Software Architecture Challenges in Process Automation - From Code Generation to Cloud-native Service Orchestration

—
From Code Generation to Cloud-native Service Orchestration
SEAA 2022, 2022-08-31
Software Architecture Challenges in Process Automation
Dr.-Ing. Heiko Koziolek, Corporate Research Fellow, ABB, Germany

Electrification
Motion
Process Automation
Robotics & Discrete
Automation
—
ABB
Business Areas

—
Software Engineering
Trends relevant in Process Automation
Low-code Development
Continuous Integration & Deployment
Cloud-native Infrastructures
Microservices for Control Apps
Model-driven Development
Industrial-strength Cyber Security

—
Model-driven Development
Example: Rule-based Code Generation

—
Piping & Instrumentation Diagram
Tank
Heat Exchanger
Heat Exchanger
Sensors

—
Hundreds of P&I diagrams Today: manual programming
Future: semi-automated programming
September 1, 2022 Slide 7
Idea: Rule-based Code Generation
T102
T101
V-1
V-2
V-3
V-4
NC
101.8
P-1 P-2
P-3
P-4
P-5
P-6
UC
101.7
LI
102.1
P-7
P-9
P-8
P-10
M
P-11
P-12
YS
103.1
YS
101.5
YS
103.2
LAS+
101.4
LS+
101.1
TI
101.2
LS-
101.3
LS-
102.2
YS
101.9
E104
FI
101.6
Object-oriented
Topology Model
(DEXPI standard)
Rule Engine
PROGRAM ValveControl
VAR_INPUT
TankLevel : REAL ;
END_VAR
VAR_OUTPUT
ValveOpen : BOOL ;
END_VAR
IF ( TankLevel > 50.0) THEN
ValveOpen := FALSE ;
ELSE
ValveOpen := TRUE ;
END_IF
END_PROGRAM
IEC
61131-3
PDF File
or Print-out
PROGRAM ValveControl
VAR_INPUT
TankLevel : REAL ;
END_VAR
VAR_OUTPUT
ValveOpen : BOOL ;
END_VAR
IF ( TankLevel > 50.0) THEN
ValveOpen := FALSE ;
ELSE
ValveOpen := TRUE ;
END_IF
END_PROGRAM
IEC
61131-3
Control Logic
Implementation
Koziolek, H., Burger, A., Platenius-Mohr, M., Rückert, J., Abukwaik, H., & Jetley, R.
Rule-based code generationin industrial automation: four large-scale case studies applying the CAYENNE method.
Proceedings ICSE SEIP 2020 (pp. 152-161).

—
Approach Venue Inputs / Sources Intermediate
translation
Intermediate
Input
Generation Method Output Tooling
Vogel-Heuser et
al. 2005
IEEE Int. Conf. on Control
and Automation
n/a n/a UML 1.4, UML-PA,
Artisan Realtime Studio
Mapping UML to IEC
61131-3
61131-SFC / ST Unnamed tool prototype
using Artisan Realtime Studio
Drath / Fay 2006 IEEE Conf. on Computer
Aided Control Systems
Design
P&ID in CAEX (IEC
62424)
Transformation from
CAEX to LogiX
LogiX extension for
CAEX
Matching rules from a
knowledge base
C&E Matrix, 61131-3
ST / FBD for ABB
Controller
Unnamed tool prototype
Thramboulidis /
Frey 2011
SciRes Journal on Software
Engineering and
Applications
P&ID in CAEX (IEC
62424)
Proposed
CAEX2SysML
Transformator
SysML block definition
diagrams, internal block
diagram
Translation of SysML block
diagrams to 61131-3 via
SysML Profile
61131-3 (PLCopen) SysML4IEC61131 Profile,
SysML2IEC61131 Translator,
MARTE Profile (unfinished)
Steinegger / Zoitl
2012, 2016, 2017
IEEE Int. Conf. On
Emerging Technologies
and Factory Automation
P&ID in CAEX (IEC
62424)
Automated mapping
by parsing XML
inputs
Reference Ontology
(self-defined)
Translation of ISA-88
recipes, generation based
on safety rules
61131-3 SFC
(PLCopen)
Unnamed tool prototype
Lukman et al.
2013
Elsevier Journal of Control
Engineering Practice
P&ID (any format) Manually
interpreted
ProcGraph DSML Translation of an
extended finite state
machine
61131-3 FBD + ST for
Mitsubishi PLC
ProcGraph Eclipse tooling
(EMF / GMF / oAW /
Mitsubishi GX IEC Developer)
Schumacher / Fay
2014
Elsevier Journal of Control
Engineering Practice
GRAFCET (IEC
60848) from Visio,
CIPN
Mapping between
GRAFCET & PNML
PNML (ISO/IEC 15909-2) 28 transformation rules
from GRACET to 61131-3
61131-3 SFC in
PLCopenXML
GRAFCET Editor & Translator
Grüner / Weber /
Epple 2014
IEEE International
Conference on Industrial
Informatics
P&ID in PandIX
(RWTH Aachen),
CAEX
Import into Graph
Database
Neo4J Graph Database Matching rules (defined as
graph database queries)
ACPLT 61131-3 FBD Unnamed tool prototype
Vogel-Heuser et
al. 2014
Elsevier Journal on
Mechatronics
n/a n/a SysML-AT parametric
diagram
Model-to-text
transformation using
MOFM2T
61131-3 FBD / ST for
CODESYS
Unnamed tool prototype for
SysML-AT
Alvarez et al. 2018 IEEE Transactions on
Automation Science and
Engineering
MeiA_M Model
(self-defined meta
model)
DOU Generator
(M2M
transformation)
GRAFCET (IEC 60848) PLCopen converter
framework (M2T
transformation)
61131-3 SFC
(PLCopen)
Eclipse-based MeiA tooling
Control Logic Generation Approaches in Literature
September 1, 2022
Koziolek, H., Burger, A., Platenius-Mohr, M., & Jetley, R. (2020).
A classification framework for automated control code generation in industrial automation.
Elsevier Journal of Systems and Software, 166, 110575.
Slide 8

—
Rule-based Code Generation
Running Example
Rule (Verbose notation):
IF a vessel has a level sensor attached
AND there is a level sensor
„high alarm“ signal
THEN
close all valves
on pipes
feeding the vessel
B101
P106
P1
P3
P2
LS+
B102
TIC
B103
V102
V104
V105
Vessel

—
Running Example
Rule (Verbose notation):
IF a vessel has a level sensor attached
AND there is a level sensor
„high alarm“ signal
THEN
close all valves
on pipes
feeding the vessel
B101
P106
P1
P3
P2
LS+
B102
TIC
B103
V102
V104
V105
Vessel
Generated IEC 61131-3 Structured Text:
IF B102_HHLimit = TRUE
THEN V102_Open := FALSE;

—
Running Example
B101
P106
P1
P3
P2
LS+
B102
TIC
B103
V102
V104
V105
Vessel
Generated IEC 61131-3 Structured Text:
Rule (short hand notation):
Vessel.AlarmLevelHigh
& VesselPipeValve
=> Valve.Close

—
CAYENNE Topology Model for P&ID Import (simplified) CAYENNE Rule Specification Grammar (excerpt)
Our CAYENNE Approach

—
4 post-mortem, real-world case studies to analyze code generation feasibility
Oil Platform
Chemical Plant
Chemical Plant
Crude Oil Separator

—
Case Study
September 1, 2022
Slide 18
Results

—
What is the most appropriate abstraction level
for a topology model to support code generation in
this context?
How to specify rules for other kinds of control
logic?
How to utilize topology models further
(e.g., generate process graphics, simulations, etc.)?
Open Research Questions

