Episode 18 — Operate OT Wireless Reliably: VHF, AIS, VSAT, M-Bus, 802.15.4, and 802.11
In this episode, we’re going to talk about wireless communications in OT, not in the casual sense of connecting a phone to Wi-Fi, but in the practical sense of sending operational signals through the air when wires are expensive, impossible, or too slow to deploy. Wireless in OT can be a lifeline for remote sites, moving assets, and distributed sensors, and it can also be a source of fragility if people assume it behaves like a stable, high-bandwidth office network. Beginners often underestimate how many kinds of wireless exist in operational environments, because the terms do not sound like everyday consumer technology. You might see VHF used for long-range radio communication, AIS used for vessel tracking and maritime awareness, VSAT used for satellite connectivity in remote areas, M-Bus used for metering data in buildings and utilities, 802.15.4 used for low-power sensor networks, and 802.11 used for familiar Wi-Fi-style connectivity. Each one exists because it solves a specific operational problem, and each one comes with reliability constraints that must be respected if you want stable operations. Security matters too, but reliability is often the first battle because unreliable links create operational stress, hide anomalies, and tempt people into unsafe shortcuts. By the end of this lesson, you should be able to recognize why OT wireless is diverse, how to think about link quality and interference, and how to operate wireless channels in ways that preserve the availability and trust OT environments depend on.
Before we continue, a quick note: this audio course is a companion to our course companion books. The first book is about the exam and provides detailed information on how to pass it best. The second book is a Kindle-only eBook that contains 1,000 flashcards that can be used on your mobile device or Kindle. Check them both out at Cyber Author dot me, in the Bare Metal Study Guides Series.
A good way to approach OT wireless is to understand that the wireless medium is shared, variable, and influenced by the physical environment in ways that wired links are not. A cable has fairly predictable behavior once installed properly, but a radio link must contend with distance, obstacles, weather, reflections, competing transmissions, and even moving objects that change signal paths. In OT environments, the physical setting can be challenging, such as heavy metal structures, rotating machinery, underground spaces, or open terrain with long distances and few infrastructure points. That means the same wireless system can behave well one day and poorly another day, even without anyone “breaking” anything. Beginners sometimes interpret variability as a sign of cyber attack, but variability is often an ordinary property of radio propagation, which is why reliability planning is essential. Another key point is that wireless links often have lower bandwidth than people expect, and that bandwidth must be shared among devices, which means traffic planning matters. The way to stay calm is to treat wireless as an engineered control channel, not as a convenience layer. When you treat it as engineered, you naturally consider coverage, redundancy, and appropriate use rather than assuming it can carry anything at any time.
VHF is a broad category of radio communication used for longer-range voice and data in various operational contexts, and in OT-relevant environments it often appears where infrastructure is sparse and reliability across distance matters. The beginner-friendly idea is that VHF systems can provide communication over large areas, and they can be used for coordination, safety communication, and sometimes for transmitting operational status when other methods are unavailable. VHF is not typically used for high-volume data streams, but it can be valuable for critical messaging and for environments where a simple, resilient communication method is preferred. Reliability challenges include interference from other users, terrain effects, and regulatory constraints on how channels are used. Because VHF is shared and often not designed for modern high-security data exchange, organizations must be careful about what information is transmitted and how operational commands are handled. A VHF channel used for coordination can be essential during emergencies, which means protecting its availability is part of operational safety. Beginners should recognize that reliability here is often about disciplined channel management, clear procedures, and ensuring that the communication method matches the mission. If an environment relies on VHF, it is often because other links are unreliable or too costly, which makes proper planning and fallback practices even more important.
AIS, or Automatic Identification System (A I S), shows up primarily in maritime contexts, and it is relevant to OT security and reliability because it is used for vessel identification and tracking, which supports navigation safety and operational awareness. A beginner should understand that A I S broadcasts information about vessels, such as identity and position, over radio, and that information can be received by other vessels, shore stations, and monitoring systems. Reliability matters because accurate tracking supports collision avoidance and situational awareness, especially in busy waterways or ports. However, A I S is also an example of a system where trust in data can be complicated, because broadcasts can be missing, delayed, or in some cases falsified, and receivers may not be able to fully verify authenticity in the way beginners might assume. In OT-relevant environments like ports, logistics operations, and coastal infrastructure, A I S data can feed into planning and monitoring systems, so its quality can influence decisions beyond navigation. This is a useful mindset lesson: wireless data can be widely shared and widely consumed, and that increases the need for careful interpretation. The safe approach is to treat A I S as an important input but not as the only truth, especially when decisions have high consequence. When you see A I S in a scenario, think about situational awareness, data integrity challenges, and the need for cross-checking and operational sanity checks.
