Considerable relief during maintenance

High availability of the machines or systems is a central demand of every operator. Regarding their remote maintenance concept, Hermes Systeme GmbH therefore relies on the Phoenix Contact cloud as a flexible and cost-effective solution for secure access to the customer applications.

Secure remote access to SCADA networks via mGuard cloud

The employees of Hermes Systeme GmbH, located in Wildeshausen near Bremen, Germany, develop innovative solutions for MCR and automation technology. In addition to system modernization, their range of services comprises maintenance and repair of the existing technology as well as supply and installation of new systems. Hermes Systeme focuses on industry and building automation as well as water technology, swimming pool technology, wastewater treatment plant technology, cooling technology, information technology, and central control engineering. As a system integrator, the company has supported industrial and municipal users for more than 30 years, also with regard to implementing SCADA systems. Here, an I/O station designed by Hermes Systeme is used. For remote maintenance services, security appliances from Phoenix Contact are used. They provide secure access to the corresponding SCADA network for the service engineers.

“Nowadays, systems without remote maintenance technology are no longer competitive because every operator requires high availability, which means that any interference must be removed as quickly as possible,” Ingo Hermes, Executive Vice President, reports. His company has already been involved in many control projects, from simple pump control to large-scale projects. The comprehensive services include research, analysis, programming, installation, and troubleshooting in the process systems of the plants. Among others, Hermes Systeme has specialized in the development of proprietary SCADA solutions that control and monitor the processes. In water management, this can be small pumping stations but also complex distribution systems.

Using the cloud solution is free

In the field of remote maintenance, Hermes Systeme relies on the proven technology from Phoenix Contact. The primary focus is on fast removal of errors but also on a transparent security standard that is requested by the system operator in order to accept remote maintenance. Using the Phoenix Contact cloud therefore is an optimum solution for the relevant applications and saves resources of Hermes Systeme. This is possible because using the cloud is free of charge and because Phoenix Contact is responsible for providing the cloud functions. Using a cloud-based solution offers the following advantages:

  • No hardware costs for remote maintenance center
  • Easy-to-use cloud services via web browser
  • Stationary and mobile access is possible
  • Many service engineers can access at the same time
  • Phoenix Contact is responsible for cloud security
  • Reduced capital commitment and labor costs and high availability
  • Phoenix Contact is responsible for scaling and adapting the performance

In the event of maintenance, the service engineer can immediately and remotely obtain information on the system's operating state. The engineer simply presses a button to evaluate a large amount of log files and other historical data that give information about the error cause. The records from the system sensors indicate errors and suggest options for optimization at the same time. SCADA systems are usually comprised of one or more controllers and a graphical user interface. “We can remedy about 80 percent of all the problems completely by means of remote access,” explains Christian Nölker, electrical engineer and programmer at Hermes Systeme. “To do so, our service engineers view the operator's screen of the system on their computer and then work on error removal together with the employee on site.”

Easy management of systems and service personnel

It is not enough to look at the technical parameters and prices in order to make the right choice of remote maintenance technology,” Christian Nölker emphasizes. With an increasing number of systems, management of the online accesses and configuration of the remote router stations can become time-consuming. Issues like secure authentication, managing customized access and configuration data as well as different software environments of a plant that has grown continuously make the decision even more complicated. “We were looking for a supplier offering a solution for easy management of the systems as well as of the service personnel,” Ingo Hermes explains. “It was also important that this was a renowned manufacturer in order for our customers to accept the remote maintenance concept.”

For this reason, the decision-makers were convinced by the complete solution from Phoenix Contact because it comprises system and service personnel management in addition to a high IT security standard. The required configuration of the terminal devices is automatically generated in the cloud and downloaded to the devices. Any processes, such as VPN configuration, routing settings, and certification management, are implemented using the cloud. “The Phoenix Contact cloud as a portal manages the increasing variety of different maintenance environments of the systems and automatically provides the right environment to the service engineer,” Christian Nölker is pleased to say. Every service access starts a temporary virtual machine, which is deleted again afterwards. This machine also allows for parallel operation of different software generations. For Hermes Systeme, this type of remote maintenance has proven to be an efficient solution that ensures increased system availability for the company's customers.

Robust solution for harsh industrial environments

“We were looking for a solution that uses the Internet to dial into the SCADA network of the system. At the same time we wanted to protect the network against unauthorized access,” Christian Nölker continues. Ideally, the solution was suited to an industrial environment. “However, the majority of security applications on the marked have been developed for the office environment,” Nölker explains. Hermes Systeme has opted for the FL mGuard product range and thus for security appliances that meet all the requirements of the industrial environment. This series comprises security components with integrated firewall, routing and VPN (Virtual Private Network) functions for industrial networks. The devices combine IT requirements and a robust hardware in a metal housing for harsh industrial applications.

“The FL mGuard RS2000 version we use can be mounted on a DIN rail and features a 24 V DC power supply. Based on the local situation we either use the RJ45 version or the mobile network version to connect the system to the cloud,” the programmer continues. The FL mGuard RS2000 acts as a secure gateway that protects the system against unauthorized access. Therefore, the SCADA network can be connected directly to the Internet and thus to the cloud. The service engineers use a VPN software client to establish a connection to the cloud. The VPN function ensures that only authorized persons can initiate communication using the corresponding access data. If the VPN connection has been set up, it works like a direct connection to the local network. In this way, the programming software of the controller recognizes the security devices and can simply connect them.

Summary

Modern plants are often comprised of complex machines and systems that are characterized by a high level of automation. As digitization in the industrial environment increases, a rising trend can be expected. These applications must be provided with IT security that is based on the user's requirements and the system's requirements and that builds up suitable protection against the typical attack vectors. Access security is a constant process that can only be operated by the new security architectures that can be controlled by the user - such as the Phoenix Contact cloud.

PHOENIX CONTACT (I) Pvt. Ltd.

A-58/2, Okhla Industrial Area, Phase - II,
New Delhi-110 020
+91.11.30262800
Referrer: