This podcast episode deals with a special use case for the central monitoring and management of combined heat and power plants (CHP plants) based on IoT data using the Microsoft Azure Cloud. Guests Markus Haist, Business Development Manager, from secunet and Joan Steidle, Sales Consultant, from doubleSlash, will discuss the challenges and solutions in the field of sustainable energy generation, particularly in the critical infrastructure sector (critical infrastructures).
Episode 131 at a glance (and click):
- [8:55] Challenges, potentials and status quo – This is what the use case looks like in practice
- [22:29] Solutions, offerings and services – A look at the technologies used
Podcast episode summary
Episode 131 of the IoT Use Case Podcast offers a comprehensive insight into the successful implementation of an IoT project in the critical infrastructure sector. secunet and doubeSlash talk about a project for sustainable energy generation in which the combined heat and power plants of an anonymous customer are used for local heating supply and in agriculture.
These are CHP units that are often located in places that are difficult to access or in remote locations. The podcast discusses the challenge of this decentralized energy supply and the need to connect these CHPs to the Azure Cloud to enable central management and remote maintenance. This should increase efficiency and reduce downtime.
The solution includes the integration of secure edge technologies from secunet and doubleSlash’s IoT and IT expertise to ensure a secure and reliable connection of the machines to the cloud.
Key topics covered in the episode include the benefits of centralized data management, predictive maintenance, technological challenges, and the importance of partnerships in IoT projects.
Podcast interview
Welcome, hello Markus, hello Joan. Great to have you here and welcome to the IoT Use Case Podcast. Markus, how are you and where can I reach you right now?
Markus
Thank you very much for the invitation. Today I’m in the office in sunny Munich. I’m fine. I spontaneously decided to take the bike this morning and have already had a bit of exercise.
That’s how it should be. Awesome. Are you in Munich with secunet?
Markus
Yes, our division is located in Munich, Essen and Berlin.
Yes. Exactly, Essen and Berlin. Joan, how are you? Where are you? Are you in the office or where are you at the moment?
Joan
Thank you very much for the invitation. I am also doing very well. I’m currently at our head office in Friedrichshafen and I’m delighted to be part of the podcast.
Fantastic, then best wishes to Friedrichshafen. We are also regularly there at the trade fair. Do you know the all about automation in Friedrichshafen?
Joan
Yes, we were there as visitors this year.
Cool, shoutout to the team in Friedrichshafen. Of course, best wishes to the trade fair on this occasion. How did it actually come about that you are both here today? How did you or the companies get to know each other? How did it actually come about that you’re both here on the podcast today?
Markus
Thank you. I’ve been around for a while, but didn’t quite experience the beginnings. With our product, we were looking for someone who could support us in the Azure environment. That’s when we approaches doubleSlash. doubleSlash took over the topic and that’s how we came together. We got to know each other and then a normal order development turned into a partnership.
Awesome. I think we will learn more about the two technologies and the solution behind them today. Maybe we’ll start with you, Markus. Why don’t we introduce your company: secunet Security Networks AG. You are an expert in computer and network security. Secunet is Germany’s leading cybersecurity company. You have some cool products, like secunet edge, which can be used to securely connect machines. You monitor the network on the edge and secure the data stream. You have many other products, for example secunet monitor KRITIS. You have a broad portfolio and are leaders in the field of cybersecurity. Is what I said correct? I would be interested to know which customers you work with and in which customer segments so that we can get into practice.
Markus
Very well described. We have been doing this for over 25 years and come from the field of government communications, i.e. everything that concerns ministries or other institutions that can communicate securely via Internet lines. We brought this know-how to the industry a few years ago, so that we not only secure computer-to-computer, but also machine-to-machine communication. The next step was, as you said, secunet monitor KRITIS: How can you monitor communication? Who is communicating with whom? When it comes to secure IT communication made in Germany, we are definitely the leading company.
Very nice. You have addressed industries and customer segments. There is probably a lot of industry involved, but also across all sectors. You have a variety of customers. Can you name some? Do you have any examples or comments about your customers?
Markus
We are particularly strong in the KRITIS environment, for example in combined heat and power plants. This semi-regulated market has high IT security requirements that are prescribed by law. However, we are not limited to a specific industry, because secure communication is always necessary. In our customer portfolio, we mainly have machine manufacturers and machine park operators who want to secure old machines or want to know who and what is communicating in their network. We have the right products for this.
