FORM 2
THE PATENTS ACT, 1970
(39 of 1970)
&
THE PATENTS RULES, 2003
COMPLETE SPECIFICATION
[See section 10, Rule 13]
REMOTE SYSTEM AND REMOTE CONNECTION METHOD
MITSUBISHI ELECTRIC CORPORATION, A CORPORATION ORGANISED
AND EXISTING UNDER THE LAWS OF JAPAN, WHOSE ADDRESS IS 7-3,
MARUNOUCHI 2-CHOME, CHIYODA-KU, TOKYO 100-8310, JAPAN
THE FOLLOWING SPECIFICATION PARTICULARLY DESCRIBES THE
INVENTION AND THE MANNER IN WHICH IT IS TO BE PERFORMED.
2
DESCRIPTION
Field
[0001] The present disclosure relates to a remote system
and a remote connection method for externally connecting to
5 a production device in a factory or the like.
Background
[0002] There is known a system that connects an external
terminal that is an information communication device, from
10 an external remote place such as a factory, to a production
device such as a programmable logic controller (PLC), a
human machine interface (HMI), or an inverter installed in
a factory or the like. In such a system, by appropriately
setting a network device such as a router or a firewall and
15 switching a global Internet protocol (IP) address or a port
number of each production device, remote access from the
outside is enabled. Furthermore, by virtually connecting
an internal network of the factory and the external network
via a local area network (LAN) using a virtual private
20 network (VPN) technology, the production device cannot be
accessed from outside.
[0003] Patent Literature 1 discloses a control unit
capable of easily performing communication setting on a
network device in such a system. The control unit
25 described in Patent Literature 1 includes: a storage unit
that stores a user program including at least one
instruction for settings that are related to communication
via a network device; and a communication setting unit that
performs transmission and reception of a command to and
30 from the network device based on the fact that an execution
condition of instruction is satisfied, and performs
communication setting indicated in the instruction. As a
result, even a user who does not know how to transmit and
3
receive commands to and from the network device can
designate the communication setting and cause the control
unit to execute processing according to a designated
setting content.
5
Citation List
Patent Literature
[0004] Patent Literature 1: Japanese Patent Application
Laid-open No. 2020-088690
10
Summary
Technical Problem
[0005] However, when the technique described in Patent
Literature 1 is introduced into an existing factory or the
15 like, there is a problem in that a person having knowledge
of a network and information security needs to create a
command to perform setting such as introduction of a VPN.
In addition, since the technique described in Patent
Literature 1 involves a change in setting of the network
20 device in a system, there is a possibility in that a third
party intrudes into the system when the setting includes
some errors. Therefore, even if the communication setting
can be performed on the basis of a command, a person having
knowledge of the network and the information security needs
25 to verify whether the setting for the communication setting
corresponding to the command is appropriate. There is also
a problem in that the number of man-hours for this
verification is very large.
[0006] The present disclosure has been made in view of
30 the above, and an object of the present disclosure is to
provide a remote system that enables to implement remote
access to a production device without changing an existing
network configuration on a factory and a setting of a
4
network device.
Solution to Problem
[0007] In order to solve the above-described problems
5 and achieve the object, in the remote system of the present
disclosure, a local area network including a production
device and a gateway device is connected via a wide area
network to a server device that relays communication
between a production device and an external terminal that
10 is an information communication device, and remote
connection to the production device by the external
terminal is implemented. The remote system includes: a
network device that permits connection from an inside to an
outside of the local area network and rejects connection
15 from the outside to the inside of the local area network,
installed at a connection point of the local area network
and the wide area network or between the connection point
and the production device. The gateway device includes a
server connection control unit that requests the server
20 device to establish a first session between the gateway
device and the server device. The server device includes a
device management unit and a connection control unit. The
device management unit compares device identification
information for identifying a target production device
25 designated by the external terminal with device
identification information set to the production device.
The connection control unit establishes the first session
in response to a request for establishment of the first
session, establishes a second session between the external
30 terminal and the server device when the device
identification information of the target production device
matches the device identification information set to the
production device as a result of comparison by the device
5
management unit, and links the first session and the second
session. The connection control unit of the server device
relays communication between the external terminal and the
production device, by using the linked first session and
5 second session.
Advantageous Effects of Invention
[0008] The remote system according to the present
disclosure has an effect of being able to implement remote
10 access to the production device without changing an
existing network configuration on the factory and setting
of the network device.
Brief Description of Drawings
15 [0009] FIG. 1 is a diagram schematically illustrating an
example of a configuration of a remote system according to
a first embodiment.
FIG. 2 is a block diagram illustrating an example of a
functional configuration of the remote system according to
20 the first embodiment.
FIG. 3 illustrates an example of connection device
information.
FIG. 4 illustrates an example of connection setting
information.
25 FIG. 5 illustrates an example of device information.
FIG. 6 illustrates an example of gateway information.
FIG. 7 is a sequence diagram illustrating an example
of a procedure of a remote connection method in the remote
system according to the first embodiment.
30 FIG. 8 is a flowchart illustrating an example of an
operation of a server device included in the remote system
according to the first embodiment.
FIG. 9 is a sequence diagram illustrating an example
6
of a procedure of a remote connection method in a remote
system according to a second embodiment.
FIG. 10 illustrates an example of a connection device
selection screen.
5 FIG. 11 is a diagram illustrating an example of a
configuration of the remote system according to the second
embodiment.
FIG. 12 is a sequence diagram illustrating an example
of a procedure of a remote connection method in a remote
10 system according to a third embodiment.
FIG. 13 is a diagram illustrating an example of a
functional configuration of a remote system according to a
fourth embodiment.
FIG. 14 illustrates an example of user information.
15 FIG. 15 illustrates an example of access control
information in a case where access authority is set for
each production device.
FIG. 16 illustrates an example of access control
information when access authority is set for each gateway
20 device.
FIG. 17 illustrates an example of gateway information.
FIG. 18 illustrates an example of connection setting
information.
FIG. 19 is a sequence diagram illustrating an example
25 of a procedure of a remote connection method in the remote
system according to the fourth embodiment.
FIG. 20 is a diagram schematically illustrating an
example of a configuration of a remote system according to
a fifth embodiment.
30 FIG. 21 is a diagram schematically illustrating an
example of a configuration of a remote system according to
a sixth embodiment.
FIG. 22 is a perspective view schematically
7
illustrating an example of a configuration of a production
device with a gateway function to be used in the remote
system according to the sixth embodiment.
FIG. 23 is a view schematically illustrating another
5 example of a configuration of the remote system according
to the sixth embodiment.
FIG. 24 is a diagram illustrating an example of a
hardware configuration of a computer system that realizes a
gateway device and a server device of the remote system
10 according to the first to sixth embodiments.
Description of Embodiments
[0010] Hereinafter, a remote system and a remote
connection method according to an embodiment of the present
15 disclosure will be described in detail with reference to
the drawings.
[0011] First Embodiment.
FIG. 1 is a diagram schematically illustrating an
example of a configuration of a remote system according to
20 a first embodiment. A remote system 1 is a system that
implements remote connection to a production device 130 in
a factory 10 mainly from the outside of the factory 10, by
an external terminal 310 that is an information
communication device owned by a user such as an
25 administrator who manages the factory 10. The remote
system 1 includes an in-factory network 11 which is a LAN
provided in the factory 10, a cloud system 20, and the
external terminal 310 provided in an external facility 30.
The in-factory network 11, the cloud system 20, and the
30 external terminal 310 are connected via a wide area network
40 such as a public IP network.
[0012] The factory 10 includes one or more of the
production devices 130. The production device 130 is a
8
device that is used in controlling a control target. An
example of the production device 130 is a PLC, an HMI, or
an inverter. To the production device 130, a control
target device, a sensor for monitoring a state of the
5 control target, and the like are connected. The in-factory
network 11 is a network that connects the production
devices 130 in the factory 10. The in-factory network 11
includes the production device 130 and a gateway device 110,
and the production device 130 and the gateway device 110
10 are connected by a wired or wireless LAN. In one example,
the production device 130 and the gateway device 110 are
connected via a switching hub 141. Note that a case is
illustrated in which two production devices 130 are
connected to the in-factory network 11 in FIG. 1, but one
15 or three or more production devices 130 may be connected.
