All fiber-optic, Ethernet, and twisted-pair field control networks in manufacturing facilities must be qualified and validated. Commonly, a validated network infrastructure is utilized for fiber-optic and Ethernet communications, eliminating the need to provide and validate a dedicated TCP/IP network. Bridging to non-validated networks, such as a campuswide BAS network, is routine, but requires validation testing to substantiate that safeguards precluding changes by unauthorized personnel are in place. Even routine operator actions, such as acknowledging alarms and changing set points, should be segregated by departmental authority, functional responsibility, and evidence of proper training.

Regulated and non-regulated operations are integrated as shown in Figure 3. In a production facility, these also may include specialty utilities, such as clean steam, U.S. Pharmacopeia water, and clean compressed air, which must interface with the BAS as well. Because production and quality-assurance personnel must monitor equipment and environmental status, local workstations often are required at production sites. User rights and access privileges must be segregated so that changes are made by authorized individuals only.

While facility managers typically require short-term data for troubleshooting and the resolution of equipment problems, production and quality-assurance personnel are more concerned with long-term records of environmental trend data, alarms, and operator actions, which are used to substantiate that products were manufactured within the environmental-tolerance envelope identified in product licenses. Because these records may need to be retained for years, they fall under the FDA's 21CFR Part 11 guidelines for electronic-record retention and protection. Because of potential problems associated with mixing production-oriented data and building-automation data, a stand-alone data-archiving server often is used for production records.