1.1 Functional hierarchy: ISA-95

In complex manufacturing environments, blurring the lines between business planning and machine control is not an “agile” feature; rather, it introduces structural vulnerability. The ISA-95 standard acts as a crucial firewall, preventing the ERP finance system from accidentally interfering with, for example, a robotic arm. Adhering to this hierarchy ensures that latency-sensitive processes, such as Machine Control, remain functionally isolated from high-level transactional logic, such as Business Planning.

The five levels of control

The separation of concerns must be respected. Each level operates on a rigid time scale and data granularity.

Level 4: Business Planning (ERP)

• Role: The “Brain”. Manages Order Entry, Purchasing, HR, and Ledger.
• Time Scale: Days / Weeks.
• Mandate: Level 4 defines what to build. It must never ask, “What is the nozzle pressure right now?”

Level 3: Manufacturing Operations (MES)

• Role: The “Coordinator”. Manages Workflow, Quality, WIP Tracking, and Genealogy.
• Time Scale: Minutes / Seconds.
• Mandate: Level 3 converts the ERP “Order” into a specific “Job”. It is the bridge between the dollar and the sensor.

Level 2: Monitoring & Supervisory (SCADA / HMI)

• Role: The “Watchtower”. Visualization and line-level control.
• Time Scale: Seconds / Sub-seconds.
• Mandate: Aggregates raw signals into actionable operator dashboards.

Level 1: sensing & manipulation (PLC / CNC)

• Role: The “Muscle”. Programmable Logic Controllers (PLCs) driving motors, valves, and actuators.
• Time Scale: Milliseconds (< 10ms).
• Mandate: Critical safety logic lives here. A cloud server must never be relied upon to stop a conveyor.

Level 0: physical process

• Role: The “Reality”. The physical sensor, motor, or chemical reaction.

Decision logic: the “golden record” rules

Data ownership must not be duplicated. This logic must be used to assign the “Master” status for critical data objects.

Rule 1: product data (BOM & routing)

• When data dictates Cost, specifies a Vendor, or defines the Top-Level Structure, the ERP acts as the Golden Record.
• When data defines Recipe Parameters, Feeder Setup, or Machine Torque settings, the Manufacturing Execution System (MES) serves as the Golden Record.

Rule 2: work orders (WO)

• When an object represents Financial Demand or a Customer Commitment, the ERP owns the Header data.
• When an object represents a specific Production Batch, Serial Number, or Split-Lot, the MES owns the physical Work In Progress (WIP) State.

Rule 3: inventory & genealogy

• When the objective is to determine the total financial value of stock (Cost of Goods Sold), query the ERP.
• When the objective is to determine which specific capacitor batch was placed on a specific PCB (Compliance and Traceability), query the MES.

ISA-95 mapping worksheet

This table should be used to map objects across the specific facility.

Data Object	Level 4: ERP Object (Planning)	Level 3: MES Object (Execution)	Level 0-2: Machine/SCADA Object (Control)
Time Horizon	Shifts / Days	Minutes / Hours	Milliseconds / Seconds
Product Definition	Item Master: SKU, Bill of Materials (BOM), Std Cost.	Process Recipe: Reflow Profile (245˚C), SMT Feeder List, AOI Inspection Criteria.	Machine Program: G-Code, PLC Tag, Setpoint Variable (SP).
Production Command	Production Order: “Make 500 units of SKU-A due Friday.”	Dispatch List / WIP: “Line 1, Run Job #101. Sequence: Solder Paste Printing → Pick & Place → Reflow Soldering.”	State Logic: Start / Stop / Hold / E-Stop.
Quality Result	Lot Disposition: Pass/Fail status for the entire order (100 units).	Unit History: “Serial #12345 passed AOI but failed ICT at Test Point 4.”	Telemetry: Voltage read (5.1V), Camera Image, Torque value (2.5 Nm).
Maintenance	Asset Ledger: Depreciation schedule, Capital Expenditure (CapEx).	Maintenance Log: Cycle counts, Calibration expiry dates, Tool usage.	Alarms: Motor Over-current, Temp High Limit, Vibration Alert.

The “demilitarized zone” (DMZ) architecture

Direct communication between non-adjacent levels creates security holes and dependency chains that cause downtime.

Communication rules

• L4 (ERP) → L1 (PLC): Not Recommended. If the office network experiences lag, the machine must continue to function safely without crashing.
• L4 (ERP) → L3 (MES): Standard Practice. Transactional APIs (REST/SOAP) should be used for order exchange.
• L3 (MES) → L1 (PLC): Managed Connection. Use Level 2 (Edge Gateway/OPC-UA) as a buffer. The architecture should prevent the MES from querying a PLC 100 times per second directly, to avoid overloading the control network.

Pro-Tip: “Headless” operation must be designed for. If the ERP (L4) goes offline, the factory (L1-L3) must continue to produce, label, and pack goods for at least 24 hours. Data must be synced when L4 returns.

Data aggregation flow

Data loses granularity but gains context as it moves up the stack.

1. Level 1 (PLC): Reads temperature at 100Hz (100 samples/sec).
2. Level 2 (SCADA): Calculates the 1-second rolling average.
3. Level 3 (MES): Records the Min/Max/Avg for the specific “Unit Serial Number”.
4. Level 4 (ERP): Records “Process Pass” for the Production Order.

Final Checkout: Functional hierarchy (isa-95)

Category	Metric / Control	Mandatory State	Engineering Consequence
Architecture	L4 → L1 Link	Forbidden	Air-gap logic prevents business traffic from flooding control networks.
Resilience	Decoupling	24h+ Buffer	Production must not stop during ERP maintenance windows.
Safety	Logic Hosting	L1 (PLC)	Critical stops (E-Stop, Light Curtain) must be hardwired/local.
Data	Granularity	Separated	ERP stores Financials; MES stores Genealogy.
Latency	Control Loop	< 10ms	High-speed loops stay in L1; Loops > 1s can move to L3.
Network	Segmentation	VLAN Separated	Isolate Shop Floor (OT) from Office (IT) traffic.