OPC Improves Security in Plant-to-Corporate Connection

July 24, 2008
Secure OPC tunnelling is established between power plants and the company offices by using the OPC DataHub from Cogent Real-Time Systems.
In two recent projects, Italy’s ABB Energy Automation has developed a control solution that feeds data from power plant facilities directly to corporate offices—in real time—using the OPC DataHub from Cogent Real-Time Systems, located in Georgetown, Ontario, Canada. A key requirement was to provide a highly secure means of data transmission, with the minimal risk of break-ins. The OPC DataHub tunnelling solution establishes a secure, reliable connection between the power plant and corporate networks. ABB Energy Automation implements software and control systems for power plants to ensure that equipment operates at optimum speed and efficiency. For this project, it became clear that several Italian power companies would benefit substantially by monitoring the performance of the plant directly from the company offices. Michele Mannucci, ABB Project Engineer, began looking for a way to make the plant-to-office connection, using the most reliable and secure means available. “Customers are very sensitive about security these days since they need to exchange information on the Web,” he said. “We had OPC servers on our equipment, but found that using DCOM [Distributed Component Object Model] for networking was too risky. It required us to open too many ports in our firewalls. We had to find a way to avoid using DCOM.”A search on the Web brought Mannucci to the OPC DataHub. For the first test, he connected the OPC DataHub to the plant’s DigiVis Freelance 2000 OPC server, and then connected to an OPC client, tunnelling through the plant firewall using just one open port. With that working, Mannucci installed another OPC DataHub on the corporate network, and then created a mirroring connection between the two DataHubs.For the production system, the company decided to use ABB’s own proprietary OPC server on the secure LAN in the plant, and connect that to the OPC DataHub. From the OPC DataHub, the data flows out through a single port on the plant firewall via SSL-encrypted TCP to an OPC DataHub in the corporate offices, which is connected to the corporate LAN. The two OPC DataHubs mirror the data, so that every data change on the plant LAN is immediately received on the corporate LAN. It took only a few days for Mannucci to go from initial testing to a working system in the first power plant. The second system was up and running in a similar time frame. Both systems have been running 24/7 since installation, with no breaches in security.“For us, this OPC tunnel is very good, because we only need to open one port, and we are secure from DCOM break-ins,” said Mannucci. “We are considering installing this same solution in other plants.” For more information on OPC solutions from Cogent Real-Time Systems, visit www.opcdatahub.com.

Sponsored Recommendations

Why should American-Made Products be a top priority?

Within this white paper, Shalabh “Shalli” Kumar, founder of AVG Advanced Technologies, stresses the importance of prioritizing American-made products to safeguard the country'...

How to Improve Production Accountability in Manufacturing

David Greenfield, Automation World's Editor-in-Chief, and Shalli Kumar, founder of EZAutomation, discuss the idea of production monitors: a preprogrammed PLC/LED display that ...

HALT/HASS: The Ultimate Test for Reliability

Discover how companies like EZAutomation push the limits of reliability with HALT/HASS testing, originally designed to mimic the extreme conditions of space shuttle launches. ...

Your Next Production Monitor Is Only a Few Clicks Away

Shop for your very own EZ Production Monitor. It's designed for non-technical staff, so there's no programming required! It combines pre-coded firmware, real-time data, and WiFi...