Your questions answered: Achieve operational excellence in modern monitor and control with edge computing

A recent webcast discussed how edge computing can help transform modern monitor and control. This Q&A provides further information on the topic.

By Control Engineering June 12, 2024

Edge computing is a transformative cornerstone in modern monitor and control that is redefining operational efficiency and efficacy from edge to enterprise. It represents a pivotal shift in infrastructure that streamlines operations, elevates scalability and amplifies overall efficiency within operating environments.

During a May 16 webcast, presenters from Stratus Technologies provided strategies for elevating monitor and control applications through edge computing, techniques to improve data collection and protection with edge computing and guidance on future-proofing your monitor and control setup with edge computing.

Additional questions were answered by Greg Hookings, director of digital industries – EMEA, Stratus Technologies, and Valerie R. Schneider, business development manager – manufacturing, Stratus Technologies.

Question: Your information on ztC Edge indicates the following, is this correct: Host-based firewall – the edge computing platform can be configured to block (blacklist) or allow (whitelist) specific IP addresses, domain names, protocols or ports by using a customizable firewall?

Answer: The Stratus ztC Edge platform offers robust security features, including blacklisting and whitelisting capabilities.

Using a host-based firewall, users can easily customize IP tables to block (blacklist) or allow (whitelist) access to ztC Edge from specific IP addresses, domain names, protocols or ports.

The firewall is designed to be user friendly, with hardened default settings. These features make configuring and managing the firewall straightforward and effective, complementing existing network-based firewall solutions.

Some other related features to consider:

  1. USB port security – The ztC Edge’s USB ports are restricted by default, requiring administrative changes to enable them. This security measure helps prevent unauthorized access, as hackers often use USB devices to compromise systems and spread malware. Restricting USB port access mitigates the risk of unwanted intrusions or attacks.

  2. Role-based authentication – ztC Edge utilizes role-based authentication to enhance security. Considering that 80% of all security breaches involve password compromises, the platform enforces stronger authentication protocols, including robust password management practices (e.g., prohibiting weak passwords and requiring password changes from defaults) and idle session logouts. Integration with Microsoft Active Directory further simplifies access security and risk mitigation for ztC Edge customers.

  3. Secure communications – The platform employs secure communication protocols to protect data in motion, both between ztC Edge nodes and between ztC Edge systems and Stratus. Using the latest versions of SSL and TLS for bidirectional encryption helps prevent eavesdropping and tampering, such as man-in-the-middle attacks.

  4. Secure and trusted boot – ztC Edge supports secure and trusted boot processes. This feature limits system startup to only signed and verified bootloader, BIOS, drivers and OS files, ensuring that the initial instruction set executed by the system processor is authentic and intended. This measure helps prevent cyberattacks at the boot level.

  5. Compliance with industry standards – Both ztC Edge and ztC Endurance platforms are designed and built following security industry best practices outlined in ISA/IEC 62443-4-1 and 4-2. These standards pertain to the secure product development lifecycle and technical requirements for industrial automation and control system (IACS) components. The platforms adhere to more than 150 requirements under ISA/IEC 62443-4-2, where applicable.

For more details on Stratus security practices, refer to the Stratus security whitepaper: Stratus Product Security Whitepaper.

Question: Expand on edge computing and how level 2 software packages are transferred or implemented in the edge?

Answer: Edge computing is a distributed computing paradigm that brings computation and data storage closer to the location where it is needed, rather than relying solely on a centralized data center. This approach offers several key benefits:

  • Local processing and analysis: Edge computing enables local processing and analysis, allowing mission-critical software and processes to run with minimal latency. This reduces the time to value of edge data.

  • Bandwidth and latency management: It addresses issues related to data capture and storage by mitigating bandwidth and latency constraints.

  • Hybrid edge-cloud strategy: Edge computing connects edge data to operations centers and the cloud, providing essential decision support, insights and actions.

  • Platform for complex software: It serves as a robust platform for deploying increasingly complex mission-critical software stacks.

Question: How is level 2 software transferred or implemented on the edge?

Answer: Implementing level 2 software on the edge involves several steps:

  1. Identify edge devices: Determine the specific devices at the edge where the level 2 software will be deployed. At Stratus, this could include the ztC Edge or ztC Endurance platforms, depending on the software’s size, complexity and deployment environment.

  2. Select appropriate frameworks: Choose software frameworks or platforms that meet the requirements of the level 2 software and the capabilities of the edge devices. This selection might include platforms optimized for class I division 2 operation, real-time processing and critical infrastructure operations where downtime is unacceptable. Consider hardware requirements such as predictive fault tolerance, seven-9s reliability and modular, replaceable, redundant components.

  3. Integration with edge infrastructure: Integrate the level 2 software with the existing edge infrastructure, including built-in virtual machines, communication protocols, data collection and downtime prevention strategies. Ensure seamless interaction between the software and other edge components.

  4. Implement edge computing capabilities: Define and set-up the necessary edge computing capabilities, such as redundancy and downtime prevention, cybersecurity and workload consolidation via virtualization, to support the deployment and execution of level 2 software.

  5. Testing and validation: Thoroughly test the level 2 software on edge devices to ensure it performs as expected under various conditions, including different data loads, network latencies and environmental factors. Validate the software’s accuracy, performance and reliability in real-world edge environments. Check if there are available pre-validated and characterized level 2 software solutions that work seamlessly with the edge platforms to ensure immediate out-of-the-box functionality.

  6. Deployment and monitoring: Deploy the level 2 software to edge devices in production environments. Monitor its performance and collect feedback for further optimization. Implement remote monitoring, management and update mechanisms to ensure the software’s ongoing reliability and effectiveness.

  7. Iterative improvement: Continuously improve the level 2 software based on insights gathered from real-world usage and feedback from users and stakeholders. This iterative process helps enhance functionality and performance on the edge.

By following these steps, organizations can effectively transfer and implement level 2 software on the edge, enabling advanced processing and decision-making capabilities closer to the data source for improved efficiency, responsiveness and scalability.