WhitePaper Cloud Based SCADA Systems

7/31/2019 WhitePaper Cloud Based SCADA Systems

1/12

800.266.7798

www.inductiveautomation.com

White Paper

Is Moving Your SCADA Systemto the Cloud Right For Your Company?

Cloud-BasedSCADA Systems:The Benets & Risks


2/12

Cloud-Based SCADA Systems:

The Benets & Risks | 2 o 12

2011 Inductive Automation

800.266.7798


Recently the ocus o cloud computing has startedto shit rom consumer-based applications to enter-prise management systems. With the promise o lessoverhead, lower prices, quick installation, and easyscalability, cloud computing appears to be a veryattractive option or many companies.

Common questions surround this new technology:What is the cloud? What kind o inormation shouldbe stored there? What are the benets and risks in-volved? Is moving toward cloud computing right oryour company?

Cloud computing is not a x-all solution. It hasstrengths and weaknesses, and understanding themis key to making a decision about whether its right oryour company. Well explore the major benets andrisks involved, and give you a set o actors to considerwhen choosing what inormation to put on the cloud.

What is the Cloud?

The cloud is the concept o using large arrays oremote Internet-based servers to store and handleyour inormation.

Your companys data is saved o-site, on the servers

o a third-party hosted cloud service; this inorma-tion can be accessed by connecting to the cloudserver through your Internet connection. Althoughthe cloud servers dont belong to your company,they are used as i they did.

Think about it like renting a storage unit or itemsyou want to keep around but cant t in your garage.

The space is yours to use as you wish, but you dontown it, and its not located right next to your house.

Now apply that metaphor to server hardware, IT sup-port, maintenance costs, and sotware. While manycloud services are specically meant as storehousesor data, some cloud-based SCADA systems areoered as a service which is reerred to as SaaS(Sotware as a Service). Instead o having the SCADAsystem sotware installed on local computers, the en-tire system and its data is stored and maintained inthe cloud. SaaS companies oer their customers thepower o sotware applications, o-site IT supportand scalable server space all through the cloud.

Cloud computing is a hot topic. As people become increasingly reliant on access-

ing important inormation through the Internet, the idea o storing or displaying

vital real-time data in the cloud has become more commonplace. With tech giantslike Apple, Microsot, and Google pushing orward the cloud computing concept,

it seems to be more than just a passing trend.

Is Moving Your SCADA System to

the Cloud Right or Your Company?

White Paper

Cloud Server

SCADA application

and database

SCADA Clients

Clients connected

to the cloud

PLCs

Sends and receives

data rom the cloud

SCADA Systemin the Cloud


3/12




800.266.7798


To Cloud or Not to Cloud:Choosing Your Data

The manuacturing industry is big, encompassing

a wide variety o companies; likewise, the type oinormation each company tracks can vary greatly.

This act should be taken into account when deter-mining what inormation, i any, should be storedin the cloud.

Inormation such as reports, analytics, and congu-rations are ideal candidates or the cloud. However,inormation that is vital to saety and control unctions

and that which relies on bandwidth availability andreliability is particularly important to the operationo a manuacturer. Its essential to weigh the risksinvolved with putting this type o inormation in the

cloud because it can directly aect the unctionalityand productivity o your company.

The cloud is a relatively new, hot topic, and the buzzabout it can make the associated positives and nega-tives a little unclear.

What ollows is a look at the benets o the cloudalong with the three biggest risk actors, so you candecide i moving your SCADA system to the cloud isthe right decision or your company.

The Benets o Moving to the Cloud

While most direct process SCADA system applica-tions are remaining in-house, many sections o man-uacturing plants are relocating to the cloud becausethe benets outweigh the risks involved. Followingare some o the benets o the cloud that are encour-aging companies to move inormation there.

Pay for Only What You Use

Pay-or-use operating expenses are cheaper thanthe costs a company incurs when maintaining and

keeping their own hardware and sotware up todate especially i only a portion o the space beingmaintained is actually used.

Space that Grows with You

When a company needs more space, it doesnt needto add additional server arms, databases, web serv-ers, etc. You can easily get more space on a virtualcloud-based server without the need to install andmaintain additional hardware.

IT Costs are Outsourced

You dont have to pay or as many in-house IT stato provide support and maintenance or your in-

house servers.