—
Continuous Deployment
Example: Plug & Produce Field Device Commissioning

—
Process Automation
September 1, 2022 https://library.e.abb.com/public/262ee24c3ad6de1bc125768f00411eba/ABB_SuccesStory_BASF_Oppanol_final.pdf
Slide 21
Many sensors and actuator to be installed and configured

—
Commissioning
1) Place, connect sensor („plug“)
2) Set fieldbus address
3) Retrieve sensor type
4) Select device package, download
5) Enter configuration parameters
6) Get addresses to logic engineering
7) Map program variables
8) Compile and download control logic
Repeat for all devices (go to 1)
…
Production start („produce“)
60 – 90 minutes per device!

—
Commissioning
Target: <10 sec per device!

—
Industrial Boiler
Laser Level
Transmitter
Pneumatic Valve
Automation Controller
Typical Control Loop Example

—
Industrial Boiler
Laser Level
Transmitter
Pneumatic Valve
Requirement 4:
Real-time
Communication
Requirement 3:
Automated Signal
Matching
Requirement 2:
Standardized Device
Descriptions
Requirement 1:
Automated Network
Discovery
Requirement 5:
Device Replacement
Plug & Produce

—
Plug & Produce
Microsoft “Plug & Play”/Windows95, 1995
ISO/IEC 29341-1-1: Universal Plug&Play (PnP) Device Architecture version 1.1, 2011
➔ Not suited for industrial devices with special communication protocols
[Krüning2013]: Plug-and-produce for field bus components
[Dürkop2013]: Using OPC UA for Auto Configuration of Real-time Ethernet Systems
[Hammerstingl2015]: Unified Plug&Produce architecture for automatic integration of field devices
➔ Still tied to proprietary protocols, no device replacement supported
[Garlan2014]: Motivating the need for more dynamic architecture due to rising number of IoT devices
[Muccini2016]: Self-adaptation for cyber-physical systems
[Alkhabbas2017]: Architecting Emergent Configuration in the Internet-of-Things
➔ Simple information models, not suited for resource-constrained devices
Generic
„Plug & Play”
Technologies
Industrial
„Plug & Produce“
Approaches
IoT Reference
Architectures
Related Work
Koziolek, H., Burger, A., Platenius-Mohr, M., Rückert, J., & Stomberg, G.
OpenPnP: a plug-and-produce architecture for the industrial internet of things.
In IEEE/ACM 41st International Conferenceon Software Engineering: Software Engineering in Practice (ICSE-SEIP 2019) (pp. 131-140).

—
September 1, 2022
Slide 28
Industrial Boiler
Laser Level
Transmitter
Pneumatic Valve
Open PnP Architecture

—
September 1, 2022
Slide 29
Industrial Boiler
Laser Level
Transmitter
Pneumatic Valve
SERVER
CLIENT & SERVER
SERVER

—
September 1, 2022
Slide 30
Industrial Boiler
Laser Level
Transmitter
Pneumatic Valve
Plug & Produce
Software Service
SERVER
CLIENT & SERVER
SERVER
CLIENT

—
September 1, 2022
Slide 31
Industrial Boiler
Laser Level
Transmitter
Pneumatic Valve
Plug & Produce
Software Service
SERVER
CLIENT & SERVER
SERVER
CLIENT
Our Main Contribution

—
Open Platform Communications Unified Architecture (OPC UA), IEC 62541
http://industrial.embedded-computing.com/articles/iic-connectivity-framework-defines-iiot-network-architecture-for-scalable-interoperability/
Slide 32
September 1, 2022

—
OPC UA
September 1, 2022 https://reference.opcfoundation.org/v104/Core/docs/Part1/6.3.1/
Slide 33
Client/Server

