What you need to know about VPN and cellular options for remote monitoring

Feb. 3, 2017
Bring machine data to you, no matter where you are.

Manufacturing plants can be located anywhere in the world. Providing technical support for machines located in these plants can be costly and unfeasible if a machine builder is sending engineering personnel for on-site support. Most machine builders would much rather have their engineering resources working on the next project, rather than troubleshooting problems in already commissioned equipment. To remain competitive, many companies are reducing in-house technical and maintenance teams as part of becoming a leaner enterprise.

A tool to address the developing do-more-with-less strategy is to provide interconnections between the plants and the equipment suppliers. With a communication channel to the equipment, the machine manufacturer’s technical group can monitor performance and assist with troubleshooting when problems occur.

By monitoring a machine’s operational execution over time, the machine’s builder may offer additional services to the customer. Suggesting or supplying predictive maintenance and replacement of consumable goods remove this task from the local maintenance department. Tracking production times and fault codes may allow the manufacturer to suggest repairs and replacements before a malfunction occurs.

Before Ethernet and widely available Internet services, remote monitoring would often consist of an on-site person talking on the telephone to service or engineering people at the machine builder’s home office. Anyone who has experienced asking the customer to type something on a keyboard and then describe what the monitor displayed understands how slow and inefficient this method can be. When the support person had the ability to connect the computer directly to the machine’s control system using an analog modem and a phone line, it became abundantly easier to make suggestions to an on-site maintenance person. Collecting local data, via the computer and phone line, began to become a practical way to do an almost real-time machine performance analysis.

With the advent of high-speed and wildly available Internet, remote monitoring has become faster, less expensive and fraught with new security risks. Installing a machine in a modern manufacturing plant usually includes a connection to the plant’s internal communication network. Once connected to the plant’s intranet, a remotely located engineer or technician may have access to view the machine’s operation in near real time. At one time, this connection simply involved logging on the network server and running whatever software was required to accomplish the desired task. Hackers and industrial spies have made this technique impossible in all but the very least secured systems.

A secure virtual private network (VPN) and firewall rules that restrict connections from any unauthorized party allow an external computer to connect to an intranet that includes the target machine if the customer’s IT department allows it. There are several different security protocols used by various VPN implementations. It’s imperative that the IT department is involved in all predesign meetings.

One method to remotely connect to a control device completely independent of the installed network is a cellular-based wireless system. Several companies offer cellular-based industrial communication modems. If there is no router connecting the wireless network to the factory intranet, there is less chance for an unwanted intrusion into the plant. However, the direct threat to the control device you are communicating with remains. When implementing a VPN over a cellular connection, a dedicated computer may be required at the customer’s site. This computer may be used as a data collection point, and the remote communications are only established on an as-needed basis. The local computer may also have application software installed, such as HMI or PLC programming packages, and the remote connection takes over the actions of the local computer using one of the many remote control software packages available. Another solution would be to use a hardware-based VPN module. The hardware VPN is created between the remote computer, the cellular modems and finally the target control device. The hardware VPN provides the security by encrypting all communication packets traveling across the cellular pathway. Choose equipment suppliers carefully. Good suppliers will assist in choosing the best solution for the application even if that may mean using a different company’s hardware. Always work with the customer’s IT professionals; they may have final approval over any solution you may choose.

If the communication channel is cellular, one additional option may be to use a handheld smart phone or tablet as the remote access device. Some HMI software manufacturer’s offer a Web-based display. These displays can be easily viewed on a handheld device, but the page rendering overhead can make the pages slow to load in the device’s Web browser. If available, a dedicated app that interfaces with the control device or HMI will increase performance and reduce wait times to update.

As with any communication system, local or remote, increases in the amount of data transferred will result in a decrease in response time. Viewing every data point the control device creates is seldom required to make decisions based on that data. When a machine logs some data, such as a changing temperature, at a rate of several measurements per second, useful information, such as average, minimum, maximum or rate of change, can be calculated without having to transmit every raw temperature measurement. Some data compression techniques can also be employed. If monitoring a large number of data points, after the initial values are sent to the remote device, only updating data points that have changed will increase throughput.

As the Internet of Everything continues to evolve, making productive use of the information available can lead to increased production and decreased downtime. But this will only happen if we create the best plan and have a successful implementation.

About the author

Thomas Stevic is a controls engineer at Star Manufacturing, an engineering and production company in Cincinnati. Contact him at [email protected].