I always have a favorite question to dive into the practice a bit. Joan, you are working as partners. Perhaps you have implemented your first project or use cases together. Can you give us an example?
Joan
Gladly. In this particular context, we address the predictive maintenance use case. Our joint project is with a customer in the field of sustainable energy generation. As it is an ongoing project and we are in the KRITIS area, I cannot name the customer. The customer is a manufacturer of combined heat and power plants and takes care of the planning of local and district heating networks as well as the installation for its customers. The plants are used in local heating supply or in agriculture for grain and hay drying, where there is an increased demand for electricity and heat.
Now I have to ask because we’re about to go into detail. Combined heat and power units or CHP units are small power plants that generate heat and electricity. Can you explain how it works?
Joan
Gladly. A combined heat and power unit can use various fuels, for example natural gas. In our customer context, however, wood chips are used to release energy. This energy is used to drive a generator that produces ecological heat and electricity. The heat and electricity generated can be used on site or fed into the public grid.
Before we delve deeper into the project, I would like to talk briefly about you. We have not yet introduced you in detail. You are experts in IT services and consulting. Can you tell us what your core business is, especially with regard to IoT?
Joan
Gladly. We at doubleSlash are IT service providers, develop software and are particularly committed to digital strategies and business processes. This year we are celebrating our 25th anniversary and have around 330 employees at three locations: Friedrichshafen, our head office, as well as Munich and Stuttgart. In the IoT business field, we focus on the triad Connect, Manage, Monetize. We support our customers from networking and managing their machines and systems to monetizing their business models. Together with secunet, we ensure the secure connection of the devices in the first phase of networking.
[8:55] Challenges, potentials and status quo – This is what the use case looks like in practice
Perhaps we can now delve deeper and understand what motivates your customer and the underlying reasons for the project. What is the business case for this project? Why do we need to connect decentralized energy supplies? Can you explain that?
Markus
The use case is to provide energy in hard-to-reach places where it makes no sense to lay huge power lines. The business case is that such systems must not fail. Joan mentioned drying earlier. If a CHP unit breaks down and you have no drying for half a day, it can ruin the whole harvest. Or at ski resorts: If the combined heat and power plant breaks down, there’s no apres-ski, you are left freezing. Predictive maintenance helps to predict failures and reduce maintenance costs, but avoiding failures that cause major costs is the main issue.
Let’s dive into the project and look at the business case behind it. Joan, you mentioned that it’s about remote maintenance. Why is this important and what is the business case behind it?
Joan
In principle, combined heat and power plants can be located in places that are difficult to access and remote. An outage would cause massive damage and cut off entire regions from the energy supply. A connection makes it possible to integrate the decentralized combined heat and power plants into the power grid and ensure a reliable supply. The many manual actions are a challenge for our customers: Data has to be extracted, updates imported and data made available centrally. Outdated remote solutions and the deployment of service technicians for maintenance and defects generate additional costs and effort.
These are technological challenges that go hand in hand with this. The deployment of service technicians in areas that are difficult to access is expensive and time-consuming. What is the worst case scenario if this connection is not available?
Joan
Basically, operators of combined heat and power plants whose plants are located in places that are difficult to access and do not have a networked solution face several challenges. If the plant is defective or requires maintenance and updates, the defect must first be identified. By the time this happens, it may already be too late. Interventions could have been made earlier to minimize the damage. There is a dependency on the service technician, who must be scheduled to visit and inspect the system locally. Perhaps they do not have the necessary tools at hand. If machine conditions are not accessible live, it is necessary to wait until the data is collected and transferred to the system in order to carry out analyses.
Markus, you are the security experts. Isn’t this also a big issue for the manufacturers of combined heat and power units, that there is potential damage from defective devices, including hardware defects? What are the business challenges in the security sector?
Markus
The amounts of damage are enormous and it’s no longer just about the hardware. The hardware must not fail, the connectivity must be available because of the hardware. A bigger factor is the loss of connectivity because someone has hacked the CHP unit and is playing around with it or breaking it. Security is extremely important here.