[0013] In the first embodiment, the gateway device 110
searches for the production device 130 connected to the infactory network 11, and transmits information regarding the
production device 130 to a server device 210 of the cloud
20 system 20 when the gateway device 110 finds the production
device 130. Further, the gateway device 110 transmits, to
the server device 210, a session establishment request for
establishing a session that is a first session between the
gateway device 110 and the server device 210.
25 [0014] At a connection point between the in-factory
network 11 and the wide area network 40, a router 145,
which is a network device, is provided. In the first
embodiment, setting is made on the router 145 so that
connection from the inside of the in-factory network 11 to
30 the outside where the wide area network 40 is provided is
permitted; on the other hand, connection from the outside
to the inside of the in-factory network 11 is rejected.
[0015] In the example of FIG. 1, there is one in-factory
9
network 11 is illustrated; however, a plurality of infactory networks 11 may be present in one factory 10. For
example, each in-factory network 11 including the gateway
device 110 is connected to the router 145. Further,
5 although the example of FIG. 1 illustrates a one factory 10,
a plurality of factories 10 may be present, and one or more
in-factory networks 11 may be provided in each of the
factories 10.
[0016] The cloud system 20 includes the server device
10 210. The server device 210 is connected to the wide area
network 40 via a router 245 which is a network device. The
server device 210 relays communication between the gateway
device 110 and the external terminal 310.
[0017] The server device 210 stores the information
15 regarding the production device 130 and received from the
gateway device 110. When information for identifying the
target production device 130 designated by the external
terminal 310 is included in the information regarding the
production device 130 that is stored in the server device
20 210, the server device 210 establishes a session that is a
second session between the server device 210 and the
external terminal 310. Then, the server device 210 links
the session between the server device 210 and the external
terminal 310 and the session between the server device 210
25 and the gateway device 110 connected to the target
production device 130, to relay communication between the
external terminal 310 and the production device 130. Note
that, upon receiving a connection request from the external
terminal 310, the server device 210 instructs the gateway
30 device 110 to establish a session between the gateway
device 110 and the target production device 130. This
causes one session to be established between the external
terminal 310 and the target production device 130. Note
10
that, although FIG. 1 illustrates the server device 210 of
the cloud system 20, an on-premises server device 210 may
be adopted.
[0018] The external facility 30 is a facility in which a
5 user who performs management, work, and the like of the
production device 130 in the factory 10 is present. An
example of the external facility 30 is an office that is
located physically away from the factory 10, a user's home,
or the like. The external terminal 310 is used by the user.
10 The external terminal 310 is, for example, a desktop
personal computer (PC), a notebook PC, a smartphone, a
tablet terminal, or the like. One or more external
terminals 310 are provided. The external terminal 310 is
connected to the server device 210 via the wide area
15 network 40 and a router 345, which is a network device.
The external terminal 310 transmits a connection request
including information regarding the target production
device 130 to the server device 210. When the connection
request is accepted by the server device 210, connection to
20 the target production device 130 is enabled via the server
device 210 and the gateway device 110. Note that the
external terminal 310 can be installed in any place as long
as the external terminal 310 is in an environment
connectable to the wide area network 40. In one example,
25 the external terminal 310 is not limited to be installed in
the external facility 30 and can be installed in the
factory 10.
[0019] FIG. 1 illustrates when one external terminal 310
is provided in the external facility 30, but a plurality of
30 external terminals 310 may be present. In this case, a LAN
is configured in the external facility 30 by a switching
hub or the like, and the LAN and the router 345 are
connected. Further, although FIG. 1 illustrates a case
11
where the network devices are the routers 145, 245, and 345,
examples of the network device includes a firewall device,
a router device with firewall function, and the like other
than the routers 145, 245, and 345.
5 [0020] In applying the remote system 1 according to the
first embodiment to the system in which the in-factory
network 11 and the external terminal 310 are connected via
the wide area network 40, it is not necessary to change the
setting of the routers 145, 245, and 345, which are the
10 network devices already installed. That is, the router 145
connected to the in-factory network 11 is normally set to
permit connection from the inside to the outside of the infactory network 11 and not to permit connection from the
outside to the inside, and this setting can be used as it
15 is without being changed.
[0021] FIG. 2 is a block diagram illustrating an example
of a functional configuration of the remote system
according to the first embodiment. As described above, in
the remote system 1 according to the first embodiment, the
20 server device 210 links a session between the gateway
device 110 and the server device 210 and a session between
the external terminal 310 and the server device 210 to
relays communication, thereby establishing connection
between the external terminal 310 and the production device.
25 Therefore, FIG. 2 illustrates connection among the external
terminal 310, the server device 210, the gateway device 110,
and the production device 130. Hereinafter, functional
configurations of the gateway device 110 and the server
device 210 will be described in detail.
30 [0022] The gateway device 110 includes a productiondevice-connection-control-unit 111, a connection-deviceinformation-storage-unitdevice-information-storage-unit 112,
a connection-setting-information-storage-unit 113, and a
12
server connection control unit 114.
[0023] The production-device-connection-control-unit 111
searches for the production device 130 connected to the infactory network 11 to which the gateway device 110 is
5 connected, that is, the production device 130 to which the
gateway device 110 is connectable. When the productiondevice-connection-control-unit 111 finds the connectable
production device 130, the production-device-connectioncontrol-unit 111 acquires information regarding the
10 production device 130 from the connectable production
device 130, and registers the information in the deviceinformation-storage-unitconnection-device-informationstorage-unit 112. The information regarding the production
device 130 includes a physical address, a logical address,
15 a device host name, and a device identifier of the
production device 130. The device host name is a name
given to the production device 130. The device host name
is a host name such as a network basic input output system
(NetBIOS) name or a computer name. An example of the
20 device host name is a product type name that is different
for each model of products. The device identifier is
identification information for uniquely identifying the
production device 130 in the remote system 1. The device
identifier corresponds to device identification information.
25 [0024] In one example, the production-device-connectioncontrol-unit 111 searches for the connectable production
device 130 by using an echo message of Internet Control
Message Protocol (ICMP), universal plug and play (UPnP), or
other methods. According to these methods, the production30 device-connection-control-unit 111 can acquire the physical
address, the logical address, the device host name, and the
like of the production device 130. Further, the
production-device-connection-control-unit 111 can acquire
13
the device identifier, in one example, by transmitting a
device-identifier-acquisition-request for requesting the
production device 130 to transmit, to the production device
130, a device identifier, and receiving a device5 identifier-acquisition-response which is a response to the
device-identifier-acquisition-request.
[0025] The production-device-connection-control-unit 111
establishes a session between the target production device
130 designated by the server device 210 and the gateway
10 device 110, in accordance with an instruction from the
server device 210. This is performed after the external
terminal 310 issues a connection request to the server
device 210.
[0026] The connection-device-information-storage15 unitdevice-information-storage-unit 112 stores connection
device information, which is information regarding the
production device 130 and acquired by the productiondevice-connection-control-unit 111. The connection device
information is information necessary for connection between
20 the gateway device 110 and the production device 130. FIG.
3 illustrates an example of the connection device
information. The connection device information is
information in which a device media access control (MAC)
address, a device IP address, a device host name, and a
25 device identifier are associated with one another. The
device MAC address is a physical address of the production
device 130. Here, the MAC address is used, but other
information may be used as long as a physical address is
indicated. The device IP address is a logical address
30 given to the production device 130. In the first
embodiment, this field is blank when the device identifier
is not registered in the production device 130, since the
device identifier is generated by the external terminal 310
14
and registered in the production device 130, as will be
described later.
[0027] The connection-setting-information-storage-unit
113 stores connection setting information, which is
5 information necessary for the gateway device 110 to connect
to the server device 210. FIG. 4 illustrates an example of
the connection setting information. In one example, the
connection setting information includes a key-value
database in which a setting item that is Key and a setting
10 value that is Value are associated to each other. As
setting items, the connection setting information includes:
“cloud system server device fully qualified domain name
(FQDN)” indicating the server device 210 of the connection
target; “gateway identification (ID)” which is information
15 for identifying the gateway device 110; and “gateway
password (PW)” which is a password necessary for the
gateway device 110 to access the server device 210.
[0028] The server connection control unit 114 connects
to the server device 210 of the cloud system 20 using the
20 connection setting information in the connection-settinginformation-storage-unit 113. When connecting with the
server device 210, the server connection control unit 114
uses the gateway ID and the gateway PW to log in to the
server device 210 indicated by the “cloud system server
25 device FQDN” in the connection-setting-information-storageunit 113. Further, when the device identifier is
registered in the connection device information, the server
connection control unit 114 transmits information regarding
the production device 130 corresponding to the registered
30 device identifier, to the server device 210. Moreover, the
server connection control unit 114 requests the server
device 210 to establish a session between the gateway
device 110 and the server device 210.
15
[0029] Note that, in the example of FIG. 2, the
connection-device-information-storage-unitdeviceinformation-storage-unit 112 and the connection-settinginformation-storage-unit 113 are provided in the gateway
5 device 110, but may not be provided in the gateway device
110. In this case, a new database device that manages the
connection device information and the connection setting
information may be provided, and the gateway device 110 may
be installed to be able to access the new database device.
10 [0030] The server device 210 includes a connection
control unit 211, a device management unit 212, a deviceinformation-storage-unit 213, and a gateway information
storage unit 214.
[0031] The connection control unit 211 controls
15 connection with the gateway device 110 and connection with
the external terminal 310. Specifically, the connection
control unit 211 establishes a session between the server
device 210 and the gateway device 110 in response to a
request from the gateway device 110. Upon receiving a
20 request from the external terminal 310, the connection
control unit 211 establishes a session between the server
device 210 and the external terminal 310, and establishes a
session between the gateway device 110 and the target
production device 130 of the external terminal 310. The
25 connection control unit 211 links a session between the
server device 210 and the gateway device 110 and a session
between the server device 210 and the external terminal 310
to relay communication between the external terminal 310
and the production device 130, when the device identifier
30 of the target production device 130 matches the device
identifier set in the production device 130 as a result of
comparison by the device management unit 212.
[0032] The device management unit 212 registers
16
information regarding the production device 130 from the
gateway device 110, into the device-information-storageunit 213. The information regarding the production device
130 includes a device name, a device identifier, and
5 indication of a gateway to which the production device 130
is connected. The device name is a name given to the
production device 130 by the user, and can be freely edited.
In addition, the device management unit 212 compares the
device identifier for identifying the target production
10 device 130 designated by the external terminal 310 with the
device identifier set in the production device 130. In the
first embodiment, upon receiving a device connection
request from the external terminal 310, the device
management unit 212 checks whether the device identifier
15 included in the device connection request is included in
the device information in the device-information-storageunit 213, and outputs a checking result to the connection
control unit 211.
[0033] The device-information-storage-unit 213 stores
20 device information that is information indicating a network
including which gateway device 110 the production device
130 belongs to. It suffices that the device information is
information in which the production device 130 is
associated with the gateway device 110 of the in-factory
25 network 11 to which the production device 130 belongs. FIG.
5 illustrates an example of the connection device
information. The device information includes, as items, a
device name, a device identifier, and a gateway ID. The
device name is a name given to the production device 130 by
30 the user. The gateway ID is information for identifying
the gateway device 110 connected to the in-factory network
11 to which the production device 130 belongs. The gateway
ID is a setting value for the “gateway ID” in the
17
connection setting information of FIG. 4.
[0034] The gateway information storage unit 214 stores
gateway information which is information indicating the
gateway device 110 connectable to the server device 210.
5 FIG. 6 illustrates an example of the gateway information.
The gateway information is information in which a gateway
ID, a gateway PW, and a gateway name are associated with
one another. The gateway ID is information for identifying
the gateway device 110. In one example, the gateway ID in
10 the device information of FIG. 5 is expressed using the
gateway ID. The gateway ID corresponds to the gateway
identification information. The gateway name is a name
given to the gateway by the user.
[0035] A remote connection method in such the remote
15 system 1 will be described. FIG. 7 is a sequence diagram
illustrating an example of a procedure of a remote
connection method in the remote system according to the
first embodiment. Here, a user who owns the external
terminal 310 makes remote access to a certain production
20 device 130 in the factory 10 will be described as an
example.
[0036] First, preparation is performed. In the
preparation, the external terminal 310 generates a device
identifier of the target production device 130 to be
25 remotely accessed (step S11). The device identifier is a
value that does not overlap in the remote system 1. In one
example, the device identifier is generated by a mechanism
such as a globally unique identifier (GUID).
[0037] Next, the external terminal 310 registers the
30 generated device identifier in the production device 130
(step S12). In one example, the external terminal 310 and
the production device 130 are connected by any path such as
a universal serial bus (USB) cable, and the device
18
identifier is registered in the production device 130 from
the external terminal 310. In addition, the device
identifier may be registered in the production device 130
from the external terminal 310 by another method. At this
5 time, the user of the external terminal 310 carries the
external terminal 310 to the vicinity of the production
device 130 of the factory 10. Thus, the preparation is
completed. Thereafter, the user carries the external
terminal 310 to the external facility 30.
10 [0038] The server connection control unit 114 of the
gateway device 110 transmits a session establishment
request to the server device 210 via the wide area network
40 (step S13). Note that, since the connection is from the
inside to the outside of the in-factory network 11, the
15 router 145 relays the session establishment request from
the gateway device 110 to the server device 210.
[0039] The connection control unit 211 of the server
device 210 establishes a session between the server device
210 and the gateway device 110. When the session has been
20 successfully established, the connection control unit 211
of the server device 210 responds an establishment
completion notification to the gateway device 110 (step
S14). Since the establishment completion notification is a
response to the session establishment request from the
25 gateway device 110 and is not an access from the outside of
the in-factory network 11, the router 145 relays the
establishment completion notification to the gateway device
110. This session establishment operation allows the
server device 210 and the gateway device 110 to be
30 connected via the network all the time. Thereafter,
communication between the server device 210 and the gateway
device 110 becomes possible using this session.
[0040] The production-device-connection-control-unit 111
19
of the gateway device 110 transmits a device connection
availability confirmation to the production device 130
connectable via a network such as a wired LAN or a wireless
LAN (step S15). Searching for the connectable production
5 device 130 may be performed from the gateway device 110 by
using an echo message of ICMP which is a general technique,
may be performed by using UPnP, or may be performed using
other methods.
[0041] The production device 130 transmits a device
10 connection availability response to the gateway device 110
(step S16). When the echo message of ICMP is received in
step S15, echo reply message is transmitted as the device
connection availability response. The production-deviceconnection-control-unit 111 of the gateway device 110
15 acquires a MAC address and an IP address of the production
device 130 included in the received device connection
availability response, and registers the MAC address and IP
address in the connection device information of the
connection-device-information-storage-unitdevice20 information-storage-unit 112. This allows the gateway
device 110 to recognize a device connectable to the gateway
device 110.
[0042] The production-device-connection-control-unit 111
of the gateway device 110 transmits a device identifier
25 request for requesting transmission of a device identifier,
to the production device 130 that has sent the device
connection availability response (step S17). The
production device 130 having the device identifier
transmits a device identifier response including the device
30 identifier, to the gateway device 110 (step S18). In one
example, the production-device-connection-control-unit 111
of the gateway device 110 acquires a MAC address and a
device identifier of a transmission source of the device
20
identifier response, and registers the device identifier in
association with the device MAC address in the connection
device information.
