Skip to content

Instantly share code, notes, and snippets.

@sheac

sheac/kepware-meeting-answers.md

Created August 29, 2018 22:17
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save sheac/2dd4a3fd5d29b393417d36da694139b5 to your computer and use it in GitHub Desktop.
Save sheac/2dd4a3fd5d29b393417d36da694139b5 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
kepware-meeting-answers.md

Questions for Kepware, and Their Answers

How long is data retained for in kepware?

Data is not "retained" in Kepware in any sense we care about.

Data can be modeled like this:

  • We can think of each device as having a set of "memory registers" for things like, last-max-torque, is-disabled, battery-level, etc
  • Kepware ensures a correspondence between the values in those device registers and "local" values stored on the Kepware server
    • Any time a device value is updated, that update is copied up to Kepware
    • If a (writeable) register is written-to on the Kepware server, Kepware ensures the device register is updated as well

So as long as a value in a register hasn't been over-written, it is "retained" by the Kepware server. As soon as a new value comes in, however, the old value is gone forever.

Note that this answer does not make any durability or availability guarantees. Based on what I gathered from a chat with a Kepware rep, we would have to build whatever guarantees we want on top of less-reliable Kepware components.

What security measures should we put in place

We're already considering the following:

  • HTTP basic auth
  • firewalls that only open certain ports to certain IP addresses

In addition, it might be likely that customers wish to have an "air gap" between the internal control network of their site and the outside world. This could be accomplished by the use of an additional KepServerEx instance serving almost like a bastion host in front of the main KepServerEx instance that's directly connected to factory floor devices. The "outside" host and the "inside" host would talk to one another over OPC. How that changes Parsable's plan isn't yet clear.

Given our multitenant use case, is there a common pattern for mapping devices and sites to customers/tenants?

No, they did not have any tricks to recommend.

Is it possible to create trigger actions based on the value of tags?

It is possible. Brent from Kepware confirmed it. I'll have to follow up with him for more details, but I'm pretty sure it's a capability of the product, IoT Gateway, using the "HTTP Client" component.

How can we get access to stream of data samples on a tag?

Via the IoT Gateway product's HTTP Client component. This component can sit next to a KepServerEx host and forward new tag values to registered servers (e.g. Mothership). Having spoken with Mark Poole, I now agree with him that this might not be an advisable strategy for Parsable, as we are then responsible for yet more customer data.

Is an ODBC connection a possibility?

Yes, but only with a very limited set of drivers, with an even more limited set of driver versions. The only non-Microsoft driver is for MySQL. However, that driver's version is so old, I haven't been able to get it to connect successfully with the earliest MySQL version available in AWS RDS.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment