Quick summary

Industrial IoT deployments rarely fail because of one bad device. They fail because dozens of devices, generations, vendors, and protocols cannot speak to each other. McKinsey estimates that interoperability is required for around 40 percent of the total potential value of IoT applications, which means a deployment that solves protocol fragmentation captures value that fragmented deployments cannot.

Introduction

Walk into almost any operational factory, energy facility, or industrial site in Europe, and the same picture emerges: equipment from three decades, half a dozen vendors, and a stack of protocols that were never designed to coexist. Modbus from a 1990s PLC, Profinet on newer drives, OPC UA on the latest controllers, MQTT feeding cloud telemetry, and a handful of proprietary fieldbuses keeping the legacy machines alive.

Each of these protocols works in its own context. The problem is that industrial IoT only delivers value when they all work together, and they were not designed to. This article unpacks why protocol fragmentation is the single biggest blocker to industrial IoT value capture, what the main protocols are actually built for, and how to design an integration architecture that handles the mix.

Why protocol fragmentation is the real bottleneck

The headline IoT statistics consistently overstate progress and understate friction. McKinsey's research is direct on the point: of the total potential economic value the IoT enables, interoperability is required for around 40 percent on average, and for nearly 60 percent in some settings (McKinsey, 2015). More recent McKinsey analysis confirms that the IoT landscape is still "dominated by fragmented, proprietary, supplier-specific ecosystems" that limit the ability to scale and integrate (McKinsey, 2021).

The practical effect is that almost every at-scale industrial IoT deployment requires customisation. Retrofitting old devices, linking into existing systems, and obtaining secure connectivity all become harder than they should be, which drives up cost and discourages rollout. The technology to connect modern devices to the cloud is mature; the friction lives at the seams between the systems already running on the plant floor.

In Nordic, DACH, and Benelux industrial sites, this friction is particularly visible. Long equipment lifecycles, strong installed bases, and rigorous regulatory requirements mean greenfield IoT projects are rare. Most projects are brownfield integrations, and the success of those projects depends almost entirely on how well protocol fragmentation is handled.

Takeaway: Protocol fragmentation is the dominant cause of failed or stalled industrial IoT projects, not lack of technology or budget.

The protocols that actually matter on the plant floor

A working integration strategy starts from knowing what each protocol is genuinely good at, because they were designed for different layers and different problems.

The protocols that show up in almost every European industrial site are:

• Modbus (RTU and TCP): the de facto standard for low-level device communication, still ubiquitous because of its simplicity and decades of installed base

• OPC UA: a platform-independent standard (IEC 62541) designed specifically for vendor-neutral industrial interoperability, with built-in security and rich data modelling

• MQTT: a lightweight publish/subscribe messaging protocol optimised for cloud and edge telemetry over constrained networks

• Profinet, Profibus, EtherCAT: high-performance industrial Ethernet protocols used in motion control and time-sensitive automation

• CAN bus: dominant in vehicles and many industrial control systems

• Wireless M-Bus, LoRaWAN, BLE: used heavily in metering, sensor networks, and battery-constrained deployments

• Proprietary fieldbuses: vendor-specific protocols that often refuse to disappear quietly

Each of these solves a real problem, but none solves all problems. Modbus is simple and reliable but lacks security and semantic context. OPC UA is powerful but resource-heavy and complex to deploy. MQTT is efficient but adds nothing in terms of data modelling. The trap is treating any single protocol as the answer; the right industrial IoT architecture uses them in combination, with each one doing what it does best.

Takeaway: The strongest industrial IoT designs combine protocols rather than replace them, using each one where its strengths actually apply.

How fragmentation breaks projects in practice

Protocol fragmentation does not announce itself at the start of a project. It surfaces gradually, usually after the proof of concept has run successfully on a small subset of devices.

