easymon is a remote monitoring solution that brings the ease of use of the smartphone world to the domain of machine controllers. It only requires to install the PLCnext function extension from the PLCnext store and the corresponding smartphone app from the iOS or Google Play Store. After a quick and easy configuration, selected data point updates will be propagated to the paired smartphone app instances. Each variable in the currently executed PLCnext program can be configured as a monitored data point.
1. Privacy by Design
Besides the ease of use, a key requirement during the development of easymon was data privacy. Only data points that are explicitly selected for remote monitoring ever cross the boundaries of the corporate network that hosts the PLCnext. Even the metadata of the available data sources provided by the PLCnext (e.g. variables defined in the currently executed PLCnext project and their data type) remains private. As soon as a data source is removed, previous data of it no longer is accessible.
easymon accomplishes this by hosting the configuration webapp as part of the function app on the PLCnext. The configurator thus is only accessible via a Browser connecting to the internal IP address of the PLCnext from within the same network (see also the makers blog post about the easymon finder).
The user of the configuration webapp configures the set of data sources he or she wants to remotely monitor and only after that point in time, the metadata and values gets send to the easymon backend. But obviously that doesn’t mean it is publicly available. easymon uses a smart mechanism to ensure data access is only granted to authorized remote devices (smartphones, in most cases).
2. Secure Data Access without Login
To follow the principle of an easy-to-use monitoring solution, we wanted to save the easymon user from the need of yet-another username-password combination. Instead, we use an authorization key to control the data access.
For each new device registering at the easymon backend, it generates a key that is provided to the PLCnext controller via its welcome message only. The authorization key is stored on the PLC and becomes part of the QR code used to pair the PLCnext with the easymon smartphone app instance. When pairing the smartphone app by scanning the QR code, the easymon app stores the key securely (in the iOS KeyChain respectively a 256-bit AES encrypted store on Android). Each request from the smartphone app to the backend to retrieve either the device configuration, the data point values or to register for data point updates gets signed with this key. Only if the backend successfully verifies the signature, this request will be processed.
To remove access the remote monitoring data for a PLCnext for all previously paired smartphone apps, the current authorization key can be invalidated. A new key will be generated so that requests using the old key will fail authorization from that point on.
Using this mechanism, the physical owner of the PLCnext always stays in control of the data access. Remote data access is granted by physical access to the device via its QR code.