[0043] The server connection control unit 114 of the
5 gateway device 110 transmits device information
registration including the device identifier included in
the device identifier response, to the server device 210
(step S19). This operation allows the device management
unit 212 of the server device 210 to register the device
10 identifier included in the device information registration,
in the device information of the device-informationstorage-unit 213. At this time, in the device information,
a gateway ID of the transmission source gateway device 110
is registered in the gateway ID, and a device name is also
15 registered when there is the device name. Thereafter, the
connection control unit 211 of the server device 210
transmits a registration acceptance response to the gateway
device 110 (step S20).
[0044] Thereafter, when connecting to the production
20 device 130 for which the device identifier is registered in
the preparation, the external terminal 310 transmits a
device connection request including the device identifier
of the target production device 130 to the server device
210 (step S21). The device connection request is a request
25 for establishing a session in the server device 210, and is
also a request for connecting to the production device 130
through the session.
[0045] Upon receiving the device connection request, the
device management unit 212 of the server device 210
30 acquires the device identifier from the device connection
request, and determines whether the acquired device
identifier is included in the device information of the
device-information-storage-unit 213. That is, the device
21
management unit 212 determines whether the acquired device
identifier matches the device identifier included in the
device information. When the acquired device identifier
does not match the device identifier included in the device
5 information, the device management unit 212 does not permit
the device connection request by the external terminal 310.
Whereas, when the acquired device identifier matches the
device identifier included in the device information, the
connection control unit 211 establishes a session between
10 the external terminal 310 and the server device 210. Then,
the connection control unit 211 transmits a connection
acceptance response to the external terminal 310 (step S22).
[0046] At this time, the connection control unit 211
refers to the device information, acquires the gateway
15 device 110 having the gateway ID corresponding to the
device identifier, and requests the acquired gateway device
110 to establish a session between the gateway device 110
and the production device 130. This causes establishment
of a session between the gateway device 110 and the
20 production device 130.
[0047] The server device 210 acquires the gateway ID
corresponding to the device identifier included in the
device connection request from the device information, and
associates a session established between the server device
25 210 and the gateway device 110 corresponding to the gateway
ID, and a session established between the external terminal
310 and the server device 210. In addition, in the gateway
device 110, a session between the gateway device 110 and
the production device 130 is associated with a session
30 between the gateway device 110 and the server device 210.
This causes establishment of a session from the external
terminal 310 to the production device 130. That is, the
production device 130 and the external terminal 310 are in
22
a communicable state.
[0048] In this state, in communicating from the external
terminal 310 to the production device 130, the external
terminal 310 transmits any data to the server device 210.
5 At this time, the server device 210 and the gateway device
110 relay any data by using the established session, and
any data is sent to the production device 130 (step S23).
[0049] Similarly, in communicating from the production
device 130 to the external terminal 310, the production
10 device 130 transmits any data to the gateway device 110.
At this time, the gateway device 110 and the server device
210 relay any data by using the established session, and
any data is transmitted to the external terminal 310 (step
S24).
15 [0050] When the external terminal 310 disconnects the
communication with the production device 130, the external
terminal 310 transmits a device disconnection request to
the server device 210 (step S25). Upon receiving the
device disconnection request from the external terminal 310,
20 the connection control unit 211 of the server device 210
transmits a disconnection acceptance response to the
external terminal 310 (step S26). At this time,
communication between the external terminal 310 and the
production device 130 is shut off.
25 [0051] FIG. 8 is a flowchart illustrating an example of
an operation of the server device included in the remote
system according to the first embodiment. It is assumed
that the connection control unit 211 is in a connection
standby state (step S51). In this state, upon receiving a
30 request from the gateway device 110 or the external
terminal 310 (step S52), the connection control unit 211
determines a type of the request (step S53).
[0052] When the request is a session establishment
23
request from the gateway device 110 (in a case of a session
establishment request in step S53), the connection control
unit 211 generates a gateway device communication session
(step S54). In addition, the connection control unit 211
5 generates a thread or a process for gateway device
communication (step S55).
[0053] Next, the connection control unit 211 allocates
the gateway device communication session to the thread or
the process for gateway device communication (step S56).
10 Then, the connection control unit 211 transmits the
establishment completion notification to the gateway device
110 (step S57), and the processing returns to step S51.
[0054] When the request is device information
registration from the gateway device 110 (in a case of
15 device information registration in step S53), the device
management unit 212 registers the device identifier
included in the received device information registration
into the device information (step S61). Thereafter, the
connection control unit 211 transmits a registration
20 acceptance response to the gateway device 110 (step S62),
and the processing returns to step S51.
[0055] When the request is a device connection request
from the external terminal 310 (in a case of a device
connection request in step S53), the device management unit
25 212 acquires the device identifier from the device
connection request (step S71), and determines whether the
acquired device identifier is included in the device
information (step S72). When the device identifier is not
included in the device information (No in step S72), the
30 device connection request is determined to be invalid.
Then, the processing returns to step S51.
[0056] Further, when the device identifier is included
in the device information (Yes in step S72), the connection
24
control unit 211 generates an external terminal
communication session (step S73). Furthermore, the
connection control unit 211 generates a thread or a process
for external terminal communication (step S74).
5 [0057] Next, the connection control unit 211 allocates
the external terminal communication session to the thread
or the process for external terminal communication (step
S75). Thereafter, the connection control unit 211
transmits a connection acceptance response to the external
10 terminal 310 (step S76), and the processing returns to step
S51.
[0058] When the request is for communication between the
external terminal 310 and the production device 130 (in a
case of communication between the external terminal and the
15 production device in step S53), the connection control unit
211 generates a thread or a process for communication
between the external terminal 310 and the gateway device
110 (step S81). Next, the connection control unit 211
allocates the thread or the process for gateway device
20 communication to the thread or the process for
communication between the external terminal 310 and the
gateway device 110 (step S82).
[0059] Furthermore, the connection control unit 211
allocates the thread or the process for external terminal
25 communication, to the thread or the process for
communication between the external terminal 310 and the
gateway device 110 (step S83). As a result, the session
between the external terminal 310 and the server device 210
is connected to the session between the server device 210
30 and the gateway device 110. Thereafter, the connection
control unit 211 starts a communication relay operation
between the external terminal 310 and the gateway device
110 (step S84). Then, the processing returns to step S51.
25
In this manner, the gateway device 110 refers to the
established session and the connection-device-informationstorage-unit 112, determines the production device 130
which is a connection target and relays data.
5 [0060] When the request is a device disconnection
request (in a case of a device disconnection request in
step S53), the connection control unit 211 ends the
communication relay operation between the external terminal
310 and the gateway device 110 (step S91). Thereafter, the
10 connection control unit 211 transmits a disconnection
acceptance response to the external terminal 310 (step S92),
and the processing returns to step S51.
[0061] Here, when a session establishment request is
issued from the server device 210 to the gateway device 110
15 not from the gateway device 110 to the server device 210,
the network device does not allow the session establishment
request to reach the gateway device 110. Further, in order
to enable the server device 210 to issue the session
establishment request to the gateway device 110, it is
20 necessary to perform setting to permit the network device
to access the inside of the in-factory network 11 from the
outside. In this case, the network device can access the
in-factory network 11 by the external terminal 310 owned by
a third party, and security can no longer be maintained.
25 [0062] In the remote system 1 according to the first
embodiment, the in-factory network 11 that includes the
production device 130 and the gateway device 110, the
server device 210, and the external terminal 310 are
connected via the wide area network 40, and the in-factory
30 network 11 is connected to the wide area network 40 via the
network device that relays connection from the inside to
the outside and shuts off connection from the outside to
the inside. The gateway device 110 issues a session
26
establishment request to the server device 210 to establish
a session between the gateway device 110 and the server
device 210. The server device 210 holds device information
including device identification information of the
5 production device 130 the device identification information
of which is registered. The server device 210 is adapted
to check whether the device identification information
included in a device connection request is included in the
device information when the server device 210 receives the
10 device connection request from the external terminal 310.
