Step by Step to Digital Transformation · Azure Stream Analytics, Azure Time Series Insights…...
21
Transcript of Step by Step to Digital Transformation · Azure Stream Analytics, Azure Time Series Insights…...
Step by Step to Digital Transformation
“Pay-as-you-go”,Outcome-based
Products
Products that never break“New business models”
Services
7
Digital Feedback Loops,
Method Calls
How can an autonomous response be achieved?“Self-optimizing”
Adaptability
6
AI Models,MachineLearning
What will happen?“Being prepared”
Predictions
5
Time-Series/Historical
Data,Hierarchical
Data Modeling
Why is it happening?“Understanding”
Transparency
4
TelemetryDashboards
What is happening?“Seeing”
Visibility
3
Edge Gateways
How to Connect?“Plugging in”
Connectivity
2
PLCs/IPCs
What Data?“Defining Tags”
Computerization
1
Value
Time
The Industrial IoT Stack
Globally Available Edge/Private/Public Cloud Infrastructure (IaaS)
Scalable, Managed Services for Common Patterns (PaaS)
Scalable Services for Manufacturing Interoperability and Data Modeling
Services for Specific Use Cases
Applications that Solve Business Problems (SaaS)
Winning Together: IT & OT merge in Industrial IoT
Globally Available Edge/Private/Public Cloud Infrastructure
Scalable, Managed Services for Common Patterns
Open Industrial IoT Reference Platform based on Industrial Standards
Services for Specific Use Cases
Applications that Solve Business ProblemsAz
ure
Part
ner
Secure: Implement “secure by default”
Open: Open-source and published on GitHub.
Protocol independent, Platform independent: Works just as well with AMQP and MQTT, and on Linux and Windows.
Based on industry standards: Interoperate with existing machines without modifying them.
Integrated with Azure services.
Our Principles
ISO 27018 SOC 1 Type 2 SOC 2 Type 2
CSA STAR Attestation CSA STAR Certification CSA STAR Self-Assessment
ISO 22301 ISO 27001 ISO 27017
The most comprehensive compliance coverage in the industry
Japan My Number Act New Zealand GCIO Singapore MTCS Spain DPA Spain ENS UK G-Cloud
Germany TISAX (~Aug. 18) Argentina PDPA Australia IRAP/CCSL Canada Privacy Laws China DJCP China GB 18030 China TRUCS
ENISA IAF EU Model Clauses EU-US Privacy Shield Germany IT Grundschutz India MeitY Japan CS Mark Gold
IG Toolkit UK MARS-E MPAA PCI DSS Level 1 Shared Assessments
CDSA FACT UK FERPA FFIEC
FISC Japan GLBA GxP 21 CFR Part 11 HIPAA / HITECH HITRUST
ITAR Moderate JAB P-ATO Section 508 VPAT SP 800-171
CJIS DoD DISA SRG Level 2 DoD DISA SRG Level 4 DoD DISA SRG Level 5
FedRAMP FIPS 140-2 High JAB P-ATO IRS 1075
Global
U.S. Government
Industry
Regional
Industrial IoT Consortia Around the World
EuropeUSA China South Korea Japan
Rich data modeling preserves source context
Vendors can extend the data model of each product (Companion Specification)
Maps to field bus protocols, e.g. BACNet | PLCopen | MTConnect | …
Vendor, Platform and OS Independent
Open Source on GitHub (Many Microsoft contributions)
Discoverable Services Oriented Architecture (SOA) independent of the transport method
Owned by a Non-Profit (OPC Foundation)
50M installed base and exponential growth
Secure Design from group-up
Based on open security standards
Authentication | Encryption
Evolves as security technologies evolve
Vendors/Users can choose level of security
Easily acceptable by IT departments
Data ModellingInteroperability Security
The Industrial Interoperability StandardMicrosoft is a member of the OPC Foundation since 1996
Microsoft supports OPC UA on Azure since 2016
Brownfield Enabled
<$500+ No changes to
machines required!
Consistent, compatible data model for all machines,plus security!
No compatibility!
No winner in the field bus/industrial ethernet wars!
