Electricity and Control June 2021

INDUSTRY 4.0 + IIOT : PRODUCTS + SERVICES

Secure data exchange for Industry 4.0 applications

Data exchange is an important issue to look at when integrating the production (operational technology, OT) and management (information technology, IT) levels in an organisation. This is due to the large number of variables and non-standardised interfaces, as well as the need to support access privileges and specific security requirements. Although OPC UA has established itself as a standard technology for achieving these goals, the devil is in the detail when it comes to implementing successful Industry 4.0 applications. Interface abstraction, data aggregation and security The dataFEED Secure Integration Server product from Softing Industrial works as an abstract interface between the worlds of OT and IT, offering users a set of key functionalities for efficient data exchange in a single component. In its role as an aggregating server, this middleware makes use of OPC UA’s address space modelling, especially for interface abstraction and data aggregation. In the process, the interface abstraction handles changes or extensions within one domain (OT/ IT) without any modifications then being needed in the other. Advantages here include the ease with which new IT applications can be integrated into the overall solution, to exploit short innovation cycles in IT or make targeted

client applications plus definable access types. Apart from full implementation of OPC UA security functions, whitelists and blacklists can also be defined to control data access from specific IP addresses, and detection of Denial of Service (DoS) attacks targeting OPC UA authentication is also included. Benefits for customers Whether customers are retaining existing setups or planning a new plant installation, deciding to deploy the dataFEED Secure Integration Server offers a significant set of advantages when running Industry 4.0 applications. In one recent example, integrating 1.5 million variables into an overall system was the challenge faced by a leading provider of power station process control systems. However, accessing such a large number of variables is a major stumbling block for many OPC UA clients. Because of this, the provider for the power station application chose to use the variable filtering option to achieve targeted variable access restrictions for individual OPC UA clients. In addition, only read access is granted to the individually configured variables. This prevents the unauthorised overwriting of assigned data values. In another example, a major supplier of automotive parts similarly chose dataFEED Secure Integration Serv- er specifically to handle variable aggregation and filtering from multiple, heterogeneous OPC UA servers, giving the OPC UA clients a standard, harmonised interface for ac- cessing all variables. In this case, the customer’s need to implement a state-of-the-art security standard was anoth- er key reason for choosing this solution. For more information contact Systems Automation & Management. Tel: + 27 (0) 11 803 0570, email: claude@sam.co.za mGuard Secure Remote Service Connector app is available in the PLCnext Store for this purpose. To keep customers’ data secure, the security-related parameters of the mGuard Secure Remote Service have been brought in line with the recommendations of the German Federal Office for Information Security (BSI) concerning encryption algorithms and lengths. With version 2.11, various subnets of a machine or system can now be easily added in the user interface. In version 2.12 onwards, they are made available selectively to users or user groups with fine granularity. Both version 2.11 and 2.12 of the remote maintenance ecosystem are available worldwide. For more information contact Phoenix Contact. Tel: +27 (0)11 801 8200 Email: info@phoenixcontact.co.za Visit: www.phoenixcontact.com/en-za/

The dataFEED secure integration server enables seamless, secure data exchange for production and management levels.

changes to the production environment. With data aggregation, data from multiple sources can be consolidated on a single OPC UA server, so the IT application only needs to access one server. This simplification to the communications infrastructure cuts configuration effort for users. Another key feature of the dataFEED Secure Integration Server is its built-in security model, with filters available to restrict the address space for individual OPC UA

New functions in secure remote service

10 years on from the original mGuard launch, Phoenix Contact is introducing version 2.11 of its mGuard Secure Remote Service ecosystem to the market with added features and new system functions. The system supports

Android-based mobile end devices for service technicians and iOS- based Apple devices. On the machine side, PLCnext Control devices from Phoenix Contact can also be easily and securely connected to the mGuard Secure Remote Service. The

The mGuard Secure Remote Service ecosystem supports service technicians in the field.

8 Electricity + Control JUNE 2021