Posts

Case Study: Coca-Cola Bottler, Ireland

State-of-the-art Coca-Cola plant uses DataHub scripts to integrate alarm data and reports.

One of the largest soft drink manufacturing plants in the world, Coca-Cola’s Ballina Beverages facility, recently installed the DataHub® from Cogent Real-Time Systems (Skkynet’s subsidiary), to log alarm data and create end-of-shift reports. The 62,000 square meter plant, located in Ballina, Ireland, uses the most up-to-date manufacturing automation systems available, and management is constantly looking for ways to improve them.

Some of the equipment used at Ballina Beverages is designed and manfactured by Odenberg Engineering. Odenberg, in turn, relies on their subsidiary, Tricon Automation to handle the process control of the machinery.

In a recent upgrade to the system, the Odenberg/Tricon team chose the DataHub to construct custom log files to track and archive their alarms. They wanted to combine the live data from each triggered alarm with a text description of the alarm, and then log the results to a file. The alarms were being generated by an Allen-Bradley system from Rockwell Automation Inc., and the 1500 alarm descriptions were stored in an Excel spreadsheet. Each row of the final log would have to combine the time, date, and code of a triggered alarm with the corresponding description of that alarm.

After considering several different scenarios, the most effective approach was to connect the DataHub to Rockwell Automation’s RSLinx using its OPC server, and then to read in the alarm condition strings from a text file (instead of from the spreadsheet), using a DataHub script. The same script writes the data to the log file. This works so well that they decided to use another script to create end-of-shift reports.

“We got the basic system up and running in a few hours,” said Gus Phipps, team member from Odenberg, “which was good, because we were working under a tight deadline. Cogent helped us out with the DataHub scripting, but we were able to do most of the work ourselves. It went surprisingly quickly.”

“Using the DataHub’s scripting language let us customize it to exactly meet our needs,” said George Black, Tricon’s project manager. “It is very flexible, and yet completely robust. It is months now since the project was completed, and the DataHub continues working away merrily every day, just doing its job. We plan to use it again in other projects very soon.”

Case Study: Gazprom, Russia

Gazprom integrates SCADA, HMI modules, RTUs, data processing and historical archiving

Gazprom, the largest gas producing company in the world and responsible for 8% of Russia’s GDP, is using the DataHub® to monitor and control pumps, valves, consumption control units, cranes, and other equipment along 23,000 kilometers of pipeline spanning much of western Russia. The control system was developed by the Federal State Unitary Enterprise and is called the Unified Remote-Control Complex, or UNK TM. Software sales and support were provided by SWD Software Ltd., a QNX and Cogent distributor in St. Petersburg, Russia.

“The DataHub was the perfect tool for the job,” said Mr. Leonid Agafonov, Managing Director of SWD. “It is easy to use and provides robust connectivity for the whole control system. Our customer is very pleased with the project, particularly the reliability of the software.”

The system is an open, distributed-information control system with modular hardware architecture running on the QNX 4 operating system. A DataHub operates in each Control Room, and is connected to a number of Remote Terminal Units (RTUs), which in turn are connected to valves, pumps, and other hardware. The DataHub is also connected to a SCADA system, various HMI modules, and the Cascade Historian, which stores data to disk.

The system provides real-time operation, a multi-window graphical user interface, data processing components, and archival disk storage of data. Workstation devices and services, such as electrochemical protection and operational service can be added or removed at any time. There is also teletext communication between the Control Room and the RTUs, through the DataHub.

The Unified Remote-Control Complex has successfully passed tests administered by the Interdepartmental State Testing Commission and has been recommended for use at OAO “Gazprom” units and facilities. The system was developed by the Federal State Unitary Enterprise “FNPZ Y.E.Sedakov NIIIS”. It has a Measurement Instrumentation Approval Certification #6398 and is listed as #18430-99 in the State Measurement Instrumentation Register.

Case Study: TEVA API Pharmaceuticals, Hungary

TEVA combines tunnelling and aggregation to network OPC data through a firewall

Laszlo Simon is the Engineering Manager for the TEVA API plant in Debrecen, Hungary. He had a project that sounded simple enough. Connect new control applications through several OPC stations to an existing SCADA network. The plant was already running large YOKOGAWA DCS and GE PLC control systems, connected to a number of distributed SCADA workstations. However, Mr. Simon did face a couple of interesting challenges in this project:

  • The OPC servers and SCADA systems were on different computers, separated by a company firewall. This makes it extremely difficult to connect OPC over a network, because of the complexities of configuring DCOM and Windows security permissions.
  • Each SCADA system needed to access data from all of the new OPC server stations. This meant Mr. Simon needed a way to aggregate data from all the OPC stations into a single common data set.

