I received few news releases from Rockwell Automation for several years. Suddenly I gained a new friend, Jack, who sends something almost every week. It’s good to know that one of the largest control and automation suppliers in North America is still churning out updated products.
I’ve been saving these up for a bit. Included in this post:
- CIP Security Proxy Device
- Plant floor asset management
- Stack light
- Medium voltage drives
- Connected Components Software Workbench
- Managed Ethernet switch
- Network security threat detection
CIP Security Proxy Device
Industrial companies can now implement CIP Security expansively in their systems with the Allen-Bradley CIP Security Proxy. The CIP Security Proxy allows users to implement CIP Security on most devices on their network.
The CIP Security Proxy works with EtherNet/IP-compliant devices. CIP Security is part of the defense in depth strategy, which can help defend against attacks where threat actors can remotely access a network and act maliciously. With the ability to provide CIP Security for a single device, a layer of security is added that can help protect the system.
Configuration for the proxy device can be achieved through FactoryTalk Policy Manager software and FactoryTalk system services. In addition, this device supports motion for Kinetix drives and offers a web server for viewing diagnostics. It allows for secure event generation syslog support and includes rotary switches for 192.168.1.xyz IP addressing. The proxy device also contains three one-gigabit EtherNet/IP ports and can operate in temperatures from -25° to +70° Celsius adding to the ease of use.
Plant-Floor Asset Management with Enhanced Software
Industrial workers can now more easily manage their hundreds or thousands of automation assets using the enhanced FactoryTalk AssetCentre software from Rockwell Automation. The latest release provides firmware and software lifecycle information for all assets in one place. This saves time because workers no longer need to connect to control cabinets and manually record information for each device.
With the software’s enhanced asset inventory functionality, workers can quickly scan a network and see which devices are in a specific lifecycle state. Examples include devices running retired firmware or forecasted to be discontinued in the next six months. This helps identify products in the same lifecycle state and workers can better plan for replacements and upgrades.
The FactoryTalk AssetCentre software also has a new security feature called archive management of change, which automates the process of authorizing who can change files and what they can change. It requires workers to explain why files need to be changed and verifies that only necessary files are being checked out. It also locks a file until changes are approved and escalates approval requests when needed.
This helps enhance system security, which is particularly useful for some industries such as oil and gas, that require added levels of control over when changes are permitted. For example, one major food company reduced its downtime events from unknown or unauthorized changes by 7% using FactoryTalk AssetCentre software. It can also reduce downtime due to change management.
These updates add to the software’s existing ability to report discontinuation dates and the availability of replacement products. The enhanced software now also provides disaster-recovery support for more Rockwell Automation devices as well as third-party devices.
The new Allen-Bradley 856T Control Tower Stack Light system uses a modular design that incorporates brighter LED illumination and a broad offering of sound technologies. All signals in the system are 24V AC/DC powered, which means that just three power modules can cover the entire system. The latest additions to the 856T Control Tower Stack Light family are IO-Link enabled versions that provide diagnostic information and ease integration into a Connected Enterprise.
IO-Link enabled versions of Bulletin 856T Control Tower Stack Lights enable users to monitor tower light and machine status in real-time, while allowing for simple remote set-up and troubleshooting.
Medium Voltage Drives
Allen-Bradley PowerFlex 6000T medium voltage drives now include TotalFORCE technology from Rockwell Automation, which provides precise control of speed and torque, diagnostic information for tracking system health and automatic adjustments to keep operations running smoothly.
The PowerFlex 6000T drives follow speed or torque commands closely in both open- and closed-loop vector control modes to deliver the precise control required for high performance and large loads.
The drives also continuously monitor operations to track the health of electrical components in the drive and motor and provide real-time diagnostic information to the control system.
Additionally, adaptive control features within the PowerFlex 6000T drives help isolate potentially harmful vibration and resonances, and automatically compensate for variances to help keep applications running. With load-observer technology, they also effectively reject disturbances when loads change suddenly, helping to keep operations running smoothly and increasing output.
Connected Components Software Workbench
Industrial engineers can more efficiently design and configure stand-alone machines using the latest release of Connected Components Workbench software from Rockwell Automation. With several new and enhanced features, the software improves download and build performance to create more efficient, user-friendly design processes.
