After studying mechanical engineering and mechatronics at the University of Karlsruhe (TH), Dr. Jörg Nagel completed his doctorate at the Institute for Applied Computer Science at the Karlsruhe Institute of Technology (KIT). In 2015, he joined Pepperl+Fuchs as Senior Expert Industry 4.0/Industrial Internet Solutions. Two years later, he founded Neoception, a Pepperl+Fuchs subsidiary, and joined the company's management board in 2019. He has held the VDI Ring of Honour since 2020 and is involved in the development of new, secure offerings for the digitalization of business processes in the manufacturing industry.

The Industrial Internet of Things is generating more and more data that needs to be managed. This data complexity needs to be mastered. What role does edge computing play in this?

Dr.-Ing. Nagel: Edge computing is becoming increasingly relevant. A few years ago, remote maintenance was the primary use case for an edge gateway, but today it is the central component for secure communication in the industrial environment. In addition to aggregating data into a standardized information model for the entire machine, modern edge gateways perform various functions. The most important of these include not only data pre-processing, filtering and data aggregation in order to save bandwidth and make data available as required, but also ensuring the security of communication in terms of reliability, by caching data in the event of a potential network connection failure and in terms of security. After all, the edge gateway is usually the most critical component when it comes to protecting an internal machine network from unauthorized access.

In addition, automatic updates can be carried out via appropriately secure gateways and long-term reliable operation can be ensured through monitoring and logging.

At the edge, sensor data is preselected, software applications are processed or even AI calculations are carried out. What should users bear in mind with regard to the edge software landscape? Which technologies should/must be taken into account?

Dr.-Ing. Nagel: Flexibility and standardization are decisive success factors when selecting software technologies. The number of software technologies in a modern edge gateway is constantly increasing. The basis for the software should be a security-hardened Linux operating system with encrypted flash memory. This is the only way to reliably protect the IP of the edge software developer and prevent manipulation in the best possible way.

For modern software development and the parallel execution of various services on the gateway, appropriate virtualization such as Docker or Kubernetes on Edge is a must. Data is stored in local databases. Reliable communication in a cloud system can be realized via Kafka clients or even 'Kafka on the Edge'.

If the gateway is to be configured manually, applications such as NodeRed can be used to configure the signal flows. However, it should always be borne in mind that low-maintenance operation can only be achieved with fully automated deployment, i.e. when applications and the configuration of the applications can be rolled out centrally using a secure central management service without having to access the gateway directly. This is the only way to achieve an excellent customer experience and manageable complexity in maintenance and support. To ensure security, it must also be possible to roll out security patches quickly and centrally so that potential gaps can be closed quickly once they become known.

The demands on the hardware grow with the tasks. What should users look out for when choosing the right edge computing hardware?

Dr.-Ing. Nagel: The basis for any secure communication lies in the hardware used. The gateway can only be reliably protected against attacks if it is ensured that the first bootloader can be verified by the processor by checking its signature. So-called secure elements ensure that cryptographic keys are stored securely and cannot be read even if an attacker gains physical access to the gateway.

In addition, network interfaces provide universal access to the system as well as to the company network or the Internet. In order to reliably separate the machine network from the IT network and ensure the security of the machine network, the edge gateway should be equipped with two network interfaces. Depending on the application, it is advisable to use universal expansion interfaces such as miniPCIe slots. If required, they can be used to expand the gateway with mobile communication, to integrate special interfaces such as CAN interfaces or to integrate real-time-capable, industrial Ethernet protocols. AI accelerator cards for the calculation of neural networks or even graphics cards for calculation tasks can also be integrated via such expansion slots.