The Open Group Open Process Automation Forum (OPAF) provides annual updates at a forum in Orlando in February. I missed that meeting, however recently receiving an update from Aneil Ali, The Open Group OPAF Director.
OPAF members have worked diligently for years developing a standard of standards in order to break the proprietary grip of specific process automation suppliers—hence the word “Open” in the name. Owner/operators facing needed technology upgrades balked at the price of rip-and-replace automation.
I have seen these efforts a few times in the past. The results have provided benefits, but usually far from the vision of the founders.
This organization continues to move forward. They have released version 2.1 of the standard, launched a product certification program, and have witnessed some products making it through the system.
The headline news is ExxonMobil’s Lighthouse project. They have operationalized the OPAF system at a resin finishing plant in Baton Rouge at tail end of 2024. Engineers beat deadlines for startup. They have published some good lessons learned from the project. It’s the first deployment of a commercial OPAF system making money for the owner/operator.
One complaint levied over the years concerned the proliferation of standards, many of which are not interoperable. OPAF has addressed standards harmonization hosting for the fourth year standards harmonizing meetings in Eastern Hemisphere. Recently one was in Germany with FieldComm, OPC UA, Namur, OPAF, PI. They typically meet for three days looking for where there is a risk for divergence and potential problems for endusers.
Ali noted the OPAF have started a regular cadence of user meetings as an effort to get them together to air wishes/desires. These thoughts can be distilled to assignments for working groups.
Ali concluded, “The Forum always open to receiving guidance and feedback from end users not in the ecosystem—we’re not a closed club.”
A company called Armexa, new to me in the cybersecurity ecosystem, sent a release about an analysis they made regarding the thoroughness of risk assessments. They advocate a “bow-tie” method, detailed below. This is not my area of expertise, so I pass along as a tool in your belt.
The Blind Spots in Most Risk Assessments
Many cybersecurity assessments fall short because they only focus on one or two parts of the puzzle instead of the full picture. Here’s what often gets missed:
Only looking at external threats: Some assessments zero in on external threats like malware, phishing or hackers accessing the OT environment from the enterprise/business networks but overlook internal threats such as maintenance laptops, accidental misconfiguration errors, and unauthorized wireless access points that can bypass perimeter security controls.
Assuming compliance equals security: Publishing policies and following standards is important but just because an organization has them in place doesn’t mean they’re properly applied – or that they actually reduce risk.
Overlooking “double jeopardy” scenarios: Traditional risk models plan for one thing to go wrong at a time. But cyber incidents are intentional. Attackers can, and often do, take down multiple systems at once.
Focusing on vulnerabilities: Many assessments focus on discovery of vulnerabilities, such as outdated operating systems, known vulnerabilities (i.e., CVEs), weak passwords. Listing vulnerabilities is helpful, but without asking what would happen if the vulnerability was exploited, you’re not actually assessing risk
If you’re not linking security gaps to real operational and financial consequences, it’s almost impossible to know what really matters – or what to fix first.
The Three Elements Every Risk Assessment Should Cover
A truly effective risk assessment goes beyond simple gap analysis. It looks at the full picture by connecting three key elements:
Threats – What could cause a cyber incident?
Malware, phishing, ransomware
Human errors or insider threats
Unknown or unauthorized devices on your network
Vulnerabilities – Where are the weak spots?
Networks without proper separation
Devices that connect both IT and OT networks
Policies that are weak – or not followed at all
Consequences – What happens if something slips through?
Loss of control over key operations
Production downtime and financial losses
Safety hazards, regulatory fines, and environmental impact
Check out the web page for a discussion of weaknesses. Here they offer their better way to connect the dots—Bow Tie Analysis
Bow Tie Analysis is a visual method that clearly shows how threats, vulnerabilities and consequences are connected in a clear, structured way. It helps teams:
See how one issue can trigger a chain of events
Pinpoint which controls matter most, and whether they’re working
Understand what’s still at risk, even with protection in place
Meet regulatory expectations with a clear, easy-to-explain model
By mapping out risks in a straightforward, visual way, Bow Tie Analysis helps security teams and senior leadership understand where to focus – and where to take action first.
