A good way to think of the Industrial Internet of Things (IIoT) is as an ever-expanding toolset to improve your operations. IIOT devices, such as industrial sensors, actuators, motors and controllers, are able to pass along safely and securely vital information that can help your plant run more efficiently and cost effectively.

Additionally, these tools are being designed to work in secure control environments. So, when all is said and done, the rewards derived from IIoT can be huge.

Article Index:

“Instrumentation and control engineers have their hands full figuring out new architectures, protocols, security, etc. to bring the IIoT to a practical reality,” says Steven L. Cook, principal engineer at Cook Process Solutions, LLC. “When they do, we’ll have an enormous amount of data that needs to be managed and processed into intelligible information to make decisions.”

Putting the right information in the hands of owners, operators and engineers will allow decisions and actions to increase efficiency and productivity and lower operating costs.

And IIoT can lend itself to incremental upgrades—as long as your equipment isn’t totally ancient. You don’t necessarily have to throw out everything and start over. So, the rest of this article will take a look at what can be accomplished, what IIoT technologies are necessary and what security technology may need upgrading or changing.

What is IIOT?

IIoT, Industry 4.0 and the cloud are often thrown together to define connected technologies that are capable of pulling in large amounts of data, analyzing it and providing valuable business information, for example, to improve processes, quality or maintenance activities. The cloud can be a misconstrued concept and is likely unique for each application and user, says Opto 22’s Arun Sinha, director, business development.

“Just as there is no single definition or use case of what an IIoT application is, the role of the cloud versus the edge will be different for specific companies,” says Sinha.

The term, “edge,” often refers to a server and/or gateway device that connects from a plant control system or enterprise system to an external system, say on the internet.

“And ‘cloud’ does not necessarily mean a server and storage somewhere outside the company firewall,” adds Sinha.

With an ever-increasing emphasis on the edge or the “fog,” often the cloud can be a “private cloud” within the company firewall and on premises. The role of the cloud can include storage, as well as data cleansing and processing, such as user-defined storage optimization, rules-based data reduction, etc. Analytics is a key element of cloud-based IIoT systems, says Sinha.

Getting started with IIoT

Michael Griffith, program manager, VDC at Stellar helps a variety of clients in the food and beverage industry with their automation needs—from greenfield projects to renovations.

“To be honest, IIoT is a buzzword that can be difficult to define. Most facilities built today are equipped with control technology and smart machines that can communicate with each other, but a renovation can be more difficult,” he says.

Griffith has seen some old plants with just-as-old equipment, and that can pose a problem to IIoT migration.

“Automation equipment is typically as old as the facility itself, so the infrastructure and equipment typically weren’t built with IIoT in mind.”

There may be certain components that can be integrated into a new technology system, but in a facility with 20-plus-year-old technology, most elements won’t play in the IIoT universe. Some equipment suppliers have made it easier to integrate IIoT into their older lines.

“Krones’ ReadyKit [system] connects any packaging line, agnostic of its control system, to the IIoT while being segregated from the functional controls system,” says Scott McCausland, data services manager for Process and Data Automation, a Control System Integrators Association (CSIA) certified member and a member of the Krones Group.

This kit provides extremely valuable information direct from the plant floor to anywhere that is connected.

“ReadyKit is a bolt-on system that is intended for brownfield plants’ packaging lines to provide OEE and other shift-related performance information,” adds McCausland.

ReadyKit is completely noninvasive to the current controls system and uses its own sensors. A typical brownfield packaging line can consist of a wide variety of components, for example: a can line with a depalletizer controlled by an Allen-Bradley SLC 5/04, a new Krones filler with a Siemens S7-300, a 40-year-old steamer with only a soft starter, a labeler controlled by an Allen-Bradley MicroLogix, a packer/case former run by a GE 9030 PLC and a palletizer with a proprietary OEM control system. ReadyKit can be applied at a machine level or the line level to deliver the desired diagnostic information.

How can IIoT help?

IIoT applications take many shapes and forms, but offer several methods to improve operations. For example, Skkynet, a CSIA partner member, offers its Cogent DataHub in-plant software, which is used by food and beverage processors worldwide to collect and share real-time data between different process areas and remote locations.

According to Bob McIlvride, communications manager, the data hub is IIoT ready and can be configured to make secure outbound connections to the company’s SkkyHub cloud service, which acts as a real-time proxy to share data via the cloud. SkkyHub’s system is currently being used by a North American grain distribution company to monitor operations at several locations via the cloud. Data is displayed on SkkyHub’s WebView HMI and logged into a data historian software system at a central location.

Agropur, a North American leader in dairy processing, found success in migrating from a legacy control and automation system, says David Stonehouse, Rockwell Automation global consulting leader, connected enterprise services. Agropur implemented an integrated control and information system from Rockwell and now has access to real-time production data, which has eliminated more than 2,500 hours of manual data collection and improved OEE.

What do you do when systems are no longer maintainable? McEnery Automation, a CSIA certified SI, has been working with a large brewer for over two years to implement a standardized operational intelligence system at multiple sites in North America.

“This solution is replacing multiple legacy systems developed in house that are no longer maintainable,” says Michael McEnery, PE, president.

A single process historian is used to capture data from various sources—from typical time-series process data to key data values at a specific point in a process to alarms and events. The brewery is then able to select best-in-class reporting and analytical tools for each specific application, such as packaging line OEE, inventory management and scheduling and PM for motors, valves and events.

End users benefit when equipment suppliers build in IIoT functionality, according to Mick McCormick, vice president of warehouse solutions for Yale Materials Handling Corp., maker of forklift trucks for warehousing operations.

“The IIoT has created new opportunities for dynamic fleet management, making it capable of producing previously unrealized levels of awareness and productivity,” says McCormick.

Yale Telemetry provides a wireless asset management solution that tracks and reports data, reflecting lift truck utilization and operator performance. A large-scale grocer implemented Yale Vision to help keep a mission-critical fleet of lift trucks moving inventory to shipping docks at its warehouse operation.

Introducing a telemetry system to the fleet added an extra layer of business intelligence to ensure fleet uptime more cost effectively. The telemetry system provides automated alerts and fault code tracking to trigger preventive service and refine PdM schedules. The fault codes prevent minor issues from turning into major outages, thereby maintaining uptime and avoiding spikes in maintenance costs from more costly repairs.

McCormick says the total effect of telemetry data guiding fleet maintenance resulted in the grocer reducing overall maintenance cost by 20 percent compared to the previous year.

Keith Chambers, director, operations and execution systems, Schneider Electric, reports that through digital transformation at Maple Leaf Foods’ Heritage (Hamilton, ON) meat facility, various improvements became apparent. Maple Leaf Foods reduced downtime and improved response times in a 400,000-sq.-ft. facility that produces 450,000 lbs. of protein daily. Mobility, analytics and KPI dashboards are now used to visualize relevant performance metrics and identify critical problems in real time, transforming how Maple Leaf Foods’ employees operate for increased efficiency and lower cost.

With the right kind of security built into an IIoT platform, not only can hackers be prevented from maligning the system, engineering mistakes can be prevented. Dana Tamir, VP market strategy at Indegy, recounts a story about mistakes being discovered by the Indegy Industrial Cyber Security Platform.

One of Indegy’s customers, a large food and beverage manufacturer, detected an integrator hired to reconfigure one of its production line controllers was working on the incorrect one. Reconfiguring the incorrect controller would have resulted in a line shutdown and perhaps even caused damage to the equipment. The detailed alert sent by Indegy-enabled security staff was able to stop the integrator before damage was done.

While security is important, the availability of IIoT and IT systems controlling production and order fulfillment is equally important, especially to Dunbia, a leading supplier of fresh meat products in the UK. According to Jason Anderson, VP of business line management at Stratus Technologies, a CSIA partner member, Dunbia implemented the Stratus everRun software to ensure continuous availability of its IT systems. By migrating to this software, Dunbia can ensure customer orders arriving by EDI (electronic data exchange) are not lost due to application downtime.

