Unifying OT & IT Through Seamless Interoperability

54 min video  /  45 minute read Download PDF
 

Speakers

Don Pearson

Chief Strategy Officer

Inductive Automation

Danny Haskell

President

NeoMatrix

Fred Zaboli

Operations Manager

Wunderlich-Malec Engineering, Inc.

Jeremiah Arcaraz Mitchell

Software Project Manager

Barry-Wehmiller Design Group

Many companies still think of OT and IT as unmixable technologies, much like oil and water, that can only come together under special circumstances. The Ignition platform allows you to leave this mentality behind and step into a new world of interoperability.

On August 29, discover how you can bridge the OT/IT gap through open standard technologies and Ignition’s unlimited connections. You’ll learn how Ignition’s OPC UA Module enables you to break down barriers to connectivity, with drivers for nearly any PLC. Additionally, you will see how Ignition can connect PLC data to any SQL database through the SQL Bridge Module. Also, you will hear from professionals about how these and other Ignition features have helped them build innovative projects.

Join us and learn how you can:

  • Manage OT and connect it to IT with Ignition.
  • Connect to any PLC through Ignition’s drivers and custom APIs.
  • Connect to any major database with Ignition’s native SQL compatibility.
  • Stream PLC data directly to a SQL database.

 

Transcript

 

00:00
Don Pearson: Well, good morning everyone, and welcome to today's webinar, "Unifying OT & IT Through Seamless Interoperability." We're very happy that everyone could join us here today. My name is Don Pearson. I'm the CSO with Inductive Automation. And I have with me today, Danny Haskell, President of Neomatrix, and Fred Zaboli, an Operations Engineer for Wunderlich-Malec Engineering, Inc., and Jeremiah, a Software Project Manager for Barry-Wehmiller Design Group. Thanks, Zaboli, for being a panelists here today. I'm just gonna give each of you a minute or two to tell us a little more about yourself and about your company. So with that, let's start with you, Danny.

00:41
Danny Haskell: Hi, Don. Thanks for having me on today. I'm President of NeoMatrix. 25 years ago, I started my journey in automation, where I was programming PLCs and SCADA for manufacturing companies. Since then, I kind of worked my way up to project management, engineering management, as well as doing engineering work. So happy to be here and glad to share.

01:08
Don Pearson: Thanks so much. I really appreciate you taking the time to be with us today. Fred, introduce yourself a little bit more.

01:16
Fred Zaboli: Hi, everybody, and thanks, Don, for having me here. My name is Fred Zaboli, operations manager at our Huntington Beach, California, office. I am an electrical engineer, 20 years of experience with design and implementing automation systems. PLC, DCS, did a lot of HMI programming and SCADA design. Got introduced to Inductive Automation Ignition 10 years ago and became my favorite. And I can say my favorite projects are doing MES, HMI, and batch systems with Ignition. Wunderlich-Malec Engineering as a system integrator. We do automation projects, MES integration, IT/OT network system, and design. I'm excited to be part of this presentation.

02:10
Don Pearson: Well, we're excited to have you. Thanks so much, Fred, for being here. And Jeremiah, you take over.

02:16
Jeremiah Arcaraz Mitchell: Yeah, thanks. So, like a few of the other presenters said before this, my background is controls as well, kind of worked through the PLC space. But, yeah, we're a Barry-Wehmiller Design Group is a full-service system integrator and engineering design firm. We do everything from the construction, building, and manufacturing operations all the way through control and ERP type work as well. So, happy to be on the call. I'll give you a little more information here later on what software looks like at Barry-Wehmiller Design.

02:49
Don Pearson: Thanks, Jeremiah. Much appreciated. Thanks for all of you for joining today. So, here's the agenda. We'll start out by discussing how Ignition's features bring OT and IT together. Then we'll talk about the OPC UA Module, how it enables you to connect to any PLC, and then how the SQL Bridge modules allow you to seamlessly bring the data from those PLCs into SQL databases. After that, our guests from NeoMatrix, Wunderlich-Malec Engineering, and Barry-Wehmiller Design Group. They're gonna share some projects where Ignition's unlimited connections and SQL database connectivity and made an incredible difference in those projects. And of course, as we always do, we'll finish up with a Q&A to answer any questions any you may have. So, if you think of a question during the webinar, just go ahead and type it into the questions area on the GoTo Webinar control panel there. We'll answer as many as we can. But if we don't get your question today, please reach out to one of our knowledgeable account representatives. They'll answer it for you and give you what you need. We'll have their contact information available at the end of the webinar on the slide.

03:57
Don Pearson: Also, this webinar and the slides will be made available within the next few days. If you want to go over any of the tips again or share them with someone else, one of your other colleagues, they'll be available for you to be able to do that. Just a snapshot of inductive automation. A few facts about us. We make software that helps people solve problems, and we focus on our software platform, Ignition. I've been in business 21 years now. We've got 61% of Fortune 145, or almost 45% of Fortune 500, are basically using Ignition. We have a highly diversified customer base across a good number of industries. Installation is in, I think, I heard yesterday, up to 140 countries now. We have a network of over 4,000 integrators worldwide. The company has been profitable and independent with no outside investors. And our focus is just on giving you the best platform we can for you to be able to use in your organizations and with your customers.

