In a modern factory, data is not only crucial, but also the driving factor for efficiency, productivity, product quality and innovation. The introduction of an effective data infrastructure between OT and IT plays a key role here. In this context, the concept of the Unified Namespace (UNS) is becoming increasingly important in the manufacturing industry. You can read more about UNS and its advantages here.
Important: The UNS is a concept definition. You must define how the concept is implemented. By consistently implementing the following 6 steps, which are based on proven strategies from successful Industrial IoT projects, you will implement a UNS architecture with sustainable success.
1. Define Goals, Create Clarity
Defining and communicating clear objectives for the introduction of a UNS is the fundamental first step. The formulation of concrete and measurable goals (in addition to typical UNS advantages such as scalability) is crucial in order to establish a link to the company’s goals. Therefore, identify and understand the key challenges and requirements of your business areas (e.g. realizing sales growth with existing production systems). Derive targets for data management at company, business unit and operational level (e.g. standardized analysis of equipment effectiveness OEE). Define priorities and set measurable targets (e.g. global increase in OEE by 15%). This is important for monitoring and reviewing your UNS pilot project at a later date.
2. Analyze Data Landscape & Identify Key Stakeholders
Start an analysis of your current data environment to uncover data sources, formats and types as well as potential integration challenges. First, limit yourself to OT and IT systems that are crucial for achieving your goals from point 1. This can include machines, sensors, SCADA, historians, databases, MES and ERP systems. Identify the stakeholders in your current data landscape (e.g. data consumers and producers) and actively involve them in the development of your UNS strategy.
Example analysis: Data landscape and key stakeholders (UNS preparation)
| Section | Field | Example / Characteristic |
|---|---|---|
| A. System overview (OT & IT) | System name | SCADA Line 1 |
| System type | SCADA | |
| Manufacturer / Version | Siemens WinCC V7.5 | |
| Location / Area | Plant A – Line 1 | |
| Criticality | High | |
| System Owner | IT Operations (Responsibility: Operations) | |
| B. Data producers (data sources) | Producing system | PLC motor control |
| Asset / Process | Motor 3 – Conveyor belt | |
| Data type | Measured value / status / event | |
| Example data points | Temperature, speed, operating status | |
| Data frequency | 1 s / event-based | |
| Data format | OPC UA | |
| Time stamp available? | Yes | |
| Quality mark available? | Partial | |
| Source/mapping documented? | No | |
| C. Data consumers (Data Consumers) | Consuming system | OEE dashboard |
| Department | Production / Quality / Maintenance | |
| Purpose of the data | KPI calculation | |
| Required granularity | Real-time | |
| Latency requirement | < 5 s | |
| Historical data required? | Yes | |
| Criticality | High | |
| D. Data formats & semantics | Unit clearly defined? | No |
| Professional significance documented? | Partially | |
| Naming convention available? | No | |
| Semantics in topic or payload? | Unclear | |
| Standard model available? | OPC UA / Companion Spec (check) | |
| Quality Flags (Good/Bad/Uncertain) | Not standardized | |
| E. Integration & migration effort | Interface available? | Yes |
| protocol | OPC UA / MQTT / NATS / REST | |
| Adjustments necessary? | Low | |
| UNS suitability | High | |
| Technical risks | Legacy / vendor lock-in | |
| Dependencies | MES, Historian | |
| F. Security & access | Access control in place? | Partially |
| Authentication | Certificate (NATS) / User (OPC UA) | |
| Network segmentation | OT / DMZ / IT | |
| Data classification | Internal / Critical | |
| Compliance-relevant? | Yes (e.g. audit trail required) | |
| H. Initial UNS assessment | Is the system suitable for the UNS pilot? | Yes |
| Expected business benefit | High | |
| Quick-win potential | Yes | |
| Recommended next steps | Define namespace design + information model (OPC UA), map data points |
3. Define Requirements for Data Architecture and Security
Derive the requirements for your data architecture, security and infrastructure based on your objectives defined in point 1. While data architecture defines the basic organization and flow of data, data security refers to measures to ensure the confidentiality and integrity of data within the UNS and to protect it from unauthorized access or loss. The data infrastructure physically implements the data architecture and security by providing hardware and software. Together they form the basis for your UNS.
Example: If scalability is a requirement, the implementation of information and data models (data architecture) for the standardization of machine data is crucial. In order to make the standardized data securely and globally available in the UNS, the transmission is encrypted and via a multi-level access control (data security). The fulfillment of this requirement is ensured by the integration of software and hardware components such as cloud services, servers and middleware (data infrastructure).
