RAILWAY AGE, FEBRUARY 2023 ISSUE: This is the conclusion of a three-part series based upon our new book, Dynamic Multi-Level Decisioning Architecture: Making the Right Decisions, at the Right Time, with the Right Authority for Sustained Competitiveness and Relevance. It’s about how all industries, including the rail industry, its partners and adjacent competitors, are evolving in the throes of digital disruption and other external forces, and emphasizes the role all employees play in decision-making at all levels of an organization. Decision-making needs to flow better upwards and downwards, tying the boardroom to the railroad yards, transloading facilities, tracks—the whole rail network and transportation ecosystem.
There are several essential factors for success in evolving into a dynamic multi-level decisioning architecture, which translates to making it easier for anyone in an organization to make decisions more consistently and timely, with more confidence and knowing their impact. This evolution manifests itself in a Business Environment as a Service platform, which we covered in Part 2. It’s a transformational journey. You set your strategy and then you increment toward achieving it in value-added steps, pivoting as needed.
OT-IT Convergence, a Transformational Journey
OT (Operational Technology)-IT (Information Technology) convergence is the cornerstone of the decisioning architecture that enables making the right decisions at the right time with the right level of authority and scope. It is the most promising factor for maintaining sustainable success. It differs from OT-IT integration, which is a tactic and manifestation. OT-IT convergence is the goal, strategy and outcome.
Organizations are starting to learn the complexity involved when integrating traditional IT and corresponding business processes with OT operational processes and technologies, which often involve legacy hardware that isn’t easily changed or configured on the fly. This effort must include OT and IT staff collaboration, which involves breaking down the silos that have traditionally divided them.
OT-IT convergence is a transformational journey with many moving parts. There is no standard roadmap, organizational structure or template. It is up to each company to find its right solution and ensure that it aligns with the ecosystems they connect into. Any defined roadmap should only act as a framework. It cannot be considered set in stone.
Digital disruption shortens the decision-making timeframes in all industries. The needs of each division in an organization must be tailored to some core principles in this new sensor-driven decision-making process. These principles mostly focus on operational requirements and constraints, and the design principles and opportunities related to business needs and requirements.
There are several success factors in this transformational journey. Here we highlight three of them: (i) culture and governance, (ii) cyber security, and (iii) system safety.
Culture & Governance
The challenge with OT-IT convergence is overcoming cultural and governance issues. The most significant impediment to advancing collaboration resides in addressing the two different cultures and their respective characteristics, which embody different value systems, language, behavioral norms, management styles, and employee personas.
The underlying principle for working motivational currency is trust, with three aspects: (i) trust in one’s ability to have agency over the scope of control, (ii) trust in the data, knowledge and information that decision-makers rely upon, and (iii) extending trust through working across the OT and IT silos.
For example, change for an OT person would mean a modification to a design, whereas change to an IT person would suggest a modification to the management environment. Powering on/off a chassis that hosts WIU (wayside interface unit) functionality during a C&S maintenance operation would not be considered a change by C&S (OT), but is definitely a change in the eyes of IT because it impacts service.
Addressing these real decisioning concerns requires a significant evolution in culture because culture drives the value system, which in turn drives the behavior from the boardroom through all the management layers and then to the railroad yards, transloading facilities and the right-of-way, for example.
What we need are Industry 4.0-savvy leaders that will encourage OT and IT to understand each other’s challenges, objectives and particular language through, for example, a detailed walkthrough of their processes or job shadowing so that internal silos can be broken down to facilitate the seamless achievement of collective outcomes. As well, executive sponsorship is a critical success factor in any change engine process. Executives must balance competing needs and spheres of influence.
Our collective experience has been that corporations are more than willing to buy technology but consistently undervalue the need to enhance the needed technical skills of their employees. Worse, they do not feel comfortable ripping apart key legacy processes, which in turn will limit the value the new technology can bring. The skills upgrade is not just for local operators but employees at all levels of the organization. No matter how much technology you buy, the need to completely reassess your processes and skills will become apparent if you proceed without a clear understanding upfront. You will discover this painfully.
We describe how important this is in the book. We created context and flow diagrams showing the many layers involved in decision-making from the rail yards and loading docks to the boardroom. Now, as streaming sensor data travels up the stack, getting cleansed and refined into knowledge and then sent back to devices in the form of commands to take, it becomes very clear how important it is to focus on culture and governance as one invests in processes and skills to constantly improve cyber security and system safety.