Common failure modes include:

• Data silos where information from one protocol cannot be correlated with another in real time

• Custom point-to-point integrations that work but cannot be scaled to additional devices

• Security gaps where older protocols (such as Modbus) transmit data without encryption or authentication

• Latency spikes where translation layers introduce delays that break real-time control loops

• Brittle integrations that fail when one vendor changes firmware or message structure

• Compliance gaps where traceability cannot be maintained across the protocol boundary

Industry research confirms how widespread these failure modes are. Recent academic and industry analyses describe industrial protocol heterogeneity as a "substantial impediment to the realisation of unified IoT platforms", creating data silos that hinder scalable deployment (NCBI, 2025). The pattern is consistent: pilots succeed because they cover a narrow slice of the protocol landscape; production rollouts fail because the full landscape is far more fragmented than the pilot suggested.

Takeaway: Fragmentation problems usually appear at scale, not during pilots, which is why integration architecture must be designed for the full protocol landscape from the start.

The integration architecture that actually works

Modern industrial IoT integration follows a layered pattern that separates concerns instead of trying to force every device onto a single protocol.

A typical working architecture includes:

• Field layer: devices speak their native protocols (Modbus, Profinet, CAN, proprietary fieldbuses) without modification

• Edge gateway layer: multi-protocol gateways translate device data into a common format, apply local logic, and handle security

• Standardisation layer: OPC UA is increasingly used to provide a vendor-neutral data model with semantic context for the plant floor

• Transport layer: MQTT (often with the Sparkplug specification) carries data efficiently from edge to cloud

• Cloud layer: data lands in IoT platforms, time-series databases, and analytics pipelines for use across the organisation

This combination, frequently described as the "OPC UA + MQTT" or "unified namespace" architecture, has become the de facto pattern for industrial digital transformation. It works because it stops trying to standardise the devices and instead standardises the data, which is the layer the business actually consumes.

For Wirtek-style projects involving brownfield integration across mixed vendors and equipment generations, this layered model has another advantage: it lets the project add or replace devices without breaking the integration. A 1995 PLC and a 2026 controller can both feed into the same cloud platform if the edge layer is designed correctly.

Takeaway: A layered architecture that standardises data, not devices, is the only approach that survives the realities of brownfield industrial sites.

The security dimension of protocol fragmentation

Protocol fragmentation is not just an interoperability problem. It is a security problem, and EU regulation has caught up to that fact.

Many legacy industrial protocols, particularly Modbus, were designed for isolated networks where security was a perimeter problem. Connecting these devices to wider networks without proper isolation, encryption, and authentication exposes them to threats their designers never anticipated. The EU Cyber Resilience Act (Regulation (EU) 2024/2847) now requires manufacturers of products with digital elements to embed security throughout the product lifecycle, with full obligations applying from 11 December 2027 (European Commission, 2024).

IEC 62443, the international standard for industrial automation and control system security, defines specific requirements for how protocols, gateways, and networks must be designed and operated in industrial contexts. The NIS2 Directive extends operator-level cybersecurity obligations across essential and important entities, including much of European industry.

The practical implication is that protocol integration architecture is now a regulated activity. An edge gateway that translates Modbus traffic to MQTT is not just a technical decision; it is a compliance decision, and regulators will increasingly expect evidence that security has been considered at each protocol boundary.

Takeaway: Protocol fragmentation now sits inside the scope of EU cybersecurity regulation, which makes integration architecture a compliance question as much as a technical one.

Building integration capability that scales

There is no shortcut to handling protocol fragmentation well. The strongest industrial IoT projects share a small number of design principles that hold up across vendors, sites, and lifecycles.

Practical principles include:

• Start from the data the business needs, not from the devices that produce it

• Design edge gateways as first-class components, not as afterthoughts

• Standardise on OPC UA for plant-floor data modelling where feasible, and bridge legacy protocols into it

• Use MQTT (often with Sparkplug) as the transport between edge and cloud

• Build security into every protocol boundary, with authentication, encryption, and segmentation

• Treat firmware and software updates across the integration stack as a lifecycle activity, not a one-off

• Design the integration to survive vendor changes, equipment generations, and protocol evolutions

McKinsey's research is direct on the organisational implications: corporate customers who specify interoperability as a buying criterion and push vendors for transparency capture significantly more value from IoT investments than those who accept proprietary lock-in (McKinsey, 2021). The implication for industrial buyers is that interoperability is a procurement question, not just an engineering one, and the most successful deployments treat it that way from day one.

