What is a DMZ?
A DMZ (Demilitarized Zone) is a buffer network between the OT and IT networks.
OT Zone and Conduit Modeling
OT zone and conduit modeling services for pharmaceutical manufacturers. The engagement covers the Purdue model, the security zones, the conduits, the security requirements, and the documentation.
Purdue model
The Purdue model defines the levels: Levels 0-1 (process control), Level 2 (supervisory control), Level 3 (operations management), Level 3.5 (DMZ), Level 4 (business network), and Level 5 (enterprise network).
Security zones
The security zones are the groupings of assets that share the same security requirements.
Conduits
The conduits are the communication paths between the zones.
How to use this page
Use this OT Zone and Conduit Modeling page as a planning checkpoint before vendor selection, architecture review, validation scoping or implementation sequencing. The strongest next step is to compare the guidance with your current SOPs, system inventory, batch records, data flows and QA review routines so the discussion starts from evidence instead of assumptions.
Evidence to prepare
For OT Zone and Conduit Modeling, prepare the records, owners, risks and decision criteria linked to purdue model, security zones, conduits. Useful evidence includes current process maps, interface lists, audit trail expectations, exception workflows, data retention rules and the business reason for changing the current operating model.
Frequently asked questions
How is the zone-conduit model documented?
The zone-conduit model is documented in a network architecture diagram, a security requirements document, and a security controls matrix.