We have various use cases in the area of service, as Joan explained, and the recording of data for remote maintenance. The technological challenge is to install updates without having to be on site, and there are various security aspects that can be considered as a business case.
Markus
The problem is not just that we have this at the moment. The problem is that these combined heat and power plants are supposed to run continuously, as is the case in an industrial environment. Not just for six months or two years, but in ten years’ time I will still have the combined heat and power plant. But IT is already much further ahead. We have a pentesting team and incident response teams. What they see out there is hair-raising from an IT perspective; Windows XP is widely used. Now we think everything is great. But in 10, 15 years, we might say: What were we actually doing in 2024? It’s all outdated. We’re trying to decouple this and provide updates for remote maintenance so that we always have the latest protocols.
Before I address that, a question in between: You had mentioned that the CRITIS sector is an area where the legislator has a lot of say. What kind of stakeholders and requirements come from this sector? That’s a huge issue, isn’t it?
Markus
Definetly a huge issue. However, I would not go into this in detail now because the law is vaguely worded. In any case, you must have monitoring and prove that you have taken the IT security requirements into account. This will affect even more people in the future when the NIS 2 Directive comes into force. You have to prove that you address IT security aspects in your product from development through the entire life cycle. This is also part of cyber resilience, which plays a role here.
Yes, that’s another huge issue. Then perhaps back to the project. Can you explain where exactly the connection will be made and what data is relevant for this project? You’ve already given a few examples, but can you name any others? Then I can ask how you built the solution to understand it in detail.
Joan
Relevant data includes operating data such as temperature values, energy consumption and energy generated in the form of heat and electricity. These are important for operators to monitor and analyze in order to identify efficiency and possible weak points. Environmental data, information on emissions and pollutants are also important in order to be able to comply with and demonstrate standard values to municipalities and cities. Errors and warning messages can be stored centrally in the database.
When you talk about this data, can we explain what the technological challenges are? You mentioned that there are many manual actions to extract data and perform updates. What are the specific technological requirements of your customers or the customer?
Joan
In this project, it was important to have a target architecture that maps the networking of the systems through to visualization via dashboards. The migration of old components and old technologies to new standards had to be taken into account. An important requirement was the security aspect, which was fulfilled by a hardened connectivity edge solution. It was important to have a reliable and secure way to process, store and securely connect data to the Azure cloud platform. This was the preferred platform in this project. There was also the requirement that firmware updates should be easy and secure to implement.
Markus
That’s exactly where we came together, doubleSlash and secunet. Of course, you can work something like this out yourself, and I’ve seen it done before. That is not necessarily wrong. The only question you should ask yourself is whether you are making a make-or-buy decision. That was a requirement at the time, which is how secunet edge came about: We had to establish secure connectivity. The machine’s data is actually available, but the machine cannot transfer this data to secure protocols. We have therefore developed secunet edge, which is used in this project. We take the existing data from the combined heat and power plant and create a connection to Azure. Then we take care of everything that Joan has already outlined in terms of requirements: patching vulnerabilities immediately, providing updates for the various systems. We have implemented this in a Docker functionality so that updates are also possible in the future if new protocols are to be used. At some point, current protocols will be deemed insecure because someone finds a vulnerability. It is a classic make-or-buy decision that we have already implemented. Joan, correct me, but I’ve heard that it takes six to nine months to complete something like this. And then there’s all the maintenance work.
Joan
Exactly, it is important to bring experts on board who, as an overall integrator, have the experience, best practices and an established methodological toolbox. They accompany the project or customer on their IoT journey from start to finish and bring time and quality benefits.
Perhaps just one more practical point: in other words, Markus, the customer has made the decision to purchase an existing solution in order to benefit from the corresponding advantages. You started with the secunet edge solution and recorded the data Joan mentioned, such as temperature and power data, and integrated it into Azure. How do you collect the data? Do you work directly with the control unit on site, with the plant? How exactly does it work with secunet edge?
Markus
Most machines today offer the option of forwarding this data via an IP connection. The control units then have a corresponding connection to output the data. That’s what we use. The data often comes from older machines in FTP format, which is not secured at all. We take this data from the machine and forward it to Azure. We asked ourselves how we could best implement this and, above all, how we could implement the return channel, i.e. manage the device from Azure. This is where doubleSlash comes into play. Microsoft Runtime is integrated so that the device can communicate securely and directly with Azure. That is relatively simple. A connection string is inserted and the connection is established.
