shared-responsibility model

A shared-responsibility model is a documented understanding of how responsibilities for security, compliance, and operational controls are divided between a service provider and a customer. In industrial and manufacturing environments, it is commonly used for cloud platforms, industrial software, and managed services that are part of the OT/IT stack.

What it includes

The shared-responsibility model usually describes:

• Provider responsibilities, such as platform security features, infrastructure hardening, built-in logging, availability controls, and default configurations.
• Customer responsibilities, such as user and role management, network segmentation, configuration of security settings, procedure documentation, and local validation or testing.
• Joint or conditional responsibilities, where both parties contribute (for example, applying patches provided by the vendor, or configuring audit logging features in line with plant policy).

In regulated manufacturing environments, the model is often aligned with control frameworks such as NIST 800-53 or ISO-style information security controls. The provider may map its capabilities to specific controls, while the customer must show how those capabilities are deployed, configured, and governed in the plant context.

Operational meaning in industrial settings

Practically, a shared-responsibility model helps clarify:

• Who maintains system configurations and access controls for MES, historians, or industrial data platforms.
• Who provides evidence of control operation during audits, such as change records, validation reports, or network diagrams.
• Which party owns incident response steps for security events affecting OT and connected IT systems.
• How responsibilities may differ between on-premises, hybrid, and cloud-hosted components.

The model is typically captured in security or quality documentation, supplier agreements, or platform reference architectures, and should be kept under change control as the system or scope evolves.

Common confusion

• Not the same as a service-level agreement (SLA): An SLA focuses on performance and availability targets. A shared-responsibility model focuses on who does what for controls and operations.
• Not a compliance certificate: The model explains role boundaries. It does not, by itself, prove that controls are effectively implemented or validated in a specific plant.

Link to the NIST 800-53 context

When industrial platforms describe alignment with NIST 800-53, a shared-responsibility model helps show which controls the provider supports directly and which remain the customer’s responsibility. This allows manufacturers to design their own control environment, gather appropriate evidence, and avoid assuming that platform capabilities alone meet all framework expectations.