Friday, July 29, 2016

Q&A: Breakthrough IIoT Technologies, Security, and More

Posted by Sarah Cloutier

On June 30, Kepware concluded its first installment of the IoT Webinar Series. The series shares breakthrough technology for the Industrial Internet of Things (IIoT), and explores a wide range of solutions made possible by integrating KEPServerEX with IoT Alliance member offerings. Use cases and real-world applications ranged from condition-based monitoring and predictive maintenance to machine learning, overall equipment effectiveness (OEE), and big data analytics. The first installment features solutions from five of our founding IoT Alliance members:

  • Altizon demonstrated their flagship platform Datonis™ for condition-based monitoring, predictive maintenance, and machine learning solutions.
  • IOT Technology Solutions demonstrated ELIoT, a cloud-enabled application that provides advanced analytics and reporting through mobile apps and seamlessly triggers alerts based on machine condition analytics.
  • DeviceLynk IoT_Alliance_Webinar_header.jpgdemonstrated how their actionable intelligence dashboards enable users to monitor real-time conditions and statuses and generate reports with a single click.
  • Splunk explored industrial data collection, best practices for storage and enrichment, and how to use Splunk’s advanced visualizations and analytics to become more data-driven in industrial operations.
  • Dell demonstrated predictive maintenance solutions using the Dell Edge Gateway 5000 and showed how it enables users to collect, analyze, relay, and act on real-time data from machine sensors and generate accurate, dynamic predictions.

With approximately 1,000 attendees in total, the webinar series received exceptional feedback and had lively engagement. Each webinar elicited a rich question and answer (Q&A) dialogue between attendees and presenters. After taking a deeper look across the Q&As, we discovered questions relating to the following subjects that were common themes across each of the webinars:

  • IoT technology
  • Data storage
  • Data polling
  • Security
  • Redundancy 

Check out the Q&A pairs below to read the most common questions and answers in these popular topics.

IoT Technology

Q: How is IoT different from web-based SCADA systems?
A: An IoT system enables users to view and gain insights into data in unique ways; it is not a control system. It has allowed customers with aging infrastructure to make old equipment “smart,” and to layer on new functionality that improves efficiency and effectiveness without disrupting the legacy control systems that are already in place.

Q: What software can be used for simulating IoT?
A: KEPServerEX comes with several simulation options, including the ability to play back stored data from a database or generate algorithmic data. Contact if you are interested in setting up a proof-of-concept or seeing a demonstration of how these simulation options may be leveraged.

Q: Are OPC HDA and OPC AE supported in the KEPServerEX REST interface?
A: At this point, KEPServerEX only supports real-time data. We are currently discussing how we can leverage this technology in the future to expose other types of data sets for historical and alarm data.

Q: To what extent do you expect the KEPServerEX REST interface to be used inside an Intranet, to interface with private web-servers, as well as across the Internet in a Big Data/IoT environment?
A: It's designed to do either with ease; thus, the method of deployment will be highly dependent on the organization’s infrastructure and long-term IoT goals. For example, you might utilize third-party sensors that use an open internet connection to connect to a vendor’s analytics platform in the Cloud versus in-house sensors that are on the company's intranet and feed into an on-premise OEE dashboard.

Q: What is so special about MQTT that you recommend using it for sending data to the Cloud? What are the advantages of MQTT?
A: MQTT is designed for very limited bandwidth applications, such as low-energy Bluetooth devices. It keeps the messages very small and simple, so it's well-suited to embedded sensors.

Q: Many of these solutions are all one-way focused, meaning data is streamed from the device to an enterprise historian or another type of read-only application. Are there solutions that support write and command capabilities, as may be necessitated by other applications?
A: KEPServerEX supports the ability to provide data up to an analytics platform or commands back to the devices from any connected application. 

Q: Is the device agnostic to automation manufacturer? Can it communicate with any automation vendor (including Japanese manufacturers)?
A: Yes, Kepware has been vendor neutral from the very beginning. We support connectivity to devices utilizing more than 150 different protocols—including some from Japan like Omron and Yokogawa. We are always expanding our protocol offerings. For more information, explore our driver list

Q: How do you connect legacy technologies to an IoT application—for example, a legacy packaging line for OEE and remote visibility—given the controllers are not OPC supported?
A: KEPServerEX has a selection of more than 150 protocols to connect to both current data sources technologies as well as legacy ones. We also have customizable drivers to connect to devices for which we have not created a specific driver.

Q: For a report geek, IoT is great. However, is there a way to make this easier for a production manager or executive to use?
A: In order to draw insights from data, many executives use IoT platforms to build dashboards for what they would like to see—from energy consumption to downtime alerts. Once the data is in the system, it is very straightforward to build and share a simple but effective dashboard. For more complex dashboards using complex data, a system may be built by a third-party, or you can contact Kepware or any of the IoT Alliance members for assistance.

Data Storage

Q: Can I get data through the IoT device and store information to a SQL database?
A: Yes, absolutely. KEPServerEX provides functionality for a direct connection to databases, and many of the other platforms from the IoT Alliance members may facilitate this connection as well.

