ITOT System Integration

Integration of autoclaves into the IT/OT infrastructure with data transport to a centralised data historian.


Overview

Integration of autoclaves into the IT/OT infrastructure with data transport to a centralised data historian.

This project entails a technological upgrade for process machines (autoclaves, ovens, isolators) by a leading global market supplier. 


It poses a significant challenge for the engineering department of the pharmaceutical company, given the complexity of having machines with paper-based receipts, insecure communications, and the necessity for functional integration with data transfer to higher levels. 


Among the engineering department’s difficulties, what proved to be challenging was effectively conveying the implementation needs to the IT department to align with business requirements. The objective of the update was also to transition from independent process reports to the direct integration of process data into the electronic batch record.

Solution


The solution was designed with a field element acting as an interface between the machine boundary (the lowest level of the IEC 62443 reference architecture) and the company network. 

This component facilitated:


  • Automatic transfer of process reports (in the form of raw data for potential contingency consultation) to an operator-accessible destination..
  • Management of machine backups and off-machine recipe backups with a secure protocol (not natively available).
  • Interface with the data historian (level 3, reporting available at level 4).


Additionally, a jump-host was incorporated (as envisaged, for instance, by SANS ICS410) for remote machines access, restricted, according to the principle of functional segmentation, to maintenance verification operations and recipe review, and only for privileged operators.


The solution involved the use of an industrial PC chosen and prepared by MAASI, integrated into the machine control panel through collaboration with the supplier, a server for privileged operations access, and minimal additional configurations on the machine itself. MAASI produced the design documents to describe the solution, participated in the technical execution, and supported the IT and Engineering departments in achieving the result by facilitating communication and fostering stakeholder engagement.


Achievement

The implemented solution has delivered several significant advantages for the pharmaceutical company:

Process Simplification

Automated data management and paper elimination enabled seamless reporting integration reporting within the Electronic Batch Record (EBR), enhancing operational efficiency and reducing processing review and approval times.

Enhanced Regulatory Compliance and Adherence to Guidelines

Full automation of the process data chain and direct consumption from the source (data historian) directly and immediately fortified data integrity, ensuring greater regulatory compliance and adherence to guidelines.

Advanced Monitoring

Despite transient limitations associated with audit trail transfers , the implemented solution provided the pharmaceutical company with an advanced system for process data supervision and management, enabling bespoke report generation and remote process monitoring.

New Benchmark Standard

The initial integration was so impactful that it became a benchmark model for subsequent implementations of numerous process machines, even with similar technologies and different suppliers, highlighting myriad functional and architectural advantages.

Risk Mitigation

Despite its complexity, the adopted structure enabled decoupling of risks related to insecure communications, potential vulnerabilities, and uncontrolled access, ensuring robust, encrypted transfer of process data to other systems equipped with buffer functionality for communication interruptions.

Compliance with Guidelines 

Project actions ensured the construction of a thoroughly revamped solution, with a systematic approach to architectural (solution) and process (machine roles and permissions) segregation and segmentation, compliant with the IEC 62443 standard and the new guidelines adopted in the target IT/OT infrastructure.

Project Agility

Owing to sustained mediation among all involved parties, project timelines were curtailed, and all stakeholders became more engaged in achieving and maintaining success during the operational phase.


Interested?

Share this post
Labels
Infrastructure Qualification Status Assessment