When the device identification information is included in
the device information, the server device 210 is adopted to
establish a session between the server device 210 and the
external terminal 310, and further link the session between
15 the server device 210 and the external terminal 310 and the
session between the server device 210 and the gateway
device 110 connected to the target production device 130.
As a result, it is possible to implement remote access from
the external terminal 310 to the production device 130
20 without requiring a change in configuration of the existing
in-factory network 11 in the factory 10 and in setting of
the network device such as the router 145. Further, since
setting change of the network device is unnecessary, it is
possible to reduce the number of setting man-hours for
25 communication setting and the number of verification manhours for verification work for the communication setting
by a person having knowledge of the network and information
security, and to reduce or prevent setting errors.
[0063] More specifically, in initial setting of most
30 commercially available network devices, connection from an
inside to an outside of a network is permitted, and
conversely, connection from the outside to the inside of
the network is rejected from the viewpoint of information
27
security. In conventional techniques such as Patent
Literature 1, initial setting for rejecting connection from
the outside to the inside has been changed in order to
implement existing remote access in the network device.
5 [0064] Whereas, in the remote system 1 according to the
first embodiment, a session establishment request is made
from the gateway device 110 inside the factory 10 to the
server device 210 outside the factory 10. That is, it is
not necessary to change the initial setting of the network
10 device. Furthermore, from the viewpoint of information
security, setting for accepting connection from the outside
is not performed on the router 145 on the factory 10 side.
Therefore, without special setting of the network device,
it becomes possible to easily prevent access of an external
15 terminal owned by a third party to the production device
130 while relaying communication between the external
terminal 310 owned by the user and the production device
130.
[0065] Further, in the first embodiment, communication
20 between the external terminal 310 and the production device
130 is performed by socket communication with transmission
control protocol/Internet protocol (TCP/IP) or the like,
that is, communication using a session. Therefore, it is
possible to support any communication standard compatible
25 with IP and to implement remote access to devices other
than the PLC.
[0066] In the first embodiment, the external terminal
310, the server device 210 of the cloud system 20, and the
production device 130 have a device identifier for uniquely
30 identifying the production device 130. When the external
terminal 310 is connected to the production device 130, the
server device 210 compares the device identifiers of the
external terminal 310 and the production device 130 and
28
then relays communication between the both sides, to
implement remote access. This enables remote access to be
easily performed between the external terminal 310 and the
production device 130 without inputting connection
5 destination information such as an IP address or a port
number. That is, the user can perform remote access
without managing network information including the IP
address and the port number.
[0067] By using the device identifier, the external
10 terminal 310 can be connected without selecting a target
from a plurality of production devices 130. Connection is
not permitted to the external terminal 310 that has made a
device connection request including a device identifier not
registered in the server device 210, so that it is possible
15 to prevent access to the production device 130 of the infactory network 11 by a third party who does not know the
device identifier. As described above, in the remote
system 1 according to the first embodiment, even a user who
does not have knowledge of information security can
20 implement remote access safely and easily without changing
setting of an existing network device.
[0068] Conventionally, a technique is known in which a
session is established between a production device in a
factory and a data center by WebSocket communication, and a
25 mobile terminal remotely accesses the production device in
the factory via the data center. In this technique, the
production device has a function of establishing a session
as a precondition, and remote access cannot be made to the
production device that does not have the function of
30 establishing a session. However, in the first embodiment,
since the gateway device 110 not the production device 130
establishes a session, the production device 130 may not
have the function of establishing a session. That is, in
29
order to establish a session between the server device 210
and the gateway device 110 and perform any communication
with the production device 130 through the gateway device
110, remote access can be performed even in the production
5 device 130 having no mechanism for establishing a session.
[0069] Second Embodiment.
In the first embodiment, the external terminal 310 has
generated a device identifier, and registered the device
identifier in the production device 130. In a second
10 embodiment, a case where the production device 130 has a
function of generating a device identifier will be
described.
[0070] Since a configuration of the remote system 1
according to the second embodiment is similar to that
15 described in the first embodiment, the description thereof
will be omitted. However, the production device 130 has a
function of generating a device identifier. In addition,
the connection control unit 211 of the server device 210
has a function of displaying device information in the
20 device-information-storage-unit 213 in a form of a list on
the external terminal 310, in accordance with a request
from the external terminal 310.
[0071] FIG. 9 is a sequence diagram illustrating an
example of a procedure of a remote connection method in the
25 remote system according to the second embodiment. Note
that, hereinafter, parts identical to those in FIG. 7 of
the first embodiment will not be described, and different
parts will be described. In addition, here, it is assumed
that no device identifier is written in the production
30 device 130.
[0072] In the second embodiment, the production device
130 has a function of generating a device identifier, so
that generation of a device identifier by the external
30
terminal 310 and registration of the device identifier in
the production device 130 in steps S11 to S12 in FIG. 7 are
not performed.
[0073] Upon receiving a device connection availability
5 confirmation by the gateway device 110 in step S15, the
production device 130 generates a device identifier when
the device identifier is not written in the internal
storage unit (step S11a). The generated device identifier
is written in a storage unit inside the production device
10 130. Thereafter, the production device 130 transmits a
device connection availability response to the gateway
device 110 (step S16).
[0074] Note that, here, the generation of the device
identifier in step S11a is performed after the device
15 connection availability confirmation in step S15 is
received, but may be after the device connection
availability response in step S16 is transmitted or after
the device identifier request in step S17 is received.
[0075] Further, the gateway device 110 registers the
20 connection device information for the production device 130
after receiving the device connection availability response
in step S16 and receiving the device identifier response in
step S18, but the device name of the production device 130
may not be registered at this point. In this case,
25 information on the production device 130 is registered in
the device information on the server device 210 while the
device name is not registered.
[0076] In the first embodiment, the external terminal
310 has transmitted the device connection request including
30 the device identifier to the server device 210. However,
in the second embodiment, the external terminal 310 does
not have information on the device identifier of the
production device 130. Therefore, the external terminal
31
310 transmits a device list acquisition request to the
server device 210 before the device connection request in
step S21 (step S111). Upon receiving the device list
acquisition request, the connection control unit 211 of the
5 server device 210 transmits a device list response
including the connection device information, which is
information regarding the production device 130 connectable
to the external terminal 310 and has been extracted from
the device information of the device-information-storage10 unit 213, to the external terminal 310 (step S112).
[0077] The external terminal 310 displays a connection
device selection screen on the display unit by using the
connection device information included in the device list
response. FIG. 10 illustrates an example of the connection
15 device selection screen. A connection device selection
screen 500 includes a device list display area 510 and a
connection button 520.
[0078] In the device list display area 510, device list
information, which is information that can specify the
20 production device 130 in the connection device information,
is displayed. In one example, the device list information
is list data including a device name, a device host name,
and a gateway name as items. The device name, the device
host name, and the gateway name are similar to those
25 described above. A combination of the device name, the
device host name, and the gateway name in the device list
information is referred to as a record 511. In the device
list information illustrated in FIG. 10, the user of the
external terminal 310 can select any record 511. Note that
30 the connection device information includes a device
identifier associated with the record 511 of the device
list information, in addition to information indicated in
the device list information.
32
[0079] The connection button 520 is a button for
transmitting, to the server device 210, a device connection
request of the record 511 selected in the device list
information to the production device 130. At this time, a
5 device identifier corresponding to the selected record 511
is extracted from the connection device information, and
the device connection request includes the extracted device
identifier.
