3 minute read
BATCH OF IDEAS
Bedrock’s Open, Secure Control System Gets an Upgrade
By Stephanie Neil
sneil@automationworld.com sneil@automationworld.com
Senior Editor
Years before groups like the Open Process Automation Forum (OPAF) were attempting to build an open and secure control architecture, Bedrock Automation had already built it.
Albert Rooyakkers—Bedrock Automation’s founder, CEO, and chief technology officer— has decades of experience in process control and has been on a mission to redesign closed industrial control systems since his time at Invensys (now part of Aveva and Schneider Electric), where he led a design team to refresh the company’s distributed control system (DCS). Soon thereafter, he was recruited into the semiconductor industry by Maxim Integrated Products (which merged with Analog Devices in 2021), where he was working with advanced embedded semiconductor technology and on new business development plans.
At Maxim, he saw how semiconductor technology works in the most secure segments, such as the financial and aerospace industries. “That’s when I began to connect the dots,” Rooyakkers said during an interview with Automation World at the Bedrock headquarters in Massachusetts. He realized that the open and intrinsically secure system he’d been wanting to build all along could finally be accomplished. “We literally started with a blank sheet of paper and had the muscle and might of a major semiconductor company to make it real. A very key part of what we do starts with specialized, cyber-hardened digital electronics, and that’s how to do it right. You have to start at the smallest common denominator, which is the transistor, and start building it out.”
That’s when Bedrock Automation’s Open Secure Automation (OSA) platform was born.
According to Rooyakkers, every module and digital transaction in the system operates in the same manner with mutual authentication and encryption, similar to banking on an iPhone or buying something on Amazon.
As part of this rebuild from the ground up with embedded security, Bedrock also developed a pin-less backplane interconnect that provides secure I/O with 20 Mb bandwidth at every I/O slot, and a universal control system that can drive any control mode—be it PLC, DCS, a safety system, etc.—while extending its security to third-party applications.
Now, with more than 120 patents, Bedrock continues to evolve its OSA architecture with customers and at its design center in Massachusetts. This is demonstrated in its latest announcement of a new software release, which adds more process functionality and diagnostics to the system.
According to the company, the software upgrade, released in January 2022, makes it easier for users to configure and run open applications inside the secure OSA controllers. New firmware enhancements simplify and improve SCADA redundancy, enable Transport Layer Security (TLS) support for MQTT (Message Queing Telemetry Transport) Sparkplug, expand universal EtherNet/IP capacity, simplify flow meter proving, and assist in diagnosing large motors.
The new firmware impacts functionality in several of Bedrock’s secure system modules, including: the OSA control system built on the pin-less backplane that is scalable to support thousands of I/O points; the OSA Remote control system, which provides secure, high-performance automation for applications requiring five to 20 I/O points; the Universal Ethernet gateway (UE5), which supports Modbus TCP and EtherNet/IP; and the OSA Remote Flow measurement and control system, which integrates flow computing and process control in a single module.
In addition, the new firmware enhancements contribute to simple, secure SCADA operations by moving redundancy management from the SCADA system client to the Bedrock controller firmware. This enables seamless SCADA client failover while simplifying SCADA configuration. That’s because, according to the company, most SCADA redundancy requires more than one IP address, so if there’s a problem with one, the SCADA software or system engineer can find the active IP and switch to it. Using the Bedrock OPC UA, MQTT, or other Ethernet protocols allows for the use of virtual IP addresses, enabling a single end point for a redundant pair. The SCADA software points to one IP address and the Bedrock controller finds the active path automatically.
