Documentation about me experience connecting a PLC to cloud (OT/IT).
The architecture specifies a five-step process:
- Step 1 Data Collection: Security related information is collected from the probes, including system level and application level probes as specified in the architecture.
- Step 2 Routing: Security information is routed to data stores and data analytics engines at either the data collection or the security intelligence layer of the architecture.
- Step 3 Analyze: Security information is analyzed towards identifying patterns based on rules or other data-driven mechanisms (e.g., classification).
- Step 4 Control & Actuate: Upon the identification of a specific behavior or event (e.g., fulfilment of rules or classification of information) the probes are reconfigured in order to adapt the data collection.
- Step 5 Visualize: The entire intelligent and adaptive data collection process can be monitored and controlled in a visual fashion, based on proper dashboards.
Every vendor use a specific protocol:
Also, exists open protocols:
The Siemens IOT2040 module is the one that allows to link the industrial plant to the cloud, for security reasons it will only send data to the cloud, but it will leave the control of the industrial processes to the internal PLC.
Elasticsearch is a non-relational database, which will store the data sent from the industrial plant.
Kibana or Power BI is used to generate reports, some examples of generated dashboards are:
While specific requirements of a platform varies between organisations, developing a platform which serves real-time operational use cases must address these seven key criteria.
- Raw Data Processing
- Real-Time Aggregation
- Auto-Scaling Datastore
- Data Lifecycle Management
- Real-Time Alerting
- Self-Service Visualisation
- Application Monitoring
The Elastic Stack comprises of a suite of open source products that enable users to take data from anywhere and search, analyse and visualise it in real-time.
Example of use case for monitoring temperature anomaly: https://blog.codecentric.de/en/2019/10/apache-plc4x-elasticsearch-iiot-monitoring-anomaly-detection/
- Download and install nodejs from: https://nodejs.org/en/
- Check version using this command:
node -v - Install node-red:
npm install -g --unsafe-perm node-red - Launch node-red server, execute:
node-red
If you have nvm:
nvm install [VERSION-NODE]nvm use [VERSION-NODE]
Upgrading npm:
npm install npm@latest -gnpm install --global --production windows-build-tools
Versions:
- Node-RED version: 1.1.3
- Node.js version: 12.18.2
- npm version: 6.14.5
- Run this command: npm cache clean --force
- Uninstall from Programs & Features with the uninstaller.
- Reboot (or you probably can get away with killing all node-related processes from Task Manager). Look for these folders and remove them (and their contents) if any still exist. Depending on the version you installed, UAC settings, and CPU architecture, these may or may not exist:
- C:\Program Files (x86)\Nodejs
- C:\Program Files\Nodejs
- C:\Users{User}\AppData\Roaming\npm (or %appdata%\npm)
- C:\Users{User}\AppData\Roaming\npm-cache (or %appdata%\npm-cache)
- C:\Users{User}.npmrc (and possibly check for that without the . prefix too)
- C:\Users{User}\AppData\Local\Temp\npm-*
- Check your %PATH% environment variable to ensure no references to Nodejs or npm exist.
- If it's still not uninstalled, type where node at the command prompt and you'll see where it resides -- delete that (and probably the parent directory) too.
- Reboot, for good measure.
Write the image of SO in your SD card, following this instructions: https://github.com/hoat23/IndustrialInternetOfThings/blob/master/InstallingMicroSD.md
We create a file 'docker-compose.yml' with this content:
version: '3'
services:
mosquitto:
image: eclipse-mosquitto
ports:
- 1883:1883
- 9001:9001
nodered:
image: cpswan/node-red
ports:
- 1880:1880
A video explanation see: https://www.youtube.com/watch?v=KJXU0PL1oNM
- Create an account in https://cloud.ibm.com/login
- Logging in IBM-Cloud.
- On IBM-Console type "node-red app" and click on butoon.
- https://developer.ibm.com/tutorials/how-to-create-a-node-red-starter-application/
- https://flows.nodered.org/
- When you have two or more sucriptors controlling multiple devices.
- When you bandwidth are bad and with problems of comunications.
- Not need, when you only reading data from devices (by monitoring).
Link with differents brokers online: https://mntolia.com/10-free-public-private-mqtt-brokers-for-testing-prototyping/
We used broker online like "shiftr.io" for fast deployment. For configurate just follow the next steps:
- Create account in shiftr.io using your email.
- Login with you account in shiftr.io.
- Create a new-namespace.
If you want to add certificates just follow this steps https://gist.github.com/hoat23/f71d081d06c3667f61106784f0c4ea8e.