“Stratus promises 99.999 percent reliability of our key production systems,” says Jay Adams, Dunbia IT service delivery manager. “We have used Stratus software in one form or another since 2001 and firmly believe it is the best to deliver maximum availability for our business-critical applications. Stratus software works seamlessly with our factory floor management, stock and order processing systems.”

Adams says he’s implementing Stratus everRun software company wide to achieve the 24/7/365 uptime his company needs.

What can IIoT do for you?

“The increasing speed of business is one of industry’s greatest challenges,” says John Boville, Schneider Electric industry marketing manager.

Over the last 10 years, industry hasn’t kept up, making it difficult to manage performance, especially the performance of industrial assets checked on artificial schedules. Even the price of energy changes every 15 minutes for some manufacturers, so getting control over costs, efficiency and performance is crucial to keeping up with business, adds Boville.

“For those involved in the manufacturing world, IIoT has created an environment where every data source corresponds with an opportunity,” says Sean Barry, MindSphere food and beverage developer US, Siemens.

Previously inaccessible performance data is now readily available and, thus, provides a benchmark to which improvements can be driven. Taking this to the next level, predictive models can be applied to anticipate equipment or product failure to enable proactive maintenance.

IFS has released a set of software modules, called IoT Business Connector, and its architecture is crafted to take data from IIoT sources (devices/assets) and use it to improve business processes.

“Organizations follow a simple three-step process to change business processes—where the implementation is quick, the learning curve is reduced, and the risks are low,” says Rick Veague, IFS CTO. The system embodies the three basic principles in a well-configured IIoT business optimization process:

  1. Discover—Use the discovery environment from IIoT devices to transform potentially millions of events into meaningful observations and send these to business applications.
  2. Act—Received observations can be acted upon either by prescriptive automated action or human-in-the-loop workflows when further analysis is required.
  3. Optimize—Once IIoT-driven business processes are operational, it becomes possible to easily implement further business optimization, new products, services and strategies.

Communications—the cornerstone of IIoT

Behind the scenes, one communications technology that makes the IIoT and IoT work is a protocol called MQTT. Developed in 1999 for the monitoring of an oil pipeline through the desert, the protocol was designed not to be “chatty” (unlike Ethernet and HTTP) and to use little energy, as sensors in the field were battery or solar powered and communicated with satellites. Another similar protocol in use today is OPC UA, which was originally designed for communications from devices/sensors to Microsoft Windows-based servers.

MQTT is the leading protocol for IIoT, says Travis Cox, Inductive Automation co-director of sales engineering. The company-configurable automation system, Ignition, has full support for MQTT and can convert legacy devices to the new architecture by publishing that data through MQTT. Ignition can also subscribe to an MQTT server.

Opto 22 also makes use of MQTT protocols. Its groov Edge Appliance converts plant and machine data into MQTT messages over a publish-and-subscribe architecture, which is key for developing remote, distributed IIoT applications at scale, says Opto’s Sinha.

What are the benefits of MQTT? Cox lists 10, which can be found in the box, “MQTT brings benefits to IIoT communications.” But most importantly, MQTT decouples devices from applications, and it requires low system bandwidth, so an organization can get more data from the edge of the network. The decoupling is important, as it means devices no longer have to be connected to applications, which puts a limit on innovation.

“Instead, we connect devices to infrastructure,” adds Cox.

For those who need really fast industrial communications, the CC-Link Partner Association (CLPA) has just announced the adoption of a 1-Gbit Industrial Ethernet specification. According to John Wozniak, PE, manager of the 3,000-member CLPA, CC-Link IE Field is the only open Industrial Ethernet protocol offering 1-Gbit performance.

“The 1-Gbps performance is able to accommodate the deterministic control, as well as provide enough bandwidth to accommodate all of Industry 4.0 transmissions,” he says.