—
Controller
IEC 61131
Runtime Controller
OPC UA
Server
OPC UA
LDS
Field Device (Sensor / Actuator)
Device
OPC UA
Server
<<information model>>
PLCOpen
OPC UA
LDS
OPC UA for Devices,
NAMUR NE131,
IEC 61987
PLCOpen
Comm.
Channel
Operations Server
Ethernet
Supervision
Plug-and-
Produce Service
Engineering Server
Engineering
Repository
Device
Management
Internet
Public Driver Repository
retrieve signal config,
arbitrate 61131 Runtime
transfer configs,
browse signals,
enable subscr.
upload
control logic
monitor
process
OPC UA LDS
UDP
Sub.
UDP
Pub.
UDP
Sub.
UDP
Pub.
multicast
probe
& announce
exchange
signal
values
OPC UA OPC UA OPC UA
download
device driver,
device
parameters
retrieve
device
driver
HTTP
HTTP
OPC UA LDS
cyclic
signal
exchange
retrieve
engineering
data
exchange
signal
values
cyclic
signal
exchange
Reference
Architecture
Plug & Produce

—
Controller
IEC 61131
Runtime Controller
OPC UA
Server
OPC UA
LDS
Device
OPC UA
Server
PLCOpen
OPC UA
LDS
OPC UA for Devices,
NAMUR NE131,
IEC 61987
PLCOpen
Comm.
Channel
Operations Server
Ethernet
Supervision
Plug-and-
Produce Service
Engineering Server
Engineering
Repository
Device
Management
Internet
transfer configs,
browse signals,
enable subscr.
upload
control logic
monitor
process
OPC UA LDS
UDP
Sub.
UDP
Pub.
UDP
Sub.
UDP
Pub.
multicast
probe
& announce
exchange
signal
values
download
device driver,
device
parameters
retrieve
device
driver
HTTP
HTTP
OPC UA LDS
cyclic
signal
exchange
retrieve
engineering
data
exchange
signal
values
cyclic
signal
exchange
Reference
Architecture
Plug & Produce

—
Controller
IEC 61131
Runtime Controller
OPC UA
Server
OPC UA
LDS
Device
OPC UA
Server
PLCOpen
OPC UA
LDS
OPC UA for Devices,
NAMUR NE131,
IEC 61987
PLCOpen
Comm.
Channel
Operations Server
Ethernet
Supervision
Plug-and-
Produce Service
Engineering Server
Engineering
Repository
Device
Management
Internet
transfer configs,
browse signals,
enable subscr.
upload
control logic
monitor
process
OPC UA LDS
UDP
Sub.
UDP
Pub.
UDP
Sub.
UDP
Pub.
multicast
probe
& announce
exchange
signal
values
download
device driver,
device
parameters
retrieve
device
driver
HTTP
HTTP
OPC UA LDS
cyclic
signal
exchange
retrieve
engineering
data
exchange
signal
values
cyclic
signal
exchange
Reference
Architecture
Plug & Produce
Requirement 1:
Automated
Network Discovery
Requirement 2:
Standardized Device
Descriptions
Requirement 3:
Automated
Signal Matching
Requirement 4:
Real-time
Communication
Requirement 5:
Device Replacement

—
Reference
Architecture
Plug & Produce
newState = suspended
Plug-and-
Produce Service
Controller
OPC UA Server
Device
OPC UA Server
Device
UA Server X
get subscribed devices
from pub/sub config in router
approve replacement get device configuration
device configuration
store device
configuration
stop device
change to simulation mode
loop
newState = simulated
get signal configuration
matched Signals
for all subscribing devices
announce new device via mDNS
upload stored configuration
change to running mode
loop
newState = running
rematch signals
acknowledge
resume controller
change to suspend mode
1
2
3
4

—
Implementation
Plug & Produce
Level
Sensor
Temperature
Sensor
Commu-
nication
Boards
Power
Supply
Ethernet
Connection

—
Commissioning
Target: <10 sec per device!

