| Mon, 16 Jun 1997 11:27:00 -0400 (AST) |
| < "NSPC5::PETER" Peter.Payzant@NSPower.NS.Ca> |
There was an enquiry about companies who had made their SCADA data available via Web browsers. We are in the process of upgrading our existing character-based operator displays with Digital Alpha workstations, which will allow us to build fully-graphical displays. We currently present SCADA data to employees via the corporate "intranet", using a home-grown application running on PCs as a display mechanism. This will be obsolete when we convert to the fully-graphical operator interface, and so we are looking at replacing it with something based on a Web browser. Most of our employees have WWW access on their desktop PCs. While we are still in the preliminary stages, we expect that it will take the form of a dedicated server accepting http requests from users. The server would have read-only access to the SCADA database. It will probably not run on one of the Scada machines, but will access them via the corporate LAN. The user client software will probably be Netscape with a specialized plug-in which is capable of rendering the Scada displays on the Netscape canvas. This has not been developed, but we are hopeful that it will not be too difficult. Our solution will be specific to our particular Scada vendor (Landis Gyr), but I thought that it might be of interest to others contemplating similar projects. Regards, Peter Payzant --------------------
L. Peter M. Payzant, P. Eng. peter.payzant@nspower.ns.ca Sr. Control Systems Engineer phone: (902) 428-7721 Nova Scotia Power, Inc. fax: (902) 428-7799 P. O. Box 910 Halifax, NS Canada B3J 2W5
| Tue, 17 Jun 1997 08:46:27 +0800 |
| < Steven Kinsman stevek@COMSYS.com.au> |
available via Web browsers. ... Reported in "What's New in Process Engineering" Nov 1996, Wizcon appear to have done this properly. Full viewing and control seems to be implemented from Java-enabled Web browsers. This looks like a good way to go, and I hope other vendors will follow suit - especially Citect
| Tue, 17 Jun 1997 10:47:58 +0300 |
| < Noam Sadot sadot@pcsoft.co.il> |
You can now use a real SCADA application made with WizNet at http://wiznet.pcsoft.co.il (goto live demo) You don't need to install anything in order to use the application since it is pure Java. Netscape 3.01, Netscape 4.0 or Explorer 3.02 are recommended.
| Tue, 17 Jun 97 09:15:48 -0700 |
| < David Gaw dgaw@coactive.com> |
People interested in this may also want to take a look at our WebIO product. This uses pure Java to connect a web browser with a LonWorks control network. It support live monitoring as well as control. LonWorks is increasingly being used to link I/O devices at a remote SCADA site. The approach we have taken is to embed the server in a device. The device contains the network interface to LonWorks as well as either Ethernet (TCP/IP) or dial-up (PPP) connections. You can find information on WebIO via our web site: Just FTP to ftp.aimnet.com and go to /pub/users/coactive, or go to our web site at http://www.coactive.com and follow the links other resources and check out Coactive's FTP site. Then go to the directory user-doc/webio/html, and open the document start.htm.
David. --- David Gaw (dgaw@coactive.com) Coactive Aesthetics, Inc. "Advanced Solutions for Distributed Control" 4000 Bridgeway, Suite 303 Sausalito, CA 94965 voice:(415)289-1727 fax:(415)289-1320 http://www.coactive.com
| Tue, 17 Jun 97 08:24:05 -0500 |
| < "Kevin McGrath"kmcgrath@bug.com> |
howdy, this is a great idea but I'm wondering about security details. while you say this will be setup for read-only access I would be concerned about using an intranet web browser to "directly" access my SCADA system. we have setup a homepage for my area and we allow access to SCADA "real-time" information via read-only access to a "non-SCADA" machine running our HTTP server, that we copy our SCADA database to at regular intervals. I guess my point is that you need to be very careful about security if you are going to use the web to access your SCADA systems, especially with all the recent security problems that have come up with Netscape, Internet Explorer, et al
regards,
Kevin M. McGrath
Brooklyn Union
Brooklyn, NY, USA
| Tue, 17 Jun 1997 10:01:00 -0400 (AST) |
| < "NSPC5::PETER" Peter.Payzant@NSPower.NS.Ca> |
Kevin McGrath made some very good points about security and SCADA access via Web technology on the corporate "intranet". Our current character-based system uses a non-SCADA machine as a server of SCADA information to corporate clients. The link between the server and the SCADA machines is uni-directional, i.e. the SCADA machines send data to the server on demand, but the server can't insert data into the SCADA database or communicate with the SCADA software. This gives us reasonable confidence that corporate users can't operate field devices or corrupt the SCADA database. Another security issue is that of protecting sensitive data from unauthorized viewing. This would include cost-related parameters such as generating plant incremental costs, and other things like telephone numbers for after-hours call-outs. At the moment we protect this using just the IP address of the client as an identifier, assuming implicitly that our internal corporate users are not going to mount a hostile attack ("padlocks are just for honest people"). However, when we upgrade to full web access to our database, we're going to update the security protection to include username/password access to some data. Regards, Peter Payzant --------------------