Is It Time to Rethink Your Approach?
If your risk assessment doesn’t connect threats, vulnerabilities and consequences, there’s a good chance some critical gaps are being overlooked. Cyber risk isn’t just an IT issue – it affects operations, finances and most importantly, safety.
My memories of Digi International focus on it as one of two companies over time who emphasized technologies to link older analog and serial connectivity to modern networks. They may have an expanded portfolio over these many years, but they still return to their roots.
This announcement is called, “redefining the future of serial device management and connectivity.” OK, that is bold, but they are announcing an upgraded Digi Navigator for streamlined device configuration and the introduction of Digi Connect EZ with Power over Ethernet (PoE) — a way to simplify networked serial communications.
Digi Navigator has been redesigned to be faster, smarter, and more powerful. The latest Digi Navigator update brings intelligent automation, broader device compatibility, and enhanced security, empowering IT teams to deploy and manage both modern and legacy Digi hardware with ease.
New features of Digi Navigator include:
Fast setup — Automatic device detection and intelligent prompts guide driver installation and configuration, eliminating guesswork and accelerating deployment.
Seamless compatibility — Supports both the latest Digi Connect EZ models and legacy Digi hardware, ensuring streamlined management across all infrastructure.
Enhanced security and control — Simplified security settings help IT teams manage authentication, access, and protection — without added complexity.
Smarter backup and restore — Save, edit, and reapply configurations to quickly replicate setups, ensure consistency, and restore Navigator to a known state for improved auditing and rapid recovery.
For IT teams looking to simplify deployments and reduce infrastructure costs, the new Digi Connect EZ with PoE offers these features:
Power + data over one cable — This eliminates the need for separate power adapters. PoE technology simplifies installations, especially in hard-to-reach locations and remote deployments.
Dual Ethernet ports for maximum flexibility — Supports failover redundancy or pass-through networking, giving IT teams greater control over network reliability.
Robust connectivity options — Features four RS-232/422/485 serial connections, dual Ethernet, and built-in Wi-Fi for seamless integration across multiple network environments.
LTE-ready for ultimate mobility — Fully compatible with Digi CORE plug-in LTE modems, allowing for flexible cellular connectivity when needed.
Enterprise-grade security — Built-in Digi TrustFence provides authentication, secure connections, and ongoing monitoring to support cyber threat protection.
Click-to-connect simplicity — Configurable in minutes and booting up in seconds, Digi Connect EZ with PoE supports rapid network expansion.
Protocol support for industrial applications — With support for industry-standard protocols like Modbus, the Digi Connect EZ family is built for robotics, automation, and industrial equipment that requires seamless serial-to-network communication.
Some final thoughts from the ODVA meetings in March in Florida. I’ve been thinking for some time about complexity. Sometimes we get into the weeds with our technologies, building routine atop routines, solving a multitude of problems through creating others.
Paul Maurath, Technical Director—Process Automation from Procter & Gamble’s Central Engineering, presented the user’s view of automation. I will dispense with suspense. His conclusion, ”Help us manage complexity.”
Maurath told the story of setting up a test process cell in the lab. They used it to test and demonstrate Ethernet APL devices and the network. They discovered that APL worked, the controller didn’t see any issues. The discouraging discovery was the amount of configuration required and the complexity of setup. He referred to an E&I technician working the shift on a Sunday morning at 3 am. Call comes in. Device is down. With a regular HART / 4-20 mA device, the tech has the tools. But with an Ethernet device configuration can be a problem.