You have ensured that the machine is connected at the highest security level with the secunet edge product. Together with you, the Microsoft Runtime was set up to establish the connection to the Azure Cloud. The customer thus received a complete solution instead of tackling the challenge independently.
[22:29] Solutions, offerings and services – A look at the technologies used
To summarize at the end: What exactly did the customer receive and what will be developed in the future? Joan, can you summarize what the customer received from you?
Joan
Exactly, as I said, it’s an ongoing project. In future, information such as temperature values and energy generated will be available in a central database. This data is to be made available to various stakeholders, e.g. customers who operate the combined heat and power plants, as well as cities and municipalities, particularly with regard to compliance with emission values. The data-based information is intended to ensure operational reliability and efficiency, detect downtimes at an early stage, plan maintenance work in a more targeted manner and increase the service life of the plants. Costs can be saved by avoiding unplanned downtime. Ultimately, the solution also forms the basis for later billing of the energy generated, i.e. enabling monetization and business models.
When data is provided across all trades, municipalities and cities are suddenly working with it. It’s fantastic to see how they are leading the way and laying the foundation for new business models and billing in the future. It really is a fantastic project, especially in the energy sector, which has already created great solutions. It’s great to see how cross-discipline thinking takes place and how data can be shared via the Azure Cloud. Very good, very nice. One final question: Are there any specific best practices you would like to share? Many listeners come from different backgrounds and there are definitely pitfalls to watch out for. Do you have any experiences or best practices that you would like to share with our listeners?
Markus
It’s really fun listening to you talk about what can be done, what can be done in the future. That also relates to your question about best practices. We at secunet are not so deeply involved with these topics. We are members with you because it’s important to understand the entire chain. Everyone has their part in the value chain. It was exciting to hear what can be done with the data. Our focus is on how to securely collect and transmit this data. We wouldn’t do IIoT consulting; that’s not our core business. For that, you need specialists like doubleSlash. When it comes to IT security, we are in good hands. To put it simply: Look for multiple partners or one partner who coordinates, because an IoT solution is never a one-man show. There are always companies and partners who are excellent in their field. I have seen a lot in projects where companies tried to do everything themselves. In this case, the best practice is that the client found someone who could support them with data analysis, visualization, etc., and then other partners like us joined in. Would you agree with that, Joan?
Joan
Yes, definitely. It was good that we have this partnership between us. We have an integration partnership, we integrate secunet edge at our customers’ premises and thus ensure a secure connection. We complement our service portfolio with your expertise.
Yes, fantastic. And that is a really nice example. Maybe I can say that because I’ve already done one or two security podcasts. Here, Markus, where you mentioned membership, we have a huge partner network. Everyone has their own expertise, everyone is active in a certain area. Real added value is created when you work hand in hand as partners. Of course, the technical requirements have to be right and everything has to be integrated. This is a fantastic example and project that you have brought with you today. Thank you for allowing us to talk about this in such a practical way. The subject of security is often dry, but you can understand it better with a concrete example. There is a business case, technological and business challenges and a beautiful solution in combination. Many thanks to you. It was a pleasure. I still have a lot of questions, but we don’t want to prolong it. If you listen and say, that’s exciting, I have a similar case, you can get in touch with Markus and Joan. All information is linked in the show notes, including LinkedIn contacts. Get in touch and discuss your use cases.
With that, I hand over the last word to you. It was entertaining for me, the time passed quickly. Thank you very much for being there and for this project.
Joan
Many thanks, Madeleine, to you as host and the opportunity to be part of this cool podcast format. Thanks also to you, Markus, for inviting us to stand together as partners and present our use case.
Markus
With pleasure. Thank you very much for the invitation, Madeleine. I was very pleased. Thank you for taking part, Joan, and for allowing us to showcase this. If you have any questions, please contact us. I look forward to the next invitation, Madeleine.
This calls for a follow-up. You have many exciting partners and cases. I look forward to a follow-up. Thank you for the episode and have a great rest of the week. Take care.
Markus
Thank you, likewise.
Joan
Thank you. Ciao.
Ciao!