Execution Environment: the vf-OS Platform
The vf-OS project advances the state-of-the-art in Cloud and Web technologies for Industry 4.0. Such technologies enable better cooperation between industrial partners, as well as shorter and more efficient supply chains, and also inspires in-house and independent developers alike.
Currently, cloud technologies are centered around the concept of microservices, as illustrated in the figure bellow. Instead of building highly coupled setups, modern service platforms consist of loosely coupled, open, single-purpose services that can be combined freely to provide the behavior of an integrated application.
The vf-OS Platform follows the same paradigm and is implemented as a collection of microservices running together in a Docker environment where each container represents a service. Each service exposes an API that is either RESTful or AMQP-based event queue, in the case of vf-OS. Both service transports are open and potentially globally accessible. This allows services to be part of multiple applications and addressable from everywhere in the world.
A vApp is the vf-OS application model, consisting of a process model in which the various services are combined to provide features to the end-user in the form of a web or mobile application. A web-frontend is added, again using state-of-the-art web frameworks, like Angular and React.js. vApps use services, provided by the vf-OS Project, by the vf-OS Platform, and by in-house and external developers. The distribution of these vApps and services is done through the vf-OS Marketplace, hence enabling a variety of business models.
The native vf-OS Platform services provide the execution environment for the vApps and their services, as shown in the following figure. The platform also provides tools to facilitate the development, distribution, and installation of assets.
Some of the driving challenges behind vf-OS are the security requirements of the manufacturing domain. These requirements stem from the need of commercial factories have to stay in control of the dissemination of their data, with much of the available data being strictly private to the company. To handle these challenges, vf-OS introduced a platform, with several security controls. It starts with the positive benefits of having a common platform where factories can download, run, share and build new assets for their needs with a minimum effort. However, to allow control around these assets, the platform runs each asset in a separate container, using network separation techniques to force all communication between the assets to run through the security control. Direct communication between assets is not allowed.
To make the security challenge even more complex, the developers of the assets don’t necessarily need to be working inside the factories themselves. External developers can create vApps and library resources for the factories. Having such a broad development community offers better quality and innovation, however, it also means the platform has to protect itself, its host and the local resources, against potentially dangerous applications. The security model also needs to control the vApps themselves, making the platform more complex.
As a conclusion the vf-OS platform answers these needs, providing security on top of the flexibility and interoperability required for a proper cooperation between factories and external developers alike, hence allowing greater innovation for companies and better services to the entire value chain. The platform offers Industry 4.0 factories the tools they need to do this securely, efficiently and in control of their data.