Raspberry Pi which is basically a small credit card size computer can be connected to a monitor as well as a standard keyboard. It can be programmed using python, c, c++ or other standard languages. Earlier, the raspberry pi was solely targeted for education and experimentation but now things changed. It has promoted for direct industrial use and no longer seen purely as a platform for experimentation. Though it is not considering as a mission-critical application, many engineers view it as the best tool for real-time industrial use. Raspberry Pi is mainly used in smart devices and for desktop computing applications.
Industrial experts agree that it is comfortable to use Raspberry pi on the plant’s regular production lines, but difficult to use it for the plant’s production controllers. Raspberry Pi-powered devices target mostly at the industrial end users. Hilscher offers its netPI industrialized Raspberry Pi 3 B platform for implementing Cloud, Internet of Things and Industry 4.0 customized Edge Automation projects safely over containerized software utilizing Docker.
Hilscher designed it in cooperation with the Raspberry manufacturer Element 14 and upgraded it especially for industrial use. The architecture has its single-circuit board combines the Pi 3 B circuitry, its standard interfaces, Hilscher’s multi-protocol Industrial Network SoC netX plus two extra Industrial Ethernet ports. By design netPI’s overall software architecture complies with the Cyber Security Standard IEC 62443 for Industrial Automation and Control Systems to counter threats such as unauthorized accesses, software manipulation, and eavesdropping and relies on a security-enhanced Linux. Default access for configuring and managing it is granted via a web-based GUI. Only an accredited user can apply additional software and applications by using the preinstalled Docker virtualization environment in isolated and safe containers to be in line with the security concept.
Hardware features of netPI
Design
8 layer PCB design (6 with Pi 3 B) for best EMC compliance and heat dissipation
A cooling concept for full 1.2GHz quad-core CPU performance up to 50°C without throttling
Peripherals
8GB industrial grade long-life FLASH memory with guaranteed constant BOM
Real-Time Clock (RTC) with 7 days maintenance-free supercapacitor based buffering
8KB extra FRAM for storing data non-volatile at high frequencies (model RTE 3)
Connectivity
netX51 multi-protocol Industrial Networks Controller for Fieldbus and Industrial Ethernet (model RTE 3)
Two extra Industrial Ethernet ports for protocols such as PROFINET, EtherNet/IP and more (model RTE 3)
Expansion slot for additional plug-in modules such as RS485, RFID, Analog, Digital I/O and more
DIN rail mountable robust metallic housing for longevity in industrial environments
Environments
On-board WiFi/BT radio antenna extended beyond chassis for best wireless coverage
EMC compliant to latest standards
Shock and vibration compliant to the latest standards
Extended temperature range -20°C to 60°C
24 Volt DC powering
System security features of netpi
Design
Yocto project based customized Linux, Kernel 4.9.x or higher
Integrity
Constraint checking of the validity of the booted software through keys
Coordinated installation of system updates and patches through signed packages only
Ignoring removable media such as USB sticks prohibiting infiltration of malware
Authentication
Obligatory password authentication with key strength calculator
User and role management prohibiting unauthorized access to preinstalled software
Confidentiality
Protection of the transmission route to the web GUI by TLS 1.2 encryption (https)
NGINX application as a reverse proxy for centralized SSL certificates offloading and handling
Non-installed SSH server to prohibit accesses from remote through a console
Non-installed sudo command to prevent getting root privileges
Restricted Data Flow
AppArmor security framework restricted preinstalled components through access profiles
Physical segregation of IT and OT networks by two separated network controllers (model RTE 3)
Preinstalled Docker for additional container-isolated applications over web GUI client portainer.io