Hewlett Packard Enterprise (HPE) held its annual Discover conference in Las Vegas last week. It has made a sizable commitment to Internet of Things (IoT) and the Edge—areas central to my writing for the past few years. I am floating a number of ideas looking for feedback as I travel, and I’ll bounce some of those here later.
There is so much I learned last week beyond even what I wrote Monday about the new Edgeline computer. Perhaps the best place to start is with my latest discussion with Lin Nease, Chief Technologist IoT at HPE. This was a continuation of a discussion we began in Madrid last November and resumed at Industry of Things World in San Diego in February.
HPE’s power of compute at the Edge fascinates me. Even though my being in Las Vegas precluded being in Boston for LiveWorx, ThingWorx came up in many conversations at Discover. Nease said that ThingWorx (product and division of PTC) has been a good partner. Back to compute power at the edge Nease mentioned this power combined with TSN—Time Sensitive Networking, a new extension of Ethernet promulgated by IEEE.
Indeed, there is sufficient power in Edgeline that an enterprising developer could, for instance, accomplish the software defined DCS that seems to be the dream of some of the engineers at ExxonMobil and the Open Process Automation folks. Anyone out there have time and money?
Speaking of Edge, evidently the enterprise IT bloggers I hung out with during the event try to avoid the term. CEO Antonio Neri had said, “Edge is everything outside the data center.” In the blogger round table that I posted Monday, blogger Alastair Cooke noted, “Gary, we consider everything you do as edge.” Back to Neri who stated 94% of data is wasted; 75% of data comes from the edge.
Following are some points I gleaned from a session called “Harness the Power of Digital Platforms”:
- HPE is a huge fan of open source & open platforms
- Digital natives build platforms-e.g. Uber, Google, Amazon, etc.
- An internal team built an open API platform to solve a problem in supply chain
- Biggest problem was selling the system internally so that people would actually use the system (never seen that before—said no one anywhere)
- Traditional—>Digital; everything is a frictionless stream of data
- Platform always on, always looking for exceptions — sense/respond
HPE has an OEM Solutions group. Following are some points from a session discussing them:
- OEM Solutions can be Embedded, Integrated, Private Label
- Everything as a Service — Green Lake is the service offering that OEMs can resell the service
- Shift to software defined
- From storage to flash
- Example—Konica Minolta embedded an Edgeline computing device in a printer called workplace hub that makes it easier to set up and install a new remote office
HPE has momentum in IoT and edge devices—and an organization supporting manufacturing.
Taiwan-based Advantech’s leaders have always been intellectual strategic thinkers. They have clued me in on several good management books. The company is an industrial computer company with industrial data acquisition and I/O devices that has successfully positioned itself as an edge device leader in the Internet of Things space.
The company has announced its strategies for entering the next phase of IoT development. To expand local operations, Advantech will fully activate the deployment of branch locations throughout various regions. In addition, a co-creation model will be adopted to construct the Industrial IoT (IIoT) ecosystem and strengthen the influence of vertical domains.
Advantech’s Executive Director of the Board, Chaney Ho, stated that since taking over as executive director last year, he has been focusing on developing regional strategies and establishing development goals and directions for each region, all of which are based on their scope.
In regions with a larger scope (Europe, United States, and China), to reinforce the Advantech brand recognition in IoT and Industry 4.0, talent cultivation and an increased presence in local sales are the company’s primary goals to actively respond to recent developments in Industry 4.0 trends in the EU, plans by the U.S. government to shift production back to America, and the China One Belt One Road policy.
For medium and small-scale regions, Mr. Ho stated that Advantech will develop Japan, South Korea, India, and Russia to generate $130 million in revenue. The company also plans to further increase investment in Malaysia and Thai IIoT organizations and new branch locations in Vietnam, Russia, and Turkey will be established through mergers and acquisitions as well as joint ventures.
Regarding developments in the European region, Miller Chang, President of Advantech’s Embedded-IoT (EIoT) Group, expressed that a sector-lead strategy has been practiced by the EIoT group since 2014. Various product divisions from headquarters have been fully connected with overseas frontline business teams and compound annual growth rate from 2014 to 2017 has reached 25%.
Key development points for the next three years in Europe are:
1. Elevating operation levels in five key regions, the UK, France, Germany, Italy, and the Netherlands.
2. Establishing branch offices in emerging European regions for conducting business and providing technical support.
3. Focusing on key industries, such as gaming, medical, transportation, and automotive, in Germany, UK, and the Netherlands.