Highlights of what’s new in version 13 of Connected Components Workbench software include:
- A new Global and Local variable data grid that delivers capabilities to help engineers develop projects faster. For example, a quick declaration feature allows users to create multiple variables with the same prefix, suffix and data type in one click. An intuitive filter bar allows users to find tags quickly.
- An enhanced Run Mode Change (RMC) capability that enables users to make edits without downloading project source code. This can speed up online edits and create smoother, more seamless design experiences.
- A new Controller Organizer view that gives engineers the option to switch to a Logix Theme programming experience. This allows them to work in a more familiar environment and use copy-and-paste ladder logic from the Studio 5000 Logix Designer application.
- An enhanced Global Connection capability on existing system tags in the PanelView 800 DesignStation that gives users greater flexibility to configure remote system connections.
The Connected Components Workbench software helps simplify the development of stand-alone machines that are built with the Rockwell Automation Micro Control system. Engineers can configure, program and visualize the major control components of their stand-alone machines in a single software environment. They can also use tools like the Micro800 Simulator to validate their application code without the need for hardware.
Managed Ethernet Switch
Allen-Bradley Stratix 5800 managed industrial Ethernet switch supports layer 2 access switching and layer 3 routing for use in multiple layers of the architecture. Robust security capabilities and ISA/IEC 62443-4-2 certification help enhance network security.
The Stratix 5800 switch has fixed and modular designs, giving users flexibility to configure it based on application needs. It offers combinations of copper, fiber and Power over Ethernet (PoE) ports to support a wide range of architectures.
The switch helps ease integration by addressing the needs of both operations (OT) and IT teams. Studio 5000 Add-on Profiles enable premier integration into the Rockwell Automation Integrated Architecture. And the Cisco IOS-XE operating system helps ease integration to the enterprise.
“Reducing the complexity of IT/OT convergence is a priority today as companies need to connect their operations while managing challenges like skills shortages and security threats,” said Mark Devonshire, product manager, Rockwell Automation. “The Stratix 5800 managed switch helps simplify the jobs of IT and OT teams, and helps improve security and high performance for industrial environments.”
Certification to ISA/IEC 62443-4-2 verifies that the switch meets the standard’s technical requirements to security level 2 for industrial automation and control systems. This continues the efforts of Rockwell Automation to help secure industrial operations through certifications, expertise, products and services.
Rockwell Automation Expands Threat Detection Services with Cisco Cyber Vision
The longstanding alliance between Rockwell Automation and Cisco continues to find new ways to provide customer value with the announcement that Rockwell Automation is adding Cisco’s Cyber Vision solution to its existing LifecycleIQ Services portfolio of cybersecurity threat detection offerings.
While convergence is essential to a digital transformation, it also presents challenges such as siloed networks, cybersecurity threats, skills shortages, and an abundance of production data and solutions. The leaders in their respective industries have worked together to offer jointly developed architectures, services and products to help companies address these challenges as they work toward building a Connected Enterprise.
As this deeper integration between IT, cloud and industrial networks creates security issues that become digitization obstacles, Cyber Vision provides full visibility into industrial control systems to build secure infrastructures and enforce security policies – achieving the continuity, resilience, and safety of industrial operations. The addition of Cyber Vision to the LifecycleIQ Services threat detection offerings provides a unique switch-based architecture for customers with existing Cisco solutions, greenfield networks or those updating their Cisco network infrastructure.
I have not talked with anyone from Rockwell Automation for months. So, it was time to catch up with Keith Higgins who joined the company within the past couple of years as VP of Digital Transformation leading the software group. As we might expect, digital transformation technologies and products include the analytics portfolio, MES, and the coordination with PTC’s products including ThingWorx, Kepware, and Vuforia.
Since I was fresh from a conversation with another supplier about the Edge, I brought that up in the context of analytics and ThingWorx. Higgins began to explain the power of using the PLC as an edge device. Rockwell has not talked to me for years about the PLC, but I remember that for years it has added compute and networking capability into that platform. Time for me to get an update there, too. My wild guess is that no sufficiently enticing partnership could be hacked out with Dell Technologies or HPE using their Edge compute. And, they already had a powerful Edge device that just needed IT-level bolstering. This will be interesting to watch.