05:03
Don Pearson: One reason that I would say that Ignition was developed was to be an OT software to solve connectivity problems with IT. Enabling IT to easily connect to and manage OT data by using communication protocols that IT understands. In order to achieve this interoperability, Ignition uses open standards technologies, OPC UA, MQTT, SQL, and many more. And of course, Ignition comes with native SQL databases connectivity and MongoDB Module, which enables your system to connect to NoSQL databases and make flexible document data models, query data and tags to use in reports, and more. Ignition also offers unlimited connections to PLCs and databases, enabling you to infinitely scale your system without any fees or needing to completely overhaul your system in order to accomplish that. Ignition's OPC UA Module is one of Ignition's Core Modules. So it's included with standard Ignition, and it enables your system to make outgoing connections to third-party OPC UA servers.

06:21 Don Pearson: The OPC UA Module allows you to connect to most PLCs out of the box and to make your own drivers with custom APIs to connect to nearly pretty much any PLC you can. The OPC UA Module is based on modern IT protocols, has high-performance binary TCP coding and transport with RSA encryption, supports large tag counts, updates quickly and easily connects to remote machines. When you look at the SQL Bridge Module, that really brings OT and IT in together by bridging the gap between OPC UA data and SQL databases. By connecting your plant floor to open-source SQL databases, it actually frees your system up so they're not really locked in any proprietary lock-in stuff. We like to call it the Swiss Army knife for integrating PLCs and databases. The module also allows you to really you can log huge amounts of data and virtually unlimited recipes, customized recipe batching systems, track changes, IT trends and data, historically sequenced plant floor processes, a ton of stuff. So when you took all of these features in Ignition, we can seamlessly connect OT and IT. And we want to showcase that today. So we put together a few projects and allow the people who did those projects to talk about them. So with that, Danny, you're up. I'm gonna pass it over to you. You're gonna tell us about a project from NeoMatrix. So go ahead and take it over, Danny.

08:01
Danny Haskell: Thanks, Don. There we go. NeoMatrix was founded over 21 years ago. We're a software services company specializing in automation and software integration for manufacturing companies. We have two offices, one in Portsmouth, New Hampshire, and one in Andover, Mass. Our main geographic area is the Northeast, New England, and New York. But we still help our customers all over the country and the world. We've been a premier integrator since 2016, and we've been using Ignition since 2010. So Ignition has been a very important tool in our toolbox to help our customers along their Digital Transformation journey by helping them to connect and integrate people, assets, and business systems in real time. And this has allowed us to provide better visibility of manufacturing operations at all levels of the company. We have a customer where operators all the way to the CEO are actually monitoring what's happening on their shop floor and allows for real-time correction of operations when it's needed, not afterwards.

09:14
Danny Haskell: Centralized data and IT-managed server. This one's a really important one. Back 25 years ago, it was not uncommon to see plants where you basically had 100 PCs out on the floor collecting data. And if the PC died, then you might be out of luck. Here you can leverage IT best-in-class servers that have backup solutions and also enhance security. Increases efficiency and workflow between all manufacturing processes. One comment on the centralized data is that you also have the ability to do things like statistical control or analysis and SBC and also leverage new technologies like AI and machine learning. In this project, it's basically a receiving raw materials project. The example I'm gonna show you is essentially one raw material, but the process for doing that applies to all the raw materials for our customer. Our customer is the best-in-class aseptic beverage manufacturing company.

10:21
Danny Haskell: The business need was essentially automate the receiving process for all raw materials into the plant. And then the receiving process required integration of PLC systems, LIMS, and ERP system, and Ignition. So the solution was to use Ignition as the front end, and it's kind of the glue between these two different processes, and use Ignition to integrate to the IT managed systems like LIMS, ERP, and as well as the PLCs that control the transfer of raw materials into the plant. So this is the dairy raw material process flow. So when a dairy truck shows up at the plant before they can transfer the material into their internal tanks, they have to process the receipt as well as perform some raw material testing, and then needs to be accepted before it can be transferred into the building. So the very first step in processing the receipt is they're actually gonna fill out this form and Ignition, and the color codes, by the way, shows the different systems that are available, and the blue being Ignition.

11:28
Danny Haskell: And then once you enter in the particular PO and other unique identifiers related to this raw material, the Ignition forms will show the different testing that's required for the raw material. And on some of the data, it's actually being performed on laboratory equipment that is connected to a LIMS system or database. And that data we can retrieve using SQL to bring into Ignition. And then there's also manual data entry points where operators will conduct the testing and enter those results into Ignition. And at some point, once that has been completed, they'll need to review the test results. And if accepted, this will prompt the PLC system that allows the transfer to occur. And that's done via OPC UA. And then also, once the transfer has been completed by this PLC system, it will output the total raw material that was received in the tank.

