Minimal OT Sensor
A single Emerson temperature sensor deployed for environmental monitoring. Ideal for understanding the minimal properties needed to document an OT-specific asset.
As Operational Technology (OT) and Information Technology (IT) systems continue to converge, organizations face the challenge of documenting and auditing physical facilities alongside cloud systems. OSIRIS JSON provides the necessary structural extensions to represent industrial devices, building automation hardware, and security controls within the same unified topology schema.
These reference examples illustrate how to map physical infrastructure components such as sensors, PLCs, card readers, and surveillance equipment and document their network attachment, power supply configurations, and data flow paths.
Explore the catalog of physical and facility infrastructure examples. Open or download the raw JSON reference files directly:
Minimal OT Sensor
A single Emerson temperature sensor deployed for environmental monitoring. Ideal for understanding the minimal properties needed to document an OT-specific asset.
IT/OT Cross-Network Topology
A hybrid topology mapping the boundaries and connections between IT systems (database, file servers) and OT systems (industrial historians, HMI). It showcases firewall segmentation rules and security gateway boundaries.
IP Security Camera (CCTV)
An IP-based physical surveillance camera connected to a Network Video Recorder (NVR) over Power over Ethernet (PoE) infrastructure. Shows how to map power and network dependency simultaneously.
Door Access Control
A physical security entry control system including an RFID card reader, door controller panel, and magnetic lock. Demonstrates facility containment and path-level connectivity.
PLC-Controlled Industrial Printer
A Programmable Logic Controller (PLC) governing an industrial label printer. Illustrates how serial-to-ethernet bridges and bus-protocol components fit into an IP-dominated topology.
When analyzing these examples, keep the following architectural concepts in mind:
In OT systems are highly standardized and traditional compared to IT in constant evolution and devices may not have typical identifiers like cloud-like UUIDs or ARNs. OSIRIS uses deterministic, physical IDs (often derived from serial numbers, MAC addresses, or manually assigned facility-based tags like ISA-95 hierarchical strings, e.g., ot::mxp::fac-01::door-01::ctrl). This unifies physical assets with virtual instances under a single ID space.
While IT network connections are typically TCP/IP Ethernet links, OT relies on diverse transports (e.g., Modbus, BACnet, serial connections, PoE). OSIRIS connections use custom subtypes to explicitly model these protocols and physical power requirements without breaking base validation rules.
OT security relies on strict zoning (such as the Purdue Model). OSIRIS groups are used to represent these security zones (e.g., Level 0 to Level 4) and firewalled interfaces. This enables security auditors to programmatically verify that no direct connections traverse the boundary between the public internet and control-room PLCs.