Higgins brought up a tire plant example where having production data in context at the edge with the ability to perform predictive analytics combined for a powerful management tool.
One theme that recurs in this discussion in general is the necessity for solid context for data. Higgins having brought that up regarding the tire plant example, continued to a discussion of a technology/product developed in partnership with Microsoft called SmartObjects. This is a rich data model that adds deep context to data. My feeble way of thinking of this would be something like a modern data model like MQTT and OPC UA on steroids (no disparagement of either of those technologies meant).
I’ve been thinking deeply about productivity lately, so I asked about it. Rockwell views its contribution to its customers’ productivity in three buckets:
- Assets—building on predictive analytics, predictive maintenance, condition monitoring, and the like;
- Production line—improving utilization of the production assets;
- Human productivity—for example, the recent acquisition of CMMS supplier Fiix
I’m definitely interested in seeing where Rockwell’s new emphasis in software and edge goes. Many years ago, I asked then-CEO Keith Nosbusch about the software business. He said at that time it was an experiment. Higgins didn’t say that exact thing, but his remarks left no doubt that his area is primed to be a Rockwell growth vehicle.
Our schedules finally converged. I caught up with Tom Bradicich, PhD, known within Hewlett Packard Enterprise (HPE) as “Dr. Tom,” to learn the latest on the converged edge. Tom is one of the half-dozen or so people I know who can dump so much information on my brain that it takes some time to digest and organize it. He led development of the Edgeline device connecting with the Industrial Internet of Things. He is now VP and HPE Fellow leading HPE Labs developing software to come to grips with the complexities of the converged edge and “Converged Edge-as-a-Service”.
He likes to organize his thoughts in numerical groups. I’m going to discuss converged edge below with his groupings:
4 Stages of the Edge
7 Reasons for IoT and the Edge
3 Act Play
The foundation of the converged edge is found in the 3 C’s:
- Perpetual Connectivity
- Pervasive Computing
- Precision Controls
I remember Tony Perkins following up the demise of Red Herring magazine (charting the hot startup and M&A craze of the 90s, the magazine grew so large it came in two volumes for a while) with an online group called AlwaysOn. Trouble is, back in the 90s, we weren’t “always on.” Persistent connectivity was beyond our technology back then. Now, however, things have changed. We have so much networking, with more to come, that perpetual connectivity is not only possible, but also mundane.
HPE didn’t take a personal computer and package it for the edge. It developed Edgeline with the power of its enterprise compute along with enterprise grade stacks. It is powerful.
Then we have the 4 Stages of the Edge:
- Things—sensors and actuators
- Data Capture & Controls
- Edge IT (networking, compute, storage)
- Remote Cloud or Data Center
This is where Internet of Things meets the Enterprise.
Why do we need edge compute and not just IoT-to-Cloud? 7 Reasons:
- Minimize Latency
- Reduce bandwidth
- Lower cost
- Reduce threats
- Avoid duplication
- Improve reliability
- Maintain compliance
The Converged Edge is a 3-Act Play:
- Edgeline systems & software; stack identicality
- Converged embedded PXI and OT Link
- Converged Edge-as-a-Service
At this point in time, we are faced with 12 challenges to implementation:
- Limited bandwidth
- Smaller footprint for control plane and container
- Limited to no IT skills at the edge
- Higher ratio of control systems for compute/storage nodes
- Provisioning & lifecycle management of OT systems and IoT devices
- OT applications are primarily “stateful”, cloud unfriendly
- Data from analog world & industrial protocols
- Unreliable connectivity—autonomous disconnect operation
- Higher security vulnerabilities
- Hostile and unfamiliar physical environments and locations
- Long-tail hardware and software revenue model—many sites, fewer systems
- Deep domain expertise needed for the many unique edges
Of course, we could go into each of these items. Dr. Tom does in one of his latest talks (I believe it was at Hannover). We should pause at number 12, though. This is an often-overlooked necessity by AI evangelists and other predictive maintenance would-be disrupters. When you begin messing with industrial, whether process or discrete manufacturing, it really pays to know the process deeply.