12:34
Danny Haskell: And at that point, we need to process the PO into the ERP system. So we take all of the PO information, and that gets sent to the ERP system using that REST API that the Infor ERP system has. And as well, we'll send the amount in the test data into the ERP system as well. And this is just an example of the receipt entry order form. The PO number can't really see it in this in this view-only mode, but you would be able to enter in the PO number directly by using the tablet's barcode scanner, and it would automatically populate that field. And then you can see the buttons to start new test. And the next panelist feel free to take over.

13:24
Don Pearson: Fred, now we're gonna take over and give a chance to you to take over and speak from Wunderlich-Malec. So over to you, Fred.

14:31
Fred Zaboli: All right. Yeah, Wunderlich-Malec Engineering is an employee-owned company with more than 600 employees and 37 offices across the US. We specialize in electrical and control systems engineering and integration services, helping companies achieve their goals through automation for more than 40 years. We have great partners like Inductive Automation, and we are a system Premier Integrator with Inductive Automation. We have really good, excited engineers with Ignition in our company. We have 15 Gold-certified, 37 core, 93 Credential-Ignition-certified engineers. And with this amount of talent and excitement about Ignition in our company, we do a lot of, we use Ignition in a lot of projects and multiply industries like water/wastewater, pharma, life science, and food and beverage, and many other industries.

14:37
Fred Zaboli: So the premier reason we use Ignition in our projects is for automation and control systems and HMI and SCADA. But it's not only that, we use that in IT/OT convergence projects. If we get a request from customers to do cloud application, we always try to go with Ignition 'cause it makes everything easier to connect IT and OT. And when there is cybersecurity design involved, we also do that. And this presentation, I'm gonna talk about data enablement project. This is a type of projects we do for customers. And if I it's kind of a, it's kind of a summary, and a living example of the slides that Don showed you guys with the feature of Ignition that all the feature of Ignition that it helps IT and OT. So if I wanted to summarize the data enablement, that enablement projects makes data accessible, understandable, and usable.

15:41
Fred Zaboli: And it just overall makes a customer enable to do better decision making over their data. Typical problems that customers, they come to us to solve and leads to data enablement project is data access and not having a way to narrow down the issues. So they wanted to record, and they wanted to put all the data in a central location. And they typically don't have that, and they're looking for a solution. Having variety of platforms and different HMIs and different softwares. These customers, they have like multiple locations, multiple production lines and processes, and each one has different flavors. And they wanted to unify that. Lack of a standard tools and method to present data, like they might use Excel spreadsheet in one line and they might use as specific software reporting software or Power BI to get the information and compare the information, but it's not unified. So each data is different, and there is no contextualization.

16:51
Fred Zaboli: That's one of the biggest problem that they come to us is that like the temperature is just a value. They don't know what is the range. What should it be? It's just a number on the screen. And then, at the end, they wanted to evaluate the data. So those are the problems they come to us. And as soon as we start to find a solution for these problems, you're gonna hit some challenges. So IT/OT challenges during design. First of all, we need to provide a standard data model. We need to come up with a data model that it works for most of the piece of equipment they have. That's kind of a challenge. Each system is different. The programmer for those systems were completely different.

17:36
Fred Zaboli: Different companies, different countries. Aggregation of data from multiple sites and getting it all to one location and dealing with different protocols. Don mentioned OPC UA Module with Ignition that comes handy to kind of tackle this challenge. Each system, it could be Modbus, it could be Ethernet, it could be serial. And getting all these protocols and unify it, that's a challenge. Providing available access to data but not compromising security. This is a dilemma everybody has in automation world. That nowadays people they come and customers they come to you, and they ask for access to data. But at the same time, they wanted to make sure that the data is secure and there is a level access to those information. So you need to find the balance.

18:28
Fred Zaboli: And when we, when you wanted to contextualize data and get a good report out of the data and not just have a raw information, you need to centralize it in one location. You need to collect the data from different location but have it in all in one location. And as far as security, you have to make sure that it's secure as well. So where should we put that central location? Customer might have like 10, 15, 20 locations. Which location is better to host this central SCADA? And then when you do that the other sites or remote sites that they, it's gonna be the edge of network. What if the connection between those remote sites to the central location goes down? They wanted to have a backup there. And then I would say the other challenge is having one unified tool to sync all the configuration.

19:25
Fred Zaboli: So the maintenance guy or the supervisors, they come and they wanted to do some changes throughout the project. So they go do some configuration change to the edge device, but you wanted to automatically sync that to the central SCADA and vice versa. So you need to have one unified tool or configuration that is just one tool not dealing with different softwares. So that's the other challenge and solution. So we kind of figured that the best solution we can provide is with the Ignition platform because of the nature of built-in features that Ignition comes with it. And all these challenges I talked about, it's already included in the Ignition as a built-in feature. It's not a third-party software or additional software. So the solution, the first thing we came up with was we said that we need to do asset-based design principle.

20:24
Fred Zaboli: We have to templatize things so it looks same everywhere. So we use Ignition UDTs, user-defined tags that automatically creates data model that it could be used everywhere and throughout this project. And we came up with the templates, graphical templates that it looks same, and we use Ignition Perspective and templates as far as architecture. We did, we installed Ignition Edge, and we push the edge compute all the way to the edge of a network, close to production lines and PLCs as close as possible. And then we decided to host the Central Ignition in Ignition up in the cloud. Rather than host it in any location, we did it up in the cloud, and we use Ignition Cloud Edition for that. And that helped a lot. We did we deployed edge gateway.

