operational technology + information technology
DESCRIPTION
Operational Technology + Information Technology. Applying Message Oriented Middleware to Operational Systems. Arlen Nipper - Cirrus Link. Instrumented. Interconnected. Intelligent. How can we apply technology to:. Mitigate environmental risk? Detect leaks earlier? - PowerPoint PPT PresentationTRANSCRIPT
Operational Technology + Information Technology
Arlen Nipper - Cirrus Link
Applying Message Oriented Middleware to Operational Systems
How can we apply technology to:
• Mitigate environmental risk?
• Detect leaks earlier?
• Resolve problems faster?
• Manage audit and regulation more effectively?
• Run operations more efficiently?
Instrumented
Interconnected
Intelligent
• What problems does Message Oriented Middleware solve?
• How can Message Oriented Middleware be applied to operational systems today?
Message Oriented Middleware (MOM) is a well proven and an integral component in modern Service Oriented Architecture (SOA) and Enterprise Service Bus (ESB) solutions. How can we best apply this mature and well proven technology to Operational systems as well?
Message Oriented Middleware
SCADAHost
SCADAHost
11
Protocol X
22
33
“Operations (OT)”“Enterprise (IT)”
Electronic Flow Measurement
Electronic Flow Measurement
ERPERP
Asset Management & Optimization
Asset Management & Optimization
Analytics &BIG DATA
Analytics &BIG DATA
Mobile AppsMobile Apps
HistorianHistorian
To a large extent, we as an industry have already been trying to make our Operational Applications “look” like Message Oriented Middleware…..
Future Apps & Integration
Future Apps & Integration
Using the SCADA Host as Message Oriented Middleware
SCADAHost
SCADAHost
Protocol X
22
3Flow
Computer
3Flow
Computer
“Operations (OT)”“Enterprise (IT)”
Electronic Flow Measurement
Electronic Flow Measurement
ERPERP
Asset Management & Optimization
Asset Management & Optimization
Analytics &BIG DATA
Analytics &BIG DATA
Mobile AppsMobile Apps
Future Apps & Integration
Future Apps & Integration
1PLC1
PLC
Using the SCADA Host as Message Oriented Middleware
SCADAHost
SCADAHost
Protocol X
22
3Flow
Computer
3Flow
Computer
“Operations (OT)”“Enterprise (IT)”
Electronic Flow Measurement
Electronic Flow Measurement
1PLC1
PLC
4
“New” Application
“New” Application
1 32
4
1
3
2
Create a “New” application that can provide the interface between the EFM application and the SCADA Host Application.
Define the interface/data schema between the New application and the EFM application.
Modify/change/test any required Access Control List (ACL) and define the security for connecting to the SCADA Host application.
Modify the SCADA Host poll tables so that additional polls to the Flow Computer are added to acquire desired information.
Using the SCADA Host as Message Oriented Middleware
“What is invariably happening is that more and more access to SCADA data from the lines of business is putting the SCADA Host application in the position of being a MOM system, which they were never intended to be in the first place. As more and more applications and modifications are made to the SCADA Host application to satisfy the needs of lines of business, the systems invariably become harder and harder to manage, and ultimately become so brittle that no one will touch them to add additional capabilities. At this point innovation within the business, as it applies to the vast amount of additional information in field devices, comes to a grinding halt!”
Using the SCADA Host as Message Oriented Middleware
SCADAHost
SCADAHost
11
Protocol X
22
33
“Operations (OT)”“Enterprise (IT)”
Electronic Flow Measurement
Electronic Flow Measurement
ERPERP
Asset Management & Optimization
Asset Management & Optimization
Analytics &BIG DATA
Analytics &BIG DATA
Mobile AppsMobile Apps
Future Apps & Integration
Future Apps & Integration
HistorianHistorian
Starting from here…… we can keep all of the same components by just re-architecting the topology a bit.
Decoupling Devices from Applications using Message Oriented Middleware
Decoupling Devices from Applications using Message Oriented Middleware
SCADAHost
SCADAHost
11
22
33
“Operations (OT)”“Enterprise (IT)”
Electronic Flow Measurement
Electronic Flow Measurement
ERPERP
Asset Management & Optimization
Asset Management & Optimization
Analytics &BIG DATA
Analytics &BIG DATA
Mobile AppsMobile Apps
HistorianHistorian
MessageOriented
Middleware
MessageOriented
Middleware
Nice topology picture, but how can you actually implement this architecture?
Future Apps & Integration
Future Apps & Integration
Use Message Queuing Telemetry Transport (MQTT) A Transport Designed for SCADA
1. Natively built on top of TCP/IP.
2. Stateful with continuous session awareness.
3. Extremely bandwidth efficient.
4. Three levels of Quality of Service for data delivery.
5. Data agnostic.
6. Client side session establishment.
7. No defined security model. Since MQTT is natively build on top of TCP/IP, best practice TCP/IP security scheme can be used.*
“MQTT is a bi-directional lightweight event and message oriented transport allowing devices to communicate efficiently across constrained networks to backend systems”
MQTT was originally designed for use in real time pipeline SCADA systems!
