ip4Cloud – SEC3PB

Capture PROFIBUS data by eavesdropping and transmit it to Cloud/IT or SCADA services

SEC3PB collects data from Profibus, by listening-in without directly interfering with or disrupting communication, and enables the transmission of obtained data to (a) cloud services, (b) databases and (c) SCADA systems over a wide range of industrial protocols. Connecting SEC3PB to the Profibus network does not require any change in the configuration of bus devices (PLC, bus terminals, etc.) and has no influence on the bus cycle. Feeding data to the bus is already physically prevented.
As a result, data can be extracted from critical processes without any reaction and be forwarded for processing in IoT or IT applications, cloud services, etc. without the risk of production downtime.
SEC3PB is connected to Profibus either electrically, by extending the existing bus with an additional cable segment, or even more simply by an optical link (OLM).
No alterations to the configuration of vital process components like the central PLC, subordinate IO terminals and other bus components are necessary. SEC3PB's setup can be performed simultaneously to the running process without any considerations.

Protocols/communication interfaces (primary)

  • Profibus DPV0 monitor
    • Up to 12MBaud, up to 126 connected devices (recommended <= 32), multi-master capable
    • Processing of cyclic data
    • Configuration from GSD/GSE files
  • Modbus TCP/RTU Master
  • Simatic Fetch/Write RFC1006
  • IEC 60870-5-101 Master
  • IEC 60870-5-104 Client
  • IEC 60870-5-103 Master
  • IEC 61850 Client
  • DNP 3.0 Master
  • SNMP Client

Protocols/communication interfaces (secondary)

  • Cloud technologies
    • Microsoft Azure Cloud (MQTT/MSSQL/Cosmos DB)
    • Amazon AWS Cloud (MQTT/MongoDB)
  • Database technologies
    • MSSQL Database
    • MySQL Database
    • MongoDB Database
  • Industrial communication protocols
    • OPC UA Server
    • OPC DA XML Server
    • Modbus TCP/RTU Slave
    • IEC 60870-5-101 Slave
    • IEC 60870-5-104 Server
    • IEC 61850 Server
    • DNP 3.0 Slave
  • Miscellaneous
    • REST Client
    • Local storage of data in CSV files

Data processing

  • All data is split into separate information objects (individual signals, measured values, counted values, etc.) and processed accordingly. A quality identifier and - if necessary - a time stamp are associated with each information item.
  • Namespace or data model can be changed as desired.
  • Performance features for data processing such as type conversion, scaling, grouping, etc.
  • Adjustment of bandwidth required on secondary level through update intervals, thresholds, data reduction, etc.
  • up to 3000 data points (6000 variables)
  • up to 600 information changes/sec

Configuration

  • Central access to all settings and services through the web interface
  • Import of configuration data using Excel tables
  • Comprehensive import and export of configuration data

Network features

  • Assigning multiple IP addresses to a physical Ethernet interface
  • DHCP
  • Bonding
  • PRP
  • VLAN
  • Network management using an integrated SNMP V3 agent
  • SSH/SFTP access
  • SNMP agent
  • Time synchronization by NTP

Cyber Security

  • Secure access to all administrative services (HTTPS, SSH, SFTP)
  • Role-based access protection with login and password
  • User administration for local users
  • Central user administration through Active Directory (LDAP) and/or RADIUS
  • Crypto-Store for certificate management
  • Creation of self-signed certificates and CSRs
  • Import/export of certificates
  • Configuration of VPN tunnels (OpenVPN and IPsec)
  • Firewall
  • Safeguarded state-of-the-art Linux operating system

Administration

  • Configuration and maintenance using the web interface
  • Firmware upgrade (application and operating system) through the web interface

Licensing

  • By default, the usage of one (1) primary protocol and one (1) secondary protocol are included in the license. If additional protocols are used at the same time, an additional license can be purchased separately

Processor / Memory / Mass Storage

CPU
ARM Cortex-A8 1 GHz
RAM
256 MB DDR3L
Flash
512 MB SLC NAND

Power Supply

Voltage
12 / 24 / 48 V DC (9 – 60 V DC)
Power consumption
Max. 10 watt (typ. 4 W without USB)
Line cross-section
0,13 – 3,00 mm (AWG 26...12, solid or stranded wire)
Features
Redundant power supply with fault contact

Interfaces

Ethernet interface
2x RJ45 10/100BASE-T
Serial interface
2x RJ45 RS232 / RS422 / RS485
Baud Rate: 300 – 115200 Baud
PROFIBUS interface
1x PROFIBUS interface DB9 female (DPV0, RS485 9600 to 12M Baud, passive)
USB interface
1 x USB 2.0 up to 480 Mbps “high speed”
ESD
All interfaces are ESD protected
(ESD, surge and burst see EMC)

Diagnostics (Status LEDs)

PWR
Power LED
USR
Free configurable LED by software
CPU
LED to show different software conditions
COM1 / COM2
Send and receive LED for serial interfaces
ETH0 / ETH1
Link and activity LED for Ethernet interfaces
PROFIBUS RX
Receive LED
PROFIBUS PWR
Power LED for PROFIBUS interface
PROFIBUS OP
Operation LED

Additional Functions

Battery buffered real time clock
Supported by a lithium battery (CR2032)
State relay “FAIL”
Changeover switch controlled by software
Hardware watchdog
Temperature monitoring
Power supply monitoring

Housing

Body material
Steel chassis
Mounting
35 mm DIN-Rail
International Protection
IP30
Rotating parts
None
Dimensions (W x H x D)
65 mm x 106 mm x 122 mm
Weight
approx. 0,6 kg

Operating Environment

Operating temperature
-20 °C to 60 °C
Storage temperature
-40 °C to 85 °C
Relative humidity
5% to 95% not condensing

Approval, Standards and Conformity

Approval
CE (Industrial)
Standards

EN 55032:2015
EN 61000-6-2: 2005
Conformity


RoHS
REACH
WEEE

Electromagnetic Compatibility (EMC) – Emission Requirements

EN 55016-2-1:2014
Conducted emission on power supply lines in the frequency range 150 kHz - 30 MHz
EN 55016-2-1:2014
Conducted emission on telecommunication lines in the frequency range 150 kHz - 30 MHz
EN 55016-2-3:2010 + A1:2010 + AC:2013 + A2:2014
Radiated emission in the frequency range 30 MHz - 1 GHz
EN 55016-2-3:2010 + A1:2010 + AC:2013 + A2:2014
Radiated emission in the frequency range 1 GHz – 6 GHz


Electromagnetic Compatibility (EMC) – Immunity Requirements

EN 61000-4-2: 2009


Electrostatic discharge (ESD)
- Contact discharge ± 6 kV
- Air discharge ± 8 kV
EN 61000-4-3: 2006 + A1:2008 + A2:2010

Immunity to RF electromagnetic fields in the frequency range 80 – 2700 MHz,
Test level 10 V/m
EN 61000-4-4: 2012


Immunity to fast transients (Burst)
- DC power port ± 4 kV
- Signal lines ± 2 kV
EN 61000-4-5: 2014


 Immunity to surges on power supply lines (Surge)
- DC power port: line <-> ground ± 2 kV
- DC power port: line <-> line ± 2 kV
EN 61000-4-5: 2014

Immunity to surges on shielded signal lines (Surge)
- Shielded lines ± 2 kV
EN 61000-4-6: 2014

Immunity to conducted interference induced by radio-frequency fields in the frequency range 150 kHz – 80 MHz, Test level 10 V