Conclusion:
There is a need for new technology to deliver functionality and simplicity
Standards are great
Please keep end users in mind when developing standards and technology
A paper presented this year by Paul Brooks, Rockwell Automation, Wolfgang Hoeferlin, Endress+Hauser, Sean Vincent, FieldComm Group, and Joakim Wiberg, ODVA discussed the complexities and difficulties following the acquisition of FDT technology by FieldComm Group (FCG). They noted the industrial automation community has the opportunity to enhance our technologies to allow a single device integration standard to be used through discrete, hybrid and process automation disciplines. Double work on business logic and user interface for a device across different technologies and for use in different applications can be eliminated.
In this paper we outline the use cases that FCG – together with ODVA, PNO and OPC Foundation – wish to address. We will look at some of the initial technical assumptions that allow this work to dovetail into device description improvements already underway within ODVA. We will discuss the framework that will allow ODVA members to contribute to and benefit from this work.
Disclaimer: I have not written a line of code in years. As they discussed the details of configuring and programming and data amongst all these technologies, I was impressed by the complexity and the difficulty of the work.
Another end user paper was presented by former GM engineer Gary Workman laying out reasons for some specification changes to define a control network in EtherNet/IP. Similar to the talk by Maurath above, he began with a discussion of the complexity of installing and implementing not individual EtherNet/IP devices instead looking at the network as a whole. He pointed to the problems of electricians and maintenance workers working with a network. His ask was whether ODVA could consider adding guidance for implementing an entire EtherNet/IP control network to help workers on the factory floor.
Most of these meetings discuss the basic technologies and extensions of the product. Whether agreeable or not, the point of view of the end user always serves as a call to step back and consider the problem from their point of view. (Maybe a third of my career was product development—considering the user’s need while developing a product. I sympathize.)
Back to Maurath—complexity is a friction point to the application of technology. It should be the task of the technology provider to remove as much friction as possible.
More news from ODVA at Hannover. Following a presentation by a cyber security researcher at the annual meeting, everyone agreed that implementing CIP Security was a must have.
ODVA announced that a new pull model for configuration data is now available for CIP Security, the cybersecurity network extension for EtherNet/IP. This new profile is in addition to the existing pull model for CIP Security certificates which allows for efficient distribution of device authenticity information.
The CIP Security pull model for configuration information will allow for parameters in JSON format to be automatically available for EtherNet/IP network-capable devices. This new configuration data will make it possible for non-CIP devices, such as mobile phones and tablets, to access secure EtherNet/IP information and for hierarchical metadata to be more readily available. CIP Security now includes a pull model for configuration data and device certificates along with security properties, including a broad trust domain across a group of devices, a narrow trust domain by user and role, data confidentiality, device and user authentication, device and user identity, and device integrity.
The CIP Security pull model for configuration defines a file encoded format for delivering CIP Security configuration as well as a mechanism for a device to pull or query this configuration. The pull model for configuration is valuable when the traditional CIP object/server/attribute mechanism of delivering the CIP Security configuration is not appropriate. Use cases for the new CIP Security pull model for configuration include software that does not have CIP target functionality, such as with a mobile device application and with devices that are on a private network with Network Address Translation (NAT) that has configuration software on the public network. Additionally, the pull model for configuration can help improve device replacement by being able to automatically provide the needed communication configuration on top of automatically pulling the certificate. The CIP Security pull model for configuration can be delivered via a JSON file, which provides the advantage over the CIP object/service method of decoupling the configuration from the transport. The CIP configuration information structure is still retained when using a JSON format. The JSON file also includes a digital signature that allows for authenticity of the data, independent of the transport over which it is delivered.
“The addition of a CIP Security pull model for configuration makes it easier to replace devices to minimize downtime and allows for configuration data to be automatically provided to mobile devices and devices on a private network,” said Dr. Al Beydoun, President and Executive Director of ODVA. “CIP Security development is a continuous effort to help deter bad actors from accessing EtherNet/IP networks that enable efficient production in critical industries across the world.”