Sharing and Accessing Data Anywhere is Easy

Inormation that is stored on a cloud server is acces-sible anywhere in the world. This makes the cloudan especially attractive option or managers whoconstantly need real-time and historical inormationon the go.

Better Collaboration

Since inormation in the cloud is easily accessible,multiple individuals at dierent levels o the com-pany can collaborate on projects more easily. Thisenables all parties to work together more eciently,which increases the companys competitiveness.

Ease of Upgrading and

Adding Additional Applications

Upgrading and installing new applications areextremely easy in the cloud. Once applicationsare upgraded or installed, they are instantly avail-able to everyone with access to the network.

Its essential to analyze risks when making inormeddecisions; this is especially true with decisions thatdirectly aect your companys uture. The simplest

way to analyze risks about any decision is to take theocus o o the benets, and think about what youdontwant.

Managers must work through many decisions andthe ones who stop to seriously consider both theupsides and the downsides make better decisions.Jack Krohmer o Process Networks Plus has beenrunning his control system integration business or

many years in that time hes seen the eects o hisdecisions, both or his business and his customers.

Risk analysis doesnt have to be complex unless youmake it complex, Krohmer explained. You just needto ask the right questions. The one question youalways have to ask yoursel is: What are you going toget that you DONT want? You have to see the badwith the good and then ask yoursel: Do the upsidesexceed the downsides? Each company has to answerthis or itsel. Youll get either the productivity gainsor losses based on that decision.

Risk Analysis Tips


4/12




800.266.7798


The cloud comes with many attractive benets, but there are still

some obstacles that hold companies back rom making the jump.

This is especially true o companies that deal with a lot o sensitiveor critical data on a regular basis. Each company is dierent and mustexamine the risks with their own special needs and priorities in mind.

The three biggest risk actors to consider or cloud-based SCADA

system data are security, perormance, and reliability.

The 3 Biggest Risks o

Cloud-Based SCADA Systems


5/12




800.266.7798


Security is a major issue or manuacturing compa-nies. From a risk-analysis perspective, think about therepercussions your company may suer i any datayouve entrusted to the cloud is compromised.

Its Not Public Or Could It Be?

Large cloud providers such as Microsot and Amazonspend a good deal o time and money ensuring thatinormation on the cloud is kept secure.

However, just because the cloud security is super-vised, inormation on the cloud is still outside yourinternal network. Your inormation can be acciden-tally leaked, and i it is, anyone can see it.

Krohmer attested that much o the inormationhe works with is critical to his customers competi-tive advantage.

Its ne to put logging or data collection on the

cloud; stu like that is okay as long as security is notan issue, but you dont want to put up control data,Krohmer said. Anything you put out on a cloud-based solution, you need to ask yoursel, Is thissomething I dont care i other people see? On thecloud, your inormation is not supposed to be public,but it is public in the sense that it always runs the risko being public should an accidental leak occur.

Manuacturers should think twice about anythingthat goes up on the cloud you never know i a secu-rity breach will leak valuable inormation to outsid-ers, such as your competitors.

Dealing with hackers and spies online is the new real-ity o security in the Inormation Age. Every company

has to protect itsel rom cyber-attacks o all types.The more sensitive the inormation, the more poten-tially valuable it can be to hackers.

Even the largest and most established companieshave had major security leaks because o i llegal hack-ing into the cloud. In 2011, both Citigroup and Sonyhad major, well-publicized security breaches dueto hacking that exposed sensitive data about theircustomers. In addition to the exposure o sensitiveinormation, the attacks resulted in negative press orboth companies.

By choosing to put your inormation on the cloud

you are routing your companys sensitive datathrough a public network, which leaves your inor-mation more exposed to hacker attacks.

In addition, you could unknowingly make yoursel abigger target or hackers. Cloud services are primetargets because o the wealth and variety o inorma-tion located on them.


6/12




800.266.7798


When a cloud service is hacked, the attack couldpotentially aect any o the companies hostinginormation there. In June 2011,Automation Worldpublished an article on cloud computing that illus-trated this point:

Amazon, one o the largest suppliers, recentlyhad a widespread outage that temporarilycrippled some o the highly tra cked websites,computing resources and data centers it hosts.By comparison, had this computing inrastruc-ture been at just one business, the problemswould have been related only to that business;when Amazons cloud ailed, it aected many,vastly dierent businesses.