After searching the web, Mr. Simon downloaded and installed the DataHub®. Very quickly he had connected the DataHub to his OPC servers and determined that he was reading live process data from TEVA’s new control systems. He was also able to easily set up the OPC tunnelling link between the OPC server stations and the SCADA workstations, by simply installing another DataHub on the SCADA computer and configuring it to connect to the OPC server stations.

“I wanted to reduce and simplify the communication over the network because of our firewall. It was very easy with the DataHub.” said Mr. Simon after the system was up and running. Currently about 7,000 points are being transferred across the network, in real-time. “In the future, the additional integration of the existing or new OPC servers will be with the DataHub.”

Case Study: PowerData, Caribbean

Caribbean resort facilities and power stations use DataHub to monitor system output and performance

Even on the lush tropical beaches of St. Maarten, Suriname, St. Kitts, and Antigua, where the sunshine sparkles on the deep turquoise waters of the Caribbean, access to real-time data is vital. While tourists lounge on white sand beaches, the managers and engineers at resorts, shopping centers, and power plants work round the clock behind the scenes to ensure a smooth experience. Operators and managers in the public institutions and private facilities at these remote destinations need to know what their processes are doing at any given time, from any location. They must be able to react quickly to changing conditions and make key decisions.

To meet this need, PowerData Limited of St. Maarten provides real-time and historical online data reporting services. They supply managers and engineers in power plants, resorts, and commercial facilities in the Caribbean islands with the data they need to monitor their power generation equipment, instrumentation, and other machinery. Recently, PowerData started using the DataHub® to give their customers a real-time data display using a standard web browser.

“Now our clients can open a web browser from wherever they are, and see exactly what is going on,” said Mr. Cameron Burn, CEO of PowerData. “The DataHub’s Java applets lets us feed large quantities of data to a page at high speeds, with no refresh necessary.”

st-maarten-caribbean-system

Cameron is using the DataHub’s Table applet to display multiple DataHub points. His web server provides the page, and loads the DataHub Table applet. The applet then creates a direct TCP link to the DataHub, which is connected to the PowerData monitoring equipment’s OPC server. The DataHub streams the data from the PowerData equipment to the web page in real time. The processing load on the web browser is very little-there’s no need for screen refresh-and the data is always up-to-the-second accurate.

st-maarten-caribbean-web-page

“Remote monitoring of our engine installations has been one of the most valuable aspects of this new system,” said Mr. Jeff Close, MAN Support Services Engineer at Needsmust Electricity Power Station in St. Kitts. “This is so much easier, and much more reliable, than the manual monitoring and logging methods we were using in the past. It gives us the ability to combine all engine data for the station into one page, therefore making it easier to assess the station status.”

“We are very pleased with the convenience of obtaining our data reading automatically from the PowerData web site,” said Terrence Simmon, Power Station Operations Manager of the Sonesta Maho Beach Hotel in St. Maarten. “It has increased our reliability significantly.”

As the benefits of real-time data monitoring from a web browser become more apparent, Cameron Burn expects to see a growing demand for this use of the DataHub.

Secure Remote Monitoring and Supervisory Control

New technologies such as Software as a Service, the Internet of Things and cloud computing for industrial process temperature bring new challenges, but there are solutions.

Interest in using cloud computing — also known as Software as a Service (SaaS) — to provide remote access to industrial systems continues to rise. Vendors and company personnel alike point to potential productivity improvements and cost savings as well as convenience. Operators and plant engineers may want to receive alarms and adjust heating controls while moving around the plant. Managers would like to see production data in real time — not just in end-of-shift or daily reports. Hardware vendors could benefit from getting live readings from their installed equipment for maintenance and troubleshooting operations.

Some industrial processors are attempting to provide this kind of window into their production systems. Yet, many question the wisdom of opening up a plant’s mission-critical control network to the possibility of malicious attack or even misguided errors. With a proper understanding of what is at stake, what is being proposed and how it can best be implemented, you can better decide whether remote access to your production data could benefit your company.

