IILA x IOTA — Bridging the Gap between OT and IT in Production Metrology
Creating a Wireless Smart Device Gateway for Quality Applications using Mahr Measuring Instruments
Co-Authors: Ashri Anggia, Semjon Becker, Sascha Kamps
Quality Applications in Production Metrology
Quality applications and production measurement technology (referred to as Production Metrology) cover an important market, see Figure 1. In Germany alone, revenues from the manufacture of measuring and testing instruments rose from USD 28 billion to USD 38 billion between 2010 and 2016. According to a statistic by Statista, a further increase to USD 41 billion is expected in Germany by 2020. Although Germany is an important industrial nation, the figure below shows an incredible worldwide potential in the field of quality applications and production measurement technology.
In quality applications and production metrology, measured data — referring to the quality of a product — is exchanged between manufacturers (e.g. OEMs) and their suppliers; most probably in a different variety of formats and in a short notice. This non-standardised exchange of quality data is associated with considerable financial losses, because on one hand there is no reasonable exchange standard and on the other hand cooperation between manufacturers and suppliers without exchange standard simply does not work.
In recent years, few attempts for exchange protocols like Quality Data eXchange (QDX) or Advanced Quality Data Exchange Format (AQDEF) have become increasingly common in use. For direct integration of devices into Statistical Process Control (SPC) software, some standards such as the MUX-50 data format are available. However, this is an error-prone process with low trustworthiness.
It is imperative that the measured data should be transferred immutably conforming high data security standards and existing data exchange protocols. With advancing digitisation and globalisation, the use of Distributed Ledger Technology (DLT) as a decentralised protocol can lead to a worldwide backbone for measured quality data, enabling trust, data security and widely useful exchange format. But first, one needs a concept to combine Operational Technology (OT) and Information Technology (IT).
1. What is OT?
Most people are probably familiar with the term information technology (IT). IT professionals usually work on the business side and cover the entire spectrum of computing science, such as software, hardware, communications technologies and related services. However, IT does not include embedded technologies and industrial equipment, so most IT teams have little experience with Industrial Control Systems and are unfamiliar with high voltage currents, Programmable Logic Controllers, and Computer Numerical Controls. Operational Technology (OT) is a relatively new term and as Gartner explains:
“OT is hardware and software dedicated to detecting or causing changes in physical processes through direct monitoring and/or control of physical devices such as valves, pumps, etc.”
— Gartner IT Glossary, as of Jan. 2019
In general, Industrial Control Systems (ICS) are environments that contain Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), Computer Numerical Controls (CNCs) and Programmable Logic Controllers (PLCs). Embedded systems are as much a part of industrial engineering as a variety of devices for scientific data acquisition, data modelling, and data processing.
IT and OT have distinct roles in a company. With the advancement of digitisation and the industrial internet, the boundaries between the two teams are blurring. More connectivity and integration is of course beneficial for intelligent analysis and control. While security has always been a priority for both IT and OT teams in traditional systems, these newly arising networked IT/OT systems represent new scenarios and risk profiles in both directions. Close collaboration would therefore be the ideal solution. However, the two areas still tend to work side by side rather than collaborative. It is precisely why this integration is necessary in order to take advantage of the opportunities offered by IIoT.
The main concern of both parties is to maintain control over systems and machines and ultimately to ensure the safety of their employees and customers. The new solutions should incorporate the following key components to satisfy both sides:
- Identification and Authentication of all devices and machines in the system, both in production facilities and in the fields, to ensure that only approved devices and systems can communicate with each other. This would reduce the risk of unauthorised and untrusted devices compromising the network and taking control over systems or machines.
- Encryption of all communications between devices, machines, and operators to protect the privacy of the data being transmitted.
- Integrity assurance of the data generated by these systems. Intelligent analysis is an important facilitator in the introduction of the industrial internet. But this analysis is worthless if the data itself cannot be trusted.
With the development of distributed ledger technology, a powerful protocol is now available that could bridge the gap between IT and OT in the future.
Using the measuring instruments as an example, which by definition are dependent on data integrity, tamper-proof data and complex measurement calibrations, a proof-of-concept was set up, which is supposed to bridge the gap between OT measuring devices and IT data services via IOTA.
2. On the OT side: Measuring Devices
Subject of this use case are Mahr measuring devices with wireless transmission support, see Figure 2. However, in this report, we firstly focus on the probe indicator showing +13.4200 mm.
Callipers (top) are used to measure the length of mechanical components. Micrometre screw gauges (left) are also used to measure diameter of mechanical components, but compared with callipers, they offer more precise outcomes. While Callipers and Micrometres are mostly used by hand, probe indicators (right) are used within industrial machines.
As these particular measuring devices support wireless transmission of the measuring values to the own Mahr software MarCom (see Figure 3), the idea of the use case is to transmit these values by the push of a button to the Tangle in order to make them immutable.
