Moving to the cloud with mobility technology

Human machine interface (HMI) applications and industry are connecting to the rapidly expanding cloud to cut costs, speed implementation, and provide worldwide access to data. To assist, use these simple series of steps to set up, operate, and maintain a safe and secure cloud-based data distribution system to improve efficiency through mobility.

01/22/2015


Accessing manufacturing and other industrial data in the cloud via mobile devices such as smartphones, tablets, and laptops provides many benefits, but security must be carefully considered. Although the cloud's enabling technologies have been around for quite some time and are proven in use, particularly in the commercial sector, many in the industrial world have questions and concerns when it comes to using the cloud. To assist, use these simple series of steps to set up, operate, and maintain a safe and secure cloud-based data distribution system.

Mobile technology and the cloud can provide instant access to production and process data while adhering to security policies, and can be implemented by users with limited experience.

Cloud technology can be thought of as many redundant and physically separate central repositories of data, some free and some provided as a service. These repositories can be off-site, as with a public or hybrid cloud, or on-premise, as with a private cloud. Explanations here will focus on public cloud implementations, by far the lowest-cost solution among cloud technologies, and much less expensive than purchasing, implementing, and maintaining similar computing infrastructure on premise.

Figure 1: Accessing HMI data through the cloud with mobile devices is often a better option than using internal IT infrastructure to distribute data. Courtesy: InduSoftDiscussions below assume that data will be provided to the cloud by one or more Microsoft Windows- and PC-based HMI platforms, with each connected to the cloud via Ethernet (Figure 1). Also assumed is access via three main types of mobile devices: smartphones, tablets, and laptop computers. This access can be two-way, with mobile devices not only viewing data, but also making changes to the process or the machine monitored by the HMI, although the primary focus will be on data distribution.

Given the low cost, quick implementation, and myriad benefits as listed in Table 1, what can stop a firm from implementing cloud-based data solutions to distribute HMI data to mobile devices?

Loss of control is main concern

Perhaps a firm's biggest fear when it comes to implementing the cloud and mobility is loss of control. If a server or other IT hardware owned and maintained by a firm fails, action can be taken internally to correct the problem. In the cloud, the firm, or more precisely its IT department, doesn't have the same level of visibility and control. However, there are ways to make the cloud more resilient, as high availability and redundancy are achievable but must be planned.

If one cloud service provider goes down, a second one can be kept ready, with the speed of transition depending on the criticality of the firm's business. For the quickest switchover, data should be sent from the HMI to the two cloud service providers simultaneously. This is the most expensive solution. A lower cost alternative is uploading data to a second provider only after the primary provider experiences an outage. The speed of recovery in this case will depend on just how long it takes the HMIs to upload data to the second provider.

A second major fear many firms have regarding the cloud and mobile access is security. As soon as internal servers are connected to external networks such as the Internet to provide connection to mobile devices, they become vulnerable in a manner similar to the cloud.

But a small firm may have only one IT person setting up, monitoring, and maintaining all cyber security. Even larger firms are unlikely to have more than a few IT professionals charged with the specialized task of maintaining secure data access from HMIs to mobile devices. By contrast, a cloud computing service provider such as Rackspace, Amazon Web Services, IBM Cloud, or Microsoft online services each has hundreds of IT personnel on staff, many charged with maintaining cloud security.

In reality, public cloud security is rarely breached when off-the-shelf security tools are configured and used properly.

Getting connected

Table 2 lists the steps for setting up a system to distribute data from HMIs to mobile devices via the cloud. The first is to select a cloud computing service provider. There are many to choose from, and the leading providers are a good place to start. As mentioned before, these include Rackspace, Amazon Web Services, IBM Cloud, Microsoft online services, and others.

The next step is to pick the right HMI software supplier, one with built-in support for cloud connectivity and data distribution to mobile devices. Cloud connectivity will in most cases be via Ethernet and a standard protocol such as TCP/IP. Although most HMI platforms will support cloud connectivity standards, some make it simple via configuration of a few parameters, while others add the complexity of required custom programming.

In many cases, the HMI application is hosted in a controlled, local environment with a cloud gateway, such as TCP/IP client server, connecting to a cloud-based historian. Just the historical data is stored in the cloud, with real-time data accessed locally. Mobile access to real-time data via the cloud can be added, and is a requirement for two-way communications and control from a mobile device.

In terms of mobile device support, the HMI software should support the HTML5 standard, as this allows mobile device screens to be configured once and distributed to any mobile device with an operating system supporting HTML5.

There are two main options to access data with mobile devices, a web browser or an app. With HTML5 as the presentation layer, a reasonable facsimile of the local PC-based HMI experience is available on any mobile device supporting the standard. If a web browser is used, it must be booted up and the cloud address then entered to connect to the cloud, both simple but time-consuming steps. If an app is used, access is mush quicker as it only requires a user to press a single button.

