Successfully reported this slideshow.
EXPRESS interface<br />Technical Overview<br />
What is Xi?<br />A simple Microsoft.NET interface for securely wrapping industrial automation systems, for both local and ...
Why was Xi developed?<br />New Microsoft-based client developments have moved to .NET <br />=&gt; These application need a...
Is Xi a common interface?<br />Yes - Xi provides access to runtime and historical data, events, and alarms, all in one int...
Security model<br />Limited Access (e.g. no Writes)<br />Full Access<br />Full Access<br />
Performance model<br />Remote Access Performance<br />Higher Performance<br />Highest Performance<br />
Platform model<br />Open – Any platform using web services<br />Open <br />– Generally <br />   Windows<br />Windows<br />
Xi Interface Architecture<br />Multi-layer architecture to reduce interoperability problems<br />Client Interface<br />Ser...
Xi Functional Architecture<br />Clients select resources (data/alarms/events) into lists, and add lists to endpoints for a...
Security concepts<br />Base user privileges defined by access control list<br />Base encryption and authentication provide...
Security architecture<br />Server Discovery Endpoint<br />List of Resource Discovery Endpoints<br />One per server<br />Re...
Multiple endpoints per client
Multiple lists per endpoint
Known only to the client</li></ul>Poll or Callback<br />
Server and endpoint discovery<br />PNRP Enabled Clients<br />PNRP Enabled Servers<br />PNRP Discovery of Servers<br />PNRP...
Endpoint interfaces<br />Used to locate servers <br />ServerDiscovery<br />Used to:<br />discover resources of a server, <...
Obtaining information about the server<br />Server Management Info Base (MIB)<br />Server capabilities and settings <br />...
Finding objects (filtered browsing)<br />Objects located by their path (e.g. A/C/G)<br />Object <br />Hierarchy<br />A<br ...
Data lists<br /><ul><li>Data lists select data objects that are to be accessed via read/write/subscribe
Data lists can be created by the client or the server</li></ul>Data Lists <br />Object <br />Hierarchy<br />A<br />B<br />...
Historical data lists<br /><ul><li>Historical data lists are data lists that contain historical values
Historical lists are updated as new values are received into the Data Journal</li></ul>Historical Data Lists <br />Object ...
Upcoming SlideShare
Loading in …5
×

Express Interface (Xi) Technical Overview

7,010 views

Published on

A slidecast by Lee Neitzel explaining the new Express Interface (Xi) standard for secure, firewall friendly process automation communications.