[0080] Returning to FIG. 9, when the user of the
10 external terminal 310 presses the connection button 520
while selecting one record 511 in the device list
information, the device connection request in step S21 is
executed. Here, the device identifier included in the
device connection request has been selected from the device
15 list response including the connection device information
transmitted from the server device 210 to the external
terminal 310. Therefore, when the device management unit
212 of the server device 210 receives the device connection
request, a process similar to the process of collating the
20 device identifier for identifying the target production
device 130 designated by the external terminal 310 with the
device identifier set in the production device 130 is
performed. Thereafter, the processing is similar to that
in FIG. 7.
25 [0081] Note that, in FIG. 10, there are a plurality of
records 511 having an identical device host name and
gateway name and having an unset device name. When the
production device 130 of one record is selected and
connected, the user who uses the external terminal 310 does
30 not know to which one of the production devices 130 at the
site the external terminal 310 is connected. Therefore, in
the second embodiment, an environment is provided in which
the user can grasp whether connection to the target
33
production device 130 has been established.
[0082] An example of a method of grasping whether
connection to the target production device 130 has been
established via remote communication is checking actual
5 machine information, which is information on a device
constituting the production device 130, by using an
engineering tool introduced into the external terminal 310.
An example of the actual machine information is a
combination of a model name and manufacturing information
10 of the production device 130. That is, the engineering
tool of the external terminal 310 reads configuration
information including the model name and the manufacturing
information of the production device 130, and outputs the
configuration information to the display unit (not
15 illustrated). The engineering tool is an application for
setting the production device 130 on the basis of an input
from a user. By comparing actual machine information held
by the user and regarding the target production device 130
with the actual machine information acquired by the
20 engineering tool, the user can check whether or not
connection to the target production device 130 has been
established.
[0083] Another example of the method of grasping whether
connection to the target production device 130 has been
25 established via remote communication is checking project
information read from the production device 130 by using an
engineering tool introduced into the external terminal 310.
The project information is information for controlling the
production device 130. The project information includes a
30 program executed by the production device 130, a parameter
used when the production device 130 executes the program, a
label that is a variable whose value changes according to a
state of each device controlled by the production device
34
130, and the like. That is, the engineering tool of the
external terminal 310 reads project information including
the program, the parameter, and the label, and outputs the
project information to a display unit (not illustrated).
5 By comparing a program, a parameter, a label, and the like
involved in creating, with the program, the parameter, the
label, and the like acquired by the engineering tool, the
user can check whether or not connection to the target
production device 130 has been established.
10 [0084] Another example of the method of grasping whether
connection to the target production device 130 has been
established via remote communication is checking an
operation of a control target controlled by the production
device 130 using a camera installed in the factory 10 to
15 make a decision. FIG. 11 is a diagram illustrating an
example of a configuration of a remote system according to
the second embodiment. Note that components identical to
those in FIG. 1 are denoted by the identical reference
numerals, and the description thereof will be omitted. The
20 remote system 1 of FIG. 11 further includes a robot arm 131
that is a control target connected to each of the two
production devices 130, and a camera 133 capable of imaging
the robot arms 131. One camera 133 may be arranged at a
position where two robot arms 131 can be imaged
25 simultaneously, or two cameras 133 may be installed and
each arranged at a position where a region including
corresponding one of the robot arms 131 can be imaged.
Furthermore, the camera 133 is connected to the in-factory
network 11, and connectable to the external terminal 310.
30 The external terminal 310 has a function of causing
execution of a program of the production device 130
selected from a list, and displaying an image imaged by the
camera 133 and including the operation of the robot arm 131
35
of the selected production device 130 on a display unit
(not illustrated).
[0085] In one example, the user of the external terminal
310 edits and executes a program for controlling the robot
5 arm 131 online, by using an engineering tool introduced
into the external terminal 310. Then, depending on whether
or not the operation of the robot arm 131 imaged by the
camera 133 is operating in accordance with the edited
program, the user can check whether or not the connection
10 to the target production device 130 has been established.
[0086] In the case of the three examples described above,
when the external terminal 310 is not connected to the
target production device 130, the external terminal 310 may
simply transmit a device disconnection request to the
15 server device 210 and execute the processing of step S111
and the subsequent steps. Note that the method illustrated
here is an example, and whether or not the connection to
the target production device 130 has been established may
be grasped by another method.
20 [0087] In the second embodiment, the production device
130 generates a device identifier. Therefore, as compared
with the case of the first embodiment, it is possible to
obtain an effect of being able to omit the preparation
performed by the user carrying the external terminal 310 to
25 a target production facility of the factory 10, in addition
to the effect of the first embodiment.
[0088] Further, the first embodiment and the second
embodiment may be combined. That is, the in-factory
network 11 may include: the production device 130 that can
30 generate a device identifier by itself; and the production
device 130 in which a device identifier is written in the
preparation. In this case, the connection device
information regarding: the production device 130 in which a
36
device identifier is written in the preparation as in the
first embodiment; and the production device 130 that
generates a device identifier by itself as in the second
embodiment, is included in the device list response and
5 transmitted to the external terminal 310. Since the record
511 of the production device 130 in which the device
identifier is written is displayed on the connection device
selection screen 500, the user of the external terminal 310
can select the production device 130 desired to be accessed
10 from the connection device selection screen 500.
[0089] Third Embodiment.
In the second embodiment, the case where the
production device 130 has the function of generating the
device identifier has been described as an example.
15 However, the number of production devices 130 is large, and
updating the production device 130 having the function of
generating the device identifier may be difficult in terms
of cost and work. Therefore, in a third embodiment, the
remote system 1 including the production device 130 that
20 does not support generation and registration of a device
identifier will be described.
[0090] Since a configuration of the remote system 1
according to the third embodiment is similar to that
described in the first embodiment, the description thereof
25 will be omitted. However, the production-deviceconnection-control-unit 111 of the gateway device 110
further has a function of generating a device identifier of
the production device 130 connected to the in-factory
network 11 and registering the device identifier in the
30 connection device information. Further, the production
device 130 does not have a function of transmitting the
device identifier to the gateway device 110.
[0091] FIG. 12 is a sequence diagram illustrating an
37
example of a procedure of a remote connection method in the
remote system according to the third embodiment. Note that,
hereinafter, parts identical to those in FIG. 7 of the
first embodiment FIG. 9 of the second embodiment will not
5 be described, and different parts will be described.
[0092] In the third embodiment, since the production
device 130 does not have a device identifier, the
production device 130 does not support a communication
scheme using the device identifier. Specifically, the
10 processing in which the gateway device 110 transmits the
device identifier request to the production device 130 in
step S17 in FIGS. 7 and 9, and the processing in which the
production device 130 returns the device identifier
response to the gateway device 110 in step S18 are not
15 performed.
[0093] Therefore, after receiving the device connection
availability response from the production device 130 in
step S16, the production-device-connection-control-unit 111
of the gateway device 110 generates a device identifier for
20 the production device 130 that does not have a device
identifier in the connection device information of the
connection-device-information-storage-unit 112 (step S11b).
Further, the production-device-connection-control-unit 111
of the gateway device 110 allocates the generated device
25 identifier to the production device 130 in the connection
device information (step S121).
[0094] When the device identifier is generated, the
processing of step S19 and the subsequent steps of
registering the generated device identifier in the server
30 device 210 is performed.
[0095] In the third embodiment, the gateway device 110
generates and manages the device identifier of the
production device 130. Therefore, even when the production
38
device 130 does not support generation and registration of
a device identifier, remote access from the external
terminal 310 to the production device 130 is enabled, and
effects similar to those of the first and second
5 embodiments can be obtained.
[0096] Further, the first to third embodiments may be
combined. In this case, the in-factory network 11 may
include: the production device 130 in which a device
identifier is written in the preparation as in the first
10 embodiment; the production device 130 that generates a
device identifier by itself as in the second embodiment;
and the production device 130 that does not support
generation and transmission of the device identifier as in
the third embodiment in which the gateway device 110
15 generates and manages the device identifier. In this case,
the connection device information on these production
devices 130 is included in the device list response, and
transmitted to the external terminal 310. Since the record
511 of the production device 130 in which the device
20 identifier is written is displayed on the connection device
selection screen 500, the user of the external terminal 310
can select the production device 130 desired to be accessed
from the connection device selection screen 500.