I can’t believe I summarized this in less than a 600-word essay (is that still the common university requirement?). It is just an outline, but it should reveal where HPE has been and where it is going. I think its power will be disruptive to industrial architectures.
Anyone reading this still curious about Microsoft appointing Satya Nadella CEO coming from the Web services division (Azure) or Amazon appointing Andy Jassy CEO coming from Amazon Web Services (AWS)? Those services continue to grow in importance to industrial software solutions. Case in point—this announcement from Seeq.
Seeq Corporation announced a new offering on Amazon Web Services (AWS) to accelerate access to manufacturing data for enabling AWS analytics on industrial data. The Seeq AWS Glue integration for Enterprise Historians, available on AWS Marketplace, simplifies industrial data discovery and migration to the AWS cloud using Seeq’s proven historian data access architecture.
Seeq also announced the completion of its SOC2 Type 1 certification. SOC 2 compliance is a critical consideration for companies evaluating SaaS applications to ensure vendors have the appropriate controls to protect data handled on their systems.
Seeq enables engineers and scientists in process manufacturing organizations to rapidly analyze, predict, collaborate, and share insights to improve production and business outcomes. Seeq customers include companies in the oil and gas, pharmaceutical, chemical, energy, mining, food and beverage, and other process industries.
AWS Glue is a serverless data integration service that makes it easy to discover, prepare, and combine data for analytics, machine learning, and application development. The integration of Seeq and AWS Glue creates a secure and virtualized connection to on premise historian databases, manages data discoverability, and enables data science teams to access this data for machine learning in AWS. The result is simplified access to machine data, process data, and contextual data stored in historian databases—including the OSIsoft PI system, OSIsoft PI Asset Framework (AF), AspenTech IP21—along with other data historians.
“Analytics software for manufacturing customers is an area long overdue for innovation,” says Megan Buntain, Director of Cloud Partnerships at Seeq. “By choosing Seeq SaaS to democratize innovations in big data, machine learning, and computer science, industrial organizations can easily access new capabilities to improve production and business success.”
In addition to Seeq integration with AWS, Seeq connects to an extensive set of data storage platforms from vendors including OSIsoft, Siemens, GE, Honeywell, Inductive Automation, AVEVA, AspenTech, Yokogawa, InfluxDB, Snowflake, and others. Seeq is available worldwide through a global partner network of system integrators, which provides training and resale support for Seeq in over 40 countries, in addition to its direct sales organization in North America and Europe.
The action occurs at the edge these days. At least, edge as defined by the IT groups as they reach out toward the plant or factory with networks, compute, and other technologies as IT searches for more and better data to feed their decision-making systems. This release comes from ZEDEDA, a company relatively new to me that is quickly filling a space in the system.
- Direct integration simplifies secure deployment and management of Kubernetes clusters and hardware at the distributed edge at scale, without requiring specialized IT skills
- Collaboration with SUSE enables fully automated deployment of K3s clusters in the field, directly from ZEDEDA’s built-in app marketplace
- Open foundation and additional support for native Docker containers and VMs on edge hardware prevents lock-in and enables any brownfield or greenfield application
Following are details
ZEDEDA has announced direct integration with Kubernetes to simplify remote deployment and management of Kubernetes clusters on edge nodes at scale.
There is a clear trend for the majority of workloads to be containerized and to increasingly leverage Kubernetes for standardization, redundancy, and scale-out. However, this presents users with a challenge because the same tools developed for orchestrating and deploying Kubernetes in centralized data centers or the public cloud do not scale down to constrained edge nodes in the field. Organizations also face the challenge of transitioning to cloud-native development principles at the edge while accommodating their legacy software investments.
ZEDEDA’s cloud-based orchestration solution has a simple and intuitive UI along with comprehensive APIs that abstract all the complexities of provisioning Kubernetes clusters at the distributed edge, automating cluster bring-up on target edge nodes within minutes. With a few clicks or API calls, administrators without specialized IT skills can deploy Kubernetes clusters in the field and remotely manage the entire lifecycle of both their Kubernetes runtime and the underlying hardware at scale.