VSAT, which is very small aperture terminal, is a satellite communication approach used when remote sites need connectivity and terrestrial networks are not available or not reliable. The beginner-friendly idea is that VSAT provides a way to reach isolated locations like offshore platforms, remote pump stations, ships, or far-flung industrial sites by communicating with satellites. This can support monitoring, coordination, and sometimes remote support, but it comes with constraints that are different from terrestrial links. Latency is often higher, meaning there can be noticeable delay between sending and receiving, and bandwidth can be limited or expensive, meaning you cannot treat it like an unlimited pipe. Weather and equipment alignment can also affect link quality, especially if the terminal is misaligned or if conditions degrade signal strength. Reliability planning for VSAT often involves prioritizing what traffic is essential, using buffering or store-and-forward approaches for non-urgent data, and ensuring that operations do not depend on instant feedback when the link naturally has delay. Security is also important because satellite links can connect remote OT environments to broader networks, and that connectivity can become a pathway if boundaries are weak. Beginners should learn that a remote site using VSAT may be operationally dependent on a link that is inherently slower and more variable, and that means processes must be designed to remain safe even when the link is degraded or unavailable.
M-Bus, or Meter-Bus, is often associated with metering and building or utility environments where many meters need to report consumption or measurement data reliably. The beginner idea is that M-Bus is designed to collect data from devices like water meters, heat meters, and other measurement devices, often in building automation and utility contexts. It is typically focused on reliable measurement reporting rather than real-time control, which influences its operational priorities. Reliability concerns include ensuring that meters report consistently, that the network does not lose devices, and that collected data remains accurate over time. Because metering data often feeds billing, energy management, and operational planning, integrity is important even if the data is not driving immediate control loops. In many deployments, the risk is not that a meter command will instantly change a physical process, but that inaccurate data will lead to wrong decisions or fraud concerns. Another practical factor is that metering systems can include many endpoints, and endpoint management becomes a challenge, including ensuring that devices are installed correctly and that communications remain stable. Beginners should understand that wireless and wired metering systems can be part of OT because they touch operational decisions, even if they feel “administrative.” When you see M-Bus, think about large-scale measurement collection, long-lived devices, and the need for disciplined data handling.
IEEE 802.15.4 is a wireless standard commonly associated with low-power, low-data-rate sensor networks, and it is relevant in OT because many industrial sensors and monitoring devices need to run for long periods on limited power. The beginner-friendly idea is that 802.15.4 supports small devices that send small messages, often in environments where wiring every sensor is impractical. These networks are often used for things like environmental monitoring, equipment condition monitoring, and distributed sensing where the goal is periodic status, not high-speed control. Reliability challenges include range limits, interference from other radio sources, and the way multi-hop networking can behave when devices act as relays for each other. Low power also means devices may sleep and wake, which affects timing and how quickly data can be delivered. From an operational perspective, the design must account for packet loss, retry behavior, and battery life, because replacing batteries in industrial environments can be costly and sometimes dangerous. Security considerations exist as well, but reliability is often the first challenge because low-power networks can become unstable if poorly planned. Beginners should learn to think about 802.15.4 networks as engineered sensor fabrics where the goal is steady, predictable delivery of small updates, not constant high-bandwidth streaming. When you match expectations to the technology, you reduce frustration and reduce the temptation to “fix” the system by pushing it beyond what it is designed to do.
IEEE 802.11, which is commonly thought of as Wi-Fi, appears in OT for a variety of reasons, including mobility, convenience, and the need to connect devices that cannot be easily wired. In OT environments, 802.11 might support portable maintenance devices, handheld scanners, operator tablets, or local access to equipment in large areas like warehouses and plants. Because Wi-Fi is familiar, beginners often assume it is simple, but in OT, reliability requires careful design because metal structures, interference, and movement can create dead zones and fluctuating performance. Another factor is that Wi-Fi networks can be used for both OT and IT purposes, and mixing them without clear boundaries can create risk and confusion. Wi-Fi also introduces a broader exposure surface because radio signals extend beyond walls, which means physical boundaries do not fully contain access. From a reliability standpoint, channel planning, coverage planning, and load planning matter because too many devices or too much traffic can degrade performance. From a security standpoint, authentication and encryption are essential, but even strong security must be supported by monitoring and access governance, because stolen credentials or misconfigured access points can create real pathways. Beginners should treat 802.11 in OT as a managed infrastructure component, not as a casual convenience, because its behavior can directly affect operational tasks and response activities.