When your inormation is located in the cloud, it ismore di cult to trace the hackers than it would bei the hackers broke into your own internal system.With cloud services you lose control on how yoursecurity is set up, which leaves resolution o securityproblems entirely in the hands o your cloud service.

Big Brother is Watching

One nal note on security or companies in theUnited States: The U.S. government has legal author-ity to get copies o anything you place on the cloud,without notiying you. This law came into eectthrough the Department o Homeland Security aterthe Sept. 11, 2001 terrorist attacks.

The exact letter o the law is a little ambiguous, butthe essence o it means that i the government wantsto gain access to data that is stored in a cloud serverlocated in the U.S., it can pretty much get it withouta search warrant and without notiying you. I the

data is located on your premises, such as your localintranet, the government is required to notiy you otheir interest in accessing it and can only orce thematter by legally obtaining a search warrant.

I your inormation is stored on the cloud, the gov-ernment can access it through your cloud serviceprovider, or your ISP (Internet service provider). Thismeans that your inormation could be exposed atany time and you might never even know it, unless

your cloud service notied you. In act, because oHomeland Security, the government may even orceyour service provider not to tell you. The only way toensure that no one sees your sensitive inormation isto keep it o o the cloud.

Is It Worth the Risk?

I your inormation is on the cloud, it can be accessed

by people outside o your company. Whether theinormation is exposed due to the illegal activity ohackers or through legal channels once its out,its out, and it could have a drastic negative impacton your company.

Your job is to decide i its worth that risk. I nothingtoo dreadul would happen i your inormation gotout, then you should be sae in your decision to placeit on the cloud.

Risks to Consider: If there is an accidental information leak, what

type o repercussions will your company suer?

How much of your information would be suitable

to put on the cloud?

If someone did gain access to your sensitive

inormation, would you even know?


7/12




800.266.7798


In order to obtain acceptable perormance orcertain manuacturing applications, high bandwidthnetworks with low latency may be required. Exteriornetworks such as those provided by ISPs may not beable to ulll these requirements.

Bandwidth OverloadYour SCADA system will be dependent upon thebandwidth and latency o your cloud servicesInternet service provider, as well as your own.

By using the cloud, you put your company at themercy o your ISP or your cloud services ISP to xdowntime, bandwidth or latency problems.

I the system gets overloaded, the solution is mostlikely out o your control. You cant access the cloudto see why the overload is occurring, nor can youdiagnose how to resolve the issue.

When systems are hosted on your local network,these actors are most likely under your control.

Furthermore, long-range network architectureplanning and execution would likely be handledbetter in-house under your companys control,which is not likely to occur with outsourced cloudIT administrators or ISPs.

Latency Issues

In a network, the term latency reers to any delay orwaiting a person experiences that increases realor perceived response time.

Latency occurs when data is actively moving through

a network, but to the operator there appears to beno activity. The data is traveling through the system,but that act is not apparent because it takes quite aew seconds or the system to respond to the opera-tors command.

In a network, data is constantly fowing back andorth through servers, routers, switches and otherhardware. Even a single command can make multipleround-trips along a network in order to completea data transer. This can cause the eects o latencyto multiply, oten to unacceptable levels.

The variance o latency is also magnied within

cloud-based systems because o the unpredictablenature o data moving through the Internet. Theincreased and unpredictable latency associatedwith using the cloud can lead to a very unsatisactoryreal-time experience.

Internet tra c can be heavy, lines can be down,connections can ail and any number o other

Risk #2

Perormance


8/12




800.266.7798


mishaps can occur to slow data movement andcause latency. Latency can vary rom a ew millisec-onds to hundreds o milliseconds or more, and thatcan be or just one leg o a round-trip that the datais making.

The urther data has to travel, the more problemscan occur to slow its progress.

Inconsistent Perormance

I your perormance is inconsistent, it can cause prob-lems on your production lines. For example, push-ing a button on an HMI (human machine interace)screen will have a delay, whether it is a second oreven two or more seconds. In this case the variabilityo delay is the problem, since it gives operators aeeling something is wrong.