Cyber security takes on heightened need as organizations embrace this journey towards a dynamic multi-level decisioning architecture. Mainly because all aspects of process and technology are becoming distributed. This creates a larger vulnerability footprint for bad actors to generate threat attack-surfaces.
For example, take OT hijacking or data and IP leakage. System compromises spring from three main factors: (i) a growing profusion of inexpensive, unprotected sensors in OT, (ii) more distribution of data, and (iii) more diverse network traffic. These factors provide opportunities for compromises at all levels of the organization and its systems. Therefore, there is a greater need to deploy data leak protection capabilities in remote sites and in clouds.
Distributed operations make the effort of providing a secure environment more challenging. But in the entire data stack, positive exploitation of protection opportunities through knowledge becomes a valuable and monetizable advantage. It would be easy to focus the security lens only on sensors or mobile or phone or tablet access, which are essential. But this would only address surface symptoms. Deeper root causes of security failures must also be addressed to avoid OT and IT stepping on each other’s toes. These root causes are primarily human error combined with the siloed systems, processes, and skill sets.
The establishment of a zero-trust architecture is considered a complex mature initiative. As an example, it is created in increments by combining advanced technology with new processes and improved employee skills.
System safety is the elephant in the room, especially for industries where it is becoming a new reality. Design discussions are emerging amidst this reality. For example, how do we know that new solutions and systems are safe and that there are no lurking issues? How do we know that integrating multiple components from vendors, partners, and even within existing systems meet safety objectives? How do we know if integrity is preserved after a change is made? How do we shift the legacy status where safety moves from a cost center to a value-added business driver?
These concerns are real.
The good news is that well-established system safety and system reliability methodologies exist. They can elegantly fit into system development and integration lifecycles, such as V-model, Disciplined Agile and DevOps. These methodologies address the various levels of safety and reliability: component failures, subsystem hazards, functional hazards, operating and support-related hazards, and software anomalies.
Integrating System Safety and Cyber Security
Rapid technology change means new opportunities for threats. Designs, especially for OT, which are control- and sensor-based, must be designed with incredibly tight requirements and that rarely allows for easy or rapid change, especially in the rail industry. More than ever, systems must be able to defend themselves to prevent propagation of failures and vulnerabilities that cause harm and loss. Multiple tactics of redundancy must be built in, yet flexible enough to be changed.
A starting point is integrating the safety engineering discipline with the cyber engineering discipline across their end-to-end life cycles.
During the design and development stages, you need to ensure that systems are safe and secure by design. During the operation and maintenance stage, continuous learning and adapting, along with real-time predictive modeling, reduces the probability of mishaps. As data is aggregated and refined, varying levels of knowledge and wisdom and insights can be applied to the problem. The codification can then be integrated as policy and, where appropriate, added to secure digital twin agents.
Many Moving Parts
There are several moving parts to OT-IT convergence, and the order is very important. Business objectives drive all of them.
We start with process convergence, which requires that OT and IT organizations revise their processes, workflows and procedures to support modernized ways of working and operating together.
Once this has been designed and defined, organizational convergence may be required, such as creating aligned organizational structures. If process convergence is not done first, then regardless of new organizational structures, people will continue to behave according to existing processes, which renders the new organizational structures ineffective and subject to re-work.
Next is software and data convergence—getting software and data to directly address OT needs. For this to be successful and future-proof, data and software must be decoupled so that they are able to adapt to an ever-changing business environment. Also, there may be a technical convergence that deals with aligning or modernizing the network architecture.
Physical convergence, which includes physical devices being retrofitted or combined with newer hardware to accommodate the addition of IT to OT, follows. Subsequently, there is an operational convergence, where hardware is maintained and updated over time.
In parallel to all of this, OT-IT convergence must remain in sync and aligned with opportunities for business expansion, such as refocusing target markets, developing new products and services, creating new alliances, or responding to new regulations. Business objectives are the common denominator.
Simultaneous Top-line/Bottom-line Approach
Based on direct experience with OT-IT convergence and other transformational mandates in various industries including rail, the best transformational results occur when taking an approach that improves organizational effectiveness and positions target markets and product service portfolios to outperform. It’s a simultaneous top-line/bottom-line approach.
