What is QoS?
QoS stands for Quality of Service and is a network mechanism for giving priority to important network traffic. It determines which traffic is given preference during congestion, so that critical data arrives reliably, on time and with minimal delay.
In OT networks, QoS is essential to protect real-time communications such as GOOSE, SV, OPC UA and VoIP from delay or packet loss.
🧠 How does QoS work?
- Incoming and outgoing network traffic is classified based on protocols, ports or addresses
- Traffic is marked with priority bits, such as:
- DSCP (DiffServ Code Point) – used in the IP header
- 802.1p – Layer 2 priority in the VLAN tag
- Switches and routers schedule or filter traffic based on its priority
- Under congestion, high-priority classes (e.g. real-time or control traffic) are given preference
- Less important traffic (e.g. file updates) is delayed or dropped
QoS works at layers 2 and 3 of the OSI-model and requires support in Switches, Routers and end devices.
🏭 Use of QoS in industrial networks
- Prioritising real-time protocols such as GOOSE, SV and OPC UA PubSub
- Protecting Voice over IP traffic on industrial telephony or paging systems
- Prioritising SCADA polling over engineering traffic
- Separating monitoring/log traffic (low) from process control (high)
- Minimising jitter and delay on control loops between PLCs and variable-frequency drives
In OT networks, QoS helps critical processes continue to operate stably, even under network load.
🔍 QoS methods
| Method | Description |
|---|---|
| Classification | Recognising traffic based on address, protocol or port |
| Marking | Assigning priority (DSCP, 802.1p) |
| Queuing/Scheduling | Controlling order (e.g. strict priority, WFQ) |
| Policing/Shaping | Limiting or smoothing bandwidth |
🔐 Security considerations
- QoS tags can be manipulated by unauthorised devices
- Restrict access to QoS settings using RBAC and ACL
- Use only trusted ports and VLANs for QoS traffic
- Monitor high-priority traffic via SIEM or network monitoring
- Apply QoS correctly: putting too much traffic on the highest priority undermines its effect
An incorrect or abused QoS configuration can lead to denial-of-service on critical networks.
📌 In summary
QoS is indispensable in industrial networks for ensuring the availability, timing and reliability of critical communications. It distinguishes between traffic types and ensures that what matters always gets priority.