“Adding Kubernetes support on top of our already industry-leading distributed edge orchestration solution gives our customers unmatched flexibility,” said ZEDEDA founder and CEO Said Ouissal. “By collaborating with SUSE, we’ve teamed up with the leader in Kubernetes to put these types of advanced deployments within reach for anyone.”
The solution integrates with customers’ existing CI/CD workflow, features a robust and unique Zero Trust security architecture and supports any combination of virtual machines (VMs) and native Docker containers. In addition to supporting the choice of Kubernetes runtime distribution, ZEDEDA’s unique enablement of VMs on edge nodes enables deployment of any combination of legacy Windows-based applications (e.g., SCADA, HMI, Historian, VMS, POS), monolithic Linux-based images, and other popular container runtimes such as Docker/Moby, Azure IoT Edge and AWS Greengrass.
Optimized for the Unique Needs of the Distributed Edge
Orchestration solutions initially built for the data center cannot seamlessly transition to meet the unique needs of distributed edge computing in areas of available compute footprint, autonomy, security and deployment scale. ZEDEDA’s solution is purpose-built to address these needs by starting with a lowest-common-denominator foundation that scales up to create a bridge to the data center paradigm.
Distributed edge nodes under management can range from IoT gateways to managed telco and universal enterprise CPE infrastructure to small remote server clusters. The solution supports any vertical use case including IoT, edge AI, virtualized networking and security technologies in deployments spanning the factory floor, retail stores, oil rigs, wind turbines, transportation systems and beyond. The full-stack edge orchestration approach is based on an eventual consistency model to ensure that edge nodes will run autonomously in these environments, even if they periodically lose connectivity to the ZEDEDA cloud orchestrator.
ZEDEDA’s Zero Trust security architecture assumes that edge nodes distributed in the field are physically accessible, in addition to not having a defined network perimeter. Features include support for silicon-based root of trust, measured boot, remote attestation, crypto-based ID (eliminating local device login), full disk encryption, remote port blocking, distributed firewall and more. Distributed firewall capability enables secure routing of data between edge applications and both on-prem and cloud resources based on network-wide policies.
Collaboration with SUSE
Working with a leading oil and gas services company, ZEDEDA and SUSE have recently enabled an edge solution that consolidates existing SCADA software with NFV capability and other functionality on compute clusters within their trucks to optimize monitoring of oil wells through wireline analytics.
SUSE’s K3s runtime is now available in ZEDEDA’s built-in app marketplace, ready for bulk deployment on edge computing clusters with a few clicks.
“Edge is about management at scale, and our customers need a solution that provides low-level hardware management and visibility as they increasingly look to deploy Kubernetes clusters outside of centralized data centers,” said Keith Basil, vice president of Cloud Native Infrastructure at SUSE. “We think it’s great that ZEDEDA has integrated with Kubernetes and that K3s is now available in their marketplace. We are excited for their contribution to the rapidly growing Kubernetes ecosystem.”
Built on an Open Foundation to Prevent Lock-in and Facilitate Ecosystem Growth
ZEDEDA’s subscription-based cloud orchestration solution leverages the bare metal EVE-OS deployed on edge nodes. EVE-OS is an open, secure and universal operating system for distributed edge computing with vendor-neutral APIs, hosted within Project EVE in the Linux Foundation’s LF Edge organization. In addition to preventing vendor lock-in, EVE-OS provides an anchor point to unify an ecosystem of edge computing hardware and software, similar to what Android does for the mobile market.
The company’s growing open edge ecosystem provides end users, solution OEMs and system integrators with choice ofhardware, applications and services, thereby greatly reducing the complexity of dealing with the inherently diverse edge landscape. The app marketplace that is part of ZEDEDA’s cloud orchestrator features popular edge applications spanning industrial connectivity, edge application frameworks, security, networking, analytics, data management and cloud connectivity. Customers can also create private marketplaces with their own curated and in-house developed content.
