI systems. The security is provided by a DMZ. Accessing production data through a DMZ can be done with well-designed tunnel/mirror software.

_{This article was published in the January/February 2025 edition of Automation.com Montly.}