—
Time for Typical Commissioning
Effort Comparison
September 1, 2022
Slide 42
# Phases
Classic Approach
HART comm.
+ PC Tool Steps L M H
OpenPnP Approach
OPC UA comm. +
PnP Service Steps L M H
1 Prepare
replacing
Store config via HART,
unmount device
05:30 13:00 22:00 Store config via OPC
UA, unmount device
03:11 07:32 14:05
2 Mount the
device
physically
Prepare, use
accessories, fix the
device
05:00 20:00 40:00 Prepare, use
device
05:00 20:00 40:00
3 Connect
the cabling
Run cabling to device,
attach to device
05:30 09:00 21:00 Run cabling to device,
attach to device
05:30 09:00 21:00
4 Establish
basic
comm.
Power on, connect,
download device
package
00:43 01:18 03:38 Power on, network
discovery, connect via
OPC UA
00:11 00:21 00:46
5 Calibrate
the device
Manually use
calibration tool
00:00 03:00 04:30 Manually use
calibration tool
00:00 03:00 04:30
6 Set basic
parameters
Manually set basic
parameters via laptop
01:00 01:20 02:50 Automatically transfer
parameters
00:02 00:02 00:02
7 Set adv.
parameters
Manually set advanced
parameter via laptop
00:00 00:55 02:10 Manual set + automatic
transfer of parameters
00:00 00:12 00:42
8 Conduct
loop check
Set simulation value,
check loop back
00:20 00:40 01:10 Perform automatic
connection check
00:01 00:01 00:01
9 Integrate
device into
DCS
Map logic variables to
IO channels, download
logic
02:00 04:30 12:00 Discover controller, set
up, match signals, set
up communication
00:03 00:08 00:11
(Phase 1-9) 20:03 53:43 01:49:18 13:58 40:16 01:21:17
(Phase 1-3) 15:30 41:00 01:21:00 13:40 36:30 01:15:00
(Phase 4, 6-9) 04:33 09:43 00:23:48 00:18 00:46 00:01:47
Total sum
Installation time
Config time

—
Effort Comparison
September 1, 2022
Slide 43
# Phases
Classic Approach
HART comm.
OpenPnP Approach
OPC UA comm. +
1 Prepare
replacing
unmount device
UA, unmount device
03:11 07:32 14:05
2 Mount the
device
physically
Prepare, use
device
05:00 20:00 40:00 Prepare, use
device
05:00 20:00 40:00
3 Connect
the cabling
attach to device
attach to device
05:30 09:00 21:00
4 Establish
basic
comm.
Power on, connect,
download device
package
OPC UA
00:11 00:21 00:46
5 Calibrate
the device
Manually use
calibration tool
00:00 03:00 04:30 Manually use
calibration tool
00:00 03:00 04:30
6 Set basic
parameters
Manually set basic
parameters
00:02 00:02 00:02
7 Set adv.
parameters
00:00 00:12 00:42
8 Conduct
loop check
check loop back
connection check
00:01 00:01 00:01
9 Integrate
device into
DCS
logic
up communication
00:03 00:08 00:11
(Phase 1-9) 20:03 53:43 01:49:18 13:58 40:16 01:21:17
(Phase 1-3) 15:30 41:00 01:21:00 13:40 36:30 01:15:00
(Phase 4, 6-9) 04:33 09:43 00:23:48 00:18 00:46 00:01:47
Total sum
Installation time
Config time

