Three primary ways to connect remote devices to plant-floor data.
IIoT technology generates a lot of data. Within that data is considerable information that can help reliability and maintenance managers better understand equipment performance and, more important, move toward a predictive approach that increases uptime and extends machinery life. Another advantage of having access to all of this information is the ability to remotely monitor equipment, either from a central office or offsite.
While security remains a primary concern, most managers want remote access through a cell phone or a tablet. The security factor involves controlling who has access to what, when, and how. The how is the key because remote access to a network, particularly through WiFi or the Internet, greatly increases vulnerability if the proper safeguards are not in place.
Security aside, the momentum is strong to have remote access/control to just about everything for which maintenance personnel are responsible. Matching that is a significant push in just about every company to move away from “fire fighting” toward a predictive/reliable approach to maintenance.
While it’s natureal to want a phone app that is downloaded from an app store, it doesn’t take much thought to realize that, for many situations, a simple app is not sufficient. Those more-advanced/complex needs are met most often by browser-based interfaces and, in the most advanced applications, thin-client software. Each of the three options has its pros and cons.
An app for that
There are several smartphone/tablet apps available for a variety of manufacturing components, particularly PLCs (programmable logic controllers) and other advanced controllers. While some of these are designed for monitoring only and don’t allow remote input, they can provide valuable data. These apps typically work with iOS and Android operating systems and can be downloaded from the Apple App and Google Play stores.
Many of these apps are designed to monitor connected PLC CPU system parameters. They can also be used to monitor specific tags configured for remote access in a CPU’s tag database, provided the device has its mobile access functionality configured.
Apps reduce the need for onsite visits to view system data, error logs, and event history. Some apps can also be used to monitor production data.
The app-HMI connection
Many HMIs (human-machine interfaces) have built-in remote-access capability using smartphone and tablet apps. These apps provide a range of options from monitoring to full HMI control. Compared with PLC remote-access apps, HMI apps typically have much more functionality because it’s much easier for a supplier to add remote-access features to a PC-based or embedded HMI than a PLC with its limited memory, storage space, and processing power.
As with PLC apps, the remote mobile device and the HMI must be connected to the Internet with a cellular or WiFi signal.
Most HMI remote-access apps can also control, limit, and log remote users. Accounts are typically configured and stored in the HMI application. Each account can be configured for different permission levels, such as full-control access, view-only access, or view-and-screen-change-only access. Often these HMIs allow a local operator to enable or disable remote access control at any time.
Once the mobile device is connected, the remote user can control local HMI screen operations as if he or she was at the HMI, making possible remote troubleshooting and testing. Often the apps allow zoom and screen-capture functions to aid in viewing, troubleshooting, and documenting system status.
Apps are handy but not as widely available as browser-based access, which is the leading remote-access method.
Many connected components, such as PLCs and HMIs, are supplied with web-server capability. Once connected to the Internet, this allows the component to serve web pages to any browser.
Web pages are configured and stored in the PLC or HMI, so no software needs to be installed at the remote device. This greatly simplifies remote access from a supplier point of view because it’s not necessary to issue updates as it is with apps. Similar to apps, browser-based access can be configured to allow a range of functions from monitoring only to full control, with HMIs typically offering many more remote-access features than components such as PLCs.
The downside of browser-based access versus app access is that apps load with a single touch, whereas browser-based access requires multiple steps. App access is generally much faster than browser-based access for interactions between the user and the component, an important consideration when trying to remotely view and troubleshoot.
App and browser-based access is often sufficient in terms of performance and security, but demanding remote-access applications may require thin-client access.
Thin and powerful
Another popular method for remote access is through an HMI/SCADA system thin client. Thin clients are an extension of the PC-based HMI, and have many options for remote viewing and access, ranging from monitoring only to full remote control. Because thin clients usually come with large display areas, they can often replicate main HMI displays.
Thin clients are remotely connected to an HMI server, usually by hardwiring or through in-plant WiFi or the Internet. Unlike app- and browser-based access (though some manufacturers do offer mobile thin clients), thin-client-access devices are usually mounted in a fixed location. As distance from the local area increases, such as from the factory floor to the office or an offsite PC, a web-based thin-client application can use the Internet as a network. Unlike a local connection, a web thin client runs within a browser, allowing any PC with Internet access to act as a thin client.
Securing the data
For security purposes, a firewall should always be used when connecting from the Internet to a plant network/component. Firewalls, typically provided in many managed switches and most routers, reduce the risk of unauthorized access.
For additional security, most remote-access methods can be configured with password and other methods of access protection. To further minimize risks and add another layer of security, a virtual private network (VPN) connection is recommended. A VPN uses encryption and other security mechanisms to ensure that only authorized users have access. Most PLC designs only allow monitoring through remote apps, reducing security risk. This one-way communication, from the PLC but not to it, is often referred to as a data diode.
Remote-access methods for connecting to manufacturing components are widely used. Whether through an app, browser, or thin client, remote access should be carefully configured to provide only the level of access required by each user. MT
Information for this article is based on several blog posts by Bill Dehner, AutomationDirect, Cumming, GA, automationdirect.com.
Apps for the Basics
Smartphones and apps go together, with thousands of apps available, including some designed to assist maintenance personnel. A search for engineering apps in Google Play highlights some tools that offer basic assistance:
• Box/Conduit Fill Pro, for electrical wiring and conduit design assistance
• Electronics Toolkit, used to calculate electrical engineering units, such as capacitance and reactance
• EveryCircuit, to build and simulate an electrical circuit
• NFPA 70 2014 Edition, which includes current NEC regulations.
There are also apps created specifically to keep workers safe. The Lone Worker app starts a timer that needs to be periodically reset by the worker. When it times out, it sends an alert message to a specific contact. The Man Down app uses the position of the phone to determine if the worker is in the prone position. The app also detects if the worker has stopped moving, and can use the smartphone’s GPS to display the worker’s location.
Quick Response (QR) code apps are used to rapidly acquire information. These codes, similar in appearance to a 2D barcode, have grown to be quite useful in a variety of industries. For example, they can be used to help troubleshoot and service an electrical control cabinet. To start, the machine builder, integrator, or end user adds a QR code to the cabinet that is linked to an inventory document. Then, if the cabinet has a blown fuse, the QR code is scanned by maintenance personnel and a bill of materials, listing everything in that cabinet, including current inventory levels, is displayed on the phone. QR codes can link to any document, drawing, or image uploaded to a URL. This includes operating instructions, preventive-maintenance logs, electrical drawings and 3D models, product manuals, service contacts, and other information.
There are numerous QR code generators available online, along with instructions on how to link these codes to URLs, documents, and images. Using Google Docs and a free QR coder, you can quickly make information available to anyone.