ip4Cloud

Link critical processes securely to IT/Cloud/SCADA services

  • ip4Cloud_SEC3.png

    ip4Cloud is able to extract information from existing systems with critical processes and transmit it to IT applications, cloud services, and SCADA systems for further processing.
    Forward-looking manufacturing concepts provide for the connection of previously independent controllers, fieldbus devices, and SCADA systems to each other, as well as to the IT or IoT environment, as investment protection for existing plants/controllers.

    Numerous standardized protocols are available for data transmission between different communication partners. These include communication interfaces like: MQTT, REST, database, Profibus, Modbus, Simatic Fetch/Write, IEC 60870-5-101, IEC 60870-5-104, IEC 61850, DNP 3.0, TASE.2, OPC UA, OPC DA XML, and more.

    Multiple protocols can be used simultaneously. By default, the usage of one primary and one secondary protocol is licensed. If more protocols shall be used at the same time, an additional license can be purchased.

    To simplify the configuration further, various templates are available, such as 'Profibus2AzureMQTT' (send data from PROFIBUS DP to the 'Microsoft Azure Cloud' via MQTT protocol).

    ip4Cloud is available in conjunction with the hardware models SEC3, SEC3PB and SEC3IO.

Characteristics
    • Security at the highest level
    • Communication between multiple data sources
    • Simultaneous use of diverse protocols
    • User-defined mapping of information
    • Intelligent information processing
    • Support of industry-standard protocols
    • No programming required
Cyber Security
    • Secure access to all administrative services (HTTPS, SSH, SFTP)
    • Role-based access protection with login and password
    • User administration for local users
    • Central user administration via Active Directory (LDAP) and/or RADIUS
    • Crypto Store for certificate management
    • Creation of self-signed certificates and Certificate Signing Requests (CSRs)
    • Import and export of certificates
    • Configuration of VPN tunnels (OpenVPN and IPsec)
    • Firewall
    • Safeguarded real-time Linux operating system
Network features
    • Assigning multiple IP addresses to one physical Ethernet interface
    • Network management using an integrated SNMP agent
    • NTP based clock synchronization
    • HTTPS/SSH/SFTP access
    • DHCP
    • Bonding
    • PRP
    • VLAN
Configuration
  • The integrated web server allows configuration and maintenance to be carried out easily, using just a web browser. The most important industrial communication protocols are supported for simple integration. In addition, templates are provided for further simplification.
    Central access to all settings and services is provided and all important files/updates are imported via the web interface:

    • Firmware (application and operating system)
    • Configuration data using Excel spreadsheet (signal table)
    • X. 509 certificates
    • License
Data Processing
    • All data is broken down into separate information (single indications, measured values, counter values, etc.) and processed accordingly. A quality identifier and - if necessary - a time stamp can be associated with each information item.
    • Namespace and data model can be changed as desired.
    • Powerful functions for data processing such as type conversion, scaling, grouping, etc.
    • Data reduction / regulation of bandwidth required on secondary side via update intervals, threshold values, old/new comparison, collective messages, selection of data points, etc.
Further information
Flyer
Available Protocol Stacks

Database, Client

Simatic Fetch/Write, Master

MQTT, Client

Modbus, Master

Modbus, Slave

Modbus TCP/IP, Master

Modbus TCP/IP, Slave

OPC DAXML 1.01, Server

OPC UA 1.02, Client

OPC UA 1.02, Server

S7 Protocol, Client

SNMP, Client

Hardware
  • SEC3
    SEC3

    Compact controller for DIN rail mounting for small and distributed applications