Published in: Business, Technology

Express Interface (Xi) Technical Overview

  1. 1. EXPRESS interface<br />Technical Overview<br />
  2. 2. What is Xi?<br />A simple Microsoft.NET interface for securely wrapping industrial automation systems, for both local and remote access.<br />Xi Client<br />Xi Client<br />Xi Client<br />Xi Client<br />Existing<br />Client<br />Xi Secure<br />Messaging<br />Xi Interface<br />Xi Secure<br />Messaging<br />OPC COM Server<br />
  3. 3. Why was Xi developed?<br />New Microsoft-based client developments have moved to .NET <br />=&gt; These application need a native .NET interface to talk to OPC COM servers, instead of each having to develop its own.<br />Before Xi (need a custom adapter for each type of OPC server)<br />.NET Interface “A”<br />COM/DCOM<br />.NET Client Application “A”<br />Custom Adapter<br />OPC COMServer<br />Custom Adapter<br />.NET Interface “B”<br />COM/DCOM<br />.NET Client Application “B”<br />Custom Adapter<br />.NET Interface “C”<br />COM/DCOM<br />.NET Client Application “C”<br />With Xi (Xi Wrapper is common to all types of OPC Servers)<br />OPC COM Server<br />.NET Client Application “A”<br />COM/<br />DCOM<br />Xi .NET Interface<br />Xi Wrapper<br />.NET Client Application “B”<br />.NET Client Application “C”<br />
  4. 4. Is Xi a common interface?<br />Yes - Xi provides access to runtime and historical data, events, and alarms, all in one interface<br />Xi Integrated Client<br />Xi Integrated Client<br />Xi Alarm Client<br />Xi DA <br />Client<br />Xi History Client<br />Xi Interface<br />OPC DA<br />Server<br />OPC HDA<br />Server<br />OPC A&E<br />Server<br />
  5. 5. Security model<br />Limited Access (e.g. no Writes)<br />Full Access<br />Full Access<br />
  6. 6. Performance model<br />Remote Access Performance<br />Higher Performance<br />Highest Performance<br />
  7. 7. Platform model<br />Open – Any platform using web services<br />Open <br />– Generally <br /> Windows<br />Windows<br />
  8. 8. Xi Interface Architecture<br />Multi-layer architecture to reduce interoperability problems<br />Client Interface<br />Server Interface<br />Standard code for OPC Wrappers<br />OPC COM<br />Server<br />Client <br />Base<br />Server <br />Base<br />OPC <br />Wrapper<br />WCF<br />Client <br />App<br />Alternate Server<br />Implementation<br />Developer-specific code<br />Standard code for the client<br />Standard code for the server<br />Developer-specific code<br />
  9. 9. Xi Functional Architecture<br />Clients select resources (data/alarms/events) into lists, and add lists to endpoints for access<br />System Resources<br />Common to all clients<br />Client <br />App<br />Manage<br />Historical Alarms & Events<br />filter<br />filter<br />Historical<br />Data<br />Alarms & Events<br />Runtime.<br />Data<br />Read<br />Write<br />Client-specific Context<br />Subscribe<br />
  10. 10. Security concepts<br />Base user privileges defined by access control list<br />Base encryption and authentication provided by .NET WCF<br />Read, write, and subscribe privileges for the user can be restricted based on location of the user and the client application being used (e.g. only approved client apps can write).<br />Patent pending (royalty-free license for use with Xi)<br />
  11. 11. Security architecture<br />Server Discovery Endpoint<br />List of Resource Discovery Endpoints<br />One per server<br />Resource Management Endpoint<br />Read Endpoint<br />List of Resources<br />List of Resources<br />List of Resources<br />Only if authorized<br />List of Resources<br />Write Endpoint<br />Subscribe Endpoint<br />One per system<br />(may be redundant)<br />Client<br />Application<br />Secure<br />Access Controls<br /><ul><li>Dynamically opened
  12. 12. Multiple endpoints per client
  13. 13. Multiple lists per endpoint
  14. 14. Known only to the client</li></ul>Poll or Callback<br />
  15. 15. Server and endpoint discovery<br />PNRP Enabled Clients<br />PNRP Enabled Servers<br />PNRP Discovery of Servers<br />PNRP Discovery of Discovery Servers<br />Xi Discovery of Server Endpoints<br />Xi Discovery Server<br /> Xi Discovery of Xi Server Endpoints<br />Manual Configuration of Server Address<br />Manual Configuration of Discovery Server Address<br />Non-PNRP Enabled Servers<br />Non-PNRP Enabled Clients<br />PNRP = Peer Name Resolution Protocol (Microsoft)<br />
  16. 16. Endpoint interfaces<br />Used to locate servers <br />ServerDiscovery<br />Used to:<br />discover resources of a server, <br />create lists of resources, <br />create endpoints, and <br />assign lists to endpoints<br />ResourceManagement<br />Subscribe<br />Callback<br />Poll<br />Used to get the value of list entries <br />Read<br />Write<br />Used to update the value of list entries <br />
  17. 17. Obtaining information about the server<br />Server Management Info Base (MIB)<br />Server capabilities and settings <br />Standard <br />MIB Objects<br />Vendor MIB Object descriptions <br />Server-specific management object values <br />Vendor <br />MIB Objects<br />(optional)<br />
  18. 18. Finding objects (filtered browsing)<br />Objects located by their path (e.g. A/C/G)<br />Object <br />Hierarchy<br />A<br />Object <br />Attributes<br />InstanceId<br />B<br />C<br />Name<br />Description<br />ObjectTypeId<br />DataTypeId<br />ListDimensions<br />D<br />E<br />F<br />G<br />Flags<br />IsLeaf<br />IsReadable<br />IsWritable<br />IsCollectingHistory<br />FastestScanRate<br />Roles<br />
  19. 19. Data lists<br /><ul><li>Data lists select data objects that are to be accessed via read/write/subscribe
  20. 20. Data lists can be created by the client or the server</li></ul>Data Lists <br />Object <br />Hierarchy<br />A<br />B<br />C<br />E<br />F<br />G<br />D<br />data objects<br />
  21. 21. Historical data lists<br /><ul><li>Historical data lists are data lists that contain historical values
  22. 22. Historical lists are updated as new values are received into the Data Journal</li></ul>Historical Data Lists <br />Object <br />Hierarchy<br />A<br />B<br />C<br />E<br />F<br />G<br />D<br />Historical values<br />
  23. 23. <ul><li>Alarms and events, like data, are accessed via lists, but membership in the list is defined by filters
  24. 24. Events are in lists only long enough for them to be reported via a subscription
  25. 25. Alarms stay in lists until they are acked/inactive
  26. 26. Alarms and event lists can be created by the client or the server</li></ul>Event/Alarm <br />List<br />Filter Criteria<br />Area<br />Hierarchy<br />Alarm and event lists<br />Alarms and Events<br />Areas<br />Alarm/Event <br />Sources<br />
  27. 27. Historical alarm and event lists<br /><ul><li>Historical alarm/event list membership is defined by filters
  28. 28. Historical lists are updated as new alarms/events are received into the Event Journal</li></ul>Historical Event/Alarm <br />List<br />Filter Criteria<br />Event Journal<br />Areas<br />Alarm/Event <br />Sources<br /> Historical Alarms and Events<br />
  29. 29. Interface summary<br />
  30. 30. Example specification page<br />
  31. 31. Conclusion<br />Open<br />Additional security layered on top of traditional security mechanisms<br />Supports runtime and historical data, events, and alarms. <br />Additionally supports passthroughs<br />Provides:<br />Local access via NamedPipe bindings<br />LAN access via NetTcp bindings<br />Web access and off-platform access via REST interface & Http bindings<br />

×