Most organizations stop short of transformational change by focusing on improving operational effectiveness such as productivity improvements and asset rationalization. This is a reliable approach when delivering fast results to improve the bottom line, but it does not make a transformation successful. So, it’s important to approach this as a full-scale transformation, addressing the top-line and bottom-line simultaneously.
An organization willing to take on this challenge can become a disruptor in its industry or an adjacent one. The primary goal of most organizations is building sustainable competitive advantages and thought leadership. It requires the fortitude to experiment, in which teams must fail fast and small and use the benefits of real-time decision-making architecture.
Continuous Change Mindset, At All Levels
It is very important to instill a continuous change mindset at all levels, from the board of directors to the operational core. This involves learning and unlearning as a pillar of corporate culture. Designated multidisciplinary change agent teams are essential for success. Executives must be relentless in their sponsorship, tracking and support.
What happens when learning and, especially, unlearning are not applied? Considering the significant role digital disruption plays, it forces us to accept that we cannot ignore technical debt—a failure to unlearn. Most legacy systems already have technical debt, where their maintenance often consumes 80% to 90% of OT/IT budgets. If organizations don’t act on addressing their technical debt, rolling out IoT will worsen and spread technical debt due to the sheer volume and speed of deployment required to get the basics working. Technical debt will increase because to get basic IoT functionality in place, more workarounds, patches and temporary fixes will be used to meet publicized milestones.
Making mistakes and taking shortcuts are usual work modes, but the need to fix them will be overshadowed by the exciting new work. This will slow significant change as impediments are not removed, wasting precious time and resources, delaying the ability to defend against threats or leverage opportunities. The ultimate irony is: Everybody thinks they’re making big changes until pilot projects are over.
Study the relationship and motivations of all parts and people in your organization, as once you begin to fall behind, it gets increasingly harder to catch up, let alone improve and innovate. Like a shark, always keep moving or you die. Take small steps and evaluate and change course many times if necessary. And remember, the steering wheel in a moving vehicle is easier to turn than in one that’s standing still.
Sonia Bot, chief executive of The BOT Consulting Group Inc., has played key roles in the inception and delivery of several strategic businesses and transformations in technology, media and telecommunications companies worldwide. By utilizing methodologies in entrepreneurship, business precision, Lean Six Sigma, system and process engineering, and organizational behavior, she’s enabled organizations to deliver breakthrough results along with providing them a foundation to continue to excel. Sonia’s contributions to the rail industry are as a leader and a visionary who is passionate in taking railroading into the next generation. Within the Digital Business Transformation context, she leads high-stakes mandates where new business models are created and enabled by digital technologies. She was instrumental in PTC implementation on CN’s U.S. lines. Her approaches on the evolution of railroading and transportation are game-changers that drive innovation and competitive advantage for adopters in a changing industry. Sonia can be reached at [email protected].
Sheppard Narkier, a CTO and Senior Enterprise Architect, is routinely tasked with complex, difficult transformation projects in a range of industries including demanding Capital Markets environments. Sheppard was recruited into 11 unique roles including Chief Technical Architect at a global investment bank, CTO of a global consultancy, and Chief Scientist at a startup. He has defined the architecture and rules systems for several application and infrastructure design platforms resulting in seven awarded patents. As a facilitator of change, he has driven the organizational transformations aligning systems development structures, processes, and data repositories with their strategic goals. A pioneer in cloud strategy, he developed IP in several companies to guide enterprises toward staged migration to hybrid multi-cloud across a range of horizontal and vertical scenarios. He has also employed multidisciplinary Design Thinking in recent engagements. Sheppard can be reached at [email protected].
David Sherr is in his sixth decade as a practitioner, thought leader, and executive in entrepreneurship, system design and development, and enterprise architecture. He has worked in six world-class financial institutions where he held CTO and VP positions and consulted in technology strategy for Fortune 100 companies. Currently, David is heading an IoT startup to build predictive maintenance analytics for industrial assets. As an inventor, he is named on six patents covering enterprise data management, Web services architecture, IoT Digital Twins, and, most recently, software-designed network resource provisioning architecture. David can be reached at [email protected] or www.newglobalenterprises.net/SCA.