- February 04, 2016
- MB Connect Line
By Sina Kopacz, MB Connect
White paper describes MB Connect's remote service platform that allows direct monitoring of machinery and equipment withweb-based visualization that can be displayed on any tablet, smartphone or computer with a standard browser.
Extensive remote services for PLCs
For remote maintenance of programmable logic controllers, the internet is of prime importance. First priority was the access for the service experts of the machine manufacturer for troubleshooting. However, a modern remote service platform offers much more possibilities than the pure connection management - thanks to web-based services for data acquisition, alarming, remote monitoring and M2M communication.
The wide range of industrial routers and data modems enables secure access to systems, control systems, process parameters and operating data.
The new remote service platform mbCONNECT24 V2.1 not only provides 1:1 connections between the machine and PLC programmers, but also the direct monitoring of machinery and equipment. For example, data from control systems or digital and analogue measured values can be recorded and processed via the platform:
- Acquisition and evaluation of data
- Monitoring and alerting when limits are exceeded
- Browser-based visualization on smartphone or tablet
- Automatic M2M communication
Depending on requirements, it is possible to combine the data of multiple systems or multiple locations. The web-based visualization can be displayed on any tablet, smartphone or computer with a standard browser.
Preconfigured data acquisition
Through the router and data modems linked with the platform the user can log operating data and measurement values. Thus, the direct collection of data from machine controls, heating systems, energy meters, machining centers and robots is possible. To simplify the configuration of such applications for the user, the platform provides now preconfigured system templates as a plug & play solution for data acquisition. The logging of temperatures, currents, vibrations or PLC data can be parameterized with just a few mouse-clicks. Individual values can be directly logged with the data modem mbSPIDER. The user connects the sensors to the data modem mbSPIDER, attachs the device into his project and selects the appropriate template. Thus, the device is automatically configured and can be used immediately. For a larger number of measurement values an I/O extender is available which may be linked also to the industrial router mbNET. A further template allows reading and writing of PLC data via PI / Profibus or S7 ISOTCP.
Various system templates allow a rapid implementation of applications for data acquisition.
Is this really secure?
The user needs a system solution that meets both, the requirements of the information technology (IT) and of the automation technology.In practise, solutions based on a central platform have proven. Both, the staff and the machinery and equipment, connect to the remote service platform. The big advantage is that outgoing connections work without changes to existing firewalls. Incoming connection requests on the machine do not occur in principle. Security strategies that are already introduced at the customers remain unaffected. The transfer of data is encrypted using secure VPN connections. As encryption protocol TSL (SSL) is used. These high safety standards allow the use even in business-critical applications.
An external audit and attestation confirms that mbCONNECT24 provides the highest possible security. An IT security provider, certified by BSI (Federal Office for Information Security in Germany), has examined the remote service platform with tool-assisted and manual penetration testing and has found no exploitable vulnerabilities.
The remote service portal with approved security is now also available for VMware.
Using your own server
Where is the server? How it is protected? With mbConnect24.virtual for VMware vSphere, the remote service platform can now be operated directly on the server infrastructure of the customer. No tunnel endpoints are therefore located outside its own territory. There are all the benefits of a virtualized environment available such as scalability, availability, performance, data protection and fast recovery. Through various licensing models from Free to Advanced the performance of the platform grows with the customer's requirements. Thanks to regular security updates, the customer platform is always up to date.
The registration on the platform is done by certificate and additional two-factor authentication (2FA). Thus, the protection against unauthorized access is significantly higher than the usual username-password combination. The 2FA bases on two different identifying features – the factors. The user must enter both to log on to the platform mbCONNECT24.
The user starts the application, by entering his username and password as the first factor. Subsequently, the second factor is a PIN which is sent to the user's mobile phone from the platform by SMS. For the SMS will be no cost. The safety advantage results from the two factors password and PIN, which are be managed and generated independently. For logging in the service staff must not only know the password, but also have access to the method defined in the platform mobile. Experience has shown that only with a password alone a sufficient level of safety is not attainable. A simple password that you can remember quickly, is easily crackable. Complex passwords are more secure, but difficult to memorize.
Two-factor authentication: User authentication via a password and SMS code creates a high security level.
Remote maintenance it is not just about reading PLC data via an Internet connection, write accesses are also necessary. For example, updates are transmitted to the software of the control systems, control parameters have to be changed or recipe data have to be updated.
For this purpose, the platform provides a secure and transparent access to the control systems of plants. Contrary to proprietary solutions mbCONNECT24 offers in conjunction with the industrial routers mbNET a universal solution. In addition to a direct MPI/Profibus interface Ethernet ports and serial ports are available. With drivers for more than 90 controllers, drives, inverters and control panels are complete factories can be controlled remotely.
With regard to the Internet-of-Things a direct automatic exchange of data plays a decisive role. Machinery and equipment are communicating directly without any user intervention. With mbCONNECT24 users are prepared for it. The platform supports a real M2M communication. Controllers can exchange data across company boundaries as if they are on the same network. Strictly speaking, there is a secure networking of equipment over the Internet. For example, a logistics center automatically reorder missing items from supplier when the minimum stock level is reached. Other applications include the tracking of deliveries or the usage-based billing of rental equipment. If required, with automatic alarm if an object is removed from the allowable working environment.
The Industrial router mbNET.mini WiFi and 4G for a wireless connection.
Independent of the infrastructure
Depending on the industry and customers the machinery and equipment constructors meet to different communication infrastructures. Frequently Ethernet-based machine networks can be used for remote maintenance. But there are also production plants, which are so extensive that the connection is only possible via WiFi. Or the existing wired Ethernet network can not be used. Movable parts such as cranes can be connected easiest via wireless connection. The new industrial router with WLAN mbNET.mini supports the standards IEEE 802.11b / n / g with up to 150 MBit / s.
If a measuring point or a pump station is located in a faraway area, only a connection via mobile usually is possible, same as in mobile working and construction machinery. For such applications, the new industrial router mbNET.mini with LTE (4G) has been developed. The two versions for Europe/Australia and North America offer data rates of up to 50 Mbit/s upload and up to 100 Mbit/s download.
MB connect line GmbH Fernwartungssysteme
Winnettener Str. 6 91550 Dinkelsbühl
Tel. +49 (0) 98 51 / 58 25 29 0
MB Connect Line Inc.
4320 Winfield Road, Suite 200 Warrenville, IL 60555’
Did you enjoy this great article?
Check out our free e-newsletters to read more great articles..Subscribe