Secure, Firewall Friendly Communications

by | Oct 15, 2009 | Event, Technologies


One of the issues with the proven OPC standard has been the communications between OPC client and OPC server when a firewall separates them. The cyber-security challenges that process manufacturers face were not envisioned in the original release of the OPC specification in the mid-1990s. The network transport is based on Microsoft’s distributed component object model (DCOM), and the challenges of using DCOM with firewalls are well documented.

An initiative was formed among process automation suppliers to solve the security challenges of the DCOM model by using the secure network communications services in Microsoft’s .NET framework. Current members of this initiative include Advosol, Emerson Process Management, Honeywell, Iconics, InduSoft, Matrikon, Mobiform, Mynah Technologies, OSIsoft, Smar and TiPS.

The result of their efforts is the Express Interface (Xi) and is described on a newly created Express Interface website:

Express Interface (Xi) is a new Microsoft .NET interface designed for secure and reliable access to automation systems. Xi provides an integrated set of methods for accessing both run-time and historical data, events, and alarms. It has been designed for fast and secure communication through firewalls and for simple implementation and use. Xi defines a Service Oriented Architecture (SOA) that is based on MMS (Manufacturing Messaging Service) and WCF (Windows Communication Foundation).

The site is primarily for client and server developers and includes a specification overview, specification and sample code downloads, internet-accessible Xi demo servers, and the Xi public license. There are also products and tools available to help accelerate software development.

At the recent Emerson Exchange, DeltaV product strategist, Chris Felts, described how the Express Interface communications technology was being incorporated into the upcoming release of the DeltaV system. Like OPC, Xi is a client-server architecture for data exchange between the ISA95 level 2 (control system level) and level 3 (manufacturing execution / operations management level). It also supports the same functionality as OPC Data Access (DA), OPC Historical Data Access (HDA), and OPC Alarms and Events (AE).

Unlike OPC, Xi incorporates the secure aspects of the .NET framework using both firewall-friendly HTTP/HTTPS services and secure web services via Microsoft’s Windows Communication Foundation. This communications framework also incorporates levels of robustness not found in the earlier DCOM communications. For example, if communications are lost between the client side and server side, the Xi interface will retain the current state of the connection and allow the client to re-establish communications without losing its original configuration.

At the Emerson Exchange, there were 10 Xi servers and 15 Xi clients in the demonstration area including Emerson’s DeltaV system, Ovation system, and Syncade operations management software, as well as ones from Advosol, Iconics, Indusoft, Matrikon, Mobiform, Mynah, OSIsoft, SMAR, and TiPS. Specifically for the DeltaV system, the version 10.3.1 release adds Xi Data Access, Xi Alarms & Events, and Xi Historical Data Access via one Xi interface. The existing DeltaV OPC DA, HDA, and AE servers will remain to support existing OPC applications. Xi and OPC can reside together in the same system.

Chris suggested some uses for the Xi interface including secure communications through firewalls, communications to non-Windows clients, real-time and historical supervisory control and data acquisition, high throughput (100Mb typical bandwidth) and high tag count applications.


Update: Updated the links above to the site for the change from HTML to ASPX pages.

Popular Posts


Related Posts

Follow Us

We invite you to follow us on Facebook, LinkedIn, Twitter and YouTube to stay up to date on the latest news, events and innovations that will help you face and solve your toughest challenges.

Do you want to reuse or translate content?

Just post a link to the entry and send us a quick note so we can share your work. Thank you very much.

Our Global Community

Emerson Exchange 365

The opinions expressed here are the personal opinions of the authors. Content published here is not read or approved by Emerson before it is posted and does not necessarily represent the views and opinions of Emerson.

PHP Code Snippets Powered By :