A well-phrased question almost always leads to another series of questions that help us better understand certain situations.
A very common one in the world of industrial automation is the following: how do I connect my PLCs or plant systems with the Amazon Web Services? Is it possible?
When answering affirmatively, the customer almost always asks us other questions that allow us to go into additional details about the process to follow to upload data to the cloud.
Here is the top 10:
- How can I connect my PLC to the cloud without exposing it?
Under no circumstances, PLC or SCADA connect to the Internet due to the risks involved. A DMZ (secure network) must be used to log my PLC data, before uploading them to the Amazon cloud.
- Does this mean I will have to forward them thanks to an intermediate point?
Indeed, this is correct to proceed this way to maintain security.
- Will I need an element that manages and concentrates my PLC data and then uploads them to the cloud?
Indeed, you will need an IoT Gateway.
- Can an IoT Gateway read data from any PLC and upload them to Amazon Web Services on its own?
No, it is important to choose the appropriate IoT Gateway that understands the PLC protocol. If this is Allen Bradley, the IoT Gateway must read data over Ethernet / IP.
- Which protocols should the IoT Gateway support?
- Siemens PLCs
- Ethernet IP
- OPC UA
- OPC DA
- Among others.
- I already have my PLC data on the Gateway, now I simply upload them to Amazon Web Services, correct?
No. It will be necessary for the IoT Gateway to convert the PLC protocol to a protocol that understands Amazon Web Services.
- And which protocol is that?
For Amazon Web Services, the correct one is MQTT.
- Should the IoT Gateway be able to support MQTT and which other cloud protocols can it support ?
In the case of uploading data to Amazon Web Services, the correct protocol is MQTT.
For other types of platform, there are protocols such as OPC UA and REST, for example.
- Once having my data in the IoT Hub and converted to MQTT, what else should I consider?
When the Amazon Web Services is configured, it is necessary to create what are called IoT Devices. Amazon Cloud platform security requires that the connection between the MQTT Broker in the cloud and the MQTT Publisher in the plant (IoT Gateway) have a security validation, based on access KEYS.
Therefore, the IoT Gateway used must support the connection to the Amazon Web Services in order to be compatible with this type of security.
- How does ConvoSync handle this?
At ConvoSync, we combine two technologies: MatrikonOPC provides the connectivity tools for plant PLCs, and vNode Automation brings all the needed IoT functionalities.