3.1 Data architecture: semantics and namespace governance
A UNS only develops its actual added value through clearly defined semantics. While protocols such as MQTT or NATS only ensure the transport of data, the namespace describes their structural classification. The meaning of the data – i.e. its semantics – must be explicitly modeled. You should therefore define a clean separation at an early stage as follows.
| Level | Core question | Example | Typical error |
|---|---|---|---|
| Transportation | How does data arrive? | MQTT/NATS Publish | Confuse transport with meaning |
| Structure | Where is the data located? | factory/plantA/line1/motor3/temperature | Misuse structure as semantics |
| Semantics | What does the data mean? | Status, measured value, unit, context | Making implicit assumptions |
Open standards can be used as a basis for the semantic description. For example, OPC UA Companion Specifications can be used to standardize machine types, process data and statuses, across manufacturers and reusable. In addition, define standardized naming conventions and asset hierarchies (e.g. based on ISA-95) to ensure consistency and scalability in the namespace.
In addition to modeling, namespace governance must be established. This is responsible for the data architecture and defines, among other things (details can be found here):
- Naming rules and structural principles
- Responsibilities for data models
- Rules for extensions and changes
- Versioning and downward compatibility
A clearly defined semantic data model with binding governance ensures that the unified namespace not only distributes data, but also provides information that is consistent, comprehensible and usable throughout the company – today and in the future.
3.2 Data security: consider IT and OT security
UNS data security requires IT and OT requirements to be taken into account. The following also applies: IT security concepts must not be transferred to OT systems without reflection, especially in brownfield environments. Detailed best practices for secure UNS architectures can be found here.
OT level: At OT level, the safety architecture should be based on established zone models (e.g. IEC 62443). Production systems and control systems remain in clearly demarcated security zones. The UNS only acts as an integration and decoupling layer. Existing systems are connected via edge components that translate insecure OT protocols into encrypted protocols.
IT level: Role and identity-based access models are used on the IT side. Modern UNS architectures follow the zero-trust principle: every access to the namespace is explicitly authenticated and authorized – regardless of origin or network zone. Consistent certificate management is also crucial. Producers and consumers authenticate themselves uniquely (e.g. X.509), access rights are assigned at a finely granular level at topic level.
4. Form a Data Operations (DataOps) Team
Form an interdisciplinary team that represents the most important stakeholders from point 2. Make sure that your team covers both the key specialist areas (e.g. OT and IT) and subject matter experts (e.g. for data architecture and security). The expertise of team members from different areas ensures that the UNS can be implemented effectively and meet the diverse needs of your organization. The DataOps team is typically responsible for:
- Planning and strategy: Develop a clear strategy for the implementation of the Unified Namespace based on business goals and requirements.
- Architecture design: Design of the architecture of the unified namespace, including the definition of data structures, standards and integration methods.
- Implementation of the data infrastructure and integration: Responsible for the actual implementation of the Unified Namespace, including integration with existing IT and OT systems.
- Security and data protection: Implementation of security measures and data protection guidelines in connection with the Unified Namespace to ensure the integrity and confidentiality of the data.
- Internal training: Training of employees and relevant stakeholders in the company to ensure that they can work effectively with the Unified Namespace.
- Continuous optimization: Identify optimization opportunities in the Unified Namespace and implement improvements to ensure it meets the changing needs of the business.
- Troubleshooting and support: Providing support for problems that arise in connection with the Unified Namespace and implementing solutions.
- Compliance management: Ensuring compliance with legal and regulatory requirements in connection with data management and data protection.
A detailed description of the organizational structure and roles in the Unified Namespace (UNS) can be found here.
5. Invest in UNS Infrastructure
A robust data infrastructure consists of software and hardware components such as on-premise and cloud services, servers and middleware (e.g. MQTT/NATS Broker). It forms the backbone of your UNS. Therefore, invest in state-of-the-art data infrastructure and make sure that your infrastructure is tailored to your specific requirements. By making targeted investments, you can meet your requirements and ambitions and provide your team with the optimal “tools” to make your company competitive in the age of data analytics and AI. Further information on the building blocks of UNS architecture can be found here.
6. Setup UNS Pilot, Convince the Organization
Prioritize potential UNS use-cases based on their cost/benefit ratio. Identify a pilot use-case and monitor your pilot with regard to the defined goals from point 1, differentiating between improvement KPIs (e.g. OEE) and stabilization KPIs (e.g. number of faulty data points). This allows you to differentiate business success from teething troubles in your UNS pilot and make targeted adjustments. Do pioneering work and use lighthouse projects to get your organization moving. In an iterative process, your DataOps team from point 4 ensures that your UNS is constantly evolving in line with business objectives and technological progress.
Conclusion
By setting precise objectives, analyzing the status quo in detail and developing a forward-looking data architecture, security and infrastructure, you lay the foundation for the successful introduction of a Unified Namespace (UNS). The formation of an interdisciplinary DataOps team, supported by targeted investments in modern data infrastructure, maximizes your chances of success in implementation. Test and refine your strategy with a pilot project, do pioneering work and use a successful lighthouse to convince and inspire your employees.