[0097] Fourth Embodiment.
25 In the second and third embodiments, a case has been
described in which the device list response is returned to
the external terminal 310 that has transmitted the device
list acquisition request to the server device 210.
Normally, only the external terminal 310 owned by a person
30 involved in the factory 10 can be connected to the server
device 210, but the external terminal 310 of a third party
may attempt to connect to the server device 210. In this
case, the third party can access the production device 130.
39
In a fourth embodiment, a technique for preventing access
to the production device 130 from the external terminal 310
of a third party that can be connected to the server device
210 will be described.
5 [0098] Since a configuration of the remote system 1
according to the fourth embodiment is similar to that
described in the first embodiment, the description thereof
will be omitted. FIG. 13 is a diagram illustrating an
example of a functional configuration of a remote system
10 according to the fourth embodiment. Note that components
identical to those in FIG. 2 of the first embodiment are
denoted by the identical reference numerals, and the
description thereof will be omitted.
[0099] In the remote system 1 according to the fourth
15 embodiment, a configuration of the server device 210 is
different from those of the first to third embodiments.
The server device 210 further includes a user information
storage unit 215, an access control information storage
unit 216, and an access control unit 217.
20 [0100] The user information storage unit 215 stores user
information, which is information regarding a user who has
the external terminal 310. FIG. 14 illustrates an example
of the user information. The user information is
information in which a user ID, a user PW, a user name, and
25 an access token are associated with one another. The user
ID is identification information for identifying the user.
The user PW is a password set for the user ID. The user
name is a name given to the user having the user ID. The
access token is authentication information issued to the
30 user authenticated as the user.
[0101] The access control information storage unit 216
stores access control information, which is information
defining access authority of the user to access the
40
production device 130. The access control information can
be set for each production device 130 and each gateway
device 110.
[0102] FIG. 15 illustrates an example of the access
5 control information in a case where access authority is set
for each production device. The access control information
includes, as items, a user ID, an access authority, and a
device identifier. The access control information is
information in which the user ID, the access authority, and
10 the device identifier are associated with one another. For
the access authority, “permitted” is set when access is
possible, and “rejected” is set when access is not possible.
In the access control information, whether to permit or
reject the user registered in the user ID to access the
15 production device 130 indicated by the device identifier is
set.
[0103] FIG. 16 illustrates an example of the access
control information when access authority is set for each
gateway device. The access control information includes,
20 as items, a user ID, an access authority, and a gateway ID.
The access control information is information in which the
user ID, the access authority, and the gateway ID are
associated with one another. In the access control
information, whether to permit or reject the user
25 registered in the user ID to access the gateway device 110
indicated by the gateway ID is set.
[0104] Note that, when user's access to the production
device 130 is set to be rejected by default, the item of
the access authority in FIGS. 15 and 16 can be made
30 unnecessary. In this case, a combination of the user ID
permitted to access and the device identifier of the
production device 130 or the gateway ID of the gateway
device 110 is registered in the access control information.
41
[0105] The access control information storage unit 216
holds two pieces of information, that is, the access
control information in which access authority is set for
each production device 130 and the access control
5 information in which access authority is set for each
gateway device 110. A priority order of the access control
information in which access authority is set for each
production device 130 is higher than that of the access
control information in which access authority is set for
10 each gateway device 110. That is, basically, the access
authority is set in the access control information in which
access authority is set for each gateway device 110, and
detailed control is set in the access control information
in which access authority is set for each production device
15 130.
[0106] The access control unit 217 authenticates the
gateway device 110 with reference to gateway information,
and authenticates the user of the external terminal 310
with reference to user information. Specifically, when the
20 access control unit 217 receives, from the gateway device
110, a gateway authentication request including gateway
authentication information which is information for
authenticating the gateway device 110, the access control
unit 217 compares the gateway information with the gateway
25 authentication information included in the gateway
authentication request. As a result of collation, when the
gateway authentication information is registered in the
gateway information, that is, when the gateway device 110
is the authorized gateway device 110, the access control
30 unit 217 issues an access token. Then, the connection
control unit 211 allows establishment of a session between
the server device 210 and the gateway device 110. Whereas,
if the gateway authentication information is not registered
42
in the gateway information as a result of collation, that
is, when the gateway device 110 is not the authorized
gateway device 110, the connection from the gateway device
110 is not accepted. An example of the gateway
5 authentication information is a gateway ID and a gateway PW.
[0107] Further, when the access control unit 217
receives, from the external terminal 310, a user
authentication request including user authentication
information which is information for authenticating the
10 user, the access control unit 217 compares the user
information with the user authentication information
included in the user authentication request. As a result
of collation, when the user authentication information is
registered in the user information, that is, when the user
15 is an authorized user, the access control unit 217 issues
an access token. Then, the connection control unit 211
allows the external terminal 310 used by the user to access
the production device 130. Whereas, if the user
authentication information is not registered in the user
20 information as a result of collation, that is, when the
user is not an authorized user, connection from the
external terminal 310 is not accepted. An example of the
user authentication information is a user ID and a user PW.
[0108] In the fourth embodiment, the gateway information
25 in the gateway information storage unit 214 of the server
device 210 and the connection setting information in the
connection-setting-information-storage-unit 113 of the
gateway device 110 are different from those described in
the first embodiment.
30 [0109] FIG. 17 illustrates an example of the gateway
information. As compared with FIG. 6 of the first
embodiment, an item of an access token is added. In the
item of the access token, an access token issued by the
43
access control unit 217 to the gateway device 110 that has
made the gateway authentication request, is stored in
association with the gateway device 110 that has made the
gateway authentication request.
5 [0110] FIG. 18 illustrates an example of the connection
setting information. As compared with FIG. 4 of the first
embodiment, an access token is added to the setting item,
and a value of the corresponding access token is stored in
the setting value. After authentication by the server
10 device 210 is completed, the server connection control unit
114 of the gateway device 110 communicates with the server
device 210, including the access token.
[0111] FIG. 19 is a sequence diagram illustrating an
example of a procedure of a remote connection method in the
15 remote system according to the fourth embodiment. Note
that, hereinafter, parts identical to those in FIG. 7 of
the first embodiment will not be described, and different
parts will be described.
[0112] Before the session establishment request in step
20 S13, the server connection control unit 114 of the gateway
device 110 transmits a gateway authentication request
including gateway authentication information which is
information for gateway authentication, to the server
device 210 (step S131). An example of the gateway
25 authentication information is a gateway ID and a gateway PW.
In one example, the gateway authentication information is
stored in the connection setting information of the
connection-setting-information-storage-unit 113, but may be
stored according to another method.
30 [0113] When the access control unit 217 of the server
device 210 receives the gateway authentication request, the
access control unit 217 checks whether the gateway
authentication information in the gateway authentication
44
request indicates the gateway device 110 registered in the
gateway information. When the access control unit 217 can
confirm as the registered gateway device 110, the access
control unit 217 generates an access token for omitting
5 subsequent gateway authentication, and transmits a gateway
authentication response including the access token to the
gateway device 110 (step S132). The access control unit
217 registers the generated access token, into the record
of the corresponding gateway device 110 in the gateway
10 information of the gateway information storage unit 214.
Note that the access token may be managed according to
another method as long as the access token can be
associated with the gateway device 110 that has been
authenticated.
15 [0114] Upon receiving the gateway authentication
response, the server connection control unit 114 of the
gateway device 110 registers the access token included in
the gateway authentication response, into the connection
setting information of the connection-setting-information20 storage-unit 113. The server connection control unit 114
of the gateway device 110 includes the access token in
subsequent communication with the server device 210.
