Skip to main content

AWS Solutions Library

Guidance for Automation Software Management with Software Defined Automation on AWS

Overview

This Guidance demonstrates how to set up cloud-based Programmable Logic Controllers (PLC) management and code development using the software-as-a-service (SaaS) product, Software Defined Automation (SDA). With SDA, you can securely access PLC code from anywhere using any device over an operational technology (OT) network. You can deploy code updates to hundreds of PLCs in minutes, reducing factory downtime and increasing productivity. SDA PLC management helps you integrate automated deployments in your continuous integration/continuous deployment (CI/CD) process.

How it works

This architecture diagram demonstrates a highly secure and scalable multi-tenant SaaS approach for industrial control systems management.

Download the architecture diagram

Well-Architected Pillars

The architecture diagram above is an example of a Solution created with Well-Architected best practices in mind. To be fully Well-Architected, you should follow as many Well-Architected best practices as possible.

SDA uses automation to minimize human error and ensure consistency. Amazon CloudWatch collects logs, metrics, and events, which are consolidated in a central system and transformed into actionable key performance indicators (KPIs) and alarms. Critical alarms are relayed in near-real-time to SDA’s operations team, helping ensure immediate attention and response. User data automatic backups are made in a secondary AWS Region every hour.

Read the Operational Excellence whitepaper 

SDA extensively employs managed services, substantially reducing your operational burden. Amazon Cognito enables user authentication, and all API calls undergo an authentication and authorization process. User authorizations are fine-grained and can be set permanently or on a time-based schedule. All data in transfer and at rest is encrypted. 

Additionally, the connection from the cloud to the factory is enabled by a secure, short-lived VPN tunnel created on demand by users. Once the operation on the PLC is complete, the tunnel is automatically destroyed.

Read the Security whitepaper 

SDA uses AWS managed services that benefit from the inherent availability and reliability provided by AWS service teams. For self-managed services, SDA deploys resources across three distinct Availability Zones within an AWS Region. This distributed and load-balanced approach enables automatic replacement of malfunctioning resources and dynamic scaling based on demand.

Read the Reliability whitepaper 

Whether using AWS managed or self-managed services, SDA uses real-time usage metrics to right-size resources. This architecture's flexibility helps you swiftly adapt to and integrate new offerings, such as the latest EC2 instance generations. You can benefit from peak platform performance at competitive prices, all while maintaining a focus on sustainability.

Read the Performance Efficiency whitepaper 

As a subscription-based SaaS provider, SDA focuses on cost efficiency in its operations. By maximizing price-to-performance ratios with AWS resources, we help ensure savings that directly benefit customers. We prioritized the utilization of serverless services that offer automatic scaling and a pay-as-you-go model, meaning you only pay for the resources you use without having to worry about long-term or upfront commitments. We analyzed usage patterns, established baseline requirements, and instituted scheduled and dynamic auto-scaling policies that adapt swiftly to change in demand. This approach helps ensure that only necessary resources are allocated, eliminating wasteful idle capacities.

Read the Cost Optimization whitepaper 

Because SDA only uses serverless services, resources are only consumed when necessary, reducing energy usage and waste. Cloud elasticity reduces operational costs but also contributes significantly to reduce the energy footprint of this Guidance. In the long run, this strategy aids in minimizing environmental impact through optimal resource utilization and lowering carbon emissions associated with data center operations.

Read the Sustainability whitepaper 

Disclaimer

The sample code; software libraries; command line tools; proofs of concept; templates; or other related technology (including any of the foregoing that are provided by our personnel) is provided to you as AWS Content under the AWS Customer Agreement, or the relevant written agreement between you and AWS (whichever applies). You should not use this AWS Content in your production accounts, or on production or other critical data. You are responsible for testing, securing, and optimizing the AWS Content, such as sample code, as appropriate for production grade use based on your specific quality control practices and standards. Deploying AWS Content may incur AWS charges for creating or using AWS chargeable resources, such as running Amazon EC2 instances or using Amazon S3 storage.