Automation, consulting, servicing and retrofit services for machinery and equipment – primarily in the pharmaceutical production – are the domain of the ACSR-Solutions GmbH in Düren (North Rhine-Westphalia, Germany). Some of its employees have decades of experience in the development as well as construction and support of the systems employed.
For that, the company has created a tailor-made product range. It includes standardized hardware and software solutions for the efficient operation of tablet presses (TabControl), fluid bed dryers (FluidBedControl), blister packaging lines and cartoner machines (PacControl), as well as granulators (MixControl) from practically any manufacturer. These form the electronic core for retrofit projects and can be configured with minimal effort for individual tasks. Various applications in the food and chemical industries have also already been implemented.
The standards are regularly reviewed and updated when new functionalities provide added value. Like last year, when Siemens introduced its new Network Management Platform for remote maintenance – Sinema Remote Connect.
Used in the Pharmaceutical Production
One of the first users to benefit from that is the Aesica Pharmaceuticals from Zwickau, Germany. The organization belongs to the British Consort Medical Group and produces various active pharmaceutical ingredients and bulk preparations such as capsules, pills and tablets for various pharmaceutical companies. The production capacity at the Zwickau site is over three billion “units”. The production processes are regularly audited by health authorities from different countries as well as by the customers. The quality management meets the German and European Good Manufacturing Practice (GMP) standards, as well as the guidelines of numerous health authorities around the world – such as the FDA.
Correspondingly high are the demands on the production equipment used and the effort to keep it at a high technical level. Due to its experience and know-how, ACSR was commissioned by Aesica to retrofit two tablet presses (Fig. 1). A single and a double rotary press were to be thoroughly overhauled mechanically, and the electrical and automation technology be brought up to date. To once more ensure the long-term availability of spare parts, ACSR replaced the original control of both presses with its PC-based TabControl system. The control cabinets (Fig. 2) were completely rebuilt, and the main and feeder drives equipped with compact Siemens Sinamics G120C inverters. As the centerpiece for secured remote maintenance, a Siemens Scalance S615 Security Module each (Fig. 3) was installed in both cabinets. The devices are the link to the new Sinema Remote Connect network management platform set up at ACSR.
Conveniently establishing a secured Connection
With Sinema Remote Connect, secured remote access connections can be very easily and conveniently configured, managed and established using virtual private network (VPN) tunnels.
The communication between the network participants is IP-based and protocol-independent – and therefore universally usable. Via Sinema Remote Connect, the remote access to all communication-capable participants in the local network is possible. Direct access to the company network into which machinery or equipment is integrated is prevented through the firewall settings of the Scalance S615 – the network settings of existing participants do not have to be adapted. “This was also the prerequisite for our IT specialists to, in principle, permit such a remote maintenance system,” says Andreas Ritter, technical director at Aesica. “This gives us the ability to set up remote maintenance for existing plants as well, without having to interrupt the production,” says Klaus Rosenbach, managing director of ACSR responsible for automation.
The service technician and the machine to be serviced separately establish a connection to Sinema Remote Connect using OpenVPN. Sinema Remote Connect determines the identity of the participants via the exchange of certificates and enables remote access after successful comparison. The pharmaceutical company then goes two steps further. It sets up its own VLANs for remote maintenance tasks and only establishes the physical network connection on the Scalance Security Module when necessary and after talking to the service provider.
With the installation of the Sinema RC Client, an address book function is available to the user. With it, a service technician on the road can clearly identify, select and then remotely service machinery and equipment of relevance. This is a decisive advantage in the construction of identical series machines that have the same IP address in the field.
Multiple secured VPN Connections possible
The connection to the Sinema Remote Connect management platform for remote networks can be established using various means such as mobile communications, DSL or existing network infrastructures. For all variants, Siemens offers Scalance routers, which can be easily parameterized by auto-configuration and integrated into existing structures.
Just like the Scalance S615 Security Modules utilized here. The devices are DHCP-enabled and can automatically obtain their IP address from the higher-level company network, which is connected to the Internet. On the automation side of the Scalance S615, each device can have identical IP subnets, which are then clearly assigned through address translation (1:1 NAT – network address translation) by Sinema Remote Connect. The Sinema Remote Connect server application can receive and manage a large number of VPN tunnels via OpenVPN and IPsec.
Secured Remote Access –
with greater Ease, Convenience and Flexibility than ever before
Conclusion of Klaus Rosenbach: “The new Network Management Platform from Siemens makes our work as service provider in the field of servicing easier and more convenient. With this central server application and, theoretically, any number of Sinema RC Clients and Scalance S Security Modules, we are able to even better and more flexibly support our system users located anywhere from anywhere. We can remotely intervene in case of malfunctions and minimize downtimes to keep equipment availability and productivity high.” All this with the IT security necessary in the pharmaceutical industry. The access options are flexible and always secured. They have no impact on the operator network – resulting in a high degree of acceptance in the sensitive environment of the pharmaceutical industry.
Author: Maximilian Korff, Product Sales Development at Siemens AG