Professional Documents
Culture Documents
ABSTRACT
2. INTEGRATION CONCEPT
The use of Web-based concepts in Industrial
automation Is increasingly spreading. The paper shows A general architectural model is shown in Fig. 1 [I]. It con-
motivation, concepts, prerequisites and implementation sists of tbree layers. The lowest layer contains the factory
details for Web integration. The role of XMGbased communication system (fieldbus) and the automation and
descriptions for mapping of fieldhns data and of control devices (fieldbus components). The middle layer
functions to Web technologies is described. Special contains the web server@), hosting the information for the
attention Is paid to XMGbased Web Services. These clients in the upper layer. The middle layer is often
services are mainly used for maintenance and remote described as a portal, mapping the public Hl"l?' protocol to
control tasks in automation systems with fieldbnsses. private protocols (fieldbus). Thus, the web portal contains
Finally, security aspects are discussed. the business logic, used to assign the users' requests to
specific data acquisition and management tasks using
1. INTRODUCTION fieldbus communication. Technologies like OPC [2] can be
used to assign information from the automation and control
The increasing use of fieldbus systems enables the ex- system to an object model. This model can be accessed via
change of data using modem communication systems. DCOM. OPC servers exist for nearly every fieldbus.
Local Area Networks, in most cases based on Ethernet
and TCP/IP, are used to interconnect different fieldbus
systems. Furthermore, the mapping of fieldbus compo-
nents' data to LANs has been widely discussed.
Web SeMce
Sm*.rq"ni
sa,+za mapon.
.' Listener It. Business Data
Da'a
Logic
B.
++ A W S ~
SanSmntrcl
malm
5. WEB-SERVICE IMPLEMENTATION
this temporary file using an XSLT style sheet. This way, allowing to generate the required WSDL files by software
the result is created and is sent back to the client. instead of writing by hand from scratch.
Taking a first look at this scenario, one might not notice the For example, if a device profile or a device description
differences with respect to an explicit function call. contain parameters relevant for a remote maintenance
However, the main difference is the existence of a generic function, both can be used as an input for the definition of
seMce description. It allows a platform-independent access parameters required in a Web-Service. All additional
to the service, since there are no dependencies between the information, like data types, ranges. comments, etc. can be
interface described in WSDL and the implementation of the inserted into the WSDL file automatically.
listener. It might be implemented in JAVA, as shown in
Fig. 7, it might be implemented using COM or even .NET, Coming back to the idea of a content model for XML
there's no difference in invoking the service. descriptions of fieldbus systems, Web-Service descriptions
should be an integral part of that model. This would allow
Web Service Client to easily create interface definitions with a well-defined
functionality, which fit optimally to the other parameters of
Y
a device. For the manufacturer of a device, the efforts for
HTTF I SOAP implementing access mechanisms and functions are
reduced dramatically.
mol.. P".."1.Uo"
(~nW8n appllutta.. dl.dlpti0" D."."Drn.
w.b "MUSon SOW or m. datab.u m m ....I
Interfaces InterfaCB
On the other hand, the client can retrieve the WSDL tile
h m the server and can use it to create an appropriate user
FrameWOrk I
interface. Since the WSDL file contains information on Figure 8: An XML content model
number, names, data types, and ranges of the parameters in
the service request, a user interface can be generated on the 7. SECURITY ASPECTS
fly. In addition, a validation of the parameters supplied can
be performed before sending the request. This is an When applying the concepts discussed above, more and
outstanding feature, since it can guarantee, that only valid more the security aspects are coming into the focus. In
requests will be sent. general, this is a positive development, since it leads
towards a discussion of use cases of Web technology. The
Of course, the results sent back to the client can be following considerations are a first attempt to deal with the
interpreted the same way. In most cases, human-readable security in systems described above.
representations like HTML pages are created. Much more
effective solutions can be implemented, if an application First of all, security is an important point and has to be
uses the WSDL description to perform validation and considered carefully when designing an application. This
transformation into internal data formats. Using this can only be done in an adequate way, if an estimation of
method, Web-Services can be used to exchange data the potential security risks has been performed. This
between applications on demand. estimation has to take in account, which common relevance
an application can be assigned to. In other words, it has to
6. WEB-SERVICES AND XML DESCRIPTIONS be evaluated, how attractive an application may be for
potential attacks - an important, but unfortunately often
As mentioned above, WSDL files are XML files by nature. difficult task. Furthermore, the general use cases and
This enables to assign the standard XML applications for implementation concepts for Web-enabled applications
transformation and validation. So, for example, the WSDL have to be analysed. Of course, there are differences
file can be created by transforming a device-specific file between an Intranet based scenario and a scenario using the
with data descriptions and a WSDL template. This method global Internet.