Takeaway: Scalable industrial IoT integration depends on architectural discipline, lifecycle thinking, and treating interoperability as a procurement requirement, not just a technical detail.

Conclusion

Industrial IoT is no longer about adding sensors. It is about connecting decades of installed equipment, multiple vendors, and a stack of protocols into a single coherent data layer that the business can actually use. Protocol fragmentation is the dominant friction in that work, and it is also the place where the difference between mature integration partners and inexperienced ones becomes most visible.

The right approach starts from the recognition that protocols cannot be standardised away. They have to be integrated, layer by layer, with edge gateways doing translation, OPC UA providing semantic structure, MQTT carrying data efficiently, and security designed into every boundary. That architecture is what turns a brownfield industrial site into a connected operation that scales, complies with EU regulation, and survives the next generation of equipment.

For European manufacturers, energy operators, and industrial facilities, this is no longer a future capability. It is the baseline for staying competitive, compliant, and connected.

FAQ

Why is protocol fragmentation such a big problem in industrial IoT?

Most industrial sites have equipment from multiple decades, multiple vendors, and multiple protocols, none of which were designed to interoperate. McKinsey estimates that interoperability is required for around 40 percent of the total potential value of IoT applications, which means fragmented deployments leave a substantial share of the value uncaptured.

Can OPC UA replace older protocols like Modbus?

In most real industrial sites, no. Legacy Modbus devices remain in service for decades, and replacing them is rarely cost-justified. The practical approach is to use OPC UA at the standardisation layer and bridge Modbus and other legacy protocols into it through edge gateways.

What is the relationship between OPC UA and MQTT?

They are complementary, not competitors. OPC UA provides rich semantic data modelling and security for plant-floor communication. MQTT provides lightweight, efficient transport for sending data from edge to cloud. The combination, often described as the "unified namespace" architecture, is now the de facto pattern for industrial IoT.

Does the EU Cyber Resilience Act affect protocol integration?

Yes. The CRA applies to virtually all products with digital elements placed on the EU market and requires manufacturers to embed security throughout the product lifecycle. Edge gateways and integration components that bridge legacy protocols into modern networks are firmly in scope.

What standard governs industrial control system security?

IEC 62443 is the international standard for industrial automation and control system security. It defines requirements for how protocols, gateways, and networks should be designed and operated in industrial contexts, and is increasingly referenced in EU regulation.

Sources

• Unlocking the potential of the Internet of Things – McKinsey – https://www.mckinsey.com/capabilities/mckinsey-digital/our-insights/the-internet-of-things-the-value-of-digitizing-the-physical-world
• IoT value set to accelerate through 2030: Where and how to capture it – McKinsey – https://www.mckinsey.com/capabilities/mckinsey-digital/our-insights/iot-value-set-to-accelerate-through-2030-where-and-how-to-capture-it
• Leveraging Industrial IoT and advanced technologies for digital transformation in manufacturing – McKinsey – https://www.mckinsey.com/capabilities/mckinsey-digital/our-insights/a-manufacturers-guide-to-generating-value-at-scale-with-industrial-iot
• MIGS: A Modular Edge Gateway with Instance-Based Isolation for Heterogeneous Industrial IoT Interoperability – National Library of Medicine (NCBI) – https://www.ncbi.nlm.nih.gov/pmc/articles/PMC12788308/
• Cyber Resilience Act – European Commission – https://digital-strategy.ec.europa.eu/en/policies/cyber-resilience-act
• IEC 62443 Series: Industrial communication networks – Network and system security – International Electrotechnical Commission – https://www.iec.ch/blog/understanding-iec-62443