Measuring instruments are manually configured in the MarCom software, i.e. logically “connected” to measuring channels of the virtual boxes. The physical connection can be made in a variety of ways (e.g. via Wireless USB® using a Mahr i-Stick). MarCom supports all electronic Mahr® hand-held measuring devices. The software also allows a single target format to be specified:
- MS Excel®: The measured values for each connected measuring instrument are copied into a separate column, table or folder
- Statistical Process Control: Software using a virtual interface box and the MUX-50 data standard
- Text files or key code
OT Data Format: MUX-50
To process the measured values we used the virtual COM interface and the MUX-50 data format. The MUX-50 format is a quite simple protocol based on ASCII characters. A measured value always consists of 23 ASCII characters terminated by carriage return and line feed, see Figure 4.
3. Bridging OT and IT via IOTA
After the definition of the use case and the selection of the measuring devices, the measured data and some additional Meta information should be sent to a SPC software and Excel for further data processing. Normally, SPC and Excel run on different systems, blocked via corporate firewalls and IT restriction, which makes the simultaneous use not possible.
Alternatively, the data is firstly used in Excel and then transferred to the SPC software (or vice versa). Descriptive Meta information is then added manually. Since there isn’t an option from MarCom-API nor an interface description for direct control of the USB stick, we decided to transfer MUX-50 data via the Virtual Com Interface to allow for a communication with the IOTA Tangle.
The advantage of using IOTA is that one can bypass corporate security restrictions without jeopardising them: No port opening or port forwarding in firewalls, no rerouting of network streams, no single code implementation to configure P2P networks, databases, cloud accesses or TCP/IP protocols. Therefore, we have created a simple IOTA Gateway to send the measuring values to the tangle every time the operator conducts a measurement, see Figure 5.
Data transmission can be done via the Data button on the measuring device or data cable or via a PC keyboard, timer, remote control or foot switch connected to a USB interface. The gateway included the communication via the com interface. The values (according to the MUX-50 format) were then sent to the tangle. We used the tag “MARCONNECT9MEET9IOTA” to demonstrate the capabilities of the use case, see Figure 6. Feel free to search for this tag using TheTangle.org.
Behind the transaction ID SGD9IHIWILRIFISPBQTDREWPRGVAIXADVUWLVTWQJNDYJALESQSTCGCJHZOSASAVNHYHZEAX9YVAX999999, you will find the measured value of +13.4200 mm, the measuring device is MarCator 1086 Ri, the serial and part number, and the date on which this meter was calibrated last.
Expanding the Gateway: Creating a Wireless Smart Device
Based on the results, we have developed two application-related wireless gateways for processing calliper data too. Both application are typical measuring tasks that occur tens of thousands of times a day in a manufacturing company or at the Laboratory for Machine Tools and Production Engineering at RWTH Aachen University, see Figure 7:
- Measuring the length of a fine blanked component
- Measuring the tooth width during the production of gears.
The gateway architecture takes over the communication with the host software and collects additional metadata such as component name and component number. The generated data is then written into the IOTA Tangle as a JSON object. Monitoring of the transactions and the usage of a full node was realised using the IRI API interface. Additional parameters were simply added as an additional key-value pairs. If the command is successfully executed, your requested information is returned as either an object or a string.
The gateway GUI allows for the specification of a Data Tag and a Machine Name. Data Tag, Machine Name and the Part Name are used to generate the machine address where the data is stored, see https://thetangle.org/tag/ RAW9TEST or use tag RAW9TEST.
4: On the IT side: Distributed Data Services
We have also created endpoints in order to achieve high data accessibility and expand the functionality of the OT software to well know IT capabilities. These endpoints are distributed data services. They enable data processing of the data stored in the tangle. Reading of the data from the tangle is done via IRI API and can be accessed by specifying the data tag or the machine address. These data services can be run simultaneously in real time, which was not possible using the manufacturers OT software.
In order to solve the problem of a simultaneous usage of Excel and SPC, data services like the MUX-50 to Tangle interface, which communicates with the SPC software via a virtual COM port, or the Tangle to Excel interface, which automatically stores all the data including the meta information after specifying the output file, were developed.
Future data services will address issues such as process analysis, process monitoring, process control and machine economy. In the future, however, we will be also using technologies such as ZMQ stream or direct database accesses.
This application use case shows that a decentralised data exchange can be realised without the use of client/server and server/client architectures. The question “Can DLT close the gap between IT and OT?” can be answered with yes. Without opening any services, firewalls or corresponding routing IOTA can bridge the Gap and connect IT and OT. At the same time IOTA ensures data integrity and data immutability, encrypts all communications and allows for a device and machine identification and authentication respectively. It was demonstrated that a decentralised data exchange is possible. In addition, the basic system was adapted through the use of distributed sensor gateways and data services, without making any changes to the core. But for such systems to become a reality, many things have to be researched, developed and worked out together, and that applies to all three components: OT x DLT x IT.
Donations to the IILA
The IILA is a non-profit community. We appreciate every help we can get.
Check our address on thetangle.org.