CIOReview
Sign In

Subscribe to our Weekly Newsletter to get latest updates to your inbox
| | 9CIOReviewMAY 2021middleware, and applications. Using SaaS eliminates most of the local support issues associated with traditional on-premise software. The cloud hosting company is responsible for maintaining all the software including the upgrades to the operating system, reporting and analytic packages (OEE, predictive maintenance, and other AI), communication drivers, database maintenance, etc. Since most cloud systems run on redundant servers with backup power generation the system rarely if ever goes offline.But how do you run the equipment if your plant temporarily loses it's internet connection? There are two ways to address this. One option is to maintain your local SCADA system for local operator interface functionality. The SCADA system would continue to provide operators with a local view of the system and allow them to start and stop equipment, change setpoints, and acknowledge alarms. The SCADA system would collect data from the PLCs and push it to the cloud server.The other option is to eliminate local SCADA entirely by using local operator interface touch screen to start and stop your equipment or change setpoints. In this scenario edge node devices would collect data locally, buffer it during network outages, and push it to the cloud server. What about Cybersecurity?When I talk to people about cloud hosted services for industrial equipment,often times the immediate response is "The IT department will never let us connect". The IT department's cybersecurity concerns are well founded. We should absolutely be cautious when it comes to connecting industrial manufacturing equipment to the internet. The IIoT is like fire - extremely dangerous if used carelessly, but incredibly valuable if used safely and responsibly for a specific purpose. Most IT departments will object to firewall holes and VPN access by third party companies, and they should. When you do online banking, you never ask the bank for a VPN connection into their network. You connect to your account using an encrypted TLS tunnel with signed security certificates. This same approach can be used by an edge node or a local SCADA server to connect to the cloud. The outbound connection from the SCADA PC or from the edge node is made either via an open port or through a proxy server. This approach should be the minimum security level for connecting equipment to the cloud.For even greater security, you could consider using a data diode. A data diode contains two separate processors. One connects to the plant floor network, the other to the cloud via the internet. The only connection between the two processors is a single fiber cable that allows data to be sent from the plant side to the cloud side. The plant has full control over what data values are sent out, and it is physically impossible for any data or security threats to come into the plant thru this device. Data diodes are commonly used in the most security conscious applications such as aerospace and power generation utilities and are becoming more common in manufacturing environments as wellConclusionUsing cloud based Software as a Service (SaaS) for reporting and analyticscan streamline your path to downtime analytics, production efficiency, and predictive maintenance while reducing operating costs. All this comes at a fraction of the price of traditional in house software and a timeline of weeks rather than months.
< Page 8 | Page 10 >