This presentation explains what Monico Monitoring does, including their mCoreSDR and MonicoLive solution for remote monitoring of heavy industrial assets. For more information and a consultation on how your business can leverage this technology please contact us.
2. Monico – Introduction and Solutions Overview
Monico is a supplier to end users and their integrators for
industrial data acquisition, protocol conversion, data analysis,
and custom monitoring solutions
• We’re in the business of Industrial Data communications
• Monico is a Preconfigured Solutions Company
• We offer superior Customer Service and Support
Who is Monico?
3. Monico is recognized worldwide for providing superior communications products and technical assistance across
the industrial marketplace. We supply simple, yet powerful, monitoring solutions that foster ever-increasing value to
our customers and their asset management.
• We have long been a leader in CAT® equipment communication and
monitoring due to our exclusive ability to communicate across CAT® Data Link
• We are experts with extensive experience with S.A.E. J1939
• We work with Cummins® , Kohler®, John Deere® and MTU® equipment
Monico – Introduction and Solutions Overview
What we’re known for
4. We help our customers with data. It’s all about DATA
Equipment operations generate information in the form of data, this data is collected via a series of networked
sensors (e.g., CANbus) and external sensors (e.g. temperature or pressure). Once data is ‘sensed’ it can be
collected, sent and stored for deriving insights about the data.
Essentially, we help our customers:
Acquiring data
Converting data
Transmitting data
Analyzing data
Visualizing data
Monetizing data (Finding Value in Data)
Monico – Introduction and Solutions Overview
What we do?
5. Evolution of Monico
The Past
Historically, Monico relied on strategic partners to provide hardware and software that Monico would add value to by
providing configuration of that hardware for the unique applications of our customers.
We realized that we were helping customers to collect, translate and produce data effectively, but something was
missing.
There was more we could do to help. We could help our customers by producing more value from the data.
However…we began to notice that:
• Former strategic partners – were unable to provide devices that Monico could utilize in helping our customers with:
• Rugged Environments (e.g., Mining)
• Processing Capability (i.e., math processing and speed)
• Connection capabilities (i.e., Cat Data Link, CAN, Ethernet, RS485, RS232)
• As a result, Monico set out to develop/manufacture it’s own capable hardware device
Monico – Introduction and Solutions Overview
6. So, How does Monico provide more value from the data?
We realized that our customers had challenges when it came to extracting additional value from data that was being generated. They
often lacked the right hardware, knowledge or personnel that were capable of processing the data to produce more value.
After assessing what was needed to provide additional value on the data…
Monico concluded that with the right hardware device and a way to store large volumes of historical data collected from equipment
we could help our customer get more value from data by providing remote monitoring (e.g., Alerts/Notifications), perform analytics on
the equipment at the edge and in the cloud and visualize the data into useful graphical displays for ‘visually consuming’ the data.
• Hardened data collection edge device
• Edge analytics and processing capability
• Rugged Hardware Device
• To service the needs of mobile Off Highway
Vehicles (OHVs)
• IIoT Platform Access – Remote Monitoring Solution
• To offer remote monitoring and cloud analytics
• Data Visualization
• Including Subject Matter Expertise
Monico began to offer:
Evolution of Monico
Monico – Introduction and Solutions Overview
7. Monico Hardware Product Line Up
LE and GT Gateways Asset Gateways
m3
Monico Mobile Messenger
mCore
Secure Data Router
Asset HMIs I/O Modules Power Supplies/Buffers Isolated Repeaters
Introduction to Monico Products
8. Monico continues to provide Solutions to our customers to help them Acquire data, Convert data, Transmit data,
Analyze data and Visualize data. With Monico’s flagship hardware device (mCore®SDR) and Visualization Environment
(MonicoLive™) we have the tools to help our customer get more value from their data.
Monico – Introduction and Solutions Overview
The Future and Monico
9. What is mCore®SDR?
mCore®SDR is a:
• Protocol Translator
• Secure Edge Device Gateway
• Edge Analytics Device
These design goals are fundamental core values in the current and future
development of mCore that make it equally fit for on-premises closed
Industrial Control System networks and future applications to leverage the
tremendous potential of cloud computing.
mCore®SDR is Monico’s Flagship Next
Generation platform for remote monitoring,
telematics applications, and edge analytics.