—
Effort Comparison
September 1, 2022
Slide 44
# Phases
Classic Approach
HART comm.
OpenPnP Approach
OPC UA comm. +
1 Prepare
replacing
unmount device
UA, unmount device
03:11 07:32 14:05
2 Mount the
device
physically
Prepare, use
device
05:00 20:00 40:00 Prepare, use
device
05:00 20:00 40:00
3 Connect
the cabling
attach to device
attach to device
05:30 09:00 21:00
4 Establish
basic
comm.
Power on, connect,
download device
package
OPC UA
00:11 00:21 00:46
5 Calibrate
the device
Manually use
calibration tool
00:00 03:00 04:30 Manually use
calibration tool
00:00 03:00 04:30
6 Set basic
parameters
Manually set basic
parameters
00:02 00:02 00:02
7 Set adv.
parameters
00:00 00:12 00:42
8 Conduct
loop check
check loop back
connection check
00:01 00:01 00:01
9 Integrate
device into
DCS
logic
up communication
00:03 00:08 00:11
(Phase 1-9) 20:03 53:43 01:49:18 13:58 40:16 01:21:17
(Phase 1-3) 15:30 41:00 01:21:00 13:40 36:30 01:15:00
(Phase 4, 6-9) 04:33 09:43 00:23:48 00:18 00:46 00:01:47
Total sum
Installation time
Config time

—
Up to 90% reduced efforts for config
• Automated transfer of parameters
• Automated identification of devices
• Automated signal matching of devices
• Faster Ethernet communication
For a plant with 10,000 devices,
this can accumulate to 1500h time saving
(≈ 1 person year).
Effort Comparison
September 1, 2022
Slide 45
# Phases
Classic Approach
HART comm.
OpenPnP Approach
OPC UA comm. +
1 Prepare
replacing
unmount device
UA, unmount device
03:11 07:32 14:05
2 Mount the
device
physically
Prepare, use
device
05:00 20:00 40:00 Prepare, use
device
05:00 20:00 40:00
3 Connect
the cabling
attach to device
attach to device
05:30 09:00 21:00
4 Establish
basic
comm.
Power on, connect,
download device
package
OPC UA
00:11 00:21 00:46
5 Calibrate
the device
Manually use
calibration tool
00:00 03:00 04:30 Manually use
calibration tool
00:00 03:00 04:30
6 Set basic
parameters
Manually set basic
parameters
00:02 00:02 00:02
7 Set adv.
parameters
00:00 00:12 00:42
8 Conduct
loop check
check loop back
connection check
00:01 00:01 00:01
9 Integrate
device into
DCS
logic
up communication
00:03 00:08 00:11
(Phase 1-9) 20:03 53:43 01:49:18 13:58 40:16 01:21:17
(Phase 1-3) 15:30 41:00 01:21:00 13:40 36:30 01:15:00
(Phase 4, 6-9) 04:33 09:43 00:23:48 00:18 00:46 00:01:47
Total sum
Installation time
Config time

—
Performance Measurements
Slide 46
CPU Utilization
Pub/sub:
40,000 signals/s
Client/server (1 client):
25,000 signals/s
Client/server (30 clients):
10,000 signals/s
Exemplary control use case
– 6,000 I/O points with 100ms updates (= 60,000 signals/s)
– 2 controllers share 8 field communication interfaces (FCIs)
Industrial
controllers
Sensors &
actuators
Field comm.
interfaces
… …
…
…
…
… …
September 1, 2022
CPU is bottleneck.
But good scalability even on small devices.
Clients/Subscribers:
Raspberry Pi 3, Model B,
Quad Core 1.2GHz 64bit CPU,
1GB RAM, RTLinux
Server/Publisher:
Raspberry Pi Zero,
1GHz single-core CPU,
512MB RAM, RTLinux

—
Plug & Produce Field Device Commissioning
How to synthesize device configurations
by exploring “digital twin” models or surrounding
devices?
How to lift the Plug&Produce approach
from individual devices to entire plant segments?
How to simulate device behavior
before commissioning a device to aid control logic
testing?

—
Example: Bump-less updates & live migrations using container orchestration

—
Operations
How can a plant operator
update the control logic
without interrupting the production process?

—
Real-time Controller
Control Application for Industrial Boiler
Filling
Level
Valve Opening Signal Valve Opening Signal
Sensor
Boiler
How to update
the control logic
without interrupting
the production?