Sensors on the CC-Link IE Field would be able to provide the standard parameters (e.g., flow, level, pressure, etc.). In addition, these sensors would be able to communicate other non-real-time requests—diagnostics, network status, product information, application updates and such—adds Wozniak.

The role of sensors and devices

Current technology allows collection from all kinds of digital sensors, but what makes data valuable is how an IIoT system acquires data from on-premises facilities, says Kai Wang, IoT solutions architect for NEXCOM/IoT automation solutions business group, a CSIA partner member. An IIoT system should include features for IIoT communications support, IIoT control capability and IIoT HMI, which can bridge the last mile connection gap between cyber and physical worlds and serves a pivotal role in the IIoT environment, adds Wang.

In earlier days, most sensors typically measured one process variable and communicated over a 4-20 mA DC loop. Times have changed.

“Sensors now have additional diagnostics for the sensors themselves, as well as additional product/machine data that can be used for analysis and optimization when correlated against other machine data,” says Mike Chen, corporate engineering group manager for Omron North America, a CSIA partner member.

For example, if a photoelectric sensor starts to accumulate residue, which blocks its light, the connected controller can measure this against a warning threshold that triggers an alarm or maintenance work order.

The data you need to collect will depend on the needs of your organization, but typically, that data should have an impact on one or two key areas of your business, e.g., quality or efficiency, says Mike Edgett, Infor industry & solution strategy director, process manufacturing.

“In other words, the data you are collecting is there to help ensure quality as part of your HACCP or FSMA plan, or it is data that is helping you determine the efficiency of your equipment (flow rates, process times, etc.),” he says.

It’s this extra data that lends itself to the creation of a “digital twin,” a virtual representation of a physical asset, says Steffen Ochsenreither, business development manager at Endress+Hauser.

“This will put users in the [driver’s] seat; they will be able to determine which devices are installed, which manufacturer they originate from and which device type they are,” he says.

This information can be used to standardize device types, for example, optimizing the storage of spare parts.

In the food and beverage industry, where a plant consists of numerous skids, keeping track of installed instruments can be tedious at best. E+H has developed software and hardware tools to support users in collecting the necessary information to form a database of installed instruments, so processors can get their maintenance systems in order. At this year’s Hanover Fair, E+H demonstrated that it could automatically create such a database in seconds using information read directly from these devices through HART or Profibus protocols.

Actuators and devices like pumps benefit from this same technology, especially when combined with sensors to monitor their status.

“Monitoring the status of an actuator under a machine does not require someone to go check on it every hour or so,” says Sandro Quintero, Festo Corporation product manager.

Monitoring can be done remotely, and in case of a failure, a notification can be sent to an individual or a group which is responsible to decide what action should be taken. Artificial intelligence could also play a role in making a predetermination of action.

In older plants, there may have been a limited number of sensors put in place, and there is often no wiring available to install new sensors. So, why not consider wireless sensors?

“There are numerous benefits IIoT technologies bring, including increased safety, improved reliability, reduced energy loss and streamlined maintenance activities,” says Brian Joe, Emerson Automation Solutions global product manager, wireless.

By utilizing wireless instrumentation, users can gather data on a continuous basis, improving data reliability and confidence, while also reducing the expense and risk of sending personnel into the field for manual data collection. Utilizing this data in analytics and modeling tools, including predictive analytics, enables users to determine the overall health of assets to make better, more informed decisions about maintenance, energy usage and performance.

Security issues

While wireless sensors make life easier by not having to run wires, wireless sensors, controllers and actuators could present a problem if not secured properly. For most industrial sensor networks, the protocols used will make them much harder to hack than consumer devices working on unprotected public Wi-Fi networks. Nevertheless, using industrial networks should not be a reason to lapse into nonchalance.

“As for wireless sensors, they really should be treated like properly secured wired networks. Or maybe I should say that wired networks should be secured like they were public wireless networks,” explains Eric Byres, noted industrial security expert, inventor, innovator, CEO of aDolus Inc. and ISA Fellow. “Wired or wireless, we have to assume someone evil is listening on the network, and we need to protect against that all the time.”