21:24
Fred Zaboli: So we need to give Ignition Edge to IT, the customer's IT department, to install it. So first question they would ask is that, "What is the spec on this servers that we need to provide?" And you can. We said you can put it in any type of operating system because Ignition is open, and whatever standard you have, you don't need to be stuck with a specific Windows version or firmware or a specific patch. So that helped a lot. And then, because Ignition's fully compatible with virtualization, they tend to start virtualize everything, even in the edge side. And we took advantage of cutting-edge technologies in the Ignition platform, like MQTT communication. So those protocol we had from different flavors, we all standardized everything on MQTT communication, which is great for narrow bandwidth communication and it's very reliable.

22:24
Fred Zaboli: Enterprise Administration Module; we use that to sync all the configuration throughout all the gateways. And also, we use scale-out architecture, which is great for expanding in the future, not only for us, for the customer when they receive the system. If they wanted to add more tag collection computing. They can add backend servers if they wanted to add more clients. And it happened that they adding more sites; they can add more front-end gateways and do load balancing. And scale-up architecture helped a lot. We did a unified namespace with Ignition MQTT Distribution Module. And means that if you have a tag, let's say you have a temperature tag somewhere, if you pull that historical value, the whole tag structure it comes with that tag, and it's a unified name space. So that operator knows this value is coming from which site, which location, which production line, and at last but not least following the Security Hardening Guide provided by Inductive Automation.

23:35
Fred Zaboli: So 10 steps provided by Inductive Automation, it's available in their website. We follow that with customer IT, and we were able to meet the requirement of security, and that was a big help result that we got for this kind of projects. If I wanted to summarize it. Standard naming convention. So throughout the whole project, throughout the whole system, they have a standard naming. So if they wanted to add a new site or a new piece of equipment, they know what should be the name that access from anywhere in the world within the customer domain. So and customers, operators, supervisors, managers, they can pull up these screens from anywhere in the world because Ignition's Perspective is compatible with any device, browsers, or mobile devices.

24:27
Fred Zaboli: And we kind of define a back path forward and standards for future expansion. And overall, we had a central hub to publish production data securely and pass it to either Ignition screens or to future existing ERP or third-party softwares, MES systems, and analytic tools for doing machine learning or analytics. If I wanted to summarize it, Ignition closed, it closed gaps between IT and OT work. It's a common language from production all the way to enterprise and management. The IT guys, they understand the nomenclature of the Ignition and as, same as OT and productions. And it just overall opens up in many future opportunities. With that, I'm gonna turn it to back to Don.

25:24
Don Pearson: Actually, before you do, I'm gonna leave you on this slide for one second, Fred, before I let you go here. 'Cause a couple of questions came in that I thought might be good to grab right now. And then we can add more to it in the Q&A section. But first off, one that I'll just mention, this is from Abidi. He says, "As far as I'm concerned, I saw Ignition Platform prefers to use MQTT instead of OPC UA for edge/cloud connection because OPC UA complexity and implementation. Is this a policy that's changing with Ignition?" So I'll answer that one. No, it's not a policy that's changing Ignition. With the first project, you saw one approach from Danny. And then now with Fred, you saw another approach, including MQTT.

26:04
Don Pearson: I think the answer to this is no. From an Ignition standpoint, well, we just want the flexibility for you to choose what's best when you're architecting a solution for your customer. So I think open interoperable choice is what we'd like to have. So you can put a secure system together using the technologies that fit. MQTT was a piece of what Fred just talked about. And then a question I think Fred, I'd like to address to you right now is, could one of these companies, this comes from Chris, could one of these companies talk about how many servers they're running, how they're organized, and how many applications and users they're supporting? You talked about scalability, expanding, etcetera, but Fred, can you give a little answer to that question of how many location servers that you're supporting with this system?

26:53
Fred Zaboli: Sure. Yeah, I can go back to this slide. This is a system architecture we have for this system. So I go with one of the examples we have at one of these customers. So as you can see up here in level four, we have four gateways up in the cloud in Amazon Cloud hosted in Amazon Cloud. For the central SCADA, we have a back-end gateway, front-end gateway, redundant topology, and then we have two MQTT servers. And then we have for the database, we have AWS RDB, which is, it has redundancy built into it and everything. And the rest of the servers you see up there is for analytics and AI systems. But as far as Ignition, that's all we have up in the cloud, and you can expand it. You can add, if you wanted more HMI side, you can just put front-end gateways. And as far as edge site, we have for each site we have for this customer, they have 25 sites. Each site have about 17 to 20 edge gateways, may depend on the number of the buildings and the number of the production lines. So that's... I hope that I answered your question.

28:07
Don Pearson: Yeah, that helps a lot. Thanks so much. There are another of my questions in the queue, which we'll get to when we get to Q&A, but I just wanted to get that one answered 'cause I think it was appropriate to what you were talking about. With that, let's go ahead and move over to you, Jeremiah, with the Design Group, and you tell us about your project.

