Adding Security and Flexibility to MQTT

By Bob McIlvride

BobMcIlvridePhoto.jpgManagement at a major wood processing company in North America recently implemented a plantwide data collection and integration system to cut production costs, improve output and enhance network security. 

Their first goal was to consolidate data streams from a number of segmented networks and send it over MQTT to an on-site MES system and plant historian. They also needed to pass the data securely to their administration network for their IT department to run real-time analysis.  And from there, the combined data and analytics had to be sent via MQTT to a data lake on their IoT platform for long-term predictive analysis.

So, what they were looking at, essentially, were multiple MQTT inputs that had to eventually arrive at an MQTT broker in the cloud. But they needed to use the data and perform edge processing at several points along the way. Simple, direct MQTT connections would not be enough.

What they decided to do is use a real-time middleware tool (Cogent DataHub software from Skkynet) to accomplish these tasks. First, they receive the individual data streams coming out through the plant firewall on an intermediate computer. There the data streams get aggregated into a single data set and fed to their MES and plant historian. 

Simultaneously, they pass the live data through a second firewall via DHTP (DataHub Transport Protocol) to their IT department, where real-time analysis is performed. The connection is initiated from the admin network, outbound through the firewall to the intermediate computer and then the data can flow bidirectionally. In this way, the intermediate computer acts as a DMZ, effectively isolating the plant network from the admin network.

In the final stage, the data and analytics are converted to MQTT, and sent to the cloud system, taking advantage of MQTT's ability to make an outbound connection to keep their admin network firewalls closed. The middleware solution gives them the best of all worlds. They gain the benefits of MQTT, while enhancing security of their networks and incorporating edge processing at both the OT and IT levels.

Bob McIlvride is Director, Communications for Skkynet. He can be reached at bob.mcilvride@skkynet.com.

This content was sponsored by Skkynet.