Remote maintenance in mechanical and plant engineering on the way to Industry 4.0

Three quarters of machine and plant manufacturers already offer services such as remote maintenance or condition monitoring. With a view to Industry 4.0, additional requirements arise for this. More data-driven service offerings require greater networking, higher data transfer rates, standardized interfaces and a higher standard of security. In this context, data communication via mobile networks is becoming the defining infrastructure.

According to the VDMA, business models based on data will contribute more than 10 percent of sales in 2020, compared with only 3 percent to date. The advantage: Compared with the pure sale of machinery and equipment, after-sales services generate significantly higher profit margins and contribute to better customer loyalty.

Today, the biggest hurdle to expanding services is safety concerns among plant operators. Safeguards against unauthorized manipulation of equipment, including protection against “cyber terrorism,” are becoming much more important in an increasingly networked production environment, as the number of assets that can be accessed from the outside via a single interface continues to grow. From a security point of view, access by external service technicians to the company’s own production network is therefore highly problematic for many operators. That’s why remote maintenance from the outside, separate from the local network, via data communication over mobile networks is a preferred alternative for many companies.

Other challenges to greater networking include the retrofitting of old systems, solutions that are technically too complex, and a lack of support, especially for medium-sized companies without large IT departments.

Flexible and cost-effective data connection via mobile networks

For the highest possible plant availability and rapid assistance in the event of malfunctions, plants are now generally equipped with a teleservice module. In the past, wired analog modems were primarily used for this purpose. With the wide spread of broadband mobile networks and drastically lower prices, data communication via mobile networks has now also become a better alternative for fixed installations. Due to the independence from cable networks, locations that do not have a corresponding cable infrastructure are now also accessible. This makes it easier to connect machines and systems, as they can operate independently of – usually third-party – data networks at the system’s installation site. Other radio technologies, especially for short-range applications, are being tested (LORA, Sigfox) or are already established (WiFi, Bluetooth), but will not be discussed in detail here.

The mobile communications bit rate has increased by a factor of almost 20,000 with each development stage of the mobile communications standard (counted in generations G) while costs have fallen dramatically. While second-generation mobile communications with GPRS (2G) still had to make do with 55 kbit/s, up to 100 Mbit/s are possible with LTE (4G) and up to 1 GBit/s with LTE Advanced (4.5G). The 5G network, which will be phased in from 2020, is expected to enable even higher rates of up to 10 GBit/s.

Fig. Maximum bit rate for mobile communications: The bit rates achievable via mobile communications have increased by a factor of almost 20,000 within just a few years – with drastically falling costs per megabyte transmitted.

Remote maintenance access for repair, preventive maintenance and digital services

Remote control technology is already saving machine builders extensive costs during the warranty phase. Up to 80 percent of faults can be eliminated by teleservice. If it is nevertheless necessary to send an employee to the site, the fault can already be localized via remote maintenance and, for example, the correct spare part can be procured in advance. Software updates are now also largely carried out online. Remote access to the plant is provided via a radio link, separate from the existing production network. An important safety argument for machine operators.

According to the World Economic Forum’s study “Industrial Internet of Things: Unleashing the Potential of Connected Products and Services,” predictive maintenance could save 12 percent in planned versus unplanned repairs and nearly 30 percent in maintenance costs. In addition, the proportion of unplanned shutdowns can be reduced by 70 percent. For this purpose, large amounts of operational data are systematically collected, transmitted and analyzed (Big Data). This data is the basis for new services such as predictive maintenance, process monitoring or optimized production controls.

Sensor data for the Internet of Things should be transmitted without problems

Currently, a debate is taking place about how to deal with the ever-increasing flood of data from sensors and field devices. Service providers and cloud data center operators advocate the unfiltered transfer of all data to the cloud. MC Technologies advises users to transfer only the data that is actually needed elsewhere for decision making. The coarse filtering and pre-processing of data at the point of origin requires a little more decentralized intelligence, but pays for itself within a very short time. Instead of all temperature values, for example, only the values outside specified limit values can be transmitted. The less data that is transmitted, the lower the costs and the smaller the problem of network interruptions or disruptive latency times, or even the risk of sensitive data falling into the wrong hands. What is not in the cloud in the first place cannot be spied out there.

Retrofitting older systems for future-proof IP standards

However, there is still a long way to go before we reach the networked smart factory under Industry 4.0. While new machines are already equipped with an Ethernet interface, existing devices and plant components must be retrofitted. In plants with many subunits, there is also the requirement to make all components individually addressable and accessible.

Different Teleservice components are available here. Simpler modems (now increasingly called gateways) provide the connection of a single machine to a server, for example to deliver data. With increasing networking, more powerful, and in some cases even programmable, routers are required. They are also able to connect complete networks via network coupling. Now every component, whether control or drive, can be addressed remotely just as if they were in the local network.