With respect to development in the Greater China Region, Linda Tsai, President of Advantech’s IIoT Group, believes that the embedded systems/hardware from Phase I IOT development as well as IoT solutions platforms from Phase II are Advantech’s “double-growth engine” in IIoT development. Following this, three key strategies have been proposed.
1. Implement and IIoT sector-lead organizational development model expanding industry management and optimize regional resource allocations,
2. Set successful examples in the Greater China Region to accelerate the marketing of hardware/software and imaging solutions.
3. Actively cultivate local personal to become mid-to-high level supervisors to expand into the Chinese market.
Fantine Lee, Manager of Advantech’s Corporate Investment Division, pointed out that Advantech will continue to actively promote platform management during Phase II IoT development, SRP co-creation, and the co-created digital transformation of vertical industry cloud services during Phase III through the co-creation model. As for vertical industry, cloud service companies to be co-created during Phase III, Advantech plans to establish subsidiaries in Taiwan and China and will include domains such as Smart Manufacturing, Smart Environmental Protection, and Smart Retail. These companies will be managed together with Advantech’s co-creation partners. Furthermore, opportunities in other domains, such as Smart Hospitals, Smart Factories, Industrial Vision Systems, Consultant Training, and Integration Services will continue to be promoted and co-created.
Miss Lee further stated for Phase II development, Advantech’s WISE-PaaS cloud platform will serve as the foundation for building a comprehensive value chain for SRPs. This year, third-party software and WISE-PaaS platform integration with SaaS suppliers and collective sales/agents will be introduced at an accelerated pace. In addition, partnerships with software developers specializing in monitoring and diagnosing connected equipment, energy management, data analysis, machine learning, and other vertical industries will be established.
Time Sensitive Networking, or TSN, extends and amplifies standard Ethernet as defined by the IEEE. The complete suite of specifications lacks a couple of areas, yet, but it is complete enough to begin using. NI (National Instruments) has been an early proponent of the technology participating in a testbed assembled by the Industrial Internet Consortium.
I’m a TSN believer. When the complete set of specs if finished and we see commercial-off-the-shelf chipsets, this high speed, deterministic network will be a game changer for the Internet of Things and indeed industrial control and automation. The amount of murmuring I’m hearing from suppliers confirms in my mind the potential.
NI has announced new CompactRIO Controllers that include NI-DAQmx and Time Sensitive Networking (TSN). These controllers offer deterministic communication and synchronized measurements across standard Ethernet networks to increase performance and help improve productivity in addition to flexibility. NI was the first to market with industrial embedded hardware supporting TSN, the next evolution of the IEEE 802.11 Ethernet standard, and provides these controllers as part of its continued investment in TSN. Engineers can use TSN to synchronize distributed systems across networks, which eliminates the need for costly synchronization cables.
As industries such as automotive, oil and gas, research and aerospace continue to implement the Industrial Internet of Things (IIoT), acquiring accurate, reliable and synchronized data across distributed nodes has become more challenging. As a result, companies must keep pace to ensure their systems are ready to meet these evolving requirements.
In the research space, A.M.S. Software GmbH is already taking advantage of the flexibility of CompactRIO with NI-DAQmx. “We are excited about the new CompactRIO Controller because of the flexibility it offers us,” said Klaudius Pinkawa, CEO of A.M.S. Software GmbH. “We needed to set up several experiments in a lab and then perform them on an aircraft in zero gravity. CompactRIO with NI-DAQmx allowed us to perform any experiment using the same hardware in both environments, which saved development time and reduced risks to the experiments.
The new CompactRIO Controllers feature:
- Submicrosecond synchronization with TSN over standard Ethernet for tightly synchronized, distributed measurements and control
- Shorter time to measurement than previous CompactRIO Controllers because of intuitive NI-DAQmx driver software
- Open and secure processing at the edge of the IIoT with the NI Linux Real-Time OS
- High-performance data analysis and control with an industrial-grade processor and onboard FPGA, programmable with LabVIEW FPGA
- Reliable operation in harsh environments with -40 °C to 70 °C operating temperature range, shock resistance up to 50 g and vibration resistance up to 5 g
With the addition of NI-DAQmx to the CompactRIO Controller family, engineers can access I/O directly from ready-to-use functions, which have made working with this driver the preferred data acquisition method for over 15 years. This intuitive driver coupled with the openness of the NI Linux Real-Time OS means users can continue to leverage the vast ecosystem of IP available for Linux, like Security Enhanced Linux (SE-Linux).