What about a logon and password for every sensor on a digital network?

“Passwords suck,” adds Byres. “Sorry, but they are a bad idea that should never have been created.”

This might seem counterintuitive, but Byres suggests a public/private key encryption management system is essential to protect sensors.

In regard to securing sensors and devices, Process and Data Automation’s McCausland says a best practice is to assign a static IP address to all permanent devices (wired or wireless) on a network. While using Dynamic Host Configuration Protocol (DHCP) and letting a router do the IP assignments provides an ease-of-use concept in non-industrial networks, it’s more trouble than it’s worth in industrial networks.

“What happens when the DHCP server fails?” asks McCausland.

“Regarding sensors using MQTT for communications, devices don’t have to be assigned discrete IP addresses,” says Inductive Automation’s Cox.

They can use DHCP, but they don’t have to. Why?

“The device should be configured to connect and send data to an MQTT server using transport layer security (TLS),” says Cox. “There are ACLs (access control lists) in the server to allow/disallow reading and writing [of] that data.”

An ACL could contain information about all devices communicating with the MQTT server, which sounds much like the database that E+H’s Ochsenreither described.

“These devices should have passwords for configuration and use SSL/TLS,” adds Cox.

“Regarding intelligent sensors that use older polling protocols, having a way to protect against undesired access or writing setpoints is very important and could be done through a variety of mechanisms, including IP and MAC (media access control) address filtering, ACLs in network hardware, TLS and username/password security,” adds Cox.

Should wireless actuators be used?

“If speed, reliability and security are critical, a wireless actuator may not be the best choice,” says Opto 22’s Sinha.

That said, elements such as authentication, intrusion detection, prevention, reporting and security event management (SEM) can be included in the security setup of a wireless infrastructure.

Simpler measures—such as changing the default SSID and password to a more secure one—can be very effective. With the proliferation of mobile devices, including on the plant floor, it is important to note that even if you choose not to use a wireless actuator, you can still access its data from mobile devices by wiring the actuator to a control system that is connected to a web-server gateway device, says Sinha.

Finally, one last point about security and plant data in an IIoT environment: It is important to keep in mind that cybersecurity is always an issue. In fact, Andrew Ginter’s book, “SCADA Security—What’s Broken and How to Fix It,” says everyone should accept that nothing is 100 percent secure, since all software can be hacked.

“Controlling systems can be secured in multiple layers,” says McCausland.

Most controllers themselves have security mechanisms that can provide access restrictions and user rights. The networks that act as the backbone of the control system can be secured as well.

“In a nutshell, it is essential that a layered zone model (from ISA/IEC-62443 standards) is used,” says Byres.

The mission-critical devices on the plant floor must be hidden behind layers of protection and never talk directly to computers (or iPhones) outside the plant floor. PLCs and devices should send their data upward to data collectors in the plant and then provide the IIoT functionality.

IIoT suppliers and systems integrators have been working with government agencies, such as NIST and DHS, and other professional organizations to make both hardware and software safer from attacks. One organization, the Open Group’s Open Process Automation Forum (OPAF), is focused on developing a standards-based, open, secure, interoperable process control architecture.

The OPAF is a consensus-based group of end users, suppliers, system integrators, standards organizations and academia. It addresses both technical and business issues for process automation.

To read more on this, Kevin Fitzgerald, who represents the OPAF and is also a global solutions architect and Schneider Electric Fellow, discusses IIoT and OPAF’s role in promoting new technologies in an exclusive interview found on FE’s website at “IIoT and the Open Process Automation Forum.” 

MQTT brings benefits to IIoT communications

MQTT, a communications technology invented in 1999, brings several benefits to IIoT:

1. Decouples devices from applications—No longer would we connect devices to applications, because that stops innovation. Instead, we connect devices to infrastructure.

