Wednesday, February 24, 2010

Databases – The Perfect Complement to PLCs, by Steve Hechtman

Interesting insight on the role of SQL and databases with PLCs and industrial automation.

Hosted at Automation.comReliable Plant, FoodEngineering

Thursday, February 4, 2010

Ignition, post release activity and OPC vendors

I was impressed with the Ignition by Inductive Automation product release webinar. The Inductive Automation team did a first class job introducing the company, Ignition product platform and architecture, and the motivation behind the shift to OPC-UA. In a nutshell, their vision of the future of industrial software is: standards based, IT friendly, and platform independent. Get DCOM out of here! We want a top notch, secure SCADA system that runs equally well on Linux, a mac, or any flavor/service pack of the Windows rainbow. The demonstration included a full server installation, which took about 2 minutes, and highlighted the drag and drop ease of the new SQLTags History feature, which is deceptively simple, yet powerful.

We've been getting a huge number of hits to the new website by a number of companies across the world. We've also been getting a lot of interest in when more drivers will be available, like Siemens, Modbus, and Automation Direct in addition to the existing Allen Bradley suite.  I suppose this isn't surprising considering that we're the only cross-platform OPC-UA server available. While it shouldn't be too long before we get those drivers developed, this brings me to my next point...

Where are the other OPC-UA servers? We're really looking forward to a more vibrant marketplace for OPC-UA products. Kepware says they'll be releasing their OPC-UA server soon - we're looking forward to being able to test it with Ignition. This really excites me because it brings their extensive PLC product line to the table via OPC-UA. Unfortunately, I don't think it will be cross platform.

So, how about it? OPC vendors: the gauntlet has been thrown. The industry wants OPC-UA products! And if they're cross platform, all the better. When will we start seeing them?

My thoughts on securing your plant systems

Security, not your first concern as an industrial integrator or plant manager. Availability ranks numero uno. Got it! Your company loses $30k/hr during plant downtime. Got it! Plant workers are not exactly NSA hacker material. Got it! So why is security important? Look at those reasons again and above all, safety. Consider that your legal liability in court costs more than downtime. Do you want a disgruntled employee to shut down the factory on your watch? It is incumbent upon you as a professional to demonstrate due care. We're not worrying about international hacker rings or bored young college geniuses. Accidents occur and insider attacks are possible.

It's 2010 - many systems end up touching the Internet or outside world somehow, whether you like it or not. Common practices in the 90s, like allowing users to share passwords are unacceptable - that audit trail is a must. Having PLCs on the same network as office computers - professionally irresponsible. Your company uses 25 year old hardware that was never designed for security - it's up to you to isolate that network. Provide access with a "hardened" dual-homed (2 network cards) computer that is patched and protected by a firewall. Utilize VPNs, DMZs, VLANs, SSL, IDSs, and anything else in your IT department's arsenal. They know how to secure a network - it's their job. Gone are the days of operating behind their back, not letting them touch anything for fear that updates will break your system. Pick a vendor that IT will support. Practice Defense in Depth. Let them help you. It's 2010. Embrace positive change!