Fraunhofer-Institut für Optronik, Systemtechnik und Bildauswertung IOSB
Institutsteil Industrielle Automation

Neu in der visIT: Secure industry 4.0 communication for compressed air systems based on OPC UA and IEC 62443

Neu in der visIT: Secure industry 4.0 communication for compressed air systems based on OPC UA and IEC 62443

Compressed air systems are a common element of cyber-physical production environments. Due to their widespread use, for example in conveyor belt transport systems, there is great potential to reduce the engineering work required for configuration. Fraunhofer IOSB-INA is working in partnership with BOGE – an industrial manufacturer of compressed air systems located in Bielefeld – to simplify the commissioning of these assemblies. The challenge of commissioning a compressed air system lies in the configuration of communication and performance parameters, such as pressure and flow rates. The solution was developed by applying the Plug-and-Work mechanism and implementing secure Industry 4.0 communication in accordance with the IEC 62443 standard. The resulting transfer project entitled “Automatic Configuration of Distributed Compressed Air Systems“ was funded by the “Intelligent Technical Systems Ostwestfalen-Lippe“ (it’s OWL) technology network with the goal of transferring technologies and solutions compliant with Industry 4.0 to industrial companies.

A compressed air system consists of a central controller, distributed compressors, and a communication connection. OPC UA middleware was chosen to connect the compressed air management system (the central controller) with the compressors. OPC UA enables a semantic description of components using an information model which describes the functions and parameters of a compressor. Fraunhofer IOSB-INA developed an information model for BOGE compressors based on the OPC UA device specification. The information model was deployed to an OPC UA server running on a single board computer to allow easy retrofitting of existing compressors. The OPC UA discovery mechanism allows the compressed air management system to detect connected compressors and automatically integrate them into a consistent compressed air system.

Secure Intelligent Networking and Plug-and-Work for compressed air systems can be seen in the SmartFactoryOWL.

The integration of OPC UA into the compressed air system of SmartFactoryOWL was performed in accordance with the IEC 62443 standard for implementing secure Industry 4.0 communication. The IEC standard defines the aspects of secure Industry 4.0 communication and describes the requirements for IT security in industrial automation and control systems, in particular the concepts of isolated zones and secure communication conduits. Accordingly, the compressed air management system and the compressor are each defined as a separate isolated zone. The individual zones of the compressed air system are, in turn, part of a higher-level zone. A security gateway permits secure communication between the compressed air network and the other networks of SmartFactoryOWL. Communication between the zones takes place exclusively over OPC UA. The solution is secured by encryption, authentication and authorized user groups according to the principle of least privilege.

Secure Industry 4.0 communication is implemented according to the IEC 62443 standard by applying security concepts based on zones and communication conduits.

Integration of the Plug-and-Work mechanism into the research factory SmartFactoryOWL successfully applied the concept of secure Industry 4.0 communication to existing compressed air systems. This solution concept, developed by Fraunhofer IOSB-INA, has helped BOGE automatically and securely to connect compressors to the compressed air management system. It reduces the time, effort and costs involved in commissioning and configuration.

 

Reference:

[1] Otto, J.; Böttcher, B.; Niggemann, O.: Plug-and-Produce: Semantic Module Profile; In: Dagstuhl-Workshop MBEES: Modellbasierte Entwicklung eingebetteter Systeme IV; April 2013

[2] Dürkop, L.; Trsek, H.; Otto, J.; Jasperneite, J.: A field level architecture for reconfigurable realtime automation systems. In: 10th IEEE Workshop on Factory Communication Systems, Toulouse, Mai 2014

[3] Otto, J.; Schriegel, S.; Niggemann, O.: Eine Taxonomie für Plug & Produce. In: Automation 2015, Baden-Baden, Jun. 2015

[4] Otto, J.; Niggemann, O.: Automatic Parameterization of Automation Software for Plug-and-Produce. In: AAAI-15 Workshop on Algorithm Configuration (AlgoConf), Austin, Texas, Jan. 2015

[5] Otto, J.; Vogel-Heuser, B.; Niggemann, O.: Automatic Parameter Estimation for Reusable Software Components of Modular and Reconfigurable Cyber-Physical Production Systems in the Domain of Discrete Manufacturing. In: IEEE Transactions on Industrial Informatics Volume 14, Jan. 2018

[6] IEC 62443-1-1 Industrial communication networks – Network and system security –Terminology, concepts and models; Jul. 2009 [7] IEC 62443-3-2 Security Risk Assessment, System Partitioning and Security Levels; IEC 62443 Security for industrial automation and control systems; May 2017.