Krohmer explained why inconsistent response timesare a problem on the plant foor: When panels werehard wired, you pushed a button and the light cameon instantly. On modern HMIs, i it takes a secondor two or the light to come on once the button is

pushed, that is acceptable. I it goes more than acouple o seconds, the operators think the buttonisnt working and may press it numerous times.

I the delay is consistent, operators learn to accountor the delay. Inconsistency, on the other hand, cancause errors or slow down the productivity o yourproduction team.


Beore you switch to a cloud-based system, con-sider the upsides o perormance using an internalnetwork that you can control yoursel. It may costmore to maintain, but having control over your ownnetwork gives you the power to address any peror-mance issues that arise.

Risks to Consider:

If performance uctuates, how will that

aect your company?

How will latency and latency variability affect

your customers experience?

How much latency is acceptable? Latency

might not matter much in some systems,such as those or monitoring and reporting.

Risk #2

Perormance


9/12




800.266.7798


Questionable availability accompanies every systemplaced on the cloud. The servers are in an unknownlocation that your people cannot access. SCADA sys-tem data is usually dependent on real-time monitor-ing and control, so losing this unctionality or even aew seconds or minutes can wreak havoc on produc-tion departments.

More Possibility or Connection Failures

Servers can crash, connections can go down, and themore connections you have the more locations ordisconnections. Every connection line is a risk. Add-ing the cloud to your SCADA system adds one moresource or an unreliable connection.

It really becomes an issue o trust: Do you trust thecloud service with the welare o your company?I they go down, potentially so does your prot.In addition to placing trust in your cloud service,you must place trust in your ISP and the ISP o

your cloud service. I either o them go down, youare cut o rom your data.

Consider just some o the many occurrences thatcan cause this to happen power outages, storms,hacker attacks any one o these can result in con-nection ailure. Even a redundant Internet connec-tion can be aected i your ISP goes down.

The bottom line is this: The more hands yourinormation passes through, the more likely itis to be dropped.

Read the Fine Print

While cloud service providers can promise anythingin terms o uptime, the practical day-to-day reliabilityo the service may be dierent.

Promises made in a service-level agreement arebased o averages across a large and complex net-work. This means that your actual experience usingthe cloud may dier greatly rom what is promisedin the contract.

I your service does go down and you lose protsas a result, what recourse do you have to recoup

Risk #3

Reliability


10/12




800.266.7798


your losses? I the cloud service is responsible youcan take it up with them, but the cause o a down-time event can be hard to pinpoint in the cloud. Itcould be a problem with an ISP, an error in the cloudservice network, or a local connection issue.

The question is how much time can you aordto spend determining the source o the problem,and i you do nd the root cause, can you undothe damage thats been done?

No Direct Access to Fix Problems

I the cloud system goes down, you are at the mercyo the cloud system administrators. You must wait orthem to get it xed, and meanwhile your plant canbe let at a standstill. You wont have any idea aboutwhat the problem is and who is in charge o xing it.

Many manuacturers lose thousands o dollars everyminute their production is down an hour quicklyadds up in lost revenues.

Waiting around or an outsourced IT department tosolve the problem might be a risk you cant aord totake, not to mention the potential nger-pointingbetween the various entities involved.

Is Your Data Backed Up?

Its a act o computing that hardware will sometimesail. When it does, inormation can be lost and thatcan mean a loss o prots.

Maintaining your backups locally gives you thecontrol by having a sta member responsible or itsmaintenance. I your inormation is in the cloud, youhave no control on how the data is backed up andwho is responsible or its maintenance.

You can hold the cloud service accountable or backedup data, but it is one more item you entrust to them.


Placing data such as reporting and analytical dataon the cloud is usually a sae bet, but placing SCADAsystem inormation is a more di cult decision ormanagers to make. I youre looking at moving someo your SCADA system to the cloud, ask yoursel howyou will be aected i the cloud goes down during a

production run.

Risks to Consider:

If the system goes down for a few minutes,

how would that aect the company?

What if your system goes down for a few hours?

If your system goes down will you lose

important data?

Risk #3

Reliability


11/12




800.266.7798


While the cloud fexes with the amount o space youneed, provides you instant scalability, and gets youaway rom maintaining big IT departments, there aresome major drawbacks.