Bedrock Automation, products built for security from the chips up, had a flurry of activity at the ARC Industry Forum in Orlando last week. It announced a firmware upgrade, OPC UA and partnerships for its SCADA product, and anomaly detection. Here’s a teaser—CEO and Founder Albert Rooyakkers pulled out a new piece of hardware. He didn’t have a release or specs for me, but watch for a new, lower cost, SCADA or gateway device hardened and built with security in mind from the chips up.
Bedrock and OPC UA
Bedrock Automation has published a concise, easy-to-deploy interface specification that enables users and application developers to take advantage of the security capabilities of OPC UA communications software. By following the simple procedures outlined in the Bedrock SCADA Security Platform Specification, developers can upgrade any OPC UA compliant client into a highly secure OPC UA channel, across which users can exchange data between plant floor operations and SCADA applications. Three leading SCADA software developers, Inductive Automation, ICONICS and TATSOFT, are committing and releasing support to the Bedrock interface specification.
“OPC UA provides unique cyber security advantages enabling open communications across numerous industrial devices and applications and providing the end-users options for integrating authentication keys protecting those communications. The most secure OPC level is to authenticate those keys against a known root of trust, which Bedrock supplies via a certificate authority (CA), validated against cryptographic keys built into its controller,” said Thomas J. Burke, OPC Foundation President and Executive Director, adding “Bedrock Automation is a clear leader in supporting the OPC UA standards, and provides information integration and communication that the end users have been demanding.
Bedrock designs and sources its own secure semiconductor components with encryption and authentication technologies embedded at the “birth” of their modules, assembled and tested by Bedrock in their cyber secure supply chain. The unique design then draws on the power and flexibility of public key infrastructure (PKI) and Transport Layer Security (TLS) standards similar to those used to secure ecommerce transactions and military and aerospace electronics. Bedrock Automation then uses those securely embedded keys as the basis for digital certificates that manage access and communication between SCADA applications and control systems. Bedrock Cybershield 3.0 firmware is the first control system to offer an embedded PKI for SCADA applications.
“Such a simple specification demonstrates that Open and Secure SCADA can be deployed today, and that an applications interface does not have to be thousands or even hundreds of pages. We are pleased to be working with innovative SCADA software providers such as Inductive Automation, ICONICS and TATSOFT, to help them and their customers take advantage of the secure communications capabilities of OPC UA and the intrinsic security of the Bedrock platform,” said Rooyakkers.
Bedrock Automation also announced the availability of Cybershield 3.0, a major firmware upgrade with advancements that make it easier for end users and developers to build control applications that are both open and secure. Among the six major innovations facilitated by the Cybershield 3.0 upgrade are the first public key infrastructure (PKI) built into an OPC UA server for SCADA applications; an industrial Certificate Authority (CA) for user key management; virtual crypto key locks for the controller; and a Secure Proxy server capability that can protect legacy controls systems of other vendors.
“Cybershield 3.0 is one of the most significant steps forward since the release of our Bedrock OSA platform. We now support leading SCADA companies in integrating their OPC UA client to our open security and key management tools. In addition, we start our march to converge IT cyber detection technologies into real-time OT automation with our integrated Anomaly Detection (AD) tools built into every controller. We are delivering secure SCADA and AD as intrinsic and zero-cost advancements, focused acutely on ease of use and reductions in lifecycle costs,” said Bedrock founder and CEO Albert Rooyakkers.
Bedrock Cybershield 3.0 includes the following capabilities:
1) Secure Open SCADA with OPC UA. The cryptographic keys built into all the Bedrock system electronics, provide the root of trust for the Bedrock Certificate Authority (CA) that verifies the reliability of OPC UA-managed communications between SCADA and PLCs or other industrial control systems.
2) Open Certificate Authority (CA) for SCADA. This advanced SaaS key and certificate management tool is not only FREE to our customers but is simple to deploy with our Secure SCADA Interface Specification. Leading SCADA providers, including Inductive Automation, ICONICS and Tatsoft, are committing to and releasing support to this interface specification.
3) Intrusion detection. Even though the Bedrock control system has protection built into its core, users still need to know when system security is challenged. Cybershield 3.0 comes standard with intrinsic Anomaly Detection (AD) functionality that continuously monitors the controller’s network and system time to detect intrusions and anomalous behavior and report it to both SCADA and enterprise database applications for trending, alarming and historizing anomalous cyber activity.
