ip4Cloud – SEC3

Link critical processes securely to IT/Cloud/SCADA services

As the little brother of SEC3PB, SEC3 offers the same functionality with the exception of the Profibus interface. This enables data to be collected and processed via industrial protocols and transmitted to (a) cloud services, (b) databases and (c) SCADA systems across a range of industrial protocols. The simultaneous use of multiple protocols is also supported.

A typical application would be the acquisition of data via protocols such as Simatic Fetch/Write RFC1006 or Modbus TCP/RTU Master and their distribution via the OPC UA interface or the MS Azure Cloud.

Protocols/communication interfaces (primary)

  • Modbus TCP/RTU Master
  • Simatic Fetch/Write RFC1006
  • SNMP Agent
  • IEC 60870-5-101 Master*
  • IEC 60870-5-104 Client*
  • IEC 60870-5-103 Master*
  • IEC 61850 Client*
  • DNP 3.0 Master*

Protocols/communication interfaces (secondary)

  • Cloud technologies
    • Microsoft Azure Cloud (MQTT/MSSQL/Cosmos DB)
    • Amazon AWS Cloud (MQTT/MongoDB)
  • Database technologies
    • MSSQL Database
    • MySQL Database
    • MongoDB Database
  • Industrial communication protocols
    • OPC UA Server
    • OPC UA Client*
    • OPC DA XML Server
    • Modbus TCP/RTU Slave
    • IEC 60870-5-101 Slave*
    • IEC 60870-5-104 Server*
    • IEC 61850 Server*
    • DNP 3.0 Slave*
  • Miscellaneous
    • REST Client
    • SMTP Client
    • Local storage of data in CSV files
(* optional license required)

Data processing

  • All data is split into separate information objects (individual signals, measured values, counted values, etc.) and processed accordingly. A quality identifier and - if necessary - a time stamp are associated with each information item.
  • Namespace or data model can be changed as desired.
  • Performance features for data processing such as type conversion, scaling, grouping, etc.
  • Adjustment of bandwidth required on secondary level through update intervals, thresholds, data reduction, etc.
  • up to 3000 data points (6000 variables)
  • up to 600 information changes/sec


  • Central access to all settings and services through the web interface
  • Import of configuration data using Excel tables
  • Comprehensive import and export of configuration data

Network features

  • Assigning multiple IP addresses to a physical Ethernet interface
  • DHCP
  • Bonding
  • PRP
  • VLAN
  • Network management using an integrated SNMP V3 agent
  • SSH/SFTP access
  • SNMP agent
  • Time synchronization by NTP

Cyber Security

  • Secure access to all administrative services (HTTPS, SSH, SFTP)
  • Role-based access protection with login and password
  • User administration for local users
  • Central user administration through Active Directory (LDAP) and/or RADIUS
  • Crypto-Store for certificate management
  • Creation of self-signed certificates and CSRs
  • Import/export of certificates
  • Configuration of VPN tunnels (OpenVPN and IPsec)
  • Firewall
  • Safeguarded state-of-the-art Linux operating system


  • Configuration and maintenance using the web interface
  • Firmware upgrade (application and operating system) through the web interface


  • By default, the usage of one (1) primary protocol and one (1) secondary protocol are included in the license. If additional protocols are used at the same time, an additional license can be purchased separately

Processor / Memory / Mass Storage

ARM Cortex-A8 1 GHz
256 MB DDR3L

Power Supply

12 / 24 / 48 V DC (9 – 60 V DC)
Power consumption
Max. 10 watt (typ. 4 W without USB)
Line cross-section
0.13 – 3.31 mm² (AWG 26...12, solid or stranded wire)
Redundant power supply with fault contact


Ethernet interface
2x RJ45 10/100BASE-T
Serial interface

2x RJ45 RS232 / RS422 / RS485
Baud Rate: 300 – 115200 Baud
USB interface
2 x USB 2.0 up to 480 Mbps “high speed”

Diagnostics (Status LEDs)

Power LED
Free configurable LED by software
LED to show different software conditions
Send and receive LED for serial interfaces
Link and activity LED for Ethernet interfaces

Additional Functions and Features

Battery buffered real time clock
Supported by a lithium battery (CR2032)
State relay “FAIL”
Changeover switch controlled by software
Hardware watchdog
Temperature monitoring
Power supply monitoring
Overvoltage protection
The power supply and all interfaces are ESD, surge, and burst protected (see EMC)


Body material
Steel chassis
35 mm DIN-Rail
International Protection
Rotating parts
Dimensions (W x H x D)
50 mm x 106 mm x 122 mm
approx. 0.4 kg

Operating Environment

Operating temperature
-20 °C to 60 °C
Storage temperature
-40 °C to 85 °C
Relative humidity
5% to 95% not condensing

Approval, Standards and Conformity

CE (Industrial)

EN 55032:2015
EN 61000-6-2: 2005


Electromagnetic Compatibility (EMC) – Emission Requirements

EN 55016-2-1:2014
Conducted emission on power supply lines in the frequency range 150 kHz - 30 MHz
EN 55016-2-1:2014
Conducted emission on telecommunication lines in the frequency range 150 kHz - 30 MHz
EN 55016-2-3:2010 + A1:2010 + AC:2013 + A2:2014
Radiated emission in the frequency range 30 MHz - 1 GHz
EN 55016-2-3:2010 + A1:2010 + AC:2013 + A2:2014
Radiated emission in the frequency range 1 GHz – 6 GHz

Electromagnetic Compatibility (EMC) – Immunity Requirements

EN 61000-4-2: 2009

Electrostatic discharge (ESD)
- Contact discharge ± 6 kV
- Air discharge ± 8 kV
EN 61000-4-3: 2006 + A1:2008 + A2:2010

Immunity to RF electromagnetic fields in the frequency range 80 – 2700 MHz,
Test level 10 V/m
EN 61000-4-4: 2012

Immunity to fast transients (Burst)
- DC power port ± 4 kV
- Signal lines ± 2 kV
EN 61000-4-5: 2014

 Immunity to surges on power supply lines (Surge)
- DC power port: line <-> ground ± 2 kV
- DC power port: line <-> line ± 2 kV
EN 61000-4-5: 2014

Immunity to surges on shielded signal lines (Surge)
- Shielded lines ± 2 kV
EN 61000-4-6: 2014

Immunity to conducted interference induced by radio-frequency fields in the frequency range 150 kHz – 80 MHz, Test level 10 V