Securely Connect an Industrial PLC to Azure

Forums IoTStack Discussions (IoTStack) Securely Connect an Industrial PLC to Azure

Tagged: , , ,

  • This topic has 1 voice and 0 replies.
Viewing 0 reply threads
  • Author
    Posts
    • June 13, 2019 at 6:16 am #32830
      TelegramGroup IoTForIndia
      Moderator
      • Topic 2519
      • Replies 0
      • posts 2519
        @iotforindiatggroup

        #Discussion(IoTStack) [ via IoTForIndiaGroup ]

        Hardware
        The first question you are probably asking yourself is if you can leverage your existing PLC hardware. The good news is that in most cases you can. Microsoft provides out-of-the-box modules to connect via MQTT, Modbus or OPC UA. This covers a good portion of existing PLCs. If you cannot connect via these protocols, third party connectivity tools such as Kepware will also connect to Azure. We chose to connect a Schneider Electric Modicon M580 ePAC controller (PLC) using the Modbus protocol.

        To securely connect the PLC to the cloud, you will require an industrial gateway. Microsoft provides a device catalog to assist in the selection of an industrial gateway. We chose a Moxa UC-8112-ME-T gateway.
        The Moxa device provides 2 10/100 Mbps Ethernet ports as well as an LTE connection. The Connexium network switch allowed us to place the PLC in a different subnet than the network that connects to Azure. This provides an additional layer of security by separating the control network from the DMZ. One of the Moxa gateway Ethernet ports is connected to the control network by connecting to the switch. The gateway can then either connect to Azure by connecting the other Moxa Ethernet port to a local switch in the DMZ, or by connecting via cellular (LTE) to Azure.

        Azure IoT Edge is open source software provided by Microsoft that allows you to securely connect industrial devices to Azure. Microsoft provides an IoT Edge Marketplace which contains off-the-shelf modules from Microsoft and other companies that will get you up and going fast. Although you can create custom logic for IoT Edge, the IoT Edge Marketplace should always be your first stop. In our case we were looking for Modbus connectivity, so we chose the Modbus IoT Edge module.
        Microsoft Azure covers over 70 compliance offerings and has the deepest and most comprehensive compliance coverage in the industry. As over 90% of Fortune 500 companies already use the Microsoft Cloud, the industry has already endorsed Microsoft’s cloud security.
        That leaves the device. The steps above will take you a ways down the security path, but there are more steps you can take to better secure

         

        Read More..

    • Author
      Posts
    Viewing 0 reply threads
    • You must be logged in to reply to this topic.