Most Device and Update Management (DaUM) solutions are utilizing vendor-specific processes to distribute and install data proprietarily onto local devices. With the OPC UA based DaUM Service it is possible to manage and update all automation devices by any manufacturer. These include PLCs, I/O-modules, frequency converters, robots, network devices, power supply units or other components used for automation processes. DaUM Service employs the OPC UA standard 10000-100. A totally new approach is not only the option to update various components within the automation system, but also the fact that high security standards are guaranteed on all levels of the system along the process. All communication protocols as well as commands are only executed when authenticated and authorized according to the IEC 62443 standard.
Another advantage of the DaUM Service is its capability to be carried out on several levels simultaneously. For instance, the DaUM Service can run on an Edge-PC inside a facility, a centralized server by the user or an automation device itself, depending on the specific case and system size.
An integral part of the system is the application of OPC UA as a standardized solution to manage devices by different manufacturers. Processes which have been predefined as standard are then being used both by the software and by the devices. Thus, the Device and Update Management System can be used in many ways. The users have the option to either run the entire system, including software and devices by Phoenix Contact, or just use the software to operate their own devices or use some Phoenix Contact components as well as devices by other vendors to run on their own software. Besides the standardized processes with OPC UA security has the highest priority. With Phoenix Contact’s commitment to develop and produce highly secure products comes the necessity to provide secure updates for these products throughout their entire lifecycle. The software supports the maintenance process from downloading the right data packages for the specific devices to automatically installing necessary updates.
Plug-and-play-enabled IIoT platforms
Often, the desire to digitize processes is overshadowed by the thought that this entails considerable effort and requires a lot of prior IT knowledge. But with plug-and-play-enabled IIot platforms, you can finally pursue your desires and forget the worries. Plug-and-play-enabled IIoT platforms do not require storage and computing capacity in the applying company in the first step, and connecting smart devices usually takes only a few minutes. The smart services, for which there are no implementation costs, are flexibly scalable – both in terms of functional scope and number of users. Because the Smart Service application is so easy to use, even users with no IT knowledge can benefit from the advantages of digitization after a short training period. This leads to data-driven, better and faster decisions, greater efficiency and higher productivity, instead of the redundant work that was common in the past.
In the following segment I am going to explain the basic attributes of the software such as detecting and authorizing new devices, disposing, and installing of firmware or application projects, and other features of the software.
- The software utilizes a Local Discovery Server (LDS) to scan the network for devices and display them in a list within the software. In this case all available devices will be displayed, and the user can decide, which devices he/she chooses to manage. Upon selecting one or several devices, suiting certificates are being securely transmitted through a Global Discovery Server (GDS) onto these devices.
- A manual entry is also possible by adding the IP address into the device list. Besides entering the IP address, it is necessary to provide additional registration information such as username and password to create a secure certificate for the device. Once this information is entered, this newly registered devices can be connected to the GDS and thus receive new certificates.
- The software also offers the option to create your own certificates. This can be done by entering an external PKI (Public Key Infrastructure) using the EST protocol.
Once the devices have been installed properly, the first set of data can be retrieved from the devices. Next the user must upload the software components into the system. Phoenix Contact provides a public server, which offers firmware updates, and which can of course be accessed via the software. Additionally to the firmware this server also contains documentation as well as descriptive data, all of which are securely signed. Using the Phoenix Contact server is the easiest way to get the right firmware for a specific device. In case it is not possible to access the server via the internet, the update files can also be downloaded manually.
Customer-specific project files can only be uploaded into the system manually via data transfer. The software then verifies the compatibility of update file and device before suggesting several different update plans and options to the user. Of course, the user can decide which devices shall be updated how often and when. The user can also select what the system should do in case the update for a device cannot be completed. Another option the user has is whether the data transfer should be carried out for all devices simultaneously (and thus postponing the installation until afterwards) or whether the new software package should be installed immediately upon the data transfer. Each and every step of the process is presented to the user and is available in a PDF protocol for a clear and concise overview.
When using PLCnext Technology based devices the previously functioning firmware is automatically rebooted in case the firmware update could not be completed. That way it is ensured that the device is running smoothly after the update process.
The software is available in two different variations: as an App in the PLCnext Store, which can be installed onto an EPC or as a software solution for Windows. A docker container version will be available soon. Another option to manage the software is by using the provided REST APIs. They allow for operating many features of the device management from an overlaying control system for example.
Additional features of the software include an active directory via LDAP, a certificate management, and the option of establishing and controlling update cycles for the connected devices.