4) Quickly Secure Legacy Automation with Secure SCADA. Companies can now use Bedrock security to help integrate open standard communications protocols with legacy PLC and DCS systems from other vendors. A Bedrock secure controller module acts as a gateway between SCADA platform workstation and the legacy controllers.
5) Cryptographic key locking. Cybershield 3.0 also includes a cryptographic controller engineering key lock that permits only users with the required credentials to change the mode of the controller.
6) Achilles and EMP compliance on power supplies. Bedrock Automation is certifying its standalone power supply and standalone uninterruptible lithium power supply to both MiL-STD-461-G, the military standard for advanced EMP hardening, and Achilles Level 2 certification, augmenting the EMP and Achilles certification achieved for its control system modules last year.
“Today’s increasingly connected environment drives the process industries to search for automation solutions that deliver the benefits of open communications with ‘baked in’ cybersecurity. By extending its secure automation technology to third-party software providers, Bedrock Automation addresses this key pain point of future automation requirements. ARC believes the intrinsic and no-cost approach of Bedrock’s cybersecurity strategy is the quintessential component missing in control systems, today,” writes ARC analyst Mark Sen Gupta in his recent report, Bedrock Automation’s Open Secure Automation a “Win” with End Users
Bedrock Open Secure Automation (OSATM) firmware will include intrinsic Anomaly Detection (AD). Bedrock OSA AD will be available as standard integrated functionality that continuously monitors the controller’s network and system time to detect intrusions and anomalous behavior.
“Preventing control system intrusion is fundamental to holistic cyber security. In addition, users need to know when the system security is being challenged. This is the role of anomaly detection. At no additional cost or complexity for the user, Bedrock’s AD delivers additional assurance that no one is tampering with your automation,” said Rooyakkers. Bedrock Anomaly Detection includes the following functionality:
• Dynamic Port Connection Monitoring, which records all attempts to connect any controller or communication point and captures identifying information on the intruder
• Network Port Scanning, which detects if hackers are scanning for open ports that might provide access to the control network
• System Time Monitoring, which detects attepts to manipulate log files to conceal malicious activity
• Cryptographic Controller Engineering Key Lock, which permits only users with valid user credentials to change the configuration and operation mode of the controller and records all access
• Intrusion Event Logging, which records all detected anomalies and reports them to SCADA software through OPC UA and standard database access for historian, alarming, and trending functions. Additionally, a tri-color status LED on the faceplate of Bedrock Controllers provides indication locally whenever an intrusion is detected.
I was so busy during the ARC Advisory Group Industry Forum last week, that I just couldn’t find time to write coherently. The keyword was digital supplemented by embedded, edge, IIoT, security, and transformation.
The Forum attracted perhaps not only its largest attendance but also its largest attendance of end users. The things that appeal to me are those that fit into the Industrial Internet of Things the most. Here are two related new product releases. The first one involves embedding HMI/SCADA software and the second involves using that embedded software in addition to many other technologies for an edge device.
First is the announcement from Inductive Automation concerning the creation of its Ignition Onboard program. The program involves device manufacturers embedding Ignition and Ignition Edge software in the devices they manufacture.
The program includes Ignition Onboard and Ignition Edge Onboard. Ignition by Inductive Automation is an industrial application platform with tools for building solutions in human-machine interface (HMI), supervisory control and data acquisition (SCADA), and the Industrial Internet of Things (IIoT). Ignition Edge is a line of lightweight, limited, low-cost Ignition software products which empower solutions designed for edge-of-network use.
“Device manufacturers have joined Ignition Onboard in response to their customers’ demands for an all-in-one solution that contains hardware and software at a reasonable price,” said Don Pearson, chief strategy officer for Inductive Automation. “These are companies that understand the importance of building a strong IIoT, and we’re very happy to be collaborating with them.”
The other announcement came from Opto 22. This is a significant advance in edge devices for industrial and SCADA applications.
The new groov EPIC system from Opto 22 combines I/O, control, data processing, and visualization into one secure, maintainable, edge-of-network industrial system. groov EPIC lets engineers and developers focus on delivering value, not on triaging loosely connected components.
“We are a company of engineers inspired and driven to create products that unleash our customers’ imaginations,” says Mark Engman, Opto 22 CEO. “groov EPIC is a culmination of that mission, a response to industry requests to more wholly integrate IT and OT technologies, simplify development and deployment, and provide a platform for long-term growth now and well into the future.”
Combining reimagined intelligent I/O with an embedded Linux real-time controller, gateway functions, and an integrated display, groov EPIC offers field-proven industrial hardware design with a modern software ensemble, to produce the results that visionary engineers want today.
