I just read an interesting report from Continental Automated Buildings Association (CABA) entitled “Bright Green Buildings”.  The premise is that today people thing of ‘green’ buildings (more efficient, less waste, more recycling) and there are ‘smart’ buildings (integrated control systems, continual monitoring and metering).  A ‘bright green building’ is the convergence of smart and green.  I’ve blogged on the smart building and green IT topics before, but this paper pulls them together nicely.

Of course OPC would play a major role in the Integrated Building Controls section of things.  Using OPC Servers from the Building Automation suite, including the recently released OPC Server for Johnson Controls N2, means system designers can ensure complete interoperability between the various manufactures and BAS and BEMS vendors.  Beyond the obvious use of OPC to connect the control systems, another key point the paper makes is on continual monitoring and metering in order to earn “Green and Sustainable” certifications.  As it states in one section “The ability to track utility use on a real-time basis will increase the ability of the project team to document compliance with LEED.”  OPC would play a big role here as well.

For those interested in smart green buildings, the CABA article is worth a read.  For more on how OPC fits in with smart IT you can check out the paper “Energy Saving Solutions – Building IT with OPC”. 

I’ve seen numbers saying the recently approved economic stimulus package has nearly 10% of the entire bill providing funding and tax credits for green energy related projects.  It will be interesting to see if this will keep the ‘bright green’ momentum moving forward.  Anyone have addition thoughts on things?

I see from this recent press release that the latest version of the MatrikonOPC Server Framework has passed the OPC Foundation Third-Party Independent Certification.   This is the Gold level of the OPC Certification program, and since all MatrikonOPC Servers are based on this Framework they all share this level of certification.

For those that aren’t aware, the The OPC Certification Program is the process where OPC vendors can verify the correct operation of their products with a series of tests developed by OPC Foundation. There are two Levels of Certification; “Self Tested”  (Silver)  and “Compliance Certified” (Gold).

The “Self Tested” level of testing provides tests that determine what features of the OPC specifications that the product supports and verify that these features are implemented correctly. The OPC Certification “Self Tested” program has two components: Compliance Testing and Interoperability Testing.

The “Compliance Certified” level of testing is provided as part of the Enhanced 3rd Party Certification Program. OPC vendors take their products to a sanctioned Independent Certification Test Lab to have the lab staff verify the correct operation of their products. This verification includes the range of tests covered by “Self tested” certification and also includes usability, behavior, load and performance testing.   

The extensive process ensures that certified products meet customer’s demands for interoperable OPC products that are secure, reliable, and intuitive.  Before the introduction of the Enhanced 3^rd Party Certification Program, OPC vendors could only claim the ‘Self-Tested’ level of compliance.  The Gold level certification really raises the bar on OPC interoperability, and vendors really committed to robust OPC products go even farther.  Read more on the Certification Program what ‘even farther’ entails in the article “Complacent with Compliance”

I was talking with one of the OPC System Architects the other day about an interesting project they were working on. The project centered around the ability to stabilize the price that a high energy consumer will pay for electricity, since many industrial consumers pay floating market rates and are subject to times when power costs can fluctuate dramatically.  The thinking is that if the user can have access to real time energy costs and input that data into the control system, then operators could be signaled to switch to a back-up generator or even halt production during power price spikes.

What was needed was a source of updating electrical rate data, and a way to feed it into the control system.  The first part is quite easy, since many generation companies post rates on websites, like these in Canada, US, Germany and Italy.  The second part is easy to achieve too, if you consider that web pages can be considered just another ASCII Ethernet protocol. Add in a configurable protocol OPC Server, like the MatrikonOPC Genie (Generic Information Exchange) and you got a solution.  With the state of the global economy today, people are looking at many ways to optimize operation and save money.

There are many devices that use text-based or binary protocols used over serial or Ethernet connections, for which OPC servers probably do not exist.  Would getting real-time data access to these devices help optimize a process or same money in your business?  If so, you can read more about how a configurable OPC server can be used in this paper. Every penny counts these days…

…I’m like that. Or a least that’s how my OPC Connection column over at Control Global was recently described J.  I’ve been contributing to this column for a couple of years now, so there are lots of OPC topics covered.  Should be something there to fit everyone.

If these articles don’t fill your craving for OPC information, you can always find more OPC articles, whitepapers and case studies on our OPC resource download portal.

Saw this headline “World’s power grids infested with (more) SCADA bugs” on the Digital Bond blog about the latest SCADA vulnerability put out by CERT.  What amused me is some of the comments in the article that continue to reinforce the old ‘security by obscurity’ thinking. 

The warning is the latest to affect so-called SCADA, or supervisory control and data acquisition, software used to control valves and switches at manufacturing plants, power generators, and gasoline refineries throughout the world. In theory, such bug shouldn’t pose much risk, because SCADA systems and other critical industrial controls should never be exposed to the internet.

 

Indeed, a spokesman at Areva’s Maryland outpost suggested Thursday that the vulnerabilities like the ones included in the advisory didn’t amount to much of a threat.  “Computers used at nuclear power plants are not connected to the internet and therefore they’re not vulnerable to viruses of any kind,” he said.

‘Shouldn’t be connected’ doesn’t mean they are not, and there are more ways than the internet for systems to be compromised.  

This story has a bit of a silver lining in that according to Dale, AREVA, with the agreement of the researcher, actually notified supported customers of the vulnerability a few months in advance of the public release thereby giving diligent asset owners an opportunity to patch prior to public release.  Shows that at least some companies out there are getting more serious about SCADA security and responding better.

If you’re looking to get more serious about your OPC security take a look at this whitepaper on “Creating Secure OPC Architectures”  or the “OPC Consideration for Network Security”

Some news on the MatrikonOPC security and OPC UA fronts.  The latest version of the MatrikonOPC Security Gateway now supports the OPC UA specifications.  This means that users can now control who can browse, add, read and/or write on a per-user-per tag basis between classic OPC and OPC UA clients to any OPC DA server from any vendor.  Users get the functionality of secure, certificate based OPC UA security in addition per-item level access and OPC security to the underlying classic OPC server. Plus the Gateway also has built-in support for OPC Tunneller connections which adds an additional layer of security and encryption. 

Security in the automation world and OPC connectivity is gaining more notice on many fronts.  Why just today I got a comment on a previous OPC Security blog posting from someone connected to a BlackHat user forum, looking for more information on OPC Security and the OPC Security Gateway.  If people are looking at how secure a system is that probably means someone else is looking to get in…

Here are a few links for anyone wanting more details on OPC Security and the Security Gateway:

OPC Security Gateway Manual

Hardening OPC Server Permissions

OPC Security 1.0 Specification

Security Gateway Configuration

Creating Secure OPC Architectures

Hardening Guidelines for OPC Hosts