1.1 Functional hierarchy (ISA-95)

In complex manufacturing environments, blurring the lines between business planning and machine control is not an “agile” feature; rather, it introduces structural vulnerability. The ISA-95 standard acts as a crucial firewall, preventing the ERP finance system from accidentally interfering with, for example, a robotic arm. Adhering to this hierarchy ensures that latency-sensitive processes, such as Machine Control, remain functionally isolated from high-level transactional logic, such as Business Planning.

The five levels of control

Respect the separation of concerns. Each level operates on a rigid time scale and data granularity.

Level 4: business planning (ERP)

• Role: The “Brain”. Manages Order Entry, Purchasing, HR, and Ledger.
• Time Scale: Days / Weeks.
• Mandate: Level 4 defines what to build. It must never ask, “What is the nozzle pressure right now?”

Level 3: manufacturing operations (MES)

• Role: The “Coordinator”. Manages Workflow, Quality, WIP Tracking, and Genealogy.
• Time Scale: Minutes / Seconds.
• Mandate: Level 3 converts the ERP “Order” into a specific “Job”. It is the bridge between the dollar and the sensor.

Level 2: monitoring & supervisory (SCADA / HMI)

• Role: The “Watchtower”. Visualization and line-level control.
• Time Scale: Seconds / Sub-seconds.
• Mandate: Aggregates raw signals into actionable operator dashboards.

Level 1: sensing & manipulation (PLC / CNC)

• Role: The “Muscle”. Logic controllers driving motors, valves, and actuators.
• Time Scale: Milliseconds (< 10ms).
• Mandate: Critical safety logic lives here. Never rely on a cloud server to stop a conveyor.

Level 0: physical process

• Role: The “Reality”. The physical sensor, motor, or chemical reaction.

Decision logic: the “golden record” rules

Do not duplicate data ownership. Use this logic to assign the “Master” status for critical data objects.

Rule 1: product data (BOM & routing)

• When data dictates Cost, specifies a Vendor, or defines the Top-Level Structure, the ERP acts as the Golden Record.
• When data defines Recipe Parameters, Feeder Setup, or Machine Torque settings, the MES serves as the Golden Record.

Rule 2: work orders (WO)

• When an object represents Financial Demand or a Customer Commitment, the ERP owns the Header data.
• When an object represents a specific Production Batch, Serial Number, or Split-Lot, the MES owns the physical WIP State.

Rule 3: inventory & genealogy

• When the objective is to determine the total financial value of stock (Cost of Goods Sold), query the ERP.
• When the objective is to determine which specific capacitor batch was placed on a specific PCB (Compliance and Traceability), query the MES.

ISA-95 mapping worksheet

Use this table to map objects across your specific facility.

Data Object	Level 4: ERP Object (Planning)	Level 3: MES Object (Execution)	Level 0-2: Machine/SCADA Object (Control)
Time Horizon	Shifts / Days	Minutes / Hours	Milliseconds / Seconds
Product Definition	Item Master: SKU, Bill of Materials (BOM), Std Cost.	Process Recipe: Reflow Profile (245˚C), SMT Feeder List, AOI Inspection Criteria.	Machine Program: G-Code, PLC Tag, Setpoint Variable (SP).
Production Command	Production Order: “Make 500 units of SKU-A due Friday.”	Dispatch List / WIP: “Line 1, Run Job #101. Sequence: Solder → Place → Reflow.”	State Logic: Start / Stop / Hold / E-Stop.
Quality Result	Lot Disposition: Pass/Fail status for the entire order (100 units).	Unit History: “Serial #12345 passed AOI but failed ICT at Test Point 4.”	Telemetry: Voltage read (5.1V), Camera Image, Torque value (2.5 Nm).
Maintenance	Asset Ledger: Depreciation schedule, Capital Expenditure (CapEx).	Maintenance Log: Cycle counts, Calibration expiry dates, Tool usage.	Alarms: Motor Over-current, Temp High Limit, Vibration Alert.

The “demilitarized zone” (DMZ) architecture

Direct communication between non-adjacent levels creates security holes and dependency chains that cause downtime.

Communication rules

• L4 (ERP) → L1 (PLC): Not Recommended. If the office network experiences lag, the machine must continue to function safely without crashing.
• L4 (ERP) → L3 (MES): Standard Practice. Use transactional APIs (REST/SOAP) for order exchange.
• L3 (MES) → L1 (PLC): Managed Connection. Use Level 2 (Edge Gateway/OPC-UA) as a buffer. The architecture should prevent the MES from querying a PLC 100 times per second directly, to avoid overloading the control network.

Pro-Tip: Design for “Headless” operation. If the ERP (L4) goes offline, the factory (L1-L3) must continue to produce, label, and pack goods for at least 24 hours. Sync data when L4 returns__.

Data aggregation flow

Data loses granularity but gains context as it moves up the stack.

1. Level 1 (PLC): Reads temperature at 100Hz (100 samples/sec).
2. Level 2 (SCADA): Calculates the 1-second rolling average.
3. Level 3 (MES): Records the Min/Max/Avg for the specific “Unit Serial Number”.
4. Level 4 (ERP): Records “Process Pass” for the Production Order.

Final Checkout: Functional hierarchy (ISA-95)

Category	Metric / Control	Mandatory State	Engineering Consequence
Architecture	L4 → L1 Link	Forbidden	Air-gap logic prevents business traffic from flooding control networks.
Resilience	Decoupling	24h+ Buffer	Production must not stop during ERP maintenance windows.
Safety	Logic Hosting	L1 (PLC)	Critical stops (E-Stop, Light Curtain) must be hardwired/local.
Data	Granularity	Separated	ERP stores Financials; MES stores Genealogy.
Latency	Control Loop	< 10ms	High-speed loops stay in L1; Loops > 1s can move to L3.
Network	Segmentation	VLAN Separated	Isolate Shop Floor (OT) from Office (IT) traffic.