ip4Cloud – SEC3

Link critical processes securely to IT/Cloud/SCADA services

As the little brother of SEC3PB, SEC3 offers the same functionality with the exception of the Profibus interface. This enables data to be collected and processed via industrial protocols and transmitted to (a) cloud services, (b) databases and (c) SCADA systems across a range of industrial protocols. The simultaneous use of multiple protocols is also supported.

A typical application would be the acquisition of data via protocols such as Simatic Fetch/Write RFC1006 or Modbus TCP/RTU Master and their distribution via the OPC UA interface or the MS Azure Cloud.

Protocols/communication interfaces (primary)

  • Modbus TCP/RTU Master
  • Simatic Fetch/Write RFC1006
  • IEC 60870-5-101 Master
  • IEC 60870-5-104 Client
  • IEC 60870-5-103 Master
  • IEC 61850 Client
  • DNP 3.0 Master
  • SNMP Client

Protocols/communication interfaces (secondary)

  • Cloud technologies
    • Microsoft Azure Cloud (MQTT/MSSQL/Cosmos DB)
    • Amazon AWS Cloud (MQTT/MongoDB)
  • Database technologies
    • MSSQL Database
    • MySQL Database
    • MongoDB Database
  • Industrial communication protocols
    • OPC UA Server
    • OPC DA XML Server
    • Modbus TCP/RTU Slave
    • IEC 60870-5-101 Slave
    • IEC 60870-5-104 Server
    • IEC 61850 Server
    • DNP 3.0 Slave
  • Miscellaneous
    • REST Client
    • Local storage of data in CSV files

Data processing

  • All data is split into separate information objects (individual signals, measured values, counted values, etc.) and processed accordingly. A quality identifier and - if necessary - a time stamp are associated with each information item.
  • Namespace or data model can be changed as desired.
  • Performance features for data processing such as type conversion, scaling, grouping, etc.
  • Adjustment of bandwidth required on secondary level through update intervals, thresholds, data reduction, etc.
  • up to 3000 data points (6000 variables)
  • up to 600 information changes/sec

Configuration

  • Central access to all settings and services through the web interface
  • Import of configuration data using Excel tables
  • Comprehensive import and export of configuration data

Network features

  • Assigning multiple IP addresses to a physical Ethernet interface
  • DHCP
  • Bonding
  • PRP
  • VLAN
  • Network management using an integrated SNMP V3 agent
  • SSH/SFTP access
  • SNMP agent
  • Time synchronization by NTP

Cyber Security

  • Secure access to all administrative services (HTTPS, SSH, SFTP)
  • Role-based access protection with login and password
  • User administration for local users
  • Central user administration through Active Directory (LDAP) and/or RADIUS
  • Crypto-Store for certificate management
  • Creation of self-signed certificates and CSRs
  • Import/export of certificates
  • Configuration of VPN tunnels (OpenVPN and IPsec)
  • Firewall
  • Safeguarded state-of-the-art Linux operating system

Administration

  • Configuration and maintenance using the web interface
  • Firmware upgrade (application and operating system) through the web interface

Licensing

  • By default, the usage of one (1) primary protocol and one (1) secondary protocol are included in the license. If additional protocols are used at the same time, an additional license can be purchased separately

Processor / Memory / Mass Storage

CPU
ARM Cortex-A8 1 GHz
RAM
256 MB DDR3L
Flash
512 MB SLC NAND

Power Supply

Voltage
12 / 24 / 48 V DC (9 – 60 V DC)
Power consumption
Max. 10 watt (typ. 4 W without USB)
Line cross-section
0,13 – 3,00 mm (AWG 26...12, solid or stranded wire)
Features
Redundant power supply with fault contact

Interfaces

Ethernet interface
2x RJ45 10/100BASE-T
Serial interface
2x RJ45 RS232 / RS422 / RS485
Baud Rate: 300 – 115200 Baud
USB interface
2 x USB 2.0 up to 480 Mbps “high speed”
ESD
All interfaces are ESD protected
(ESD, surge and burst see EMC)

Diagnostics (Status LEDs)

PWR
Power LED
USR
Free configurable LED by software
CPU
LED to show different software conditions
COM1 / COM2
Send and receive LED for serial interfaces
ETH0 / ETH1
Link and activity LED for Ethernet interfaces

Additional Functions

Battery buffered real time clock
Supported by a lithium battery (CR2032)
State relay “FAIL”
Changeover switch controlled by software
Hardware watchdog
Temperature monitoring
Power supply monitoring

Housing

Body material
Steel chassis
Mounting
35 mm DIN-Rail
International Protection
IP30
Rotating parts
None
Dimensions (W x H x D)
50 mm x 106 mm x 122 mm
Weight
approx. 0,4 kg

Operating Environment

Operating temperature
-20 °C to 60 °C
Storage temperature
-40 °C to 85 °C
Relative humidity
5% to 95% not condensing

Approval, Standards and Conformity

Approval
CE (Industrial)
Standards

EN 55032:2015
EN 61000-6-2: 2005
Conformity


RoHS
REACH
WEEE

Electromagnetic Compatibility (EMC) – Emission Requirements

EN 55016-2-1:2014
Conducted emission on power supply lines in the frequency range 150 kHz - 30 MHz
EN 55016-2-1:2014
Conducted emission on telecommunication lines in the frequency range 150 kHz - 30 MHz
EN 55016-2-3:2010 + A1:2010 + AC:2013 + A2:2014
Radiated emission in the frequency range 30 MHz - 1 GHz
EN 55016-2-3:2010 + A1:2010 + AC:2013 + A2:2014
Radiated emission in the frequency range 1 GHz – 6 GHz


Electromagnetic Compatibility (EMC) – Immunity Requirements

EN 61000-4-2: 2009


Electrostatic discharge (ESD)
- Contact discharge ± 6 kV
- Air discharge ± 8 kV
EN 61000-4-3: 2006 + A1:2008 + A2:2010

Immunity to RF electromagnetic fields in the frequency range 80 – 2700 MHz,
Test level 10 V/m
EN 61000-4-4: 2012


Immunity to fast transients (Burst)
- DC power port ± 4 kV
- Signal lines ± 2 kV
EN 61000-4-5: 2014


 Immunity to surges on power supply lines (Surge)
- DC power port: line <-> ground ± 2 kV
- DC power port: line <-> line ± 2 kV
EN 61000-4-5: 2014

Immunity to surges on shielded signal lines (Surge)
- Shielded lines ± 2 kV
EN 61000-4-6: 2014

Immunity to conducted interference induced by radio-frequency fields in the frequency range 150 kHz – 80 MHz, Test level 10 V