I you decide to keep your SCADA system inorma-tion o o the cloud, you can consider the alternative:Build an in-house cloud-like system.

These type o systems are usually reerred to asweb-based. Web-based means using HT TP or HTTPSprotocol to launch clients anywhere on a network(given adequate permissions) using a zero-installdeployment model.

The web-based system is located on an in-house serv-er, and is usually accessed through a web browser.Since the server sits on the companys local intranet,the web-based SCADA system can be securely pro-tected with IT protocols like rewalls, SSL, and othercommon IT security measures.

Web-Based Benets

Web-based SCADA systems are a good solution orachieving cloud-based benets, without the security,perormance and reliability drawbacks that can be

associated with the cloud.Performance

A web-based SCADA system will not be aected bylatency issues as much as cloud-based systems. Andsince locally hosted web-based systems only needto travel through a companys local intranet there ismuch less chance that it can be slowed down. Theresult is ewer latency issues and better predictability,which increases the overall perormance.

ReliabilityLocally hosted web-based systems can be morereliable because there are potentially less pointso ailure. Redundant servers can also be used toincrease the reliability o your main server, so i ityour main server goes down you will still be upand running.

SecureWeb-based systems oer better network securitythan a cloud-based service. By having the centralserver on site, its easy to know who is responsibleor maintenance and security.

Since locally hosted web-based systems are only onthe intranet, there are ewer ways or a hacker to gainaccess to system data.

Is It Right or Your Company?

A locally hosted web-based system may be a betterchoice or your company than a cloud-based solution.

The only way to know is to understand what kindo system you need and to explore the availableoptions. Are you going to use the system or simplyrecording and reporting? Is it a real-time control

system? How easily accessible do you need yourdata to be?

These are some o the questions you need to ask inorder to determine whether to host locally or out-source to the cloud. While evaluating your options,one web-based SCADA system solution you shouldconsider is Ignition by Inductive Automation.

The only way to decide i moving to the cloud is right or your company

is to evaluate risks involved or your own SCADA system. Theres no single

right answer; each situation has to be evaluated on its own terms. Whenevaluating this decision you also need to consider the alternatives to cloud-

based SCADA systems.

Alternatives to the Cloud:

In-House, Web-Based Sotware


12/12



2011 I d ti A t ti

800.266.7798


Web-Based Access Anywhere

Ignition is web-based; its server sotware that iscongured via any web browser. The drag-and-dropIgnition Designer and clients are launched rom webbrowsers using innovative web-launched technol-ogy. With Ignition, tedious client installations osotware are a thing o the past.

Get the Power o SQL DatabasesWith Ignition, your data is always stored in an open,accessible ormat. The SQL Historian eature is com-patible with any modern SQL database. Ignition hasnative support out o the box or nearly any SQLdatabase including Microsot SQL Server, MySQL,Oracle, IBM DB2 and PostgreSQL. The SCADA andreporting eatures can pull data in rom multipledatabases simultaneously.

Cross-Platorm: Use Any OS

Ignition is written in 100% Java, making it the rstmature cross-platorm HMI, SCADA, MES packageavailable on the market. Top-to-bottom support orall major operating systems opens new dimensionso architecture fexibility. With Ignition, companies arenow ree to use the system they want not the sys-tem theyre constrained to by outdated technology.

Unlimited Licensing Makes It Afordable

Access is important or eciency, thats why itshouldnt be limited by sotware licensing costs.With Ignition, buying client licenses or tags will nolonger hold up your project. This allows you to putyour eort toward adding more unctionality intoyour system, while providing access to everyonewho needs it.

Easily Build a Web-Based SCADA System

Ignition by Inductive Automation is an industrial application server, used tocreate systems that cover the ull spectrum between HMI, SCADA and MES.Its unique architecture enables accessibility rom any computer no matter

the operating system, rapid project development and deployment, andmassive scalability without complexity.

PLCs

Connect to any

PLC through OPC

Database

Connect to any

number of databases

Central Server

Ignition Gateway

with all modules

Web-launched Clients

Access projects anywhere with

an unlimited number of clients

Web-launched Designers

Design projects concurrently

with multiple designersMobile Devices

Access via wireless

smartphones and tablets

Documents

WhitePaper Cloud Based SCADA Systems