The importance of cybersecurity continues to grow as more devices than ever before are being connected by users to the network via wireless and Single Pair Ethernet (SPE) technologies. Additionally, the connection of the device level network to ERP and cloud systems to take advantage of the latest Artificial Intelligence (AI) analytics to optimize operations means that a defense in depth approach that includes device level security is imperative. CIP Security already takes advantage of robust, proven, and open security technologies, including TLS and DTLS for secure transport, hashes or HMAC as a cryptographic method of providing data integrity and message authentication, X.509v3 digital certificates, OAuth 2.0, and, OpenID Connect for authentication, and encryption to prevent reading or viewing of EtherNet/IP data by unauthorized parties. CIP Security now includes a pull model for configuration data to enable mobile device and private network connectivity along with improved device replacement. CIP Security is a robust device level security protection for EtherNet/IP that can help vendors and end users to prepare for regulations such as the European Union Cyber Resilience Act (CRA) and to achieve compliance with security standards such as IEC 62443. Visit odva.org to obtain the latest version of The EtherNet/IP Specification including CIP Security.
The first news from Hannover this morning concerns additions to EtherNet/IP device profiles. Delegates discussed continued updates for process devices at the annual meeting a couple of weeks ago.
ODVA announced that level sensors are the latest option for process device profiles to be added to The EtherNet/IP Specification. Process device profiles help users to reduce complexity and to more quickly install new devices in the event of an unplanned replacement. Standardized semantics and scaling for process variables and diagnostics that are made possible by process device profiles for EtherNet/IP significantly improve vendor interoperability and prepare process data for use with edge and cloud analytics. Device profiles are now available for level measurement along with Coriolis flow, electromagnetic flow, vortex flow, standard pressure, scaled pressure, Resistance Temperature Detector (RTD) and thermocouple temperature sensors. Standardized data including process variables, diagnostics, and totals enable easier access to critical data to help optimize operations. The addition of level sensors to the suite of process device profiles further increases the value of the EtherNet/IP ecosystem.
The goal of process device profiles is to enable a device replacement experience that is as seamless as possible. Plug and play type capabilities for process field devices reduce the need for maintenance workers to be electronic device or Ethernet experts, and they make it possible to increase the efficiency of planned turnarounds while lowering the amount of unplanned downtime. The EtherNet/IP process device profile for level transmitters can be applied to devices that rely on free wave, guided wave, capacitive, magnetostrictive, radiometry, and buoyancy measuring technologies. Additionally, NAMUR NE 107 diagnostics are available for level transmitters that use free wave, guided wave, and radiometry sensor technology approaches. The introduction of level measurement process device profiles, in addition to temperature, flow and pressure, supports end users in being able to integrate EtherNet/IP capable devices in critical environments, to replace sensors regardless of vendor, and to support a harmonized data structure.
“The addition of level sensor support to the suite of EtherNet/IP process device profiles further promotes device interchangeability between vendors and supports easier integration with additional device types,” said Dr. Al Beydoun, President and Executive Director of ODVA. “New level measurement process device profiles for EtherNet/IP network-capable level sensors support NE 107 diagnostics and are aligned with the Process Automation – Device Information Model (PA-DIM). Process device profiles for EtherNet/IP reduce the commissioning and maintenance burden of adopting Ethernet-capable devices and provide a standardized information model foundation to enable usage of advanced edge and cloud analytics approaches, including AI.”
Standardized access to process variables with semantics and scaling that align with PA-DIM and critical diagnostics such as NAMUR NE 107 status signals are the foundation to the future of advanced analytics and optimization within process automation. Process device profiles for EtherNet/IP provide valuable standardization and a growing ecosystem of supported sensors to allow for quicker device installation and replacement, improved asset status, and easier integration into higher level data management systems. ODVA continues to invest in adapting EtherNet/IP to the full requirements of the process industries through support of technologies including Ethernet-APL, PA-DIM, NAMUR, FDI, and process device profiles.
