NEWS
It is therefore also necessary to replicate concepts such as ‘number engaged’ in order to retain the same communications network characteristics at both the remote and server sites. Advantech offers a solution to this dilemma using a combination of its edge routers loaded with an AT modem emulator application, and its WebAccess/VPN server. This solution allows for the seamless migration of equipment connected to legacy 2G (or dial up PSTN) systems onto current generation cellular networks.
The Advantech Solution: See Figure 2 – Device to Cloud connection (landscape).
WebAccess/VPN provides an authenticated and secure network upon which the system functionality is built. It allows creation and operation of a virtual private network (VPN) within the ethernet or cellular communications system without requiring the user to have any detailed networking knowledge in order to configure and maintain it. Within the VPN each router has a fixed and known IP address. Importantly, any devices connected to the routers also are given visible, and optionally fixed IP addresses, allowing interactions not only with the routers, but also between any devices connected to them. Primary access to the VPN can be via ethernet, Wi-Fi, fibre or cellular connection, with configurable options to automatically failover between available connections in the case of primary communications failure. Each router is loaded with an AT modem emulator application. This configures a serial port that responds to the AT command set to create and destroy point to point tunnels between two routers within the network. These tunnels then transport any data appearing on a router serial port to the corresponding serial port on the remote router. This is analogous to a dial-up system, where a modem responds to the AT command set by creating and destroying point to point connections for serial data.
If the telephone numbers used within the third-party devices can be changed easily, then all that users need to do is to change the phone numbers to the IP address of the desired destination router. If this is not easy to do, then scripting within each router can be used to convert the existing phone numbers provided by the third-party device to the corresponding IP address used within the network.
The call connect/disconnect follows normal AT command principles, making the use of the IP network completely transparent to the third- party devices, which continue to operate as if they were still connected via a 2G or dial-up
Figure 2 – Device to Cloud connection (landscape).
network. Importantly, the system is designed to be used in a point to multipoint configuration, typical of that found within SCADA networks.
The modem emulator has the following characteristics:
Command ATD will create a tunnel to the corresponding remote router.
If the remote router already has a session in progress (with another router) then the call will not be answered (i.e., a router will only support one active ‘dial-up’ session at a time). This is the equivalent of the situation on a PSTN network, where a call cannot be completed to a number which is already in use (engaged). Once a call is established, whatever is received at the serial port on one router will be output from the serial port on the other router. The system is agnostic to the context of this data, so legacy protocol information between the SCADA endpoints is simply passed transparently.
If redundancy is required, then this works in the same way as for PSTN, i.e., there is a 1 to 1 correlation between an existing PSTN modem, and the router to replace it. In systems where the central system has a pool of available modems in order to reduce congestion, equivalence is achieved by simply replacing each host modem with a corresponding router.
Additional Advantages of Implementation:
Once implemented there are a number of additional capabilities which may be used to further leverage the system investment, albeit in some cases with some additional cost. Remote Router Management - If WebAccess/DMP is included in the solution, then this will bring with it the benefits of zero touch installation and remote management of the router estate. This will reduce the total cost of ownership of the solution, as well as provide future capabilities to easily deploy modifications or additional edge applications. In addition, WebAccess/DMP offers a full set of API calls, allowing its functionality to be accessed from any authorised and connected user application.
Remote Third-Party Device Management - If the third-party devices have a separate
local configuration/diagnostics port, then this can be connected via the VPN to provide remote connectivity to the management system, for example from a standalone application running on a PC connected to the VPN. If the configuration/diagnostics service is provided via ethernet, then this can be directly visible through the router. If the configuration/diagnostic port is provided via a serial connection, then a second serial port on the router, or an external network attached serial interface can set up a terminal server connection via the VPN, allowing remote interaction.
Additional Edge Device Connection - Whilst the described system aims at the migration of legacy 2G and dial-up data acquisition communications, once the routers and VPN are in place, they can be used to provide inter-site connectivity for other devices using the always-on nature of the IP network, and the grouping/isolation features available from WebAccess/VPN. These allow router and connected device visibilities to be restricted based upon user profile meaning, for example, that access to the router configuration can be restricted to the IT department whilst access to connected remote devices, such as SCADA RTUs, PLCs, flow computers etc, can be made available only to engineers in the operations department, with additional granularity possible to site, group or device level. This function is independent of the dial-up emulation. WebAccess/VPN working in combination with the routers provides not only fixed and visible IP addresses for each router but can be configured to provide visible, and optionally fixed, IP addressing of any devices connected to the routers, allowing systems to interact directly with all IP based devices on a remote site.
Use of Router as Edge Device - The router has the capacity for additional applications to be installed. These may come from the existing range of user applications, can be developed as C code or Docker applications by the user, Advantech or third parties, or can use Python Scripting or NodeRED application framework downloads.
FEBRUARY 2024 | ELECTRONICS FOR ENGINEERS
13
Page 1 |
Page 2 |
Page 3 |
Page 4 |
Page 5 |
Page 6 |
Page 7 |
Page 8 |
Page 9 |
Page 10 |
Page 11 |
Page 12 |
Page 13 |
Page 14 |
Page 15 |
Page 16 |
Page 17 |
Page 18 |
Page 19 |
Page 20 |
Page 21 |
Page 22 |
Page 23 |
Page 24 |
Page 25 |
Page 26 |
Page 27 |
Page 28 |
Page 29 |
Page 30 |
Page 31 |
Page 32 |
Page 33 |
Page 34 |
Page 35 |
Page 36 |
Page 37 |
Page 38 |
Page 39 |
Page 40 |
Page 41 |
Page 42 |
Page 43 |
Page 44 |
Page 45 |
Page 46 |
Page 47 |
Page 48 |
Page 49 |
Page 50 |
Page 51 |
Page 52 |
Page 53 |
Page 54
