What OT Is (and Is Not)

IT and OT solve different problems, with different priorities:

The OT lifecycle alone is a defining constraint. A turbine controller installed today will be running in 2050. The software on it was specified in the OEM's design cycle several years before it shipped. OT asset owners are effectively locked into their original vendor choices for the life of the plant.

The Purdue Model

Industrial control architecture is usually described in terms of the Purdue Enterprise Reference Architecture, which defines a layered model from the physical process up to business IT. Applied to offshore wind, the layers look roughly like this:

• Level 0: the physical process, rotating machinery, pitch actuators, transformers, switchgear, the kit that actually moves electrons and air.
• Level 1: the basic control layer. PLCs, the turbine controller, the protection relays. Millisecond-timescale control of the process.
• Level 2: supervisory control. The SCADA system, local HMIs, the park controller. Minutes-to-seconds timescale.
• Level 3: operations management. Production scheduling, performance analytics, condition monitoring systems. Hours-to-days timescale.
• Level 4-5: enterprise IT. ERP, corporate systems, the wider business network.

Between Levels 3 and 4 sits the Industrial DMZ (IDMZ), a segmented security zone that separates OT from corporate IT. Getting this boundary right, or wrong, is the single biggest cybersecurity design decision on any offshore wind farm.

Turbine Controllers

At the heart of each turbine is the controller, a real-time industrial computer that reads sensors (wind speed, rotor position, generator temperature, blade pitch, grid voltage and frequency) and writes commands (pitch setpoints, generator torque demand, converter references, yaw motor drive signals) on millisecond cycles. The controller is supplied by the turbine OEM as a closed system, Vestas, Siemens Gamesa, GE, or the relevant Chinese OEM, and is not normally user-modifiable. Operators interact with it through defined interfaces, typically for control mode selection, manual stops, and parameter tuning.

Because the controller is deeply integrated with the turbine design and its certification, changing anything on it is a formal engineering process involving the OEM. This is operationally reasonable but creates a hard dependency on OEM response times for any fix or update, and it is a recurring source of friction around cybersecurity patching.

SCADA

Supervisory Control and Data Acquisition is the farm-wide system that aggregates data from every turbine, substation, and metering point, presents it to operators in a control room, and issues farm-wide control commands. Modern offshore SCADA systems handle tens of thousands of data tags, are distributed across servers at the offshore substation and onshore facility, and are available 24/7 year-round.

SCADA vendors include the turbine OEMs themselves (Vestas OneSCADA, Siemens Gamesa's platform, GE Digital's products) and independent suppliers such as Wood, ABB, Schneider Electric, and specialist offshore wind vendors. Most large farms end up with at least two SCADA layers, the OEM system for turbines and an operator-level system that overlays the whole farm including substations and metering, because the OEM systems are not designed to manage non-OEM equipment.

The Park Controller

Above the individual turbine controllers sits the park controller, a supervisory system that coordinates the farm as a single entity responding to grid-level dispatch. Typical park controller functions include:

• Active power dispatch: implementing curtailment instructions from the TSO by distributing reduced output across turbines.
• Reactive power control: managing reactive power exchange at the grid connection point.
• Voltage control: holding the connection-point voltage at a setpoint.
• Frequency response: increasing or decreasing output in response to system frequency deviations.
• Fault ride-through coordination: ensuring turbines remain connected during grid disturbances.

The park controller is typically located in the offshore substation, with a redundant link to a shore-based backup. It is the point where grid code compliance is technically enforced for the whole farm.

Protection and Metering

Protection relays are the fastest-acting part of the control system, designed to detect electrical faults (short circuits, earth faults, transformer problems) and isolate the affected equipment within milliseconds. On an offshore wind farm they are installed at array cable circuit breakers, substation transformers, and grid connection feeders. Modern protection relays are numerical (digital) devices using IEC 61850 for communications, typically from ABB, Siemens, GE, or Schneider.

Metering at the grid connection point is a regulated function. The metering equipment, typically to IEC 61000 and UK Balancing and Settlement Code requirements, measures the exact energy handed to the grid for settlement and CfD payment purposes. It is treated as a separate, high-integrity subsystem with its own communications path to the settlement administrator.

Communications Protocols

Three protocols dominate OT communications on an offshore wind farm:

• IEC 61850: the standard for substation automation, including protection, control, and metering. Highly capable, object-oriented, increasingly mandatory for new substation builds.
• Modbus TCP: a long-established, simple protocol widely used for SCADA-to-device communication, including many turbine SCADA interfaces. Lacks native security features.
• OPC UA: a modern, secure, platform-independent protocol used for higher-level data exchange between SCADA systems and business systems. Increasingly the preferred choice for new integrations.

The IEC 61400-25 family is the dedicated wind industry extension to IEC 61850, defining data models for wind turbines specifically. Its adoption has been slower than hoped, partly because the turbine OEMs have been reluctant to expose internal data structures that their closed SCADA products depend on commercially.

The OT Vendor Landscape

OT systems for offshore wind come from several overlapping vendor categories: the turbine OEMs for turbine-level systems, the large industrial automation vendors (ABB, Siemens, Schneider Electric, Rockwell, Emerson) for substation and park controller equipment, and a specialist layer of offshore wind O&M platform vendors. Most operating farms are running a mix of three to five vendor stacks, loosely integrated through SCADA and increasingly through data lakes and analytics platforms that attempt to normalise data across the sources. Interoperability is a solved problem on paper and an unsolved problem in practice.