Q: Do these systems have to be cloud-based or could it be installed on an intranet? I am still hesitant about connecting and storing control data in the Cloud.
A: All of these solutions have an excellent Cloud presence, but also have the ability to be installed on-premise. It can be either. You can also mix Cloud and local installs and leverage data across both sources together in one application.

Q: Where are the logs for various activities stored, on Kepware’s end or the other application’s end?
A: Certain data may be stored locally on the system hosting KEPServerEX or all data may be forwarded and stored within the other vendor application.

Q: Most control systems already have an historian. From the IoT example with Altizon, we see the historical data is also stored on the Cloud. Is it possible for the IoT solution to use the process historical data directly?
A: Getting data out of a pre-existing historian is usually not a trivial thing. It could be possible to create a custom interface to make that data available to KEPServerEX and then send it up via our IoT Gateway to other applications. It may be easier to simply send real time data to the Cloud and have it analyzed concurrently. If the historical data is stored in a non-proprietary ODBC database (like SQL), however, it would be easy to connect to KEPServerEX and send to the Cloud.

Q: Can data storage be configured to an internal company server instead of the cloud?
A: Yes, that would be an on-premise deployment, where instead of the Cloud, data is stored in your internal company server. 

Q: Is data exchanged 'in clear' or encrypted between sensor and KEPServerEX? Between KEPServerEX and the customer dashboard? Between KEPServerEX and backup systems?
A: Sometimes fieldbus and sensor protocols utilize encryption and authentication, but most of the time they do not. Thus, most of the security in the data stream is added by KEPServerEX converting the data obtained by the insecure fieldbus and device protocols to a protocol like OPC DA, OPC UA, HTTPS, MQTT, and so on when it is then sent to a dashboard. These have great security capabilities with multiple layers of security.

Q: Is data stored 'in clear' or encrypted?
A: Within KEPServerEX, the data collected by drivers is only stored in memory and thus is not accessible without the use of KEPServerEX. The other applications that KEPServerEX connects to have options for encryption.

Data Polling

Q: What is 1 tag license? Does it translate to 1 data collection point?
A: Yes.

Q: I can collect 1 data point at whatever frequency I want?
A: Yes; however, there is a limit on how fast you may collect data. This is a limitation of the operating system on which the applications are installed. Typically, 10ms is the fastest rate possible.

Q: What size data point is allowed?
A: The size of a data point depends on its data type. Data types range from Booleans (single bit) to double precision floats or big integers (64-bit values). The message format of outbound protocols adds size, but this depends on outbound protocol.

Q: How many tags can be managed by Kepware?
A: Kepware has customers who use KEPServerEX for as few as a couple hundred tags and customers with up to and including millions of tags. The ability for KEPServerEX to manage larger numbers of tags depends on the hardware you place it on. The IoT Gateway currently can be licensed for up to 50,000 tags.

Q: Is it possible to build a hybrid network that can work independently for isolated sites, in case of failed internet connectivity? And when internet connectivity is established, data can be synced with Cloud servers? In some parts of world, internet connectivity is not as reliable as developed countries.
A: Many applications have buffering capabilities so that as the data is streamed from KEPServerEX, it can be stored during short network outages. These applications automatically synchronize indexes from on-premise indexes and Cloud indexes, thereby creating a hybrid of local and Cloud indexes to assist in data integrity.

Q: Does the IoT Gateway for KEPServerEX have the capability of sending data directly to the Cloud?
A: Yes, the IoT Gateway for KEPServerEX supports RESTful HTTP, MQTT, and a custom interface protocol to ThingWorx®. It also supports OPC UA. 


Q: Does KEPServerEX offer data security for gateway data, for data at rest, and data in transit?
A: Data from the IoT Gateway for KEPServerEX can be encrypted using SSL while in transit. At rest, the data is stored in memory only, and each data interface can be secured; unnecessary data interfaces can be disabled.

Q: Are HTTPS connections possible?
A: Yes.

Q: Does KEPServerEX support oAuth authentication?
A: At this point, it does not. However, Kepware is looking at different authentication methods and how to help implement some of these solutions.

Q: Can you share some insights into the security aspects of the system?
A: Connectivity from KEPServerEX leverages secure connections using SSL or TLS, as well as Basic Authentication Methods (username/password). HTTP header properties can also be configured.


Q: Is it possible to make a robust server in the network with a clone server or secondary address in case the first fails?
A: Operating system redundancy using a hypervisor like VMware or HyperV could be used, or you could leverage the failover capability of the connected application (for example, Splunk has robust failover capabilities).

Q: Is there data channel redundancy in either software, i.e., active and passive tunnels?
A: KEPServerEX provides redundancy for many different environments. This includes device redundancy, communication redundancy, and—through our complementary product RedundancyMaster—we can provide server redundancy.

Wrap Up

I hope these Q&A pairs provide further insight and clarification into KEPServerEX and the IoT solutions offered by our IoT Alliance members Altizon, IOT Technology Solutions, DeviceLynk, Splunk, and Dell. If you would like to view recordings of those webinars, please visit Internet of Things Webinar Series. To meet other IoT Alliance members,visit our IoT Alliance webpage.

Watch the IoT Webinar Series Recordings

Did we answer your questions? Please leave a comment below or feel free to contact one of our applications engineers by email at We look forward to hearing from you!