—
Internal State in Control Logic Applications
Koziolek, H., Burger, A., Abdulla, P. P., Rückert, J., Sonar, S., & Rodriguez, P. (2021, September). Dynamic Updates of Virtual PLCs Deployed as
KubernetesMicroservices. In European Conference on Software Architecture (pp. 3-19). Springer, Cham.
P&I diagram

—
Related Work
[Wahler2009]: Dynamic software updates for real-time systems
[Wahler2014]: Disruption-free software updates in automation systems
[Prenzel2017]: Dynamic software updating of iec 61499 implementation using erlang runtime system
➔ No container deployment, no update of runtimes / operating system
[Moga2016]: OS-level virtualization for industrial automation systems: Are we there yet?
[Goldschmidt2018]: Container-based architecture for flexible control applications
[Sollfrank2020]: Evaluating docker for virtualization in industrial automation
➔ Demonstrated PLC logic in containers with acceptable jitter
[Netto2017]: State machine replication in containers managed by kubernetes
[Vayghan2019]: Towards high-availability for stateful applications with kubernetes
[Oh2018]: Stateful container migration employing checkpoint-based restoration
➔ No cyclic control application, simple internal states
Dynamic
Software
Updates
Virtual PLCs
in Container
Environments
State Replication
in Container
Orchestration
Engines

—
Control Application for Industrial Boiler
Sensor
Valve Opening Signal
Filling
Level
Boiler
How to update
the control logic
the production?

—
Contribution
Sensor
Filling
Level
Boiler
How to update
the control logic
the production?

—
Contribution
Sensor
Filling
Level
Boiler
How to update
the control logic
the production?
Kubernetes Cluster
<<docker>>
Updated
Virtual
PLC
<<docker>>
Original
Virtual
PLC
State Transfer (OPC UA)
Valve Opening Signal Valve Opening Signal
Koziolek, H., Burger, A., PP, A.
Fast State Transfer for Updates of Containerized Industrial Control Applications
Submitted to Elsevier Journal of Systems and Software 2022 (Special Issue on ECSA 2021)

—
Kubernetes
Architecture
Control Plane
Node
kube-ctrl-manager
kube-apiserver
kube-scheduler
etcd
Kubernetes
Operator
Custom
Resource
User
$ kubectl apply –f myCluster.yaml
Application Plane
Node
Pod
Container
Container
Node
Pod
Container
Node
Pod
Container

—
Static Architecture
cmp LEG Component Diagram
Master
Worker 1
«k8s custom operator / pod /container»
Virtual PLC Operator
OPC UA
Signal Inputs
«virtual-plc-pod / container»
PLC Runtime System
OPC UA
Configuration
OPC UA
Signal Inputs
OPC UA Signal
Outputs
«iec 61131-3»
PLC Program
Internal
State
«K8s custom controller»
Virtual PLC Controller
Kube API
Server
etcd
Scheduler
kubelet kube-proxy
Kubectl / APIs /
Dashboard
Operator
Worker 2
OPC UA
Signal Inputs
«virtual-plc-pod / container»
PLC Runtime System
OPC UA
Configuration
OPC UA
Signal Inputs
OPC UA Signal
Outputs
«iec 61131-3»
PLC Program
Internal
State
kubelet kube-proxy
Engineering Tool
Operator /
Automation Engineer
get/set state
get/set state
upload new
PLC program
monitors monitors
upload new
PLC program
Koziolek, Heiko, Andreas Burger, P. P.
Abdulla, Julius Rückert, Shardul Sonar, and
Pablo Rodriguez. "Dynamic Updates of
Virtual PLCs Deployed as Kubernetes
Microservices." In European Conference on
Software Architecture, pp. 3-19. Springer,
Cham, 2021.

