Industrial DevOps Is Redefining PLC Engineering Process

Summary

Founded in Munich, Germany in 2021, Software Defined Automation is a venture-backed company that provides an industrial DevOps platform for automation engineers. The platform offers version control, browser-based engineering, secure remote access, virtual programmable logic controller (PLC) orchestration, automated backup and artificial intelligence (AI)-powered documentation generation for industrial automation code.

Software Defined Automation got its start because today’s automation engineers have a tough job. They manage PLC code in different versions of a vendor’s engineering software, the versions are often incompatible, and legacy code that is poorly documented is hard to troubleshoot or update. Increasing the challenge is a lack of young, skilled talent coming online to help. Young engineers just don’t want to develop in environments that date back decades, and the whole engineering process has been missing tools that work across vendors, which can cause operational inefficiencies, increased downtime, security risks and higher costs.

To ease the engineers’ burden, Software Defined Automation provides a centralized, cloud-based platform for managing multi-vendor industrial automation assets, including PLCs, robotics and drives, without requiring on-premises software installations.

Industrial DevOps is the primary focus

DevOps is a software development methodology. DevOps integrates and automates the work of software development (Dev) and IT operations (Ops) as a means for improving and shortening the systems development lifecycle. Industrial DevOps extends both the “development” and the “operations” part of DevOps to industrial systems. Industrial DevOps tools support emerging best practices for orchestrating both new and legacy PLC systems programmed in a variety of languages in a vendor-neutral framework and offer manufacturers’ engineering teams remote collaboration, approval workflows, scalability, accessibility and project management (Figure 1).

• Version control
• Browser-based engineering
• Secure remote access
• Virtual PLC management
• Automated backup
• AI for Automation.

“Industrial DevOps is revolutionizing automation software development and management for all sorts of devices: PLCs, robots and drives,” said Kilfoy. “Manufacturers can now centralize code repositories, enable remote collaboration, enforce their enterprise and regulatory standards, and streamline testing and deployment—all this helps them increase efficiency, reduce costs and downtime, and gain more control over the entire automation lifecycle.”
 

Automated backup

Software Defined Automation’s automated backups help users avoid costly hardware and software setups. The vendor-agnostic backup solution supports multiple vendors and versions from a single interface. Automated backup deployment reduces recovery time, which improves mean time to recover (MTTR). Backups across multiple factory locations can be managed centrally from a single interface, which ensures consistent business continuity and disaster recovery.

PLCs—or groups of PLCs—can be set to perform scheduled backups automatically, or individual backups manually. “We use our secure connectivity agent to check the code that’s on there, review it and compare it to the repository,” explained Kilfoy. “If it's the same, we do nothing. If it's different, we create a new version. We also can send out notifications on whether the backup was run or if it failed. We can also send a notification if a new version was changed.”
 

Version control

Version control allows teams to better collaborate more efficiently by knowing who made a change, when the change was made, what was changed and why the change was made. “We keep track of versions; we can tell you the source where those versions came from. We can tell you if it was uploaded or generated from a backup,” he said.

Software Defined Automation’s version control supports industries with stringent manufacturing change control regulations such as pharmaceuticals, food and beverage, medical devices and the like. It ensures that the right people have the right permissions to access the right programs. In addition, version control enhances productivity with tools that enable automation engineers to quickly review and visually compare program versions directly in a browser.

Browser-based engineering

Browser-based engineering is an IDE as a Service (IDEaaS) that lets users securely access integrated development environments (IDEs) from any browser and Internet connection. This technology allows users to access multi-vendor and multi-version IDEs like Rockwell and Siemens directly from their browser. Secure remote access allows virtual private network (VPN)-secured sessions with fresh, disposable IDE copies for each session. License sharing allows users to pool and share licenses to boost utilization and save costs. Browser-based engineering simplifies management because fully patched IDEs are always up to date, avoiding hardware burdens.

“Users can open browser-based functionality directly from the version in the repository,” explained Kilfoy. “Users can open it and can edit that code. The entire [Software Defined Automation] product is 100 percent cloud based, except for a gateway.”
 

Secure remote access

According to Kilfoy, Software Defined Automation’s cloud-based secure remote access control is 11 times more secure than self-managed VPNs such as Cisco and Citrix, which helps protect against ransomware. It controls who accesses each product and device/PLC. The on-demand connection uses encrypted MQTT and WireGuard VPN for secure OT device access. Secure remote access records every action for full transparency and auditability.

“Our secure gateway is software that runs on an IPC,” explained Kilfoy. “We install it, we configure it and at that point you can start adding PLCs to it. That gateway also gives us the ability to do a full secure remote access solution.”

Virtual PLC management

“Virtual PLC orchestration or management is the same idea as CODESYS,” said Kilfoy. “We can deploy CODESYS the same way that we deploy Rockwell or Siemens. We also manage the DM [device mapper] or the docker. Our virtual PLC, or soft PLC, orchestration goes into version control just like everything else. AI is built into it. Everything is fully integrated.”

Virtual PLC management allows users to gain independence from vendor-specific hardware. It allows users to run soft PLCs with real-time performance on standard IT servers with edge virtualization. It deploys quickly, allowing users to launch virtual PLCs in seconds and manage them alongside conventional PLCs in a single platform. Its unified workloads combine real-time and non-real-time tasks on the same hardware. In addition, because of integrated operations, users can run human-machine interfaces, monitoring and data analysis on the same factory hardware.
 

AI for automation

Software Defined Automation uses its Factory Agent AI to translate PLC code into human language, which enables engineers to grasp complete automation/PLC projects quickly and also get up to date process documentation. Because PLC code is streamlined into human language, new employees and/or consultants can be onboarded faster. Being able to “read code” in human language ensures always-current program documentation. “Factory Agent does a reverse translation to provide documentation,” said Kilfoy. “There’s nobody [else] out there that does this for PLC code that I’m aware of.”
 

Cybersecurity

Kilfoy said that there has been a 41 percent increase in ransomware attacks in manufacturing since 2020. The average cost of recovery from a ransomware attack in manufacturing is $1.67M and 22 percent of them take longer than a month to recover. “The biggest conversations that we get into most recently have been about cybersecurity and ransomware attacks,” he said.

According to Kilfoy, Software Defined Automation’s advantage is because they are not in the factory. “When a ransomware attack comes in, it attacks the PLC, but it also attacks everything else in the footprint. The blast radius includes things like the Rockwell Studio 5000, the TIA Portal and the machines they are on. It also includes things like the license server for those. In addition, 53 percent of the backups [when they were attacked] are encrypted, so the backups themselves are getting hit. With some of the solutions we compete against, the backup is off-prem, but the tools to do the backup and to recover the backup are on-prem, including the licenses.”

The company’s cloud-based approach helps protect against ransomware attacks by isolating the backup and recovery processes from the on-premises infrastructure. “From a security standpoint, we’re an AWS partner. We help our customers with support on their NIST Cybersecurity Framework 2.0 journey,” explained Kilfoy.
 

Looking ahead

Software Defined Automation envisions a future where PLC management and development is simple, secure and efficient, so that factories can increase uptime, reduce mean time to recover and maximize the productivity of their assets. Industrial DevOps can simplify these PLC management and development tasks, increase factory uptime and efficiency, as well as improve security in a single comprehensive, integrated solution.
Software Defined Automation’s solutions allow users to quickly back up and recover code, track PLC code changes across multiple vendors, enable remote and secure access control, streamline development and enhance collaboration, translate PLC code into human language and gain independence from vendor-specific hardware.