28:24
Jeremiah Arcaraz Mitchell: Yeah, thanks, Don. So I'm Jeremiah Arcaraz Mitchell. I'm a software project manager with the Barry-Wehmiller Design Group. So, as I touched on earlier, Barry-Wehmiller is a very large company. The design group handles everything from architecture and engineering type work all the way through this enterprise technology consulting and other kind of services down the road. But specifically within the control system group here, we do a lot of work with Ignition. We're an independent system integrator. We work with all sorts of platforms, but we're also a big partner of the team over at Inductive. So we're an Enterprise Integrator, which is the top level of partnership there, as well as a Premier Ignition Integrator. We work with Sepasoft and a couple of these other kind of like add-on services that are tightly partnered with Inductive and Ignition as well. The Design Group has 45 offices across the US and Canada, and we have 1,600 experts here between this architecture and engineering process group all the way through our control system professionals. So we have Ignition certification in 25 of those offices. So chances are we have someone close to you who can do Ignition work if that's what you're looking for. I'm gonna go on. So I had to chuckle a little bit when Don and Dante sent me the title to this presentation.

29:42
Jeremiah Arcaraz Mitchell: So when I think of OT and IT, seamless is not exactly the word that comes to my mind. The truth is that even though the hardware has converged a little bit between the OT and IT spaces, the nomenclature and a lot of the applications and deployment practices are quite different. So you look five, 10 years ago, even at a pretty well-designed manufacturing site, and everything's locally hosted. You have virtual machines. You're using OPC UA, Modbus protocols to talk with all of your PLCs. You have local historians. You're doing some kind of like onsite analysis work. You're doing that kind of thing. So that's the well-run plant of yesteryear, potentially. But on the information technology side, as we start to butt up against this space, we get asked a whole range of other questions. Can you host these applications in the cloud instead? Can you maybe forego the virtual machines in place of something like a containerized application so we can save on our resourcing there? How do you handle your SQL queries to our outside databases?

30:54
Jeremiah Arcaraz Mitchell: Can we use REST API calls to interact with some of our business-side applications? And then there's a whole range of other acronyms that start to flow through ERPs. How do you work with SAP data lakes in general? All these kind of different questions as we are exposed to the broader IT space. So I'll touch on kind of the challenges of that and how Design Group solves those. But I wanna emphasize that there is a really large disparity in the needs and the familiarity of both of these groups. And so what Ignition is great at doing and what the Inductive team has been great at focusing their efforts on is a product that lets us kinda answer a confident yes to these questions that come out of the IT group while also still meeting the OT needs as well.

31:40
Jeremiah Arcaraz Mitchell: So one big aspect that is deployment flexibility. Our customers, they come to us and they ask about, instead of putting this thing on a Windows server, is there a Linux option available? Is there a way that I can host this thing in the cloud Instead? What about from a database perspective? Do I have to pay for Microsoft SQL Server, or can you potentially use Postgres or one of these other options here? And so there's a lot of value to that in smaller deployments when you're really focused on the cost savings, but also in larger scale deployments when you want those just kind of battle-hardened applications that the IT group is already familiar with and eager to support.

32:22
Jeremiah Arcaraz Mitchell: So I'd say there's benefits on both ends of the spectrum there, and the licensing model at Inductive supports that as well. So it really helps us to have cost-effective solutions that meet our customers' needs. Another part that we do pretty heavily here at the Design Group is using Ignition as a platform to develop custom applications on top of.

32:44
Jeremiah Arcaraz Mitchell: So Ignition is great about communicating with the PLCs and allowing all your serving of web graphics to managing identity providers, all of these various aspects, all of these different tools that we need, but also our customers come to us with particular custom requirements, something that it doesn't make sense for there to be a well-defined way within Ignition to do it, and so they turn to our developers to actually provide that for them. So we're able to actually develop within the Ignition platform. There's a lot of built-in dependencies and other kind of help there that allows us to streamline that process.

33:22
Jeremiah Arcaraz Mitchell: And then we already know we have these tools. It's not how do we figure out the entire process of serving up a web graphic to use, how do we develop this within Perspective so that we're using the tools that are already there, or how do we take the tag data that came off of a PLC through Ignition's tools there and use that in a slightly different way. So we really appreciate the ability there of Ignition to provide all of these kind of different services that allow us to focus our efforts on just the small bit of custom work that the customer needs and simplifies the rest a lot.

33:56
Jeremiah Arcaraz Mitchell: And version control. So you start working in the custom application development space, and one of the first questions that a lot of our industrial customers start to ask us is, "How are you tracking that?" I think, "How do you manage your changes?" Gone are the days of just taking snapshots on your virtual machine of maybe saving a daily backup or something like that. Our customers are now more than ever looking for us to integrate with the same kind of applications they use on the IT or the enterprise side to manage the development of our projects at the OT level.