is an outstanding benefit of the Web-Service scenario,
~
-
In order to achieve required security criteria, the concepts The middle layer of the Web integration concept shown in
and solutions developed for general IT systems have to be Fig. 1 can be treated as a specific type of application proxy.
applied. Besides common practice like restrictions on file It maps the functionality of the underlying automation and
and system level (granting read or write access to files, control system to web pages or web services. This mapping
directories and application, this includes infrastructure has to consider the roles described above. Since this
components like firewalls, packet filters, application business layer controls the mapping, it can make sure, that
proxies, user access control with smart cards, and a e.g. there’s no direct write access of binary data which
complex security management. Furthermore, appropriate could contain aggressive information like viruses etc.
technologies like encryption, Secure Socket Layer Additional protection can be achieved by using dedicated
technology (SSL), Secure HlTF’ ( H T P - S ) , transaction- operating platforms and specific operating systems. Since
based concepts, certificates and digital signatures etc. the business layer also knows context informatioq the
should be used. Since there are general requirements for assignment of security policies can be controlled. In
security in networked applications, applications in the addition, the knowledge of service sequences and of exact
automation and control area can - and have to rely on- timing information enables this layer to act as a complex
those standards. There are several open discussions and application proxy.
forums on this subject like [9].
The concept of Web Services described above offers
Derived fmm general IT security considerations, security in starting points for implementing additional security
Web-based applications in automation and control has to be features. Features like authentication and enclyption can be
seamlessly integrated into the overall system design. This integrated according to recent definitions like [lo], [ll].
has to be done during all the phases of the design process. This ensures a correct mapping of services to predefined
It cannot be applied as an “add-on” to an existing system users and user roles. Furthermore, the WSDL descriptions
without influencing the other components’ design and co- can be used to check and verify data passed to the service
operation. requests. This reduces errors caused by inconclusive
parameters. However, this feature does not generally
For a system designer, this means to specify exact use cases prevent a user from sending faulty parameters, but since the
and define required security policies applicable to these use context is known, additional checks can be implemented
cases. An o k n used concept is to define so-called %er
roles”. A user role specifies the tasks someone representing 8. CONCLUSIONS
the role has to perform during the lifecycle. This role
defines which data is allowed to be accessed, and which Using the concepts described above, it is possible to
actions are allowed to be performed. Of course, the user automatically generate Web-enabled services for accessing
roles depend on the application. The security policies are fieldbus systems. A scalable solution of applications can be
bound to these roles. It has to be pointed out, that the implemented, combining context-specific infomation with
adequate definition of user roles is a task of general detailed device data. The implementation can be
relevance for every automation and control system. characterised to he exeemely flexible, reusable, and
optimally adopted to the required functionality. Especially
Besides the roles, the context a role is fulfilled in is for tasks in remote maintenance, the potential of the World
important. The context contains information on the stage in Wide Web can be enabled, combined with easy integration
the life cycle, the type of user-interface, its position in the into existing solutions, and with additional security features
architecture of the system, temporal aspects etc. This based on validation of XML-coded messages. Web-
information is heterogeneous by nature. In order to make it Services are an outstanding example of adopting IT-
accessible in a generic way, it has to be described by a technology for automation and control systems.
common methodology. XML can be used here, in
combination with unique semantic definitions defined in a Concerning security, the combination of IT-related security
schema. This task becomes more an more important for features with application-specific knowledge and
future systems, especially since the information defined appropriate definitions offers a good starting point to
here is useful for other tasks, for example for presentation implement effective security solutions. However, this can
and for the generation of user interfaces. result in complex systems, so an estimation of the potential
risk is required. Finally it has to be stated, that keeping the
The assignment of user accounts to user roles is the next required security level is a never ending task.
step to perform. Of course, the users have to be defined
within a system-wide user accounting system. This ensures REFERENCES
seamless integration of automation and control system and
the underlying general IT system. There are a number of [I] Wollschlaeger, M.: “Framework for Web Integration
concepts for user accounting. The most promising is a of Factory Communication Systems” Proceedings of
directory service [8]. This concept allows the extension of 81h IEEE International Conference on Emerging
existing propelry definitions by own, application-specific Technologies and Factory Automation (ETFA 2001)
properties. Vol.l,pp. 261-266.
[2] n.n.: OPC Data Access Automation Specification,
Venion 2.0. OPC Foundation
0 2002 IEEE
0-7803-7570-x102/$17.00
IEEE Africon 2002 252
AUTHORS
Peter Neumann
Princisal Author: Martin Wollschlaeger holds a PhD in
Electrical Engineering from Magdeburg University. He is
working on Web integration into automation systems at the
Automation Systems department at if& in Barleben, .,
Germany.
Presenter:
The paper is presented by Prof. P. Neumann