Across all of these technologies, a core reliability concept is that wireless links have quality metrics, even if the user never sees them directly, and those metrics drive whether communications are stable. Signal strength, signal-to-noise ratio, interference levels, and error rates all influence whether messages arrive and how many retries are needed. Retries matter because they consume time and airtime, and in a shared wireless medium, one struggling link can affect other devices. Latency matters because delayed messages can be operationally irrelevant or can cause systems to make decisions based on stale data. Availability matters because intermittent links can create gaps in monitoring, which increases uncertainty during incidents. Beginners should also understand that many OT wireless deployments are designed with redundancy or fallback, such as having a secondary communication path or having local autonomy so that the process remains safe even if remote wireless monitoring is lost. For example, an RTU might continue local control even if the central system cannot reach it for a period of time. This is part of the OT mindset: communications support operations, but operations should not become unsafe just because communications are imperfect. Reliability planning includes deciding what must be real-time, what can be delayed, and what must have fallback.
Operating wireless reliably also requires disciplined operational practices, because wireless problems are often made worse by ad hoc changes and unmanaged devices. Adding an access point, changing a channel, or moving equipment can alter interference patterns and coverage, sometimes unintentionally. In environments with many contractors and vendors, unauthorized wireless devices can appear, such as rogue access points or personal hotspots, and those can degrade performance while also creating security pathways. Even without malicious intent, a well-meaning change can break a carefully tuned wireless design, which is why change control matters for wireless infrastructure just as it does for controllers. Another practice is documentation, because wireless coverage decisions and frequency allocations should be recorded so that troubleshooting does not become guesswork. Maintenance also matters because antennas, cables, and connectors can degrade, and a degraded antenna can look like a cyber issue when it is actually physical wear. Beginners should learn that wireless reliability is partly engineering and partly discipline, and both are necessary. If you treat wireless as “set it and forget it,” the environment will eventually surprise you, but if you treat it as a managed system, you can keep it stable.
Security and reliability are deeply linked in OT wireless because disruptions in wireless can create operational stress and blind spots, and blind spots can hide both accidents and attacks. If an attacker jams a signal, that looks like interference, but the operational effect is lost visibility or control, which is a real risk even if the attacker never breaks encryption. If a system relies on remote telemetry and that telemetry becomes unreliable, operators may make decisions with incomplete information. If portable devices use Wi-Fi to connect to control environments, a compromised device can become a pathway, especially if the wireless network bridges into sensitive segments. Conversely, overly aggressive security measures can harm reliability if they introduce frequent reauthentication, heavy overhead, or unstable roaming behavior in mobile environments. The balance is to use security controls that preserve stable communication while still controlling access and reducing exposure. Beginners should also remember that some wireless systems, like AIS, are designed for broad sharing and are not intended to be private, which means security decisions are often about interpretation and cross-checking rather than confidentiality. Reliability in these contexts includes knowing what the data can and cannot be trusted to provide. When you think in this integrated way, you stop treating wireless as a separate topic and start treating it as part of the operational system.
To close, operating OT wireless reliably means recognizing that different wireless technologies exist because OT problems are diverse, and each technology comes with specific constraints that must be respected. VHF supports long-range communication and coordination where infrastructure is limited, AIS supports maritime identification and situational awareness with trust challenges that require careful interpretation, VSAT supports remote connectivity with higher latency and limited bandwidth, M-Bus supports large-scale metering data collection where integrity and consistency matter, 802.15.4 supports low-power sensor networks with range and interference considerations, and 802.11 supports flexible Wi-Fi connectivity that demands careful coverage and access management in industrial environments. Across all of them, wireless reliability depends on managing interference, planning for variable link quality, prioritizing essential traffic, and maintaining discipline around changes and device access. Because OT depends on trustworthy information and stable control, wireless failures can become safety and operational issues, not just technical annoyances. When you can match the wireless technology to its operational purpose and reason about its limitations, you are prepared to make safe judgments in SecOT+ scenarios that involve remote sites, mobile work, and distributed sensors. This understanding also prepares you for the next topics where legacy constraints and mixed environments show up, because wireless often appears as a bridge when other options are not practical.