How One Industrial Manufacturer Bridged the OT/IT Divide
THE PROBLEM
For two decades, Meridian Automotive Stamping ran a successful operation built era by era, protocol by protocol. Their network had become a museum of industrial history: PROFIBUS on press lines, DeviceNet on conveyors, Modbus on paint systems, and Ethernet/IP overlaying everything for Industry 4.0. None of it talked to each other. None of it talked to IT.
Legacy fieldbus protocols blocked every IT/OT data sharing attempt. Maintenance couldn’t see production data. Operations couldn’t see enterprise analytics. The plant ran, blind, between islands. Harsh environments, vibration from 200-ton presses, -20°C to +50°C temperatures, and EMI from 300+ VFDs destroyed standard networking gear within months.
SCADA and HMI systems sat exposed without fault tolerance or cyber protection. No secure buffer existed between trusted OT and untrusted enterprise internet. Compliance gaps in IEC 62443, NIST, and ISO 27001 loomed with every audit.
The breaking point: a ransomware probe hit their unsegmented network. It didn’t succeed, but forensic review revealed their OT network was one misstep from total compromise, and they would never have seen it coming.
THE SOLUTION
Meridian deployed a five-level reference model purpose-built for convergence:
Level 0 to 1: Field Devices. MachFlex cables, LioN I/O modules, and Spider switches brought sensors, actuators, and robots onto a unified Ethernet fabric rated for vibration, extreme temperatures, and washdown.
Levels 1 to 2: Field Control. Industrial switches (−40°C to +70°C) with TSN-capable Bobcat units delivered deterministic real-time control. Full IEC 62439 redundancy (MRP, PRP, HSR, and RSTP) meant failover in milliseconds.
Level 2: Supervisory Control. HiOS switches with SSO/LDAP integration, DHCP snooping, ARP inspection, and audit trails hardened SCADA and HMI access. Role-based control lists replaced shared passwords.
Level 3.5: Industrial DMZ. Eagle40 and Raven NGFW firewalls created the critical OT/enterprise buffer. Tripwire TIV provided passive OT monitoring without disrupting real-time control. Prosoft Secure Remote Access replaced permanent backdoors with audited, time-limited sessions.
Level 4–5: Enterprise. Mammuthus core switches and Raven NGFW enabled IT/OT visibility. Tripwire IP360 scanned vulnerabilities. Forescout NAC orchestrated device compliance across the converged network.
“TSN was the game changer. For the first time, our deterministic control traffic and enterprise data shared one Ethernet fabric without compromising either one.
RESULTS
Months 1 to 3: Foundation. All five levels are operational. TSN running deterministic traffic. The DMZ is segmented and monitored. 100% device visibility achieved.
Months 4 to 6: Optimization. Predictive maintenance pilot using real-time vibration data. The mean time to repair was reduced 40%. Unplanned downtime cut by half.
Months 7 to 12: Expansion. IIoT sensors scaled to 500+ points. New PLC lines integrated without redesign. The acquired facility merged in six weeks.
Year 2: Innovation. Digital twin of stamping line live, fed by TSN-prioritized sensor streams. AI-driven quality control adjusting press parameters in real time.
“We started trying to modernize our network. We ended with a platform that lets us imagine what’s next. Every new technology plugs into an architecture that already knows how to converge, secure, and scale. That’s not infrastructure. That’s competitive immunity.