Purdue Model
What is Purdue Model?
The Purdue Model is a layered reference architecture that separates industrial control systems (OT) from business IT networks, defining levels that guide segmentation, data flows, and security controls.
Examples
- A plant routes PLC data to a historian at Level 3, then shares summaries to ERP systems at Level 4 through an OT DMZ, with no direct PLC-to-IT connections.
- Remote vendors reach controllers only by first connecting to a jump host in the OT DMZ; policy blocks any direct RDP from enterprise laptops to Level 1/2 assets.
Discover 🔎
The Purdue Model (often referenced alongside ISA/IEC 62443) organizes industrial environments into layers from the physical process up to enterprise IT. By separating responsibilities and defining controlled conduits between layers, it improves safety, uptime, and security. The core idea: keep real-time control insulated from non-essential traffic and expose data upward through well-governed interfaces.
Summary 📝
The Purdue Model structures plants into defensible layers, letting operations protect real-time control while still sharing data to the business. Implement it with practical zones and conduits, an OT DMZ for brokering, localized OT services, and tightly governed remote access. Done well, it limits blast radius and makes outages or cyber events less likely to impact the process.
Tip: The interactive version includes progress tracking, decks, and premium deep dives.