Connecting legacy systems, controlling processes and automating machines, subscribing to web services and creating mashups, acquiring and publishing data, visualizing that data wherever it is needed, and mobilizing operators—all of these are now within reach. In addition, groov EPIC simplifies commissioning and wiring and helps engineers develop rapidly and deploy quickly.
“The groov EPIC system incorporates in one unit everything needed to connect and control field and operational devices and data, through on-premises IT databases, spreadsheets and other software, to cloud storage and services—and back again,” says Benson Hougland, Opto 22 vice president of Marketing & Product Strategy. “This ability to easily exchange data and use it where needed opens opportunities automation engineers have not had until now. This is a truly new system that builds on the past but looks fundamentally to the future of our industry.”
The main point of discussion between Benson and me lately is whether Sparkplug (from the developer of MQTT) is adequate for IoT applications. He favors the lightweight (technical, not pejorative) protocol or I tend to favor OPC UA over MQTT as a better overall solution due to its interoperability. But that’s OK. He and I have had these technical discussions for almost 20 years now. I love pushback, and I think Benson does as well. It raises the energy level.
IoT Platforms are all the rage. All God’s children need a platform, it seems. Most larger companies have a platform. Oh, and all promise it’s “open” to everyone’s connections. Then there is open source—check out Dell, the Linux Foundation, and others who have developed the EdgeX Foundry.
Now we have an Asian developed one—mostly Japanese along with Taiwan-based Advantech—called the Edgecross Consortium. Edgecross evidently refers to a focus on edge computing and cross vendor.
I received the first notice from Advantech who announced it has partnered with Mitsubishi Electric, Omron, NEC, IBM Japan, and Oracle Japan to establish the “Edgecross Consortium” to overcome boundaries between companies and industries in order to realize collaboration between factory automation and IT. The objective is to create new value centered on edge computing.
The Consortium news release states, “In this way, it will contribute to the promotion of IoT, for which demand is increasing on a global scale, as well as Society 5.0, proposed by the Japanese government, and activities of Connected Industries, which tie in to Society 5.0.”
Initial activities of the Consortium will begin with the development of specifications for the Edgecross open software platform and promoting its dissemination for edge computing from Japan to harmonize with FA and IT. This initial work will include providing avenues for supporting companies to cooperate and collaborate beyond the framework of companies and industries. The Consortium will aim to expand applications for various industries in addition to initiating activities in the global arena in the future.
I should note here that in America and Europe, we generally refer to bringing OT and IT together (rather than FA).
The date of founding is scheduled for November 29, 2017, and an exhibition is planned at the System Control Fair 2017, to be held on the same day.
Overview of Edgecross
An open software platform of edge computing area from Japan built by consortium members beyond the boundaries of companies and industries to realize collaboration with FA and IT.
Real-time diagnosis and feedback
Realizing real-time feedback to the production site by analyzing and diagnosing the data at location close to the production sites
Creating models from production sites
Data can be easily utilized by people or by applications by layering and abstracting the Big data of the production sites
Utilization of various applications in the edge computing area
IT applications can be easily applied to FA application
Applications may be selected from an extensive lineup depending on the situation
System construction completed in the edge computing area are available
Collecting all types of data at the production site
Enable data collection from all equipment and devices regardless of vendor or network
Smooth coordination with FA and IT systems
Realizing supply chain and engineering chain optimization by seamless data coordination with IT systems including the cloud
Operates on industrial PCs
Mountable on various manufacturer’s industrial PCs (IPCs)
Here are a couple of executive quotes about the news.
“Partnering with leading global companies in accelerating our global business in Industry 4.0 is Advantech’s key strategy,” stated Allan Yang, CTO of Advantech. “Advantech joined the Mitsubishi [email protected] Alliance this April to foster business opportunities for smart manufacturing in Asia through co-marketing and co-exhibition. Joining the Edgecross Consortium is our next big step to expand global collaboration and business in Industry 4.0. We are very proud to be a part of Edgecross Consortium with these leading global companies; we are looking forward to collaborating with consortium members to develop Industry 4.0 products and solutions to enhance our customer experience.”
Yoshikazu Miyata, Executive Officer and Group President of Factory Automation Systems at Mitsubishi Electric, gave the following statement regarding the new partnership, “The consortium welcomes Advantech as a key member. We are happy to work with Advantech, a worldwide leading innovator for Edge computing and IoT solutions. We are looking forward to co-creating with Advantech to provide innovative IoT solutions to customers.”