How do you tackle innovation? Do you choose an incremental approach or a more disruptive one? Siemens opted for the golden mean: on the one hand, the new Simatic PCS neo control system has something groundbreaking about it. The system software is based exclusively on web technologies and has a consistently object-oriented data model. It is no longer necessary to install software on specific workstations for administration, engineering and plant operation. Thanks to HTML 5, it is now possible to have secure access to the system and operate it efficiently just using a browser. The user interface is also completely new: it combines adaptable, up-to-date technologies with the capabilities, tasks and goals of its users. User Experience (UX) Design has embedded user experience in the design process for the operator interface.
On the other hand, the new system also uses the same application architecture and hardware portfolio as the established Simatic PCS 7 process control system, which has proven itself for over 20 years. Simatic PCS neo thus continues the Siemens tradition while taking two important customer requirements into consideration: the desire to protect existing expertise and make a future-proof investment.
Clearly structured from top to bottom
However, the Simatic PCS neo process control system also breaks with tradition. The system is based on HTML 5 and operated entirely using a current web browser. Classic, single-user PCs with an installed operator interface or engineering system are a thing of the past. Every office computer which meets the security specifications and has the relevant certificates can now become an engineering or operator station. All the required applications are installed on a central server, where all data is managed and saved. The browsers on the terminal devices, which can also be smartphones or tablets, retrieve data from this central point or send queries back to the server, for example operator interventions or changes to setpoints. To create an intuitive working environment, Siemens simplified the operating philosophy across all applications and implemented a ‘one workbench’ concept for all applications and tasks. In other words, authorised users can toggle between an engineering view and a control and monitoring (operational) view with a single click. Direct access to operating elements, control sequences, alarms or interlocks is therefore possible at any time from a single point of entry. Wherever operator interventions are required, clearly structured tasks and dialogues guide the user to their goal.
Licence and user management integrated
Administration is likewise integrated into this concept, of course. Licence and user management is controlled here, as is the administration of all software and security-related procedures. Since the applications are executed via the browser, cumbersome local installations such as on-site updates are made increasingly redundant:
the latest version of the application appears every time the client restarts.
Interdisciplinary collaboration redefined
Interdisciplinary collaboration among new project teams assembled from all parts of the world is already a reality in many places today – and the trend is steadily increasing. Simatic PCS neo confronts this challenge with functions which take global collaboration to a new level. In engineering, for instance, consistently object-oriented data management with centralised data storage ensures that everyone involved in a project can access up-to-the-minute data whenever they need it. At the same time, people contribute knowledge from their own working environment to the centrally managed project. Owing to the clear session concept with automatic consistency checks, the data is always coherent, even during parallel working in multiple sessions, so that engineering and operational processes can be developed concurrently. At the same time, hardware-independent project engineering provides an extremely high degree of flexibility. The following example demonstrates what this means in practice: imagine how much coordination effort is saved if an on-site team in the field has access during commissioning to all project data on mobile devices and makes changes to the central project in real time. Simultaneously with this, employees can toggle between engineering and monitoring & control views with a single click during the loop check – all on the same device.
IT security as an integral component
A browser-based control system? This obviously raises the question of cyber security measures. Strict adherence to the “security by design” principle was therefore a primary concern with this new development. Extremely high security standards were applied to the hardware and software design from the outset, e.g. all known security mechanisms are taken into consideration when transferring data. In addition to functional tests, the engineers and software developers also continuously checked the security measures already implemented. The development process was carried out in accordance with IEC 62443, the international series of standards for “Industrial communication networks – Network and system security”. These defined, secure coding standards provided coders, architects and designers with guidelines for producing secure source codes.
Modern encryption processes
The implemented security functions take effect during subsequent use. It goes without saying that modern encryption processes are employed to enable secure communication between the web server and the web browser (client). Access to the system is only possible following authentication and authorisation and all communications are based on certificates. Users, computers or devices must identify themselves using a digital certificate before they are granted access to an application. The new control system also fits into the defence-in-depth concept which Siemens has been applying and driving forward for years now based on the recommendations in IEC 62443. Defence in depth combines plant and network security with system integrity elements to form a comprehensive protection concept. This extensive portfolio of secure network components from Siemens is naturally compatible with the new control system.
Summary
The Simatic PCS neo process control system provides several far-reaching innovations. Extensive conformity to international standards – from Industrial Ethernet and Control Module Types (CMT) to Advanced Encryption Standard (AES) – simultaneously ensures that the system is future-proofed for long-term use. The underlying hardware structure protects customer investments and know-how. The modern Simatic ET 200SP HA I/O system and the intelligent Simatic Compact Field Unit (CFU) can be used by either Simatic PCS 7 or Simatic PCS neo. This prudent and sustainable approach allows individual digitalisation strategies to be implemented very flexibly step by step.
Online search: cpp0319siemens