2. Low bandwidth—Reduce bandwidth, so an organization can get more data from the edge of the network.

3. Report by exception (RBE)—Only publish values as they change.

4. TLS (transport layer security)—Better security, since the PLC is behind an edge gateway or supports TLS natively.

5. Outbound connection only (no inbound firewall rules)—If an organization wants to get to the cloud, it can without having to open pinholes in the firewall. The traffic is purely outbound but supports reading and writing.

6. Stateful awareness—Very important for SCADA to ensure the quality of the values.

7. Quality of service (QOS) data delivery.

8. Single source of truth—Arguably, the most important part of the new architecture. Devices hold the single source of truth of the data. Applications, such as SCADA, don’t have to worry about what the device is or what information it has; the data is auto discovered. No longer do we have to set up multiple mappings of our data.

9. Plug and play functionality—The ability to purchase new devices and sensors and have them automatically be part of the architecture. Tags show up automatically in Ignition with the configuration applied.

10. Eliminates cutovers (parallel applications)—Allows organizations to try out new technologies without affecting production, but using production data. If the idea doesn’t work, it’s no big deal. However, if it does, you can easily start using the new system. You can also upgrade devices and/or applications without having to change any configurations.

—Travis Cox, Inductive Automation.


For more information:

Steve Cook, Cook Process Solutions, 417-860-7581,
steve@cookprocesssolutions.com, www.cookprocesssolutions.com

Arun Sinha, Opto 22, 951-695-3000,
asinha@opto22.com, www.opto22.com

Michael Griffith, Stellar, 904-260-2900,
mgriffith@stellar.net, www.stellar.net

Scott McCausland, Process and Data Automation, 814-866-9600,
smccausland@processanddata.com, www.processanddata.com/services/data-services

Bob McIlvride, Skkynet Cloud Systems, 888-628-2028,
bob.mcilvride@skkynet.com, www.skkynet.com

David Stonehouse, Rockwell Automation, 440-646-3434,
dgstoneh@ra.rockwell.com, www.rockwellautomation.com

Michael McEnery, McEnery Automation, 636-717-1400,
Michael.mcenery@mceneryautomation.com, www.mceneryautomation.com

Mick McCormick, Yale Materials Handling Corp., 919-797-2914,  

Keith Chambers, Schneider Electric, 831-239-3559,
keith.chambers@schneiderelectric.com, https://software-solutions.schneiderelectric.com/food-beverage

Dana Tamir, Indegy, 866-801-5394,
dana@indegy.com, www.indegy.com

Jason Anderson, Stratus Technologies, 978-461-7000,
lpp.stratus@lpp.com, www.stratus.com

Sean Barry, Siemens, 800-743-6367,
sean.barry@siemens.com, https://www.siemens.com/global/en/home/products/software/mindsphere.html

John Boville, Schneider Electric, 248-457-4100,
john.boville@schneider-electric.com, www.schneider-electric.com;
Schneider Electric UK

Rick Veague, IFS, 888-437-4968,
rick.veague@ifsworld.com, www.ifsworld.com

Travis Cox, Inductive Automation, 800-266-7798,
travis@inductiveautomation.com, www.inductiveautomation.com

Mike Chen, Omron, 800-556-6766,
mike.chen@omron.com, www.omron.com

John Wozniak, CC-Link Partner Association, 847-478-2647,
john.wozniak@cclinkamerica.org, http://am.cc-link.org

Steffen Ochsenreither, Endress+Hauser Process Solutions AG, 888-363-7377,
steffen.ochsenreither@solutions.endress.com, www.us.endress.com

Brian Joe, Emerson Automation Solutions, 952-204-4031,
brian.joe@emerson.com, www.emerson.com/en-us

Sandro Quintero, Festo Corp., 312-520-7687,
sandro.quintero@festo.com, www.festo.us

Eric Byres, aDolus Inc., 866-423-6587 (x701),
eric.byres@adolus.com, http://adolus.com

Kai Wang, NEXCOM, 510-656-2248,
kaiwang@nexcom.com, www.nexcom.com/products/industrial-computing-solutions

Mike Edgett, Infor, 646-336-1700,
mike.edgett@infor.com, www.infor.com