Presentation & Business Connections
Websites, Mobile Services
Dynamics, Notification Hubs
Azure Edge Analytics,Azure ML on Edge,Azure Functions,Azure Edge Runtime
Azure Edge Analytics,Azure ML on Edge,Azure Functions,Azure Edge Runtime
Azure Industrial IoT Cloud Platform
Azure IoT Edge
On-Premises: Machine Interoperability Azure Cloud: Data Ingestion & Processing, Command & Control Azure Cloud: Presentation
Indu
stria
l Dev
ices
(OPC
UA
Serv
ers)
Hot Path Analytics:Azure Stream Analytics, Azure Time Series Insights…
Azure IoT Hub
OEE, KPIs calculationAlarms & EventsTelemetry based on OPC UA PubSub Information ModelCloud-based Device ManagementOPC Clients & Servers using OPC UA .NET Standard stack
OPC Publisher Module
OPC Proxy Module
UA Client/Server
(UA Binary over MQTT)
Firewall
Cold Path Analytics, ML, Functions & Storage:Azure Machine Learning, Azure Data Lake, Azure CosmosDB Graph…
UA Client/Server
(UA Binary)
UA Pub/Sub
(JSON over AMQP/MQTT)
Azure Edge Analytics,Azure ML on Edge,Azure Functions,Azure Edge Runtime
Micro-Services: OPC Twin, GDS Vault
OPC Twin Module
UA Client/Server
(UA Binary)IoT Edge Methods/Properties
UA Client/Server
(UA Binary)
Device Connectivity & Management
Data Ingestion and Command & Control
Stream Processing & Predictive Analytics
Workflow Automation and Integration
Dashboards and Visualization
Preconfigured Solutions
Predictive maintenance
Remote monitoring
Connected Factory
Azure IoT Solution Accelerators
Cloud SecurityAzure Security CenterAzure Active DirectoryKey VaultPolicy-Based Access Control
Connection SecurityX.509/TLS-Based Handshake and Encryption
Device SecurityDevice Provisioning and Authorization
Defense in Depth with Azure IoT Suite SecuritySecurely connect millions
of devices…Over a secure internet
connection…To Microsoft Azure – built with security from the ground up
1
2
3
4
5
6
6 easy Steps to get Started
Determine what do you want to improve
Experiment with simulated data on real, secure OPC UA servers
Connect real equipment without disruption
Visualize manufacturing performance
Make operational improvements based on data
Scale out
1001101001
1001
FACTORY
4
REPAIR STATUS
Factory 3
Factory 4
Factory 1
Factory 2
https://cloud-platform-assets.azurewebsites.net/connected-factory
Machine Discovery & Onboarding
Machine Security Assessment
Machine Security ManagementManage security configuration and certificate renewal & distribution from the cloud
Automatic assessment and recommendations on how to fix security issues
Announcements at HMI 2018
Automatic discovery & registration (device twin)
• Customer deploys Connected Factory solution accelerator through single click in azureiotsolutions.com
Auto-deploy Connected Factory
• Customer deploys Edge device in local network (factory floor)• Registers Edge with IoT
Hub/Connected Factory (e.g. through DPS)
Auto-deploy IoT Edge • Customer deploys OSS modules to the
Edge via the standard module deployment process• Modules are auto-configured
Auto-deploy OPC modules
• Newly discovered devices will automatically appear in the CF device registration list• Administrators can pick and choose
devices and initiate the security process• Machines can be secured
automatically
Auto-register OPC servers with CF
Azure IoT Connected Factory Architecture
IoT Hub
VM
Docker containers on Linux VM(with multiple assembly lines)
Web App hostingSolution Dashboard &
OPC Browser
OPC UA Server
OPC UA Server
OPC UA ServerIoT Edge Runtime with
OPC Proxy,OPC Publisher,
OPC GDS &OPC TwinModules
MESSimulation
Telemetry
Browse,Command & Control
Time Series Insights
Device Registry
GDS VaultMicroservice
OPC TwinMicroservice
Time SeriesExplorer App
Key Vault
OPC Digital Twins
Private Keys, Certificates
Device Queries
CSRs, Trust List requests
Firewall
User,Administrator
Device Queries
Registrations
• Threat Modelled
• Penetration Tested
• Used Security Development Lifecycle (microsoft.com/sdl, a mandatory process at Microsoft)
• Using Microsoft Azure Security & Trust Center
Azure IoT Connected Factory: Secure by Default!
Azure, Azure Stack, IoT Edge, IoT Devices & Sphere
Azure
Azure Stack
Azure IoT Edge
• Available in Azure Regions• Full functionality
• Deploy and manage cloud services• Managed by Azure or Azure Stack
• Azure Services & Management on-prem• Managed by Azure or Locally
AzureAzure IoT Central
Azure IoT solution accelerators
Windows IoT, Linux • Azure IoT Edge runs on Windows and Linux
Azure Sphere• Peerless security for MCU devices• Connect directly to Azure or via Azure
IoT Edge
Azure Sphere OS • Linux Kernel that modernizes MCU devices
Azure IoT Device SDK • Multi-device, multi-language, multi-OS• iOS, Android, Windows, Linux
Azur
e St
ack
IoT
Edge
IoT
Devi
ces
Sphe
re
Industrial IoT Partnerships (a sample)
press release
press release
press releasePlantweb runs on Azure IoT
Ability runs on Azure IoT
Mindsphere runs on Azure IoT
press releaseFactoryTalk runs on Azure IoT
press releaseEcoStruxure runs on Azure IoT
© 2017 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Thank you!
