That soda can sitting in the refrigerator might have been manufactured a bit more efficiently, thanks to remote access to the machinery that made it. That access has to be managed, though, to protect the product, the consumer, and the intellectual property of the maker of the canning equipment. An examination of soda cans and other items uncovers hardware and software solutions used by machine builders today for access control.
Take the case of Belvac Production Machinery of Lynchburg, Va., which makes high-speed equipment for the canning industry. One of its primary products is a necker, a machine that reduces the diameter of the open end of the can. It also flairs the top to prepare for the lid.
"Our machines are modular and have very different configurations depending on our customers' needs," explained Stephen Packer, a Belvac electrical engineer, during a webinar hosted by InduSoft. "The interesting thing about the necker is it's the last machine to touch the can before it goes to the beverage maker. So we're putting in lots of different quality checks within our machine."
These include vision inspection to detect any imperfections or mislabeling. There's also a light test that is capable of finding holes greater than 0.004 in. in diameter.
Belvac's machines can produce 1,800–3,000 cans per minute, with work underway to boost that number even higher. The upstream canning equipment has much lower throughput. In a typical setup, perhaps five body makers and six inside spray machines feed into each necker.
The canning industry has developed labeling standards that indicate which body maker and sprayer a can passed through. The former is marked by a stamp, and the latter is identified by colored dots. Data about this is gathered during the visual inspection by the necker and incorporated into the Intelligent Manufacturing System, a package that Belvac offers its customers. This proprietary software provides information about machine status and collects data from the quality checks it is running. This information enables the monitoring of as many as a half-dozen upstream machines. This is done by categorizing which ones are causing rejects on Belvac's equipment and by tallying those rejects.
The data can also be used to determine if a given turret on a necker is having more problems than the others. Limits can be set so that if the number of turret rejects is too high, the machine is stopped, an email alert goes out, some other action is taken or a combination of all of the above is done.
"It has provided Belvac with a very value-added item that we can use to really differentiate ourselves from the competition by giving our customers a level of service that no one else is providing them," Packer said of the system.
With remote access to this data, that advantage can be enhanced. That is why Belvac began offering customers access to this information. Since late 2011, the company's products equipped with the latest software have uploaded data into a secure server every five minutes. That information is stored in a database and customers can log in to look at results from a specific machine. This examination can be done anywhere there is an Internet connection.
Though valuable to customers, this data is also a powerful tool for Belvac itself. Company engineers can monitor machines remotely, sending reports about the results to customers as part of a service. Both Belvac and its customers are happy with this remote access solution.
Of course, that access has to be managed and controlled, a process that Indusoft is aiding. The provider of HMI SCADA software assisted Belvac in creating its customer interface.
InduSoft's preferred method for access control starts with the setup of its software, says Richard Clark, customer support specialist. "In the settings for the product, when you're setting up security, you set up users and then create groups that they have access to."
That, in turn, allows user and group authentication through the Lightweight Directory Access Protocol (LDAP), which helps organizations provide a single sign-on where one password for a user allows access to many services.
The group approach allows specific collections of individuals to be restricted in what they can access. This can be information from a machine, buttons on a screen, or even whole screens. What's more, because IT groups often use LDAP, its inclusion can make process control fit better into an overall corporate IT structure.
For even more secure access control, it might be wise to implement an Internet Protocol Security (IPsec) tunnel. It authenticates and encrypts traffic, which means that communications cannot be read. An IPsec bubble surrounding a control system with only one way in or out offers the highest and most secure level of access control, Clark says.
Purge Paint Passwords
An example of the need for machine operator access control comes from an automotive manufacturer. The unnamed carmaker has a worldwide footprint and was running into trouble in its paint operations a few years ago.
One of the last steps in the manufacturing process, painting is one of the first things customers notice. Thanks to metallic paints, the human eye can detect defects that measure microns in size. This carmaker had password-protected painting systems, but the password was not closely guarded. Thus, it was available to a wide array of employees, many of whom were inadequately trained on the painting equipment or had no need to access the painting equipment at all. However, access it they did.