The integration of different interfaces

In practice, older controllers or drives are equipped with a wide variety of interfaces, depending on the supplier, such as CAN bus, Modbus, Profinet, RS232, RS485 or even analog and digital general inputs and outputs (GPIOs) with system-specific, non-standardized levels. Here, “translators” need to be set up to communicate with IP-based networks on an Ethernet basis. From a multitude of remote maintenance projects, such interface conversions have become normal day-to-day business according to MC Technologies’ experience. Due to the general changeover of transmission networks, e.g. of Deutsche Telekom AG, to IP-based networks, there is an immediate need for action for machines and systems.

Before starting a migration campaign, a migration plan should first be drafted, because it will not succeed by simply joining together individual IP-capable components. All communication components must be coordinated with each other, integrated interface management, a coherent security concept and experienced project management are required for the introduction. Best practice concepts can be used here from experience with a large number of projects.

Automatic commissioning through preconfiguration

A typical requirement of remote maintenance solutions is to connect a large number of machines installed worldwide to a central service point. For this purpose, a secure virtual network with encrypted transmissions and secure authentication of the communication participants (persons and devices) is established via mobile radio connections. To ensure that setting up such a connection does not become a time-consuming problem, MC Technologies takes care of preparing the communication hardware and the software components involved, incl. the settings for the gateways or routers involved and the necessary parameterizations. The devices are handed over customer-specifically pre-configured and tested for each project and provided with all parameters and authorizations required for automatic initial commissioning. If required, joint commissioning is also carried out on site.

With the “MC VPNGate”, a completely automated portal solution for the management of remote network access is also possible. The VPNGate is cloud-hosted or set up on the customer’s servers. Once switched on, the remote maintenance components automatically connect to the central server via a mobile router. The routers no longer have to be configured individually by the user, but are delivered pre-configured and ready for operation (“plug&play”) and managed centrally. The solution is optimized for a large number of decentralized machines with individual authorizations that can be set up, for example, according to qualification for specific plant groups or according to regional responsibilities. Via this portal, service employees have secure access from any location to exactly those machines for which they are responsible and can work with them exactly as if these machines were located in their own company network.

MC VPNGate as a portal solution for secure remote maintenance access

With the “MC VPNGate” a completely automated portal solution is possible. Service employees have secure access to the end devices remotely via this portal from any location and can work exactly as if the devices were in their own company network.

In many projects, application-specific applications, e.g. for data aggregation, including data analysis software and visualization, are also part of the project scope. Typically, such an application includes specific interfaces, for example to the merchandise management system or to customer-specific user interfaces. For international operations, SIM card management for the respective national networks is also required. MC Technologies provides the appropriate pre-configuration of the devices with country-specific application parameters.

Ensure safety and reliability

The online connection of a system component to the manufacturer for service purposes must be well secured from a safety and security perspective. For this purpose, the transport route is securely encrypted end-to-end via a “virtual Internet cable” (virtual private network, VPN). With OpenVPN or IPsec, only recognized encryption standards are used. Which data with which protocols are transmitted via this path is irrelevant, because the Teleservice component ensures a transparent transmission. If several system components are to be connected, subnets with separate IP address ranges are formed as subclients. Separate accesses and authorizations apply to the network segments that are isolated from each other. The devices authorized for communication are authenticated via certificates.

Requirements for the reliability of such remote maintenance connections are often underestimated. If a plant operator experiences a malfunction, immediate responsiveness is required. The remote maintenance components must therefore always be ready for use and function reliably. This requires robust technology suitable for industrial use, such as our industrial routers, and measures that ensure constant accessibility. The challenge: During remote maintenance, a multi-level connection is established. First, the transmission is made to the mobile network, then to the Internet and finally to a central server. Each of these connections must be available in the acute case of the system malfunction. That’s why MC Technologies has implemented a self-escalating three-stage verification mechanism in all of its cellular routers that can cyclically test each stage and, if necessary, initiate an orderly reestablishment of the failed connection after the external fault has ended.

Even if Industry 4.0 is still a buzzword in many places today, it is worthwhile to take the path of end-to-end IP-based solutions now when designing plants and associated remote maintenance concepts. Those who do not themselves have control over the IT network existing at the installation site of the plant can exchange data with the managed plant securely and cost-effectively via mobile radio connections, even in large quantities. In the design, attention should be paid to a consistent, secure network structure and to easy-to-install “plug&play” solutions to ensure practicality and acceptance in the field.

We will be happy to advise you individually on this topic! Our specialists are also very happy to answer any questions you may have. You can reach us via our contact form, by e-mail or by phone at 0511/676999-0.

IT&Production 6-2016