Security First for Industrial Networks

When talking about remote access to plant data, the first concern is security. Any approach that exposes the control system to unauthorized entry should be off the table. One popular approach is to secure the network against any potential intruders and open it only to trusted parties. Connections into the plant typically originate from smartphones, tablets, laptops or desktop computers. These systems usually are running a human-machine interface (HMI), remote desktop application, database browser or other proprietary connector.

In most cases, the plant engineering staff or IT department can grant client access to the network via a virtual private network (VPN), so authorized users can get the data they need. However, a typical VPN connection provides link-layer integration between network participants. This means that once on a network, an outsider has access to all other systems on the network. Thus, the company must either fully trust each person who comes is granted access to the network, or the company must task the IT manager with securing and protecting the resources within the network.

It would be unwise to risk giving visitors full access to everything that a VPN exposes. Using a VPN this way is a little like having a visitor come into your plant. Suppose a service technician arrives at the gate saying he needs to check a piece of equipment. You could just tell the guard to check his credentials, and if he checks out, give him a hardhat, directions and send him in. That is the limited-security approach. A better way would be to provide a guide to ensure that the technician finds his destination, does his work and leaves with only the information he came to get. It takes more effort and planning, but if you are going to allow someone to enter the premises, such effort is necessary to ensure security.

Better than VPN

An even better approach is to only allow access to the data itself. Consider this: the user of the data — be it vendor, customer or even corporate manager — does not need access to the whole network. Instead, they just need the data. So, rather than allowing a client to log on via a VPN connection while the IT manager works to secure confidential areas of the network from the inside, wouldn’t it be better to provide access to the data outside of the network altogether?

To continue our analogy, this would be like the guard handing the service technician exactly the data he need he arrived at the gate. There is no need to open the gate and no need to let him into the plant. In fact, the service company, vendor or other authorized party could request the data be sent to their own location, so they do not even have to go to the plant in the first place. This approach to remote monitoring is far more secure.

Is such a scenario realistic? Yes, if you use the right technology in the right way. For example, WebSocket is a protocol that supports communication over TCP, similar to HTML. But unlike HTML, once a WebSocket connection is established, client and server can exchange data indefinitely. The protocol also supports SSL encryption, a well-tested security protocol. Thus, WebSocket technology can be used to open and maintain a secure data tunnel over TCP from a plant to a cloud server without opening any ports in any firewalls. Once the tunnel connection is established, data can flow bi-directionally.

Isolating the Industrial Process Data

Such a data-centric approach to remote monitoring and supervisory control has several benefits. One key advantage is that the process can run in complete isolation from the remote client. Low-level control — and, in fact, all systems within the plant — remain completely invisible to the remote clients. The only point of contact for the remote client is the selected data set being streamed from the plant, and that data resides in the cloud.

While nobody seriously imagines making low-level control changes over a cloud connection, a solution based on WebSocket technology could allow both read-only and read/write client connections for those applications where remote changes are deemed acceptable. Authorized personnel then would have the ability to effect change in plant processes for diagnostic or maintenance purposes via a secure connection. This approach would not require any open firewall ports, so the plant remains invisible to the Internet.

Regardless of the intended use of the data, a correctly provisioned WebSocket connection to the cloud provides the process isolation needed to provide access to data without jeopardizing your in-plant systems.

Any Data Protocols

Another advantage to this approach is that it can be protocol-agnostic. Ideally, the system would carry only the raw data over TCP in a simple format: name, value and timestamp for each change in value. The connector would convert the plant protocol, such as OPC or Modbus, to a simple data feed to the cloud. Requiring a minimum of bandwidth and system resources, the data would flow in real time to all registered clients.

Each client, in turn, can convert the data into whatever format is most convenient and appropriate for their application. Options include spreadsheets, databases, web pages or custom programs.

Better yet, this approach to remote monitoring is not necessarily limited to in-plant connections. Custom-developed WebSocket connectors small enough to fit on embedded devices such as temperature sensors or flowmeters could be placed at remote locations any distance from the plant. Then, by wired or cellular connections to the Internet, the devices would connect directly to the cloud via WebSocket tunnels, without going through the traditional SCADA system, if need be. Such high-performance connectivity would support secure, real-time M2M communications and meet essential requirements of the industrial Internet of Things (IoT).