L. Peter M. Payzant, P. Eng. peter.payzant@nspower.ns.ca Sr. Control Systems Engineer phone: (902) 428-7721 Nova Scotia Power, Inc. fax: (902) 428-7799 P. O. Box 910 Halifax, NS Canada B3J 2W5
| Tue, 17 Jun 1997 16:57:00 +0300 |
| < Noam Sadot sadot@pcsoft.co.il> |
About the security issue regarding SCADA for Intranets/Internet. Most web servers today enable you to protect certain pages by username and password. Take a look at http://wiznet.pcsoft.co.il live demo page - in this simple demo we protected the web SCADA application with a user name and password as an example. Also web servers (Like Netscape FastTrack) enable you to filter access according to IP address of the client. In cases where this is not enough a firewall can be used. Security is number 1 concern of many people involved with the internet - many companies are working on solutions - it is not a SCADA specific problem. One more point is that some SCADA packages today that use TCP/IP for communication between SCADA station are also not protected - An unauthorized user can install another copy of the software on the same network and possibly access part of the application running on other stations through the network. Noam.
| Wed, 18 Jun 1997 10:25:12 +0800 |
| < Lynn August Linse linsela@robustdc.com> |
At 11:32 17-06-97 +1000, you wrote: What do you mean by "rewriting schematics ... in Java". I'm not too up on Java, but is the drawing "recreated" by a java program each time it displays? Is this conversion manual? What alternatives has anyone seen to using bitmaps (GIF, JPG) for process diagrams on web pages? Best Regards;
Lynn August Linse, linsela@robustdc.com Robust DataComm Pte Ltd, 221 Henderson Road #04-10 Singapore 159557, Ph(65)272-2340 Fx(65)272-0582 http://www.robustdc.com http://www.singnet.com.sg/~linsela
| Wed, 18 Jun 1997 14:51:26 +1000 |
| < Kevin Webster kwebster@tusc.com.au> |
The Java applet downloads and parses the graphic definition file (an ascii text file), and renders the graphic accordingly. Luckily we had the c code from the native scada graphic viewer, which ported easily to java. If the applet is a trusted applet, it can save the schematic definition file locally, and need only download a new schematics definition file should it have changed on the server. --- We originally tried a method whereby scada schematics were periodically converted to gifs, and then netscape displayed the latest gif, but this is a 'view only' solution, and a bit of a hack (although easy to implement). We found we could have a 'refresh' rate of around 10 seconds with this method. In fact, to shorten the development time we later 'borrowed' some of the commercial java 'advertisment billboards' - instead of displaying advertisments, they displayed gifs that were supplied by the scada system.
| Thu, 19 Jun 97 08:16:11 -0500 |
| < "Kevin McGrath"kmcgrath@bug.com> |
howdy, this is a great idea but I'm wondering about security details. while you say this will be setup for read-only access I would be concerned about using an intranet web browser to "directly" access my SCADA system. we have setup a homepage for my area and we allow access to SCADA "real-time" information via read-only access to a "non-SCADA" machine running our HTTP server, that we copy our SCADA database to at regular intervals. I guess my point is that you need to be very careful about security if you are going to use the web to access your SCADA systems, especially with all the recent security problems that have come up with Netscape, Internet Explorer, et al
regards,
Kevin M. McGrath
Brooklyn Union
Brooklyn, NY, USA
| Mon, 16 Jun 97 14:30 EDT |
| < scada@scada.cmc.stph.net> |
Hi I wish to know if any utility/user has successfully integrated their SCADA system onto Internet and made the data available through a Web browser. Lot of thoughts have been in the air and couple of MMI package vendors were claiming such a connectivity. Can someone throw some light on where it is implemented. Regards
MS --------------------------------------------------------------------------- M Srinivas Manager - SCADA Systems Ph : 91-40-3000508 ASDC-SCADA Fax : 91-40-3000509 CMC Limited India - 500019 http://scada.cmc.stph.net For Information on our Products/Activities info@scada.cmc.stph.net ----------------------------------------------------------------------------