Moving to the cloud with mobility technology
Accessing manufacturing and other industrial data in the cloud via mobile devices such as smartphones, tablets, and laptops provides many benefits, but security must be carefully considered. Although the cloud’s enabling technologies have been around for quite some time and are proven in use, particularly in the commercial sector, many in the industrial world have questions and concerns when it comes to using the cloud. To assist, use these simple series of steps to set up, operate, and maintain a safe and secure cloud-based data distribution system.
Mobile technology and the cloud can provide instant access to production and process data while adhering to security policies, and can be implemented by users with limited experience.
Cloud technology can be thought of as many redundant and physically separate central repositories of data, some free and some provided as a service. These repositories can be off-site, as with a public or hybrid cloud, or on-premise, as with a private cloud. Explanations here will focus on public cloud implementations, by far the lowest-cost solution among cloud technologies, and much less expensive than purchasing, implementing, and maintaining similar computing infrastructure on premise.
Discussions below assume that data will be provided to the cloud by one or more Microsoft Windows- and PC-based HMI platforms, with each connected to the cloud via Ethernet (Figure 1). Also assumed is access via three main types of mobile devices: smartphones, tablets, and laptop computers. This access can be two-way, with mobile devices not only viewing data, but also making changes to the process or the machine monitored by the HMI, although the primary focus will be on data distribution.
Given the low cost, quick implementation, and myriad benefits as listed in Table 1, what can stop a firm from implementing cloud-based data solutions to distribute HMI data to mobile devices?
Loss of control is main concern
Perhaps a firm’s biggest fear when it comes to implementing the cloud and mobility is loss of control. If a server or other IT hardware owned and maintained by a firm fails, action can be taken internally to correct the problem. In the cloud, the firm, or more precisely its IT department, doesn’t have the same level of visibility and control. However, there are ways to make the cloud more resilient, as high availability and redundancy are achievable but must be planned.
If one cloud service provider goes down, a second one can be kept ready, with the speed of transition depending on the criticality of the firm’s business. For the quickest switchover, data should be sent from the HMI to the two cloud service providers simultaneously. This is the most expensive solution. A lower cost alternative is uploading data to a second provider only after the primary provider experiences an outage. The speed of recovery in this case will depend on just how long it takes the HMIs to upload data to the second provider.
A second major fear many firms have regarding the cloud and mobile access is security. As soon as internal servers are connected to external networks such as the Internet to provide connection to mobile devices, they become vulnerable in a manner similar to the cloud.
But a small firm may have only one IT person setting up, monitoring, and maintaining all cyber security. Even larger firms are unlikely to have more than a few IT professionals charged with the specialized task of maintaining secure data access from HMIs to mobile devices. By contrast, a cloud computing service provider such as Rackspace, Amazon Web Services, IBM Cloud, or Microsoft online services each has hundreds of IT personnel on staff, many charged with maintaining cloud security.
In reality, public cloud security is rarely breached when off-the-shelf security tools are configured and used properly.
Table 2 lists the steps for setting up a system to distribute data from HMIs to mobile devices via the cloud. The first is to select a cloud computing service provider. There are many to choose from, and the leading providers are a good place to start. As mentioned before, these include Rackspace, Amazon Web Services, IBM Cloud, Microsoft online services, and others.
The next step is to pick the right HMI software supplier, one with built-in support for cloud connectivity and data distribution to mobile devices. Cloud connectivity will in most cases be via Ethernet and a standard protocol such as TCP/IP. Although most HMI platforms will support cloud connectivity standards, some make it simple via configuration of a few parameters, while others add the complexity of required custom programming.
In many cases, the HMI application is hosted in a controlled, local environment with a cloud gateway, such as TCP/IP client server, connecting to a cloud-based historian. Just the historical data is stored in the cloud, with real-time data accessed locally. Mobile access to real-time data via the cloud can be added, and is a requirement for two-way communications and control from a mobile device.
In terms of mobile device support, the HMI software should support the HTML5 standard, as this allows mobile device screens to be configured once and distributed to any mobile device with an operating system supporting HTML5.
There are two main options to access data with mobile devices, a web browser or an app. With HTML5 as the presentation layer, a reasonable facsimile of the local PC-based HMI experience is available on any mobile device supporting the standard. If a web browser is used, it must be booted up and the cloud address then entered to connect to the cloud, both simple but time-consuming steps. If an app is used, access is mush quicker as it only requires a user to press a single button.