While an app is faster and easier to start up, it's also much more complex to implement than browser access. An app must be developed and maintained, and each user must download the app to a mobile device. As all smartphone and tablet users know, apps must be periodically updated to maintain reliable and secure operation. By contrast, browser-based access relies on built-in Windows and browser technology for operation, making it much simpler to set up and maintain.

Click into the next page for a discussion of secure web-based access.


<< First < Previous 1 2 Next > Last >>

Anonymous , 01/23/15 12:04 PM:

This is an interesting overview of the benefits for industrial cloud applications, but I'm not sure it adequately addresses the fundamental issues of security, performance, and implementation. To start with, few if any SCADA systems or HMIs on the market have been designed for use in the open, unprotected arena of the Internet. For example, industrial data communication is typically server/client--where the data source resides on a server, and accepts inbound client requests, such as polling. These requests require at least one open port in a firewall, a risk we would not recommend for any industrial system. The phrase "built-in cloud support" sounds promising, but unless that means the system has been redesigned from the ground up, and comes with a guarantee of no open firewall ports, it is not very secure.

A second consideration is performance. If you only plan to work with historical data, waiting a few seconds for your data is reasonable. However, for many systems, that kind of lag time will make it difficult, and possibly dangerous, to attempt any kind of monitoring or control.

Finally, although the steps listed give a broad idea of what is needed for industrial cloud computing, reading between the lines it is clear that there will be significant effort and cost involved. This does not sound like a turn-key service you can simply connect to your existing system, but rather a do-it-yourself project involving research, service contract negotiation, new software and/or hardware purchases, configuration, app programming, and retraining IT staff.

We feel that there is huge potential for industrial cloud computing with connectivity to mobile devices, remote locations, multiple users, and more. But the implementation should be quick and unintrusive, the performance real-time, and it should be secure by design.

Bob McIlvride
Skkynet Cloud Systems, Inc.
Daniel A , CA, United States, 01/29/15 11:21 AM:

Comment posted on behalf of the author, Larry Combs:
Mr. McIlvride says that customers should not expose their critical infrastructure to the Internet. Agreed. He also says that he would not recommend any solution that would put the industrial system at risk by requiring that ports be open in the firewall. Again, I agree. However, there seems to be an implication in Mr. McIlvride’s comments that the only solution is for the software in the cloud to pull data from the industrial network which would require ports to be open on the firewall protecting the industrial network.

But there’s another solution, which is to have software running on your local industrial network push data to the software in the cloud. In the InduSoft model, you would have one or more servers on the local industrial network running InduSoft Web Studio and providing local SCADA/HMI capabilities. You would have another instance of InduSoft Web Studio running in the cloud. In order to connect the two, you would simply configure InduSoft in the industrial network with a list of tags that you wanted to share with InduSoft in the cloud.

All communications are initiated from within the industrial network and pushed to the cloud, requiring no open ports on the firewall protecting the industrial network. This can be used to send real-time data to the cloud or to store data in a cloud-based database for historical analysis. Either way, people can access that data using mobile devices from anywhere as described in the article.

You could also share control tags between InduSoft in the industrial network with InduSoft in the cloud. This would provide people with the ability to have control functions on their mobile devices, should you choose to give them that access. Even though you would be pushing data from InduSoft in the cloud to InduSoft in the industrial network, you would be utilizing the same communication channel that was already opened by InduSoft in the industrial network, and therefore would not need to open any firewall ports on the industrial network.

We agree with Mr. McIlvride that customers do not want “a do-it-yourself project involving research, service contract negotiation, new software and/or hardware purchases, configuration, app programming and retraining IT staff”. This is why we designed InduSoft Web Studio to be quick and unobtrusive to implement, while providing performance in real-time with security by design.
The Engineers' Choice Awards highlight some of the best new control, instrumentation and automation products as chosen by...
The System Integrator Giants program lists the top 100 system integrators among companies listed in CFE Media's Global System Integrator Database.
The Engineering Leaders Under 40 program identifies and gives recognition to young engineers who...
This eGuide illustrates solutions, applications and benefits of machine vision systems.
Learn how to increase device reliability in harsh environments and decrease unplanned system downtime.
This eGuide contains a series of articles and videos that considers theoretical and practical; immediate needs and a look into the future.
Sensor-to-cloud interoperability; PID and digital control efficiency; Alarm management system design; Automotive industry advances
Make Big Data and Industrial Internet of Things work for you, 2017 Engineers' Choice Finalists, Avoid control design pitfalls, Managing IIoT processes
Engineering Leaders Under 40; System integration improving packaging operation; Process sensing; PID velocity; Cybersecurity and functional safety
This article collection contains several articles on the Industrial Internet of Things (IIoT) and how it is transforming manufacturing.

Find and connect with the most suitable service provider for your unique application. Start searching the Global System Integrator Database Now!

SCADA at the junction, Managing risk through maintenance, Moving at the speed of data
Flexible offshore fire protection; Big Data's impact on operations; Bridging the skills gap; Identifying security risks
The digital oilfield: Utilizing Big Data can yield big savings; Virtualization a real solution; Tracking SIS performance
click me