Purdue Model Reference Architecture

The Purdue Model is a functional reference architecture for industrial control systems that provides a structured approach to organizing operational technology (OT) and information technology (IT) systems across distinct hierarchical levels.

🏭

Industrial Foundation

Originally developed by Purdue University for manufacturing environments, this model has become the industry standard for OT security architecture.

🔒

Security Segmentation

Provides clear network segmentation boundaries to limit lateral movement and protect critical control systems from cyber threats.

📊

Risk Management

Enables systematic risk assessment by categorizing assets based on their operational criticality and exposure to potential threats.

Risk Level Indicators

CRITICAL Safety systems, PLCs, SCADA masters

HIGH HMI workstations, engineering systems, firewalls

MEDIUM Sensors, MES platforms, enterprise systems

LOW Monitoring systems, documentation

Interactive Purdue Model Architecture

Click on devices to view detailed threat intelligence and security information

Levels 4-5: Enterprise & Business

Corporate networks, ERP, and business systems

Level 3.5: Demilitarized Zone (DMZ)

Security boundary between IT and OT networks

Level 3: Site Operations & Manufacturing

MES, batch management, and production systems

Level 2: Supervisory Control

SCADA, HMI, and operator workstations

Level 1: Basic Control

PLCs, RTUs, and control systems

Level 0: Physical Process

Sensors, actuators, and field devices