While an app is faster and easier to start up, it’s also much more complex to implement than browser access. An app must be developed and maintained, and each user must download the app to a mobile device. As all smartphone and tablet users know, apps must be periodically updated to maintain reliable and secure operation. By contrast, browser-based access relies on built-in Windows and browser technology for operation, making it much simpler to set up and maintain.
Click into the next page for a discussion of secure web-based access.
Ensuring secure access
As with all web-based access, robust security must be enabled. When accessing the HMI with a mobile device via the cloud, users should be required to go through an authentication process where they enter a user ID and password. This authentication process is an industry standard and built in to the HTTP protocol. For many applications, this simple authentication is enough to ensure security.
However, from a data security prospective, encryption may be required. SSL encryption comes standard with Microsoft Windows and with mobile device operating systems, but it must be enabled. Encryption ensures any data accessed by noncompliant devices and methods will be incomprehensible. For example, if a wireless snooper were to pick up data transmitted from the cloud to a mobile device, it would find the data encrypted and indecipherable.
Another level of security can be created by enabling access control lists. The selected HMI software should let users easily establish and maintain a list of devices allowed to access the HMI data through the cloud. Access by unknown devices will be denied.
Using the cloud to provide mobility
Many cloud and mobility applications are used in remotely distributed control and monitoring applications. Water and wastewater, oil and gas, and renewable energy industries are common users of this technology. By using mobility and the functionality it enables, monitoring of local control of automation and instrumentation devices through the HMI can be enabled from mobile devices (Figure 2). Data is collected in the cloud from the HMI, and it can be visualized via the cloud by most any mobile device.
The cloud becomes the centralized data historian used by a distributed cast of personnel. These remote personnel can access production and other data no matter where they are located. If the personnel are local and internal to a plant or a facility, the cloud does not need to play a role, as Wi-Fi can be used, a handy option often providing better performance, and one that remains in service should the cloud or the connection to it fail.
Another application is a supplier providing maintenance to its equipment or systems installed on site. Data can be sent to the cloud, and the supplier can monitor the information to enable remote support and service, even extending to predictive maintenance.
Control system integrators can also offer cloud-based monitoring as a service, setting up the entire system and selling cloud-based monitoring on an as-needed basis to customers. For example, a firm may need to evaluate oil well information for just a month, making it easier for it to engage an integrator to set up cloud-based remote monitoring rather than doing the same thing itself.
HMI, cloud, and mobile device technologies are available for industrial use and are a good fit for many mobile access applications. Using the cloud to enable mobile device access to HMI data is often a better alternative than purchasing, implementing, and maintaining internal computing infrastructure. Users can start slow with one HMI application, and then expand to others as the technologies become familiar and proven in use.
Off-the-shelf cloud and mobile access capabilities
Although cloud computing is common in the commercial sector, it’s relatively new for HMI applications. Cloud computing provides convenient, on-demand network access to a shared pool of configurable computing resources including networks, servers, storage, applications, and services. These resources can be rapidly provisioned and released with minimal management effort or service provider interaction.
By moving to a cloud-based environment, HMI users can significantly reduce costs, achieve greater reliability, and enhance functionality. In addition to eliminating the expenses and problems related to the hardware layer of IT infrastructure, cloud-based HMI enables users to view data on devices like smartphones and tablet computers, as well as through SMS text messages and e-mails.
HMI software and services are available for firms that want to use their own IT infrastructure, the cloud, or a combination of both to deploy their applications. Upfront consulting and advice are available to help customers make the best choice based on their specific requirements and capabilities.
Whether the cloud and mobility application is public, private, or hybrid, historical and graphical real-time storage and access to the data can be provided. This functionality is available and configurable in web software without custom programming, greatly simplifying implementation and maintenance.
– Larry Combs is vice president of customer service and support at InduSoft, a division of Schneider Electric.
For more information, see the related article links below.
- Cloud applications are now common in traditional IT environments, but still rare in industrial contexts.
- Security and loss of control are key concerns for industrial users, but there are technical and work practice solutions for both.
- Mobile HMI applications can be deployed far more simply using cloud-based technologies.
Which of your time-dependent systems could be made more efficient with cloud-enabled mobile software?