34:29
Jeremiah Arcaraz Mitchell: So with Ignition, we're able to work with these different change management tools: GitHub, Azure DevOps, as well as GitLab. We do very much the same kind of activities you might see in the software space, where we're doing sprint-style deployments, we're using Kanban boards, things like that. It really depends on the needs of the customers. If Ignition allows you that flexibility to have a conventional SCADA deployment, but also to have this custom application that's managed in kind of an IT-first format as needed as well.

35:01
Jeremiah Arcaraz Mitchell: And then one of the really big things that one of the ways that Ignition differentiates itself is this question of containers. So more and more frequently, I'd say that our customers come to us and they ask, resourcing isn't free anymore. We used to think that a virtual machine in the cloud was great and cheap, but now we need to be really efficient with our resources.

35:24
Jeremiah Arcaraz Mitchell: So can you, instead of spinning up an entire virtual machine to do this, could it potentially be answered by a container? And something that Ignition's great about is there is a container-based deployment of Ignition. So this is something that the documentation on it is still kind of a work in progress, but there's a lot there already for those that use it and are kind of familiar with the space to work with. And the Inductive team is constantly adding new features here that allow us to, instead of deploying five VMs in the cloud, be able to make those containers instead; maybe make that a Kubernetes cluster if that's what our customer is familiar with or wants to use.

36:04
Jeremiah Arcaraz Mitchell: And we can do that locally if they have the group to support that or in the cloud. I'd say really that the cost savings advantage there is a big driver beyond even the licensing advantages and other deployment advantages we've seen to Ignition. Resourcing plays a huge role in these larger deployments.

36:24
Jeremiah Arcaraz Mitchell: When I was doing these slides, Don asked me to spend a moment just talking through virtualization versus containerization. So for those of you who may not be familiar, traditionally, we do a lot of our work in virtual machines now, and the operating system is contained within the virtual machine itself. So you think Windows might require 100 gigabytes of install for just the base application itself, the base operating system, plus you put your application on top of it, you end up starting to have a fair number of resources within this virtual machine here.

36:58
Jeremiah Arcaraz Mitchell: A container essentially abstracts the operating system from the application itself. And this is not a new technology. This is not something that's kind of coming out in recent years. This is robust, battle-tested, used by many of the biggest names in the business.

37:16
Jeremiah Arcaraz Mitchell: And so there's a lot of security in place to make sure that even using parts of a shared operating system, they still maintain that separation. But the resource loading for these containers is significantly less. You can run 10, 20 of these things on your laptop at a time, as opposed to trying to do that with virtual machines would quickly bog down your system. There are certainly a lot of benefits to containerization and kind of these other aspects that I touched on before. But all of that comes with challenges. Especially on the containerization side, but also across each of those aspects I touched on. So the biggest thing I've seen, my background is control systems. I started with PLCs and SCADA-type systems.

38:00
Jeremiah Arcaraz Mitchell: My professional engineering license is in control systems. They never teach us about containers. They never teach us about code management tools, any of this kind of thing. It's a whole separate language and a whole separate set of applications and methodologies that are in this space. So a lot of times your controls engineer at the plant level isn't familiar with these kind of tools. And a lot of times the IT groups are a little less than understanding of the needs of the OT side as well. So you end up with this disconnect of someone that's used to being able to plug in every machine and pull all the data they need off of it. And these IT security professionals that are constantly watching for every risk and every potential source of intrusion. So there's a whole variety of challenges there, as I hit on, but unfamiliarity with each other's worlds drives a lot of that as well. It's difficult to containerize applications. So not everything has containerized version. That's something that we see.

38:57
Jeremiah Arcaraz Mitchell: That's why I mentioned one of these advantages of Ignition is they have a very well-supported and far-along containerized version. So you don't have to try to put together beta versions of different products or run a combination of virtual machines and containers to make something work. But it isn't easy to make that happen. And so it's taken a lot of strategic direction from the Inductive Automation team to provide a product that meets those needs. And so we're really appreciative of that. But you're coming along with that as well. It's just the infrastructure support and technical constraints. A lot of times, as I mentioned, the OT resources aren't familiar with how to work with these tools. They're definitely not familiar with how to manage them as well.

39:40
Jeremiah Arcaraz Mitchell: So you have this challenge of how do you get a centralized IT organization to manage a local Kubernetes cluster? Or how do you coordinate between these different groups to provide the flexibility for an OT resource to get in and access all of these different containers when they're not accessed through just a remote desktop connection? Integration with these legacy systems becomes a challenge as well. How do you run virtual machines on one side as well as containers? Maybe co-locate it with them and have them talk back and forth. The structures there are a little bit different. And so it's certainly possible. We certainly do that all the time. But it adds to that challenge of how you roll out containerized applications.

40:24
Jeremiah Arcaraz Mitchell: And then ultimately, one of the things that I've found is the funniest challenge, maybe possibly one of those disoriented things, is just that a lot of these applications that we use are not really sort of prepared for a Unix platform. So a lot of things I take for granted using a Windows operating system interface aren't necessarily there in a very streamlined container. One big thing is a graphical user interface.