- RAM memory 100 [kB] (work)
- ROM memory 4 [MB]
- Remmant memory 10 [kB]
- E/S local integrated 14E/10S (Discret)
- 2E/2S (Analog)
- Image memory of process 1024 [bytes]
- Labels area 8192 [bytes]
- Ampliation Slots of signals module 8
- Ampliation Slots of comunication module 3
- High counters (HSC) 6
- Pulse generators 4
- PROFINET ports 2 (Ethernet)
- MicroSD card is needed for the operating system with a minimun of 2GBytes.
- Connection for the power supply (24 V).
- COM interfaces (RS232/422/485)
- Ethernet interface 10/100 Mbps.
- USB type Micro-B.
- USB type A.
- Engineering Station: Requirements are hardware and operating system (for additional information, see Readme on the TIA Portal Installation DVDs)
- SIMATIC STEP 7 Professional software in TIA Portal V15 or higher
- Software for writing the example image on the SD card, e.g. Win32 Disk Imager
- Software for SSH access, e.g. PuTTY, MobaXterm.
- Software for SFTP/SCP file transfer, e.g. WinSCP, MobaXterm.
- SIMATIC IOT2000 controller, e.g. IOT2040 with MicroSD Card and IO-Shield https://support.industry.siemens.com/cs/document/109741799/imagen-ejemplo-para-la-sd-card-de-un-simatic-iot2020-iot2040?dti=0&lc=es-AR (Yocto Linux Operating System).
- Ethernet connection between the engineering station and controller
- SIMATIC IOT2000EDU Software Controller executable on IOT2020 and IOT2040
In order to correctly read the data from the plc, the following steps must be followed.
- Enable PUT/GET
Install snap7 library:
pip install python-snap7
Download snap7 from https://sourceforge.net/projects/snap7/files/
Search the snap7 folder for snap7.dll and snap7.lib files Copy the snap7.dll and snap7.lib into the "C:/PythonXX/site-packages/snap7 " directory:
Comming soon.
import snap7 #pip install python-snap7
import struct
import logging
from snap7.common import Snap7Library
from snap7.util import *
logging.basicConfig(level=logging.INFO)
# If you are using a different location for the library
Snap7Library(lib_location='C:/snap7/snap7.dll')
load_library() #Testing library is correctly <WinDLL 'C:\snap7\snap7.dll', handle 7ff9d5d90000 at 0x1a5a0417640>
plc = snap7.client.Client()
plc.connect("10.112.115.10",0,1)
#---Read DB---
# DB:10, start:0, size:8
db = plc.db_read(10,0,8)
real = struct.iter_unpack("!f",db[:6] )
print( "3 x Real Vars:", [f for f, in real] )
print( "3 x Bool Vars:", db[1]&1==1, db[2]&2==2, db[3]&4==4 )
#---Write ---
value_1 = 0b10110001
value_2 = 480
print("write 0b10110001 to V10")
plc.write("V10", value_1)
plc.write("V10.2", 0)
VW20 = plc.read('VW20')
print("VW20 : {0}".format(VW20))
plc.destroy()- https://python-snap7.readthedocs.io/en/latest/installation.html#compile-from-source
- https://readthedocs.org/projects/python-snap7/downloads/pdf/latest/
- https://www.npmjs.com/package/node-snap7/v/0.1.2
A usually architecture in IoT is connect a "localhost" with a "broker" using a "node-red" like a intermediary.
- Search by MQTT nodes, it's like this:
Similar to before, just follow this steps:
- Search by MQTT nodes, it's like this:
Finally, in brocker-shiftr we can see the 2 modules connecting, like image below:
"Hoat23" is a localhost, this recollecting data and "IBM-Cloud" receiving the data.
- Go to "Manage palete".
Comming soon.
Comming soon.
The data received from the MQTT server will send to elasticsearch for analytics and visualization in Kibana. The nodes and flows configurated show bellow:
- Convert to json format.
- Adding the header:
Comming soon.
- Siemens-IOT2000 configuration: https://www.automation.siemens.com/sce-static/learning-training-documents/tia-portal/hw-config-iot2000/sce-014-101-hardware-configuration-iot2000edu-r1806-en.pdf
- https://www.elastic.co/es/blog/industrial-internet-of-things-iiot-with-the-elastic-stack
- https://github.com/apache/plc4x
- https://secureiot.eu/sites/default/files/SECUREIoT_D3.3-Intelligent%20Data%20Collection%20Mechanisms%20and%20APIs-First%20Version-Final_v11.pdf
- https://www.maffucci.it/wp-content/uploads/2020/02/SIMATIC_IOT2000_Setting_up_V2.1.1.pdf
- https://flows.nodered.org/node/node-red-contrib-msg-queue
- https://programacionsiemens.com/direccionamiento-simbolico-en-tia-portal/