By Derek Thomas, Vice President of Sales & Marketing, Machine Automation Solutions at Emerson
This article is the fourth in a four-part series exploring three new but related concepts — little data, edge processing, and secure connectivity — for deriving value from manufacturing data trapped inside machinery and other manufacturing assets. The first column provided an overview of all three topics, the second column explored the little versus big data concept, and the third column focused on how edge computing enables improved operations. This final column will look at how results produced by edge controllers can be securely transmitted to a variety of other systems using built-in secure communication capabilities.
Edge controllers integrate advanced computing and software capabilities to deliver local analytics and generate insights right at the machine control layer. By augmenting machine operation with advanced capture and processing of local sensor and device outputs, personnel close to the source can quickly assess issues and take appropriate action. But what happens when a user progresses and needs to connect multiple little data systems together into large data pools? Embedded, secure connectivity is then required to ensure systems are future-proofed and enable:
- Connection to local or remote displays for dashboards and other visualization needs
- Transfer of pre-processed data to on-premise or cloud-based historians and databases
- Integration of analytics information with plant- or enterprise-level systems
- Inner-outer loop data interchanges for logic optimization and machine learning
Each of these use cases necessitates secure connectivity to ensure system integrity at all times, so an industrial edge controller must incorporate the appropriate physical communication ports, modern industrial protocols, and security features. As explained in prior articles in this series, the most advanced industrial edge controllers have separate, virtualized operating systems (OSs) which run independently, but can securely communicating with each other via OPC UA.
One OS is a programmable logic controller providing real-time deterministic control, and another OS provides Linux-based, open, high-performance computing for analytics and other applications. To guarantee machine performance is unimpeded, edge controllers have dedicated communication ports for each OS, which ensures separation of network traffic between the machine network and higher-level industrial internet of things (IIoT) connections. The real-time part of the edge controller works best for time-sensitive communications, for example to a variable frequency drive in a control loop. The Linux part of the edge controller works well for other types of communication, such as with higher-level computing systems and the cloud.
Like most modern devices, edge controllers provide Ethernet and other ports to enable hardware connections. Where edge controllers stand out is their ability to support a wide variety of industrial networking, IIoT, and other advanced protocols, such as OPC UA, MQTT, PROFINET, and SRTP.
The comprehensive, modular, and scalable nature of OPC UA allows users to create a “system of systems,” that is, an integrated overall industrial automation system built from many subsystems of all sizes interacting seamlessly with each other. Clients and servers are defined as interacting partners. OPC UA defines how information is modelled and communicated with specific security, contextualization, and object-oriented features.
OPC UA uses a built-in set of services for handling security certificates and establishing secure client/server sessions at the application level, channels at the communication level, and socket connections at the transport layer. The protocol provides native mechanisms for clients to discover available servers, manage and distribute certificates and trust lists, and mediate with the certificate authority.
MQTT uses a publish-subscribe model, as compared with traditional poll-response communication protocols. Publish-subscribe significantly reduces required bandwidth, or data transfer capacity, compared with poll-response. With MQTT, each device on the network transmits (publishes) data only when it changes, sending that data to a central server, which in turn broadcasts only to other network clients that have tuned in (subscribed) to receive these updates. Poll-response protocols transmit data cyclically at a predefined rate, even if nothing is changing.
MQTT clients, which can be software applications or other field devices, subscribe to only the data they need. Instead of requiring constant chatter, communication happens as needed, and state awareness is maintained with only a small heartbeat from each device over a persistent, secure connection. This allows even low-power devices on low-bandwidth networks to form smart integrated systems. These systems can scale up to millions of connections easily, and all data published by each device can be subscribed to by any number of client applications—like maintenance databases, performance monitoring tools, inventory and financial systems—or cloud-based analytics platforms.
PROFINET is a robust plant-level network that can provide uninterrupted communications by using a media redundancy protocol (MRP) in a ring network configuration to provide communications recovery within a few milliseconds after networking loss due to a single cable, device, or switch failure. Users can design these networks with external switches to form a ring, or designs can be simplified incorporating on-board embedded multi-port switches right inside edge controllers.
For the most critical applications, edge controllers can be installed in pairs on an MRP ring. One controller is the primary, while the other controller is the hot-backup and is configured to take over seamlessly if the primary fails.
SRTP works particularly well for communications from an edge controller to an asset management system (AMS) or a supervisory control and data acquisition (SCADA) system. It provides encryption, message authentication and integrity, and replay attack protection in both unicast and multicast applications.
These four protocols — OPC UA, MQTT, PROFINET, and SRTP — can be used simultaneously if required and in a variety of applications, some of which are explained below.
Analytics information provided to an AMS or a SCADA system is often used to aggregate data from multiple sites. A machine builder might use an AMS to gather analytics information from hundreds of their machines installed worldwide. This information could then be used to improve support for existing machines, for example by providing predictive maintenance. Examination of analytics data could also be used to improve designs for new machines.
A SCADA system could gather analytics information from edge controllers installed at hundreds of pumping stations in a water/wastewater system, or from scores of electrical substations. In either case, this information could be used for remote control and monitoring, and for analysis to improve operations.
Edge controllers are an enabling technology able to collect data from a wide variety of field located sensors, and from other control devices, such as VFDs. Once this data is collected, it can be analyzed locally to quickly provide immediate improvements. Multiple connectivity options allow industrial edge controllers to transmit the results of analytics and other information to most any type of display, storage system, or other platform.
Transmitting field-sourced little data to higher level big data systems is fundamental to beginning and expanding a digital transformation effort. Industrial edge controllers are uniquely equipped and located to perform this role as they can connect with all types of field devices, gather and process the data, and securely transmit it to other systems.