*The OASIS MQTT Security Subcommittee is working in conjunction with NIST for recommended best practices using MQTT in critical infrastructure.
Add an MQTT Data Broker The Message Oriented Middleware Component
MQTT EnabledMessageOriented
Middleware
MQTT EnabledMessageOriented
Middleware
MQTT EnabledDevice
MQTT EnabledDevice
SOAP EnabledApplication
SOAP EnabledApplication
JMS EnabledApplication
JMS EnabledApplication
MQTT EnabledApplication
MQTT EnabledApplication
MQTT EnabledDevice
MQTT EnabledDevice
MQTT EnabledDevice
MQTT EnabledDevice
MQTT - Publish Subscribe Messaging
A Publish Subscribe messaging protocol allowing a message to be published once and multiple consumers (applications / devices) to receive the message providing decoupling between the producer and consumer(s)
A producer publishes a message (publication) on a topic (subject)A consumer subscribes (makes a subscription) for messages on a topic (subject)
A Message Oriented Middleware server / broker matches publications to subscriptions • If no matches the message is discarded• If one or more matches the message is delivered to each matching subscriber/consumer
MQTT EnabledMessageOriented
Middleware
SCADAHost
SCADAHost
11
3 -Native MQTT device
3 -Native MQTT device
“Operations (OT)”“Enterprise (IT)”
Electronic Flow Measurement
Electronic Flow Measurement
ERPERP
Asset Management & Optimization
Asset Management & Optimization
Analytics &BIG DATA
Analytics &BIG DATA
Mobile AppsMobile Apps
HistorianHistorian
Future Apps & Integration
Future Apps & Integration
The Resulting 100% MQTT MOM SCADA Implementation
DMZ
Edg
e of
Net
wor
k C
ontr
olle
rE
dge
of N
etw
ork
Con
trol
ler
Edg
e of
Net
wor
k C
ontr
olle
rE
dge
of N
etw
ork
Con
trol
ler
2212
3
1
2
3
4
4
MQTT message transport.
MQTT, JMS, REST, SOAP, and “other” ESB message transports
Single point DMZ for access control, permissions, and security settings.
SCADA is a VERY important data consumer, but not the ONLY consumer.
Protocol X
Protocol Y
With MQTT and Message Oriented Middleware we can move from “Current State” …..
SCADAHost
SCADAHost
Electronic Flow Measurement
Electronic Flow Measurement
ERPERP
Asset Management & Optimization
Asset Management & Optimization
Analytics &BIG DATA
Analytics &BIG DATA
Mobile AppsMobile Apps
HistorianHistorian
Future Apps & Integration
Future Apps & Integration
MQTT EnabledMessageOriented
Middleware
SCADAHost
SCADAHost
SCADAHost
SCADAHost
SCADAHost
SCADAHost
SCADAHost
SCADAHost
SCADAHost
SCADAHost
DMZ
… to “Future State”
16
The Vision - Tie All Operations Together
Upstream
Midstream/Downstream Pipeline Control
Cathodic Protection
Terminal Automation
Tank Farm / Storage
MQTTTransport
SCADA
Enterprise
Data Center
MessageOriented
Middleware
Summary
• Decouple device protocols from applications.
• Dramatically improve critical data update times.
• Reduce network bandwidth consumption.
• Enable “one to many” information exchange.
•“Unlock Operational Intelligence” stranded in field devices!
Poll-Response SCADA systems were perfectly viable solutions when first developed 35 years ago. They have served the industry well, and continue to do so. But we are entering 2014. SCADA solutions need to leverage the very same Message Oriented Middleware technologies that IT solutions use to:
Additional Topics Not Yet Covered
• Message flows, data transformation, message transformation.
• Migration strategy maintaining Operational Integrity and 100% legacy backwards capability. • Redundancy (native architecture capability)
• High availability (native architecture capability)
• Scalability (native architecture capability)
We can apply technology to:
• Mitigate environmental risk
• Detect leaks earlier
• Resolve problems faster
• Manage audit and regulation more effectively
• Run operations more efficiently
Instrumented
Interconnected
Intelligent
Message Queuing Telemetry Transport (MQTT) Resources
http://mqtt.org
All things MQTT
MQTT Specificationhttp://www.ibm.com/developerworks/webservices/library/ws-mqtt/index.html
Eclipse Pahohttp://www.eclipse.org/paho/
Eclipse M2Mhttp://wiki.eclipse.org/Machine-to-Machine
OASIS MQTT Technical Committeehttps://www.oasis-open.org/committees/tc_home.php?wg_abbrev=mqtt