PLCs, OTA software updates and the impact of IoTCase Studies
The Device Chronicle spoke to Benedikt Miller, CTO at German services company codestryke about this trend and the importance of robust and secure updates for production controllers.
Benedikt Miller is the CTO at codestryke. This is a consulting firm that specialises in helping industrial manufacturers and machine makers to use IoT and Cloud technologies to improve their business processes and increase productivity. Benedikt has responsibility for the designing and controlling all the technical aspects of the solutions with focus on industrial IoT. He supports some classic IoT use cases. These can include monitoring the status of production machines remotely, and supporting maintenance of those machines with a data-driven approach.
He also works with his team on more advanced use cases. These include predictive maintenance. This is where the condition of the machine is analysed so as to predict when a component might fail. Other advanced use cases include working to optimise the process of the customer machine. Benedikt says that this is done to help reduce waste and energy consumption from the machine processes, and to increase the quality of production from the machine.
Data analysis from production controllers
Benedikt and his team also leverage data science and analysis to help their customers. He works on projects where analysis is done on the edge on the IoT device within the production controllers, or in the cloud where data of multiple machines is connected together for larger, more complex analyses that are less time-sensitive.
Partners and clients with production controllers
Codestryke works closely with world-class partners such as Siemens production controllers and its customers are industrial machine builders. Benedikt shares an example: “We have a client who offers industrial grade 3D printers. They use the printed part as a mould for metal casting. There are many of these machine makers serving discrete manufacturing segments with niche applications.”
Product offering for production controllers
Alongside their services, codestryke also offers a product called VergeLink. Benedikt explains that it is designed to connect field PLC devices very easily to the Cloud and depending on the embedded gateway devices it is used with, these can be remotely updated over the air with Mender. The file system and rootFS updates are performed using Mender. Benedikt describes the advantages of using OTA software updates. “The advantages are that the batteries are included with Mender. What I mean by this is that we don’t have to spend too much time and our own development resources building our own updating solution.” Codestryke requires reliability from an OTA software updates solution as their customers have installed gateway devices all over the world. Benedikt says it would be very expensive to have to send support engineers over to these physical sites to exchange gateway devices or replace them. So a remote option is preferred to lower the cost and deliver greater efficiencies. Benedikt continues “We can’t win anything by building an updates solution ourselves. We want to provide value on what we do well with our expertise. We found Mender works very robustly without any issues on projects of a larger scale.”
Benedikt explains that Mender is used to provide software gateway to gateway devices including the Siemens Simatic IOT 2050 and also larger industrial Production Controllers where it is required to run workloads within the devices. Updates are supplied to the underlying components within the operating system of the devices, and then the updates to the Virtulink application, any bug fixes that need to be made, and new features are also delivered directly to the devices.
Benedikt also points to an increasing trend of industrial machine makers using cellular connectivity to update the gateway devices. There is a big challenge for machine builders who deploy their machines into the remote locations of their manufacturing customers. Do they put a wired Internet connection in place to service the gateway devices? This takes time, creates hassle and costs and opens up complex discussions with the IT teams within the customer sites. The preference now is to use wireless cellular connectivity to remove this pain. These technologies include 4G and LTE is the preferred option if it’s available.
Compression on the delta
Adopting cellular connectivity for OTA software updates is not without its challenges. Benedikt explains that typical software updates for industrial IoT applications can range from 400Mbytes to 20Mbytes in size. With the delta updates capability provided by Mender, an application artefact can be reduced from 20Mbytes to 2mbytes in size and this means that it can be more cost effectively and efficiently delivered over the limited bandwidth of a cellular network. Benedikt observes that as manufacturers connect increasing numbers of their production machines, bandwidth will be a key concern in their planning.
Keeping up with older technology
The manufacturing industry is conservative and prudent in strategic decision making. As an industry it must also try to marry production machines that might be older to the benefits of digital innovation. Benedikt points out that there are “older machines, maybe 40 years old, that are on modern production lines. The companies have to deal with long product life cycles and this means that they do not want to jump on the innovation trend too quickly, simply because the machine cannot die out with a hyped innovation within 5 years.”
Security on production controllers is a top priority
Benedikt feels that OTA software updating is a very important topic for classic manufacturing industries. He observes that the programmable logic controllers (PLCs) that run the production machines by default never get any firmware updates. They can’t get firmware updates as for this the production process would have to be interrupted.” Benedikt sees the challenge now is that the PLCs are getting more intelligent. They are connected to cloud systems where manufacturers are using the PLCs to talk directly to the back end. This creates security vulnerabilities if the devices are not getting OTA software security updates. It is guaranteed that these PLC devices will become more vulnerable to attack if OTA software updates are not planned for. Benedikt points to Stuxnet which directly attacked and disabled the process control pad in the PLC. In 2020, Ripple 20 and many vulnerabilities in the field devices of industrial manufacturers including vulnerabilities in the frequency converters in a couple of manufacturers. Benedikt is adamant that the “production network must be air gapped from the Internet using a Gateway and this gateway definitely needs to be updated robustly and securely over the air.
Alignment between automation and IT
Benedikt concludes by advising that manufacturers must look to achieve alignment between their automation functions and IT functions. The automation professionals must understand and care about the IT layers that are implemented and keep up with the best security practices as they emerge. The integration between operations and IT is very important and as service providers we must work to ensure that nothing gets lost in between the two.
Codestryke is also serving other sectors such as digital signage. It is working with German urban advertising signage solution provider Uze Mobility. For Uze, robust and secure OTA software updates have been implemented using Mender.io. One of the challenges, Benedikt explains, was that the updates needed to occur over a Cellular Internet Connection (4G). “This is why in addition to the Root FS Update we made extensive use of Update Modules, updating the application frequently using Debian Packages and using the Root FS updates only for infrequent, system updates kernel updates.”
Now learn about IoT device management in manufacturing.