Changes and Challenges

However you look at it, change is on the horizon for industrial process control systems. The current state of the art for networked control systems was made possible by dramatic technical breakthroughs in the 80s and 90s. Many industry experts say that we are now on the verge of similar breakthroughs in remote monitoring and supervisory control. Whether they call it cloud computing, Software as a Service (SaaS), Industry 4.0 or the Industrial Internet of Things (IIoT), most will agree that the biggest challenge right now is security.

New technology provides new capabilities, and it also presents new demands that may challenge our way of thinking. Accessing data from a plant or remote sensor halfway across the world needs a different approach to security than our current models were designed for. Yet, there is no need to remain attached to the status quo if it does not truly meet the needs. These are engineering problems, and there are engineering solutions.

Bob McIlvride is the director of communications with Skkynet Cloud Systems Inc., Mississauga, Ontario, Canada. Skkynet provides secure cloud-service remote monitoring services and can be reached at 888-628-2028 or visit the website at http://skkynet.com.

Skkynet Welcomes New Advisory Board Member

Internet and SCADA security expert Dr. José Fernandez to oversee security strategy and development for SkkyHub™ as new Advisory Board Member.

Mississauga, Ontario, February 9, 2015 – Skkynet Cloud Systems, Inc. (“Skkynet” or “the Company”) (OTCQB:SKKY), a global leader in real-time cloud information systems, is pleased to announce that Dr. José M. Fernandez, Associate Professor in the Department of Computer Engineering and Software at the École Polytechnique de Montréal has joined Skkynet’s Advisory Board. Dr. Fernandez is currently involved in research in computer security for Internet applications and SCADA systems, and will be a valuable asset to ensuring the integrity of the SkkyHub™ service.

“We are fortunate to gain the benefit of Dr. Fernandez’s wisdom and experience,” said Paul Thomas, President of Skkynet. “There are strong and growing concerns for the security of the Internet of Things (IoT), particularly in the industrial area. From the start Skkynet has striven to put security the forefront in the design of SkkyHub, and we expect Dr. Fernandez to contribute significantly to our efforts.”

“I’m looking forward to working with the Skkynet security team,” said Dr. Fernandez. “The approach to security taken by the SkkyHub service is unique, and may well become a key factor in ensuring the success of cloud-based industrial computing.”

Skkynet’s SkkyHub allows industrial and embedded systems to securely network live data in real time from any location. Secure by design, it requires no VPN, no open firewall ports, no special programming, and no additional hardware. It enables bidirectional supervisory control, integration, and sharing of data with multiple users, and real-time access to selected data sets in a web browser. The service is capable of handling over 50,000 data changes per second per client, at speeds just a few milliseconds over Internet latency.

About Skkynet Cloud Systems, Inc.:

Skkynet Cloud Systems, Inc. (OTCQB:SKKY) is a global leader in real-time cloud information systems. The Skkynet Connected Systems platform includes the award-winning SkkyHub™ service, DataHub®, WebView™, and embedded toolkit software. The platform enables real-time data connectivity for industrial, embedded, and financial systems, with no programming required. Skkynet’s platform is uniquely positioned for the “Internet of Things” and “Industry 4.0” because unlike the traditional approach for networked systems, SkkyHub is secure-by-design. Customers include Microsoft, Siemens, Metso, ABB, Honeywell, IBM, GE, Statoil, Goodyear, BASF, Cadbury Chocolate, and the Bank of Canada. For more information, see http://skkynet.com.

Safe Harbor:

This news release contains “forward-looking statements” as that term is defined in the United States Securities Act of 1933, as amended and the Securities Exchange Act of 1934, as amended. Statements in this press release that are not purely historical are forward-looking statements, including beliefs, plans, expectations or intentions regarding the future, and results of new business opportunities. Actual results could differ from those projected in any forward-looking statements due to numerous factors, such as the inherent uncertainties associated with new business opportunities and development stage companies. We assume no obligation to update the forward-looking statements. Although we believe that any beliefs, plans, expectations and intentions contained in this press release are reasonable, there can be no assurance that they will prove to be accurate. Investors should refer to the risk factors disclosure outlined in our annual report on Form 10-K for the most recent fiscal year, our quarterly reports on Form 10-Q and other periodic reports filed from time-to-time with the Securities and Exchange Commission.