Full-stack system and software development for Industry 4.0

Umfassende System- und Softwareentwicklung für Industrie 4.0
Category:
Web Development, CI/CD, Software Consulting, Discovery Workshops, Back-end solution, Front-end solution
Industry:
Industrial Engineering
City:
Laer, Germany
Model:
Team Outsourcing
Payment model:
Time & Materials
Duration:
2019 – currently

Customer

We are working with a German company operating in industrial engineering and automation. The client specializes in pioneering solutions that revolutionize modern manufacturing and agriculture and aid in developing sustainable smart cities. Their solutions enable seamless configuration and management of IT infrastructure for data collection and processing within industrial environments, thereby significantly contributing to the measurable business success of end customers.

Challenge

Project 1 – Creating an industrial computer that combines the functions of a router and IoT Edge

 

The client required a device capable of functioning as a router and a platform for running applications within Docker containers. They approached us with a new project aligned with the edge computing concept. The idea was to create an industrial-grade computer that seamlessly integrates the functionalities of a router and an IoT Edge device. This initiative aimed to enable remote system control and provide security for devices not directly connected to the network or those requiring protection via an independent firewall.

Our solution

  • The concept of building an industrial computer 

A crucial element of the project involved the creation of a custom Linux-based distribution tailored for a widely used industrial computer. The primary objective was to enable remote system control and enhance security for devices not linked to the network or protected through an independent firewall.

In collaboration with the client’s team, we successfully built an industrial-grade computer that combines the functions of a router, switch, and VPN. This meant ensuring secure network communication with the external Internet and accommodating a container for IoT Edge, whether hosted in the cloud (Microsoft Azure) or our own containers.

The development team aimed to properly install Microsoft Azure’s IoT Edge software onto a Linux-based system. Although it was quite a challenge, they managed to get it to work so that when Microsoft releases new versions (which, of course, are no longer compatible with previous versions due to configuration changes), customers using the industrial PC update the system and all system functions continue to work correctly.

To accomplish this task, we used Yocto Project technology, offering the ability to customize the size of the operating system—a critical feature in scenarios where data transfer volume is important. With the new system, we can manage devices used for remote IoT updates and edge devices in the field. This approach efficiently utilizes limited storage space, thereby maximizing the resource utilization of field devices. Consequently, this results in substantial cost savings, particularly in environments with numerous connected devices.

Furthermore, we built configuration support for manually managing a fleet of devices. In constructing the interfaces, we used a classic architecture based on OS Bash written in C++, complemented by commands for daemons responsible for managing the various elements of the configuration.

Security concerns are at the core of the activities in this project. Since the entire device is exposed to potential external attacks, ensuring tight security measures is paramount. To achieve this goal, the developers have applied a catalog of best practices for securing Unix system servers.

  • Concept verification 

The project’s initial phase involved the Proof of Concept (PoC), meaning the delivery of a Minimum Viable Product (MVP) comprising only basic functions without a visual interface. The PoC of the system underwent testing on the target devices. Subsequently, in collaboration with the client, we began the development of the system’s functionalities tailored to the corresponding devices utilizing Intel chips.

In September 2020, we completed the PoC phase and began to implement additional key functions and system elements, including:

  • System for configuration and management of industrial routers
  • WebGUI (Graphical Web Interface) based on LUCI (Lua Configuration Interface) with OpenWRT (Open Wireless Router) router for industrial computer integration
  • Easy-to-use API for sharing GPIO (general purpose input-output) Docker containers with your system
  • Remote management platform for multiple industrial computer devices
  • Additional physical platforms

 

Project 2 – Building software for remote management of routers and industrial equipment

 

In collaboration with VM.PL developers, the client, decided to build a new system for remote maintenance targeting industrial machinery operators and constructors. The challenge set for this project was to ensure easy, functional, and, above all, secure operation, thereby preventing unauthorized access to data. Furthermore, the system had to be user-friendly for individuals without a technical background.

Our solution

 

  • Project management 

We started the project in June 2018. During product workshops, we discuss tasks and plans to enhance security, implement new solutions, and expand functionality. Following each session, we conduct a retrospective analysis of the project’s work areas to identify strategies for addressing challenges and draw conclusions for the future.

  • Building the software 

If someone possesses a fleet of OAM (Operations and Maintenance) equipment and seeks convenient management, the custom software we built, along with the additional applications outlined below, prove to be ideal solutions. VM’s development team focused primarily on ensuring the system’s proper and secure operation, thereby restricting access and control solely to the owner. Furthermore, the system offers integration with multiple devices.

  • Implemented applications: 

Configuration management application for multiple routers, including industrial computers: This platform features a central template-based management system for firmware and configuration. It offers remote access to all devices in the field.

  • System for secure configuration with devices: This system includes automated deployment and management of VPN configuration and device certificates. It ensures encrypted access to end devices, centralizes inbound VPNs, and provides fixed IP assignments, routing, and NAT.
  • Standalone application providing a fully automated VPN infrastructure: This application enables connectivity and secure access to third-party devices and machines in the field.
  • Certificate management application: The SCEP Server allows the router management software to create SSL keys and certificates and sign them in the authentication process.
  • Software designed for end customers to secure software against unauthorized use: This software allows customers access to information about current orders, products, licenses, and active installations. It includes an administration panel for managing available features.

Results

Thanks to the system we programmed, the client has gained a new profitable product within the edge computing category, marking a significant milestone in advancing the company’s business. The device boasts numerous potential applications for IoT and Industry 4.0-driven enterprises. Additionally, it serves as a valuable tool for data collection, potentially paving the way for the provision of new analytical services in the future.

Technologies


Manufacturing automation for semiconductor customer

Design, Development, DevOps or Cloud – which team do you need to speed up work on your projects?
Chat with your consultation partners to see if we are a good match.

Jakub Orczyk

Member of the Management Board/ Sales Director VM.PL

Book a free consultation
kuba (2)