This device incorporates three original design goals:
(1) Industrial Cybersecurity
(2) a Rugged Package for Mobile Equipment
(3) Maximum Computing Power, Speed, and Efficiency
Monico – Introduction and Solutions Overview
Introduction to mCore®SDR
10. Features
• Protocol Translation:
• CDL (CAT® Data Link), S.A.E. J1939, Modbus RTU, Modbus TCP, Allen Bradley Tags, OSI OMF
• Advanced CDL Driver for Automatic Network Recognition and Network Efficiency
• x.509 Security Certificates for Bi-Directional Authentication
• SSL/TLS Encryption Sockets and Basic Firewall
• Utilizes OSIsoft®’s Pi Connector Technology
• LED Indicators for Power and Communications
• Onboard Customer Data Logging
• 2GB of RAM and 4GB of Onboard Non-Volatile Storage
• Quad Core 800 MHz Processor with Multiple Math Coprocessor
• Compact Footprint – (L)4¼” x (W)3” x (H)5¼”
• Factory Optional microSD Card
• HTTPS Secure Web Server User Interface
Monico – Introduction and Solutions Overview
Introduction to mCore®SDR
11. • 8-48 VDC Power Supply
• -40 - 70 °C Operating Temperature up to 28VDC
• -40 - 65 °C Operating Temperature up to 48VDC
• IP67 rated for Temporary Water Immersion
• IP66 rated for High Volume Wash Down
• Vibration tested from 2-200 Hz at 5 G’s Acceleration
• Shock Tested to 25 G’s
• Class I Division II Groups A-D Surface Temp T5A
Monico – Introduction and Solutions Overview
Specifications:
Introduction to mCore®SDR
12. mCore®Secure Data Router Overview
Operating Environments
• IP66/IP67 Enclosure – Water and Dust Resistance
• Class I, Division II Certification – Haz. Loc. Approved
• -40° to +70°C (for 8-28 VDC)
• -40° to +65°C (for 8-48 VDC)
• Shock and Vibration Resistant
Supported Industrial Datalinks
(2) CANbus Ports
(2) Ethernet Ports
(1) CAT® Data Link Port
(1) RS232 Serial Port
(1) RS485 Serial Port
Monico – Introduction and Solutions Overview
Protocols:
• CDL (CAT® Data Link)
• S.A.E. J1939
• Modbus RTU
• Modbus TCP
• OSI OMF
• MQTT (Sparkplug B)
Specifications:
13. mCore®SDR User Interface (UI)
What is it? The mCore®SDR User Interface provides
a way for end users to interact with the
device
• Setup
• Protocols
• Firewall
• Define Data Tags
• Configure Web Server
• Customer Logs
• View live data
• Manage Password Access
• Extract customer logs
• Access System Functions
• Factory Reset
Monico – Introduction and Solutions Overview
Introduction to mCore®SDR
14. mCore®SDR Security Design Areas
Monico – Introduction and Solutions Overview
mCore
User
Interface
Modbus RTU
Master/Slave
Modbus TCP
Master/Slave
CAT® Data Link
S.A.E. J1939 (1)
S.A.E. J1939 (2)
Allen Bradley
Allen Bradley
OSI OMF
Modbus RTU
Master/Slave
Modbus TCP
Master/Slave
S.A.E. J1939
HTTPS
mCore System
mCore®SDR
Hardened Kernel & OS
Configuration
x.509
Certificates
Data
Output
Data
Input
External Computer
• Firewall protects from
unwanted inbound
traffic
• mCore®SDR has a user
interface (UI) that is
separated from the rest
of the systems (meaning it
can’t be used to ‘hack’ the other
systems)
• mCore®SDR uses
encrypted HTTPS
connections
• Incorporates x.509
Certificates for security
15. mCore®SDR
Hardened Kernel & OS
Data Output Configuration
x.509
Certificates
Data
Input
Ethernet
LAN
Ethernet
WAN
SCADA
via MQTT
MonicoLive
via OMF
Industrial
Control
Systems
network
Security Key Points
• Two physically separated Ethernet ports are
managed and controlled by the mCore®SDR
Operating System
• mCore®SDR has built-in configurable firewall
• Firewall is filtering IP packets IN and OUT of the
mCore®SDR
• Firewall is blocking all unwanted packets IN to the
mCore®SDR preventing malicious activity and attacks
• All routing and packet forwarding between Ethernet
interfaces is disabled by design
mCore®SDR Security Design Areas
Monico – Introduction and Solutions Overview
16. What is MonicoLive?
MonicoLive™ is a hosted, web-based service used to provide secure, remote monitoring, data analytics, and data
visualization solutions for critical assets. Users can monitor critical asset data from any internet enabled browser.
