ip4Cloud/SEC3PB

Capture PROFIBUS data by eavesdropping and transmit it to Cloud/IT or SCADA services

  • PROFIBUS_setup_EN.png

    ip4Cloud/SEC3PB collects data from Profibus, by listening-in without directly interfering with or disrupting communication, and enables the transmission of obtained data to (a) cloud services, (b) databases and (c) SCADA systems over a wide range of industrial protocols.

    Built-in cloud connectivity

    Transmit industrial data to the cloud via integrated interfaces.

    • Microsoft Azure Cloud (MQTT/MSSQL/Cosmos DB)
    • Amazon AWS Cloud (MQTT/MongoDB)

    Database interfaces

    Connect industrial data with your IT applications via integrated database interfaces

    • MSSQL
    • MySQL
    • MongoDB

    No change to the PLC

    Connecting SEC3PB to the Profibus network does not require any change in the configuration of bus devices (PLC, bus terminals, etc.) and has no influence on the bus cycle. Feeding data to the bus is already physically prevented.

    As a result, data can be extracted from critical processes without any reaction and be forwarded for processing in IoT or IT applications, cloud services, etc. without the risk of production downtime.

    SEC3PB is connected to Profibus either electrically, by extending the existing bus with an additional cable segment, or even more simply by an optical link (OLM).

    No alterations to the configuration of vital process components like the central PLC, subordinate IO terminals and other bus components are necessary. SEC3PB's setup can be performed simultaneously to the running process without any considerations.

    ip4Cloud/SEC3PB is available in conjunction with the hardware model SEC3PB.

    Please go to ip4Cloud/SEC3PB Use Cases for application expamples of ip4Cloud/SEC3PB.

Characteristics
    • Security at the highest level
    • Communication between multiple data sources
    • Simultaneous use of diverse protocols
    • User-defined mapping of information
    • Intelligent information processing
    • Support of industry-standard protocols
    • No programming required
Cyber Security
    • Secure access to all administrative services (HTTPS, SSH, SFTP)
    • Role-based access protection with login and password
    • User administration for local users
    • Central user administration via Active Directory (LDAP) and/or RADIUS
    • Crypto Store for certificate management
    • Creation of self-signed certificates and Certificate Signing Requests (CSRs)
    • Import and export of certificates
    • Configuration of VPN tunnels (OpenVPN and IPsec)
    • Firewall
    • Safeguarded real-time Linux operating system
Network Features
    • Assigning multiple IP addresses to one physical Ethernet interface
    • Network management using an integrated SNMP agent
    • NTP based clock synchronization
    • HTTPS/SSH/SFTP access
    • DHCP
    • Bonding
    • PRP
    • VLAN
Configuration
  • The integrated web server allows configuration and maintenance to be carried out easily, using just a web browser. The most important industrial communication protocols are supported for simple integration. In addition, templates are provided for further simplification.
    Central access to all settings and services is provided and all important files/updates are imported via the web interface:

    • Firmware (application and operating system)
    • Configuration data using Excel spreadsheet (signal table)
    • X. 509 certificates
    • License
Data Processing
    • All data is broken down into separate information (single indications, measured values, counter values, etc.) and processed accordingly. A quality identifier and - if necessary - a time stamp can be associated with each information item.
    • Namespace and data model can be changed as desired.
    • Powerful functions for data processing such as type conversion, scaling, grouping, etc.
    • Data reduction / regulation of bandwidth required on secondary side via update intervals, threshold values, old/new comparison, collective messages, selection of data points, etc.
Further Information
Flyer
Available Protocol Stacks

Database, Client

DNP V3.00, Master

DNP V3.00, Slave

Simatic Fetch/Write, Master

IEC 60870-5-101, Master

IEC 60870-5-101, Slave

IEC 60870-5-103, Master

IEC 60870-5-103, Slave

IEC 60870-5-104, Master

IEC 60870-5-104, Slave

IEC 61850, Client

IEC 61850, Server

MQTT, Client

Modbus, Master

Modbus, Slave

Modbus TCP/IP, Master

Modbus TCP/IP, Slave

OPC DAXML 1.01, Server

OPC UA 1.02, Client

OPC UA 1.02, Server

Profibus-DP, Sniffer

S7 Protocol, Client

SNMP, Client

Hardware
  • SEC3PB
    SEC3PB

    Compact controller with PROFIBUS-DP interface for DIN rail mounting