Therefore, when establishing a session, the server
connection control unit 114 transmits a session
25 establishment request including the access token (step
S13c). The access control unit 217 of the server device
210 verifies the access token included in the session
establishment request, and transmits the gateway
authentication response in step S14 to the gateway device
30 110 when the access control unit 217 has confirmed that the
gateway device 110 is an authorized one.
[0115] Further, when registering the device information,
the server connection control unit 114 of the gateway
45
device 110 transmits the device information registration
including the access token (step S19c). The access control
unit 217 of the server device 210 verifies the access token
included in the device information registration, and
5 transmits the registration acceptance response in step S20
to the gateway device 110 when the access control unit 217
has confirmed that the gateway device 110 is an authorized
one.
[0116] Note that the session establishment request may
10 also serve as the gateway authentication request in step
S131. In this case, the server connection control unit 114
of the gateway device 110 transmits the session
establishment request including the gateway authentication
information in step S13 of FIG. 7. Similarly, the
15 establishment completion notification may be combined with
the gateway authentication response of step S132. In this
case, the connection control unit 211 of the server device
210 transmits the establishment completion notification
including the access token in step S14 of FIG. 7.
20 [0117] In addition, before the device connection request
in step S21, the external terminal 310 transmits, to the
server device 210, a user authentication request including
user authentication information which is information for
user authentication (step S133). An example of the user
25 authentication information is constituted by a user ID and
a user password.
[0118] Upon receiving the user authentication request,
the access control unit 217 of the server device 210 checks
whether the user authentication information in the user
30 authentication request indicates a user registered in the
user information. When the access control unit 217 has
confirmed that the user corresponds to a user registered in
the user information, the access control unit 217 generates
46
an access token for omitting subsequent user authentication.
Then, the access control unit 217 transmits a user
authentication response including the access token to the
external terminal 310 (step S134). The access control unit
5 217 registers the generated access token, into the record
of the corresponding user in the user information of the
user information storage unit 215. Note that the access
token may be managed according to another method as long as
the access token can be associated with the user who has
10 been authenticated.
[0119] When the external terminal 310 receives the user
authentication response, the external terminal 310 includes,
in subsequent communication with the server device 210, the
access token included in the user authentication response.
15 Therefore, when making a request for device connection, the
external terminal 310 transmits the device connection
request including the access token to the server device 210
(step S21c). The access control unit 217 of the server
device 210 verifies the access token included in the device
20 connection request, and transmits a connection acceptance
response in step S22 to the external terminal 310 when the
access control unit 217 has confirmed that the user is an
authorized user. Note that the access control unit 217 of
the server device 210 may perform authorization not only by
25 authenticating the user but also by setting the gateway
device 110 and the production device 130 to be permitted
for connection, in the access control information.
[0120] In addition, when requesting device disconnection,
the external terminal 310 transmits the device
30 disconnection request including the access token, to the
server device 210 (step S25c). The access control unit 217
of the server device 210 verifies the access token included
in the device disconnection request, and transmits the
47
disconnection acceptance response in step S26 to the
external terminal 310 when the access control unit 217 has
confirmed that the user is an authorized user.
[0121] Note that the device connection request may be
5 combined with the user authentication request in step S133.
In this case, the external terminal 310 transmits the
device connection request including the user authentication
information in step S21 of FIG. 7. Similarly, the
connection acceptance response may be combined with the
10 user authentication response in step S134. In this case,
the connection control unit 211 of the server device 210
transmits the connection acceptance response including the
access token in step S22 of FIG. 7.
[0122] In the above description, the operation of
15 authentication and authorization using the access token is
taken as an example, but other techniques for performing
authentication and authorization may be used.
[0123] In the fourth embodiment, by performing user
authentication of the external terminal 310 and
20 authentication of the gateway device 110, it is possible to
authenticate and authorize that the users of the external
terminal 310 and the gateway device 110 are authorized
users. As a result, there is an effect of being able to
enhance security, as compared with the cases of the first
25 to third embodiments.
[0124] Further, in the above description, a case has
been described as an example in which the user
authentication of the external terminal 310 and the
authentication of the gateway device 110 are applied to the
30 first embodiment, but similar effects can be obtained even
when the user authentication of the external terminal 310
and the authentication of the gateway device 110 are
applied to the second and third embodiments.
48
[0125] Fifth embodiment.
In a fifth embodiment, a case will be described in
which the remote system 1 is applied to an environment in
which countermeasures from the viewpoint of information
5 security are enhanced by using a firewall, an unauthorized
intrusion detection system (IDS), an unauthorized intrusion
prevention system (IPS), or a web application firewall
(WAF).
[0126] FIG. 20 is a diagram schematically illustrating
10 an example of a configuration of a remote system according
to the fifth embodiment. Note that components identical to
those in FIG. 1 of the first embodiment are denoted by the
identical reference numerals, and the description thereof
will be omitted. In the remote system 1 of the fifth
15 embodiment, a device for improving countermeasures in terms
of information security is further provided in each of the
in-factory network 11, the cloud system 20, and the
external facility 30 of the first embodiment. Examples of
countermeasures for information security include setting of
20 port forwarding to the routers 145, 245, and 345, setting
of a filter to a firewall, and the like.
[0127] The in-factory network 11 includes a firewall 151
disposed between the router 145 and the switching hub 141,
an IPS 152 disposed between the firewall 151 and the
25 switching hub 141, and an IDS 153 disposed in a network to
which the gateway device 110 belongs. The firewall 151 has
a function of blocking an unauthorized packet from the
outside to the inside of the in-factory network 11 and
allowing a permitted packet to pass. The IPS 152 is a
30 device that inspects content of a packet and blocks
unauthorized communication. The IDS 153 is a device that
inspects contents of a packet and detects unauthorized
access and infiltration. Note that FIG. 20 illustrates a
49
case where all of the firewall 151, the IPS 152, and the
IDS 153 are provided in the in-factory network 11, but a
configuration may be adopted in which one or more of these
are provided.
5 [0128] The cloud system 20 further includes a switching
hub 241, a firewall 251, an IPS 252, an IDS 253, and a WAF
254. The server device 210 is connected to the WAF 254,
and the IDS 253 and the WAF 254 are connected via one
switching hub 241. The WAF 254 has a function of
10 protecting a web application that is provided by the server
device 210 and connects the production device 130 with the
external terminal 310, from an attack that abuses
vulnerability of the web application. The firewall 251 is
disposed between the router 245 and the switching hub 241,
15 and the IPS 252 is disposed between the firewall 251 and
the switching hub 241. Note that FIG. 20 illustrates a
case where all of the firewall 251, the IPS 252, the IDS
253, and the WAF 254 are provided in the cloud system 20,
but a configuration may be adopted in which one or more of
20 these are provided.
[0129] The external facility 30 further includes a
switching hub 341, a firewall 351, an IPS 352, and an IDS
353. The external terminal 310 and the IDS 353 are
connected via one switching hub 341. The firewall 351 is
25 disposed between the router 345 and the switching hub 341,
and the IPS 352 is disposed between the firewall 351 and
the switching hub 341. Note that FIG. 20 illustrates a
case where all of the firewall 351, the IPS 352, and the
IDS 353 are provided in the external facility 30, but a
30 configuration may be adopted in which one or more of these
are provided.
[0130] In the firewall 151 in the factory 10 illustrated
in FIG. 20, packet filtering by a stateful inspection
50
function is often performed as a method of preventing
unauthorized access by a third party. The stateful
inspection function is a function of dynamically opening or
closing a port by viewing content of a packet passing
5 through the firewall 151. In this case, the session
establishment request sent from the gateway device 110
inside the factory 10 to the external server device 210 can
pass through the firewall 151 since the session
establishment request is communication to be sent to the
10 outside. Based on a mechanism of the stateful inspection
function, the establishment completion notification in step
S14, which is a response corresponding to the session
establishment request in step S13, can also pass through
the firewall 151.
15 [0131] In addition, even in the firewall 151 that does
not use the stateful inspection function, unless
intentionally set, communication sent to the outside and a
response corresponding thereto can normally