Network Architecture
Introduction
SICON.OS Edge Software is the connection between the Shopfloor [OT] and the Office [IT] Network.
If necessary, the SICON.OS concept facilitates the transfer of data to Industrial Information Technology (IIT), supporting acyclic data exchange with applications such as printers, monitoring cameras, energy management systems, ERP programs, and quality assurance systems. Only the cyclical data for the automation processes takes place in the OT network.
Network configuration in SICON.OS
The IT network is set as a DHCP client by default, acquiring network configuration details automatically from a DHCP server. This includes obtaining an IP address, subnet mask, default gateway, and DNS server addresses without manual intervention, facilitating network connectivity.
Meanwhile, the OT network is preconfigured with a fixed address, with the default IP address of 192.168.77.220.
Similarly, the IIT network is also preconfigured with a fixed address, having a default IP address of 192.168.75.220.
Additional WLAN in SICON.OS:
If there's an additional WLAN in SICON.OS, following are settings:
It is named "siconos-[last four digits of the UID]"
By default, its password is "SICON_ECO".
The IP address range for this network is from 192.168.74.1, with clients assigned addresses starting from 192.168.74.100 to 192.168.74.200.
Important:
Please change all the IP-Addresses to fit your needs.
Please change the passwords after Setup.
All networks must be in a separate IP address range and must not overlap.
The OT network may address a maximum of 254 clients. For this reason, the network mask 255.255.255.0 must be set. !!
Configurations of SICON.OS in Different Network Environments
Understand how to deploy SICON.OS in different network setups: in standard IT/OT environments where both machine and information networks are integrated, and in OT-only networks where information technology isn't utilized. Follow the specific configurations outlined for each scenario to ensure successful integration and functionality of SICON.OS within your network setup.
1. SICON.OS used in a normal IT/OT infrastructure.
OT is the machine network, IT is the information network. IIT can be configured as a option for additional access. The service network has to be configured to connection via LAN IT.
2. SICON.OS used in a OT-Only Network
OT is the machine network, IT is not used in this setting. The frontend can be reached via OT or IIT. IIT can be configured as a option for additional access.
Therefore you have to make changes in the system settings. See Network configuration in system management.
Explanation of some terms:
Information Technology (IT): IT encompasses the control, processing, saving, and backup of data, including the hardware and software used for this purpose.
Inside SICON.OS the network has a base configuration as DHCP Client. It can connect directly to a network with DHCP Server and receives an IP-address
Operational Technology (OT): Operational Technology (OT) refers to hardware and software required for the control, regulation, monitoring and control of machines, systems and processes.
Inside SICON.OS it is in the base configuration on 192.168.77.x. The SICON.OS Dashboard can be accessed via 192.168.77.220 or via DNS-name. This network must be adapted to the machine network.
Industrial Information Technology (IIT): This functions as a link between the IT and OT areas. It helps with the acquisition of data from the OT area, and its transport to IT. This data is not directly related to machine and system control, but is vital for process control and optimization, e.g., Quality monitoring/Evaluation, logistics, and material flow.
This network is an option based on the hardware.
With the SICON.OS P10 Hardware it can be also held a WLAN Access point. This WLAN Access point has a DHCP-Server and distribute IP-Address to the connected devices on 192.168.74.x. The SICON.OS Dashboard can be accessed via 192.168.74.10 or via DNS-name.
If the cabled network is used, there is no DHCP Server. The SICON.OS Dashboard can be accessed via 192.168.75.220 or via DNS-name.
What is SICON.HUB?
It is the central instance for SICON.SERVICE, SICON.REMOTE, SICON.CONNECT
SICON.SERVICE | SICON.REMOTE | SICON.CONNECT |
---|---|---|
Here you will get software updates, provision of device description files, connections to PIM systems and to additional Adapters, Connectors and Apps via SICON.Appstore | Here you will get support of an expert from us. | This stands for connection to IOT clouds. Therefore, you need to load a Connector from the SICON.Appstore |
Each of these Services can be configured in the System management under ADMIN CONTROLS.
These services are only accessible with an SICON.HUB contract, which will be charged on a monthly fee.
For SICON.HUB you need to adapt the firewall settings on your IT-network. SICON.OS needs to get an outgoing connection to destination *.service.sicon.eco on TCP Port 443.
For Remote Access we need additional port 1194 UDP to destination *.service.sicon.eco
Firewall Settings: *.service.sicon.eco on TCP Port 443 and port 1194 UDP.
See also the Firewall settings in Requirements.