40:50
Jeremiah Arcaraz Mitchell: A lot of our containers are spun up from code. You go and try to do that. You think you go through the QE or something for an Ignition install? That doesn't exist. In this case, you have to do all of that from code beforehand and get it right from the start. Yeah, there's all sorts of challenges that come with that. They're difficult for the OT resources to wrap their heads around and difficult for IT resources to adopt to the needs of the site. But Ignition helps to sit in the middle there and really... In closing, this is a, like I said, a highly versatile industrial program. Ignition really does sit at the middle of that IT and OT space. We are increasingly getting asked by our customers to meet their IT needs as well as their OT needs, and Ignition allows us to keep doing that. So I wanna, again, say thanks to you guys for that. The cost effectiveness... It's always a part of it from the containerization and resourcing aspect to the licensing model itself.

41:45
Jeremiah Arcaraz Mitchell: So this is always at the front of our customers' minds and helps to make Ignition an easier sell in that regard as well. That ability to quickly add on new gateways and new functionality is a big part of continued growth and frequent projects as a system integrator. So we know that if we get Ignition into a site, there are opportunities there to grow and add on new resources, both from the way they love working with the system but also just from the capabilities of the system as well. It's actively developed. As I mentioned, the containerized deployment is a big thing for us specifically. So they are actively developing that, and the improvements that are coming down the road are only gonna make it easier for us as we continue on.

42:30
Jeremiah Arcaraz Mitchell: And I really do believe... I think there's several of my Design Group colleagues on the call, I believe, but we certainly believe that Ignition is driving the industry 4.0 and continuing this process of Digital Transformation within our customers. That's what I have, Don. Thank you very much for the time.

42:48
Don Pearson: Totally appreciate that. Thanks a lot, Jeremiah. I know I have things here for a discussion, but I think I'm gonna hold just a bit on the discussion 'cause we have a whole queue of questions. Might as well wrap our discussion into those questions. I just wanna mention a couple of things before we get to the Q&A. One is, I mean, we have several hundred people on this webinar right now, and there's always someone who's kind of new to Ignition.

43:10
Don Pearson: So if you're among those who've never tried it, you can download it for free. Free trial; go to our website, click the button. Takes about three minutes use the free trial mode as long as you want. Design in it. Designer never times out. You can start building your projects, test your system, whatever you wanna do. It's really open for you to explore yourself. To help you along that line, there is Inductive University. I just wanna mention IU. It's free. It's online training. Hundreds of training videos. You can learn Ignition step by step at your own pace. There's also a comprehensive online user manual that you can also use and refer to all the time as you go forward with your own knowledge transfer.

43:54
Don Pearson: I wanna at least mention that we're excited that we have Ignition Community Conference coming up next month, September 17th to the 19th. I do have to say all of our in-person tickets are sold out, but if you wanna learn more about Ignition, you can still visit the website on the screen here, buy a live stream pass. We're gonna livestream the conference. Don't forget to sign up for the golf tournament if you're coming. That'll be great. A little scramble tournament at the end. It's kind of a fun way to connect and get to meet some of your colleagues here. There's a lot of people on this webinar internationally. For those of you outside North America, just to let you know, we have a network of international Ignition distributors, and they can provide whatever business development opportunities, sales, technical support, in your language, your time zone. If you wanna learn about the distributed region, please visit the website listed on the screen here, or you can talk to Igor. He is our International Distribution Manager. Some people ask for a contact information in their questions.

45:00
Don Pearson: You wanna speak to one of our account representatives at our headquarters? Here's the phone number. Here's how you reach him. We also have our office in Australia. So you can call down there also at the bottom of the screen there. So now let's go ahead and get to a Q&A. I'll answer a couple really quickly, and that is one. Yes, there will be a archive of this available. So you can actually do when, you know, share it with anybody else you may want to as we go forward.

45:27
Don Pearson: There is also a greeting for you, Fred, from Abidi Moshiri. He says, "Hello, dear Fred. It was great to see you here after the long years." So greetings to you from an old friend, Fred. And then let's go ahead and get to the first question. And this is from Mohammed. He says, Can you talk about how EAM can be leveraged by IT in terms of patching, updating, etcetera? So can someone take that question? I just opened the mic. I was gonna throw an answer at it. It's like it makes it all simple in one place at one time. I mean, it's a facilitator. But any comments you have on EAM leveraged by IT?

46:09
Fred Zaboli: Yeah, definitely. 'cause, always IT wanted to get a backup of the configuration. And the automation softwares and what we do in OT side; it's not that user-friendly for IT. So they always have the files that we give them, like a PLC backups or HMI backups. It's just they don't have a way to open it up or check the version or host it somewhere. But EAM is a great tool because it's a one central location from all of your gateways. And it automatically does the backup and IT understand it and they can trace and they can see the logs.

46:48
Don Pearson: Great, thanks. And I'm gonna throw a question to you, Danny. This one is for the connection to the ERP system. Did you have to secure the connection? How did that work to have a secure connection to ERP?

47:01
Danny Haskell: Yeah, we did. We used OAuth 2.0. Basically, on the gateway, you do the initial configuration. But in this case, this application required to refresh the authentication every 30 minutes, I believe. So we did have a gateway script that ran through every 30 minutes to essentially refresh the tokens.

47:23
Don Pearson: Cool. I think this next question also came in right after you were talking. So it's from Mariana. She asked, "Can you explain a bit more about what the PLC system does?" Can you say a couple of things more, Danny, about that?

47:37
Danny Haskell: Yeah. So a PLC system in this particular case controlled the process of transferring milk from the truck to the internal tank. But in general, it stands for a programmable logic controller, which basically will control any industrial process. It has the logic and memory to be able to execute the logic to do what you need the process to do.

48:04
Don Pearson: Good. That sounds great. Thank you. So here's another question from Vikram. He says, "Have you set up infrastructure inside a client's network and not use your cloud infrastructure?" So I can... I don't care, Jeremiah, Fred; anybody wanna at least comment to that question from Vikram?

48:25
Jeremiah Arcaraz Mitchell: I'd say with Ignition we have a lot of flexibility there in terms of what infrastructure we use. We've done work within Amazon Web Services, Google Cloud Platform, a couple of other different options, both, like I said, as virtual machines or using containerized deployments. There are some differences. You have to play by the rules a little bit more in terms of how you deploy containers or how you're making sure that your security is properly developed. I think when you're behind the firewall at an OT site, there's always that challenge of, how far do I have to go from a security standpoint? But I'd say, I mean, overall, it really is driven by the customer's needs. We do that in whatever way the customer needs.

49:10
Don Pearson: Cool. Here's another question about cloud providers. And Fred, you mentioned something about the hardening guide or Security Hardening Guide from Inductive Automation. But the question is, "how does..." "How does cloud providers manage privacy of data?" So can you mention something about privacy of data and security in that sense, Fred?

49:30
Fred Zaboli: Yes, definitely. Yeah. So within those security hardening guides, there are steps to close the ports and use secure URLs. And that's one of the biggest challenges for IT work to make sure that the application that we host on the cloud it's all secured. So I would say definitely the secure HTTP and secure URLs is the main factor there.

50:01
Don Pearson: Good. Thanks. We got a couple more minutes. I wanna make sure I think, Jeremiah, I'm gonna send this from your way, 'cause I'm the one who asked you to leave that particular slide in your presentation. Abidy says, "My exact question is: how coordination will be done between different VMs and different containers?" Can you grab that question, Jeremiah?

50:21
Jeremiah Arcaraz Mitchell: Yeah, so like I said, it's definitely dependent on the deployment. But if I was to pick a simple on-premises example, you can host within a hypervisor or something, both virtual machines, and you have a virtual machine that has Docker or something like that running inside it. So now you have VMs running alongside containerized applications. From a resourcing standpoint, there's some redundancy there. You had to go and have a VM that has Docker or something on it. But you do at least have that level of interoperability where containers are running alongside virtual machines all communicating on the same network. Your containers have IP addresses just like your VMs. So that allows the applications to work together. Same principles apply to get up in the cloud space. This is the same kind of thing there, but you do have more options to run much larger container networks. If you use Kubernetes or something, you have several hundreds or thousands of containers at a time. And so there's a scale question there as well, but we manage that as it comes up.

51:27
Don Pearson: Great. I'm gonna take one more question and then a final thing here, but it is open to anyone is how does the platform deal with device disconnects and data reliability? So I know I didn't get into the details of Store and Forward and things and I was talking, but can one of you at least address device disconnects and data reliability on these architectures?

51:47
Fred Zaboli: Yeah, I can take that, Don. Yeah, so when you are in the edge of the network and you're connected to your PLC, and also if you can push your edge devices all the way to the edge of a network as close as possible to your devices, then from there to the central location or cloud location, when we mentioned MQTT, Store and Forward is one of the built-in features of MQTT.

52:13
Fred Zaboli: It means that if the connection goes down, the MQTT by itself is gonna store the data and cache it and then send it up as well as the tag historian, as well as alarm and event historian. So all of these concepts we have between the edge device and the central gateway, they all go into the Store and Forward.

52:37
Don Pearson: Great, thank you. There's some more questions in the queue. I'm gonna repeat what I said at the outset of the webinar here. Please contact someone from our office. We will get to your questions if we didn't get to them. I will answer Luis's question here. He says our company is global with different locations. Where can I start to integrate Ignition? Well, I'd give you two things I would say. There are three companies that have spoken today that you basically have three competent integrators that can help you get started with an Ignition journey. We also have anybody here you can contact that's on this slide here that I'm closing with.

53:14
Don Pearson: So you can contact us, and we'll put you in contact. We have an integrator search where you can get to any of those 4,000-plus integrators around the world. You can find Premier Integrators as the three people on the call here today are so. We try and be as open and available as we can to let you start the Ignition journey. With that, we're a couple minutes over. I do wanna say as I finish up that I really appreciate everyone's participation today. This concludes the webinar. Next month is our Ignition Community Conference. So we'll be back with another webinar in October. Until then, stay connected with us on social media. Subscribe to our weekly news feed email. You can stay up to date through our blog, articles, case studies, a lot more. There's a ton of helpful content for you to explore on our website. Sure, and check it out. With that, thanks for joining us. Everyone have a great rest of your day.

Posted on August 7, 2024