But First, let’s look at OSI Soft PI and Microsoft Azure Cloud
MonicoLive's data infrastructure is built upon OSIsoft®'s Pi
System that is used by 262 of the Fortune 500. OSIsoft
leads the marketplace for supplying business intelligence
around assets, and we are proud to be partnered with
them to overcome the challenge of providing secure asset
intelligence and monitoring to our customers.
Key Point: We are a Partner Solution of OSIsoft
Visit the partner website here
MonicoLive is cloud based solution that is hosted in the
Microsoft Azure Cloud. It is an ever expanding web-based
suite of services to help organizations manage data and
business challenges. It provides an environment to build,
manage and deploy applications on a global network.
Key Point: MonicoLive is hosted in a highly secure,
infinitely expandable cloud environment
More information can be found here
Monico – Introduction and Solutions Overview
Introduction to MonicoLive
21. Monico – Introduction and Solutions Overview
What does it do?
Remote Monitoring
Analytics
Alerts and Notifications
Data Visualization
Historical Data Retention
Provides the ability to watch a piece of equipment from a distance
Operational Metrics (e.g., RMP, on/off, pressures, fault codes)
Utilization Metrics (e.g., how long was it on for)
Productivity Metrics (e.g., how much dirt was moved in a time frame)
Stores time stamped data in a database(s)
Useful in Analytics (e.g., Trending of a condition)
Diagnostics Review (e.g., Being able to go back and review data to look for relationships)
Visually ‘consume’ the data and interact with the data
Bar charts, Line Graphs, Gauges, etc. (e.g., round RPM Gauge)
Visualize relationships of data (e.g., observing pressure rise as RPMs increase)
Systematic computational analysis of data
Qualitative and Quantitative (techniques and process used to enhance productivity)
Correlations and Patterns (looking at them and for them helps to answers questions)
What happened, How/Why did it happen, What’s happening now and what could happen next?
Data can tell you something without being logged in
Condition was met (e.g., Engine hours hit X number, time to service)
Critical Alerts (e.g., Engine cylinder #3 is losing compression)
Text & Email
Introduction to MonicoLive
22. Introduction to MonicoLive Subject Matter Expertise
Adding value to MonicoLive
Remote Monitoring
Analytics
Alerts and Notifications
Data Visualization
Historical Data Retention
• Know what to look for in preparation of analytics
Knowing what data is important and how to use it to derive business intelligence
Understanding of equipment, machinery and processes being monitored
• Preparation of Data for use in Analytics
Cleaning up data for use in Analytics
• Watchful Expert Eyes
Monitoring of data for use in development and tweaking of analytics and
Automation of Analytics
• Development of Visual Analytics
Also helps to develop Edge Analytics
Development of Edge Analytics
Real Time Actionable Intelligence
NOTE: Although MonicoLive™
by itself can be valuable the
real value of the platform is
the analytics capability and
that requires subject matter
expertise
Monico provides Subject Matter Expertise (SME) to customers that may not
have the resources or knowledge of how to evaluate, process and gain insights
from the data. Subject Matter Expertise requires the ability to:
Monico – Introduction and Solutions Overview
23. MonicoLive/OSIsoft Cloud Environment
Azure Domain Controllers
Load Balanced SQL Servers
PI Connector Relay
Load Balanced PI AF Servers
Load Balanced PI Analytics Servers
Load Balanced PI Data Archive Servers
Load Balanced
PI Notification Servers
Load Balanced PI Vision Servers
Azure
Core
Network
Azure
Backend
PI Network
Azure Frontend PI Network
Azure Network
Security Group
Azure Network
Security Group
Internet
Azure Network
Security Group
Azure Network
Security Group
Hosted and managed
By OSIsoft
Monico – Introduction and Solutions Overview
24. Internet
Microsoft
Azure CloudYour
Network
MonicoLive
OSISoft PI Environment
Monico mCore®
SSL Request via x.509 Certificates
OMF Data Push to PI via encrypted tunnel
Authentication via SAS Token in the header of each OMF message
OMF SAS Token
OMF is a one-way, push communication
method. Compressed data is sent from the mCore®
to the server over the encrypted TCP/IP connection,
and the only return traffic from the server is the
TCP/IP acknowledgement of each packet and any
status codes
mCore® Firewall
Data Security
Monico – Introduction and Solutions Overview
25. Data Security and Operation
• The OMF SAS Token is manually installed in the mCore before shipping or in the field
through the local interface.