ZEDEDA’s strategic integration with Kubernetes follows their recent announcement of seamless integration with Microsoft Azure IoT to simplify the deployment and scalability of solutions leveraging Azure IoT. Additional integrations that further simplify distributed edge computing deployments are in development.
ThinkIQ introduced itself to me just a couple of months ago, and I set aside some time to talk with an acquaintance from the industrial software market Niels Anderson. https://themanufacturingconnection.com/2021/02/manufacturing-saas-platform-tracks-material-flow-not-assets/ The company published a couple of news items this month. One announces an extension to the product line; the second announces a partnership with CESMII for a smart manufacturing initiative in the poultry processing industry.
VisualOps Solutions to Suite of Products
ThinkIQ announced VisualOps, which is designed to help organizations obtain easy access to data from a material view, new visibility, and a path towards Industry 4.0 Manufacturing.
ThinkIQ VisualOps was created as a second step for companies on the path to Industry 4.0 Manufacturing. The benefits include having data standardized and available in one location, empowering manufacturing leaders, plant managers, process and data engineers, and operators, by allowing them to explore their manufacturing and supply chain data within the context of their business. The new function can also start the process of creating alerts and notifications that may bring problems to immediate attention.
“The addition of VisualOps allows customers to start the journey of monetizing their manufacturing and supply chain data using an Industry 4.0 Platform that will help them achieve their digital transformation goals,” said Niels Andersen, CTO and CPO of ThinkIQ. “This product will help organizations obtain the benefits of Industry 4.0 and lead them on the path to Smart Manufacturing.”
Some of the additional benefits of ThinkIQ VisualOps include:
- Ability to move companies past raw data to being able to explore, compare, and be aware of the data — with standardized metrics and views to bring wide visibility and context to what is currently just digital bits.
- Allows organizations to harness the power of what are mostly disconnected existing data streams from IoT, IIoT, HMIs, PLCs, CRM, MES, digitized manual data, and partner data, all into one single location.
- Includes on-premise gateways & connectors to centralize the data and securely send this data to the cloud, and most clients don’t need to add any new hardware or software to their existing environment.
- Software includes sourcing existing data from Automation, IoT and IIoT, CRM, and other digital captures, and also includes an equipment profile library, equipment modeling, manufacturing process layout, trending, standardized dashboards, and basic limits & notifications.
ThinkIQ’s SaaS Manufacturing cloud-based platform simplifies the creation of web-based applications and leverages the strengths of the Internet of Things, Big Data, Data Science, Semantic Modeling and Machine Learning. The platform collects data across the operation (existing and IIoT sensors) and leverages AI, ML to provide actionable real time insights (e.g., identify correlations and root causes, traceability and yield issues, etc.). It creates a new level of capability beyond what independent disconnected operating environments can provide today.
CESMII and ThinkIQ To Transform Global Food Leader’s Poultry Processing
CESMII selected ThinkIQ for inclusion in its co-funded Smart Manufacturing Innovation Projects. This project aims to transform poultry processing operations at one of the world’s largest food companies, and recognized leader in protein. The project seeks to quantify the impact of variability in the supply chain and the processing of chicken by-products and understand the resulting impact of yield for four product streams, including: bone meal, feather meal, chicken meal, and blood meal.
ThinkIQ will utilize the CESMII Smart Manufacturing Innovation Platform and create Profiles that optimize yield and material utilization on the food company’s poultry processing line. This will enable decisions based on real-time constraints in material flows, manufacturing operations, and energy consumption in a protein-based food processing environment. This project will demonstrate increased operational efficiencies that can be extended to other food processing and energy-intensive industries.
“Delivering value through interoperability and scalability is essential,” says Doug Lawson, CEO of ThinkIQ. “We are leveraging the CESMII SM Innovation Platform to avoid implementing yet another information island on the plant floor, thereby reducing cost and complexity, and facilitating rapid return on investment.”
ThinkIQ’s ability to track material flow through the entire process from “farm to fork” will provide the company with a unique view of their entire poultry processing, allowing them to gain visibility into real-time variance in their manufacturing process. This enables them to quantify and reduce impact of variance improving yield, provide feedback in “plant time” to reduce off-spec, waste, etc. and present profit enhancement opportunities throughout the project.