Internet & Industrial Control

E

Emanuel Psiridis

I'm over an investigation weather the Engineers would propose to their companies to connect the process control on the WEB (over VPNs or under
extended security) or not. If you please be kind to answer to the following questions:

a) Is your company connected to the WEB for reasons related to its production line? (Beware: not for advertisment, financial or other reason but strictly for production monitor\control)

b) Would you suggested that it goes for it Why \ Why not?

c) How many times (aprox.) have you use the WEB for remote control / maintenance the last 2 years?

d) Do you use already the WEB for monitor \ control \ maintenance ?

The answers may be anonymous, the companies too and the result will be used for a Masters Degree project.

Emmanuel Psiridis
Athens-Greece

L

Lynn Linse

I think there are a number of things here you need to differentiate. By WEB you could mean a common HMI-access by Browser technologies, or you
could mean even non-browser access by general public networks commonly referred to as "the Internet".

One company I know which makes near 100% use of "broweser" interfaces is a electric utility in the Midwest of the USA. They use a large collection of dedicated PC-grade computers running some variation of UNIX to act as data collectors. This data is feed into a high-end,
fault-tolerant real-time database, where the data is collected and real-time applications manage the superviosry control of the electric grid. Then the operators use standard web browsers to access the images of the system. Most of this system is programmed in-house.

Is the system data available "on-line" on the WWW or Internet? Not to my knowledge. However, some of the data collection computers use Wide-Area-Technology which include hops across public networks to access remote sites.

Bottom line will be value-for-money - no company will move their control system to the "WEB" or "Internet" just because it's a cool thing to do. They'd have to be a solid economic reason to do so. This power company probably doesn't allow "The Internet" access to the control data
because there is no reason to. They do use side-channels of "The Internet" to access remote data because that is more economical (cost verse performance) than using pure private network technology.

Best regards

Lynn August Linse, Senior IA Application Engineer
15353 Barranca Parkway, Lantronix Inc, Irvine CA 92618
[email protected] www.lantronix.com
Tel: (949)279-3969 Fax: (949)453-7152

O

Old Bob

We recently started selling our HVAC control systems with web-browser enabling technology. It's designed to be a good network citizen and
friendly to the customers IS department. I don't think everybody buys the extra functionality. But I don't think the reason is security. We do SSL like everybody else.

I think the market penetration of this solution has more to do with our pricing, the comfort level of our customers (facilities managers) dealing with their own IS departments, and the comfort level our own specific sales offices have with the product.

Personally, since 1974 I've always thought that a computer without a modem is no better than a boat anchor.

Best,
B.O. Apr. 29, 2002
--
Robert Old, System Architecture, [email protected]
Siemens Building Technologies, Inc., Building Automation
1000 Deerfield Pkwy., Buffalo Grove, IL 60089-4513 USA
Phone: +1(847)941-5623, Fax: +1(908)547-6544

J

Jake Brodsky

> a) Is your company connected to the WEB for reasons related to its production line?

NO! The risk/return ratio is just too fuzzy and ill defined.

> b) Would you suggested that it goes for it Why \ Why not?

The WWW is not a safe place to put any data you care about. There are many reasons for this, but I'm not inclined to write an essay here.

> c) How many times (aprox.) have you use the WEB for remote control / maintenance
> the last 2 years?

We use HTML technologies and there are even SCADA system vendors producing Java enabled HMIs for their SCADA system. But we'll need a lot of powerful reasons to put such things on the internet --VPN or not.

> d) Do you use already the WEB for monitor \ control \ maintenance ?

Mostly no. That's changing, however.

Jake Brodsky
mailto:[email protected]

K

Keith Baldwin

Control - absolutely not. You don't want someone from who knows where controlling your equipment.

Monitoring - perhaps but web services require more than simple Visual Basic client - server applications with a winsock control. .NET will facilitate this

Maintenance - definitely as far as allowing the maintenance dudes to download vendor's manuals, expert systems and videos to the plant floor to help troubleshoot.

The biggest concern is security. If all someone can do is monitor the process, who would want to break-in and see a bunch of limit switches?

Keith Baldwin
www.HTServices.com

H

Higginbotham Ricky $$External$$

Keith Baldwin wrote:
>The biggest concern is security. If all someone can do is monitor the
>process, who would want to break-in and see a bunch of limit switches?

Someone who wants to know what your capacity is, or what your recipes are. How to make product X. How your plant is laid out, etc. All that might
(emphasis on might) be found out and would be of interest to all of your competitors. Assuming you are able to absolutely ensure that the no *harm* can be done from outside, there are still a lot of troubling "what if" scenerios possible. For instance, even if I can't write to a register in your plc, a bored middle school kid may be able to DOS attack it and prevent it from being seen on the network potientially shutting down your processes or at least preventing you from controlling it.

Richard Higginbotham
speaking for me