• When mCore opens a socket with MonicoLive, it requests a certificate to authenticate the
MonicoLive Server and then opens an HTTPS connection.
• After establishing the SSL tunnel, mCore sends each OMF message with the SAS token in
the header over Ethernet, so the server can authenticate that the mCore is the device it
was expecting to receive data from. If the correct token is not used, it will not accept the
data packets
• The mCore OMF application builds data containers and all data is time stamped within the
container.
• The container goes to a buffer thread that manages the connection and sends the packets
when the connection is available and buffers them when the connection goes down for
any reason.
Monico – Introduction and Solutions Overview
26. Future Security Goals
• Enhanced Active Security inside ICS Network
• More efficient data flow/management
• Publisher/Subscriber Network Topology
• High speed data to reliability engineering
systems
• Reliable SCADA data for system control
• Elimination of Poll Response Protocols
• Data Buffering for more consistent reliability
data
What’s the future of ICS Network Security
Monico – Introduction and Solutions Overview
27. What’s the future of ICS Network Security?
Monico – Introduction and Solutions Overview
DOYLE
Callout our work other markets including Plant Monitoring
DOYLE
Callout our work other markets including Plant Monitoring
DOYLE
Callout our work other markets including Plant Monitoring
DOYLE
Callout our work other markets including Plant Monitoring
DOYLE
Callout our work other markets including Plant Monitoring
DOYLE
Callout our work other markets including Plant Monitoring
DOYLE
Callout our work other markets including Plant Monitoring
DOYLE
Callout our work other markets including Plant Monitoring
DOYLE TAYLOR
DOYLE
Callout our work other markets including Plant Monitoring
DOYLE TAYLOR
HTTPS DEMO
DOYLE TAYLOR
HTTPS DEMO
DOYLE
Callout our work other markets including Plant Monitoring
DOYLE
Callout our work other markets including Plant Monitoring
DOYLE
Callout our work other markets including Plant Monitoring
DOYLE
Callout our work other markets including Plant Monitoring
DOYLE
Callout our work other markets including Plant Monitoring
DOYLE
Callout our work other markets including Plant Monitoring
DOYLE
Callout our work other markets including Plant Monitoring
KEVIN ERICKSON
Every major server is redundant and simultaneous with load balancer
Azure Environment has redundant power and internet trunks
Virtually unlimited computing resources and data storage for historian
KEVIN ERICKSON
The OMF SAS Token is manually installed in the mCore before shipping or in the field through the local interface.
When mCore opens a socket with MonicoLive, it requests a certificate to authenticate the MonicoLive Server and then opens an HTTPS connection.
After establishing the SSL tunnel, mCore sends each OMF message with the SAS token in the header over Ethernet, so the server can authenticate that the mCore is the device it was expecting to receive data from. If the correct token is not used, it will not accept the data packets
The mCore OMF application builds data containers and all data is time stamped within the container.
The container goes to a buffer thread that manages the connection and sends the packets when the connection is available and buffers them when the connection goes down for any reason.
KEVIN ERICKSON
The OMF SAS Token is manually installed in the mCore before shipping or in the field through the local interface.
When mCore opens a socket with MonicoLive, it requests a certificate to authenticate the MonicoLive Server and then opens an HTTPS connection.
After establishing the SSL tunnel, mCore sends each OMF message with the SAS token in the header over Ethernet, so the server can authenticate that the mCore is the device it was expecting to receive data from. If the correct token is not used, it will not accept the data packets
The mCore OMF application builds data containers and all data is time stamped within the container.
The container goes to a buffer thread that manages the connection and sends the packets when the connection is available and buffers them when the connection goes down for any reason.