—
Dynamic
Flow
act Dynamic View
PLC Runtime System 2
PLC Runtime System 1
Virtual PLC Kubernetes Controller
3. Connect to both
PLC Runtime Systems
via OPC UA
4. Pause both PLC
Runtime Systems
5. Extract Internal State &
Serialize it
6. Retrieve Serialized
State
7. Retrieve Serialized
State
8. Deserialize & Extract
Internal State
13. Disable outputs
on PLC Runtime
Service 1
14. Enable outputs
on PLC Runtime 2
Success
9. Unpause both PLC
Runtime Systems
Not time-critical
Time-critical
Legend
1. Detect update request
2. Start up PLC Runtime
System 2
11. Verify correct
behavior
12. Roll back
update:
stop PLC Runtime 2,
inform user
Failure
Correct
Incorrect
Needs to
complete in less
than cycle slack
time (e.g., 90 ms)
Koziolek, Heiko, Andreas Burger, P. P.
Abdulla, Julius Rückert, Shardul Sonar, and
Pablo Rodriguez. "Dynamic Updates of
Virtual PLCs Deployed as Kubernetes
Microservices." In European Conference on
Software Architecture, pp. 3-19. Springer,
Cham, 2021.

—
Case Study
September 1, 2022
https://secolon.de/P172.pdf
https://en.wikipedia.org/wiki/Melk%C3%B8ya#/media/File:Melk%C3%B8ya-2006.JPG
Slide 60
Liquid Natural Gas Plant with 18 controllers, up to 100K internal state variables per controller

—
State Transfer Execution Time

—
Cloud-native Process Control Systems
What are the practical limits of transferring internal
state in multiple chunks to make updates even
more flexible?
How to transfer cloud-native technologies to the
industrial domain, given challenging performance,
reliability and security requirements?
How far can cloud-native technologies extend to
resource-constrained computing devices with
limited CPU and memory?

—
Software Architecture Research at ABB

—
Summary (1/3)
Rule-based code generationin industrial automation: four large-scale case studiesapplying the CAYENNE method.
In IEEE/ACM 42nd International Conference on Software Engineering: Software Engineering in Practice (ICSE-SEIP 2020)
Rule-based Code Generation Open Questions
What is the most appropriate abstraction level
for a topology model to support code generation in
this context?
How to specify rules for other kinds of control
logic?
How to utilize topology models further (generate
process graphics, simulations, etc.)?
Model Driven Development

—
Summary (2/3)
Plug & Produce Field Device Commissioning Open Questions
How to synthesize device configurations
by exploring “digital twin” models or surrounding
devices?
How to lift the Plug&Produce approach
from individual devices to entire plant segments?
How to simulate device behavior
before commissioning a device to aid control logic
testing?
Continuous Deployment

—
Summary (3/3)
Bump-less updates using container orchestration Open Questions
What are the practical limits of transferring internal
state in multiple chunks to make updates even
more flexible?
How to transfer cloud-native technologies to the
industrial domain, given challenging performance,
reliability and security requirements?
How far can cloud-native technologies extend to
resource-constrained computing devices with
limited CPU and memory?

Digital Industry
Key technologies for
autonomous industrial
systems
Smart & Sustainable Electrification
Smarter and more flexible energy
distribution and energy
management
—
ABB Research
Open Positions
(Senior) Research Scientist
(m/f/d) for Software
Engineering
(Senior) Research Scientist
(m/f/d) for System and
Software Architecture
Internship (m/f/d)
Software Engineer
Internship (m/f/d)
Future Industrial Connectivity
abb.com/jobs

Software Architecture Challenges in Process Automation - From Code Generation to Cloud-native Service Orchestration

Software Architecture Challenges in Process Automation - From Code Generation to Cloud-native Service Orchestration

Recommended

Recommended

More Related Content

Similar to Software Architecture Challenges in Process Automation - From Code Generation to Cloud-native Service Orchestration

Similar to Software Architecture Challenges in Process Automation - From Code Generation to Cloud-native Service Orchestration (20)

More from SEAA 2022

More from SEAA 2022 (18)

Recently uploaded

Recently uploaded (20)

Software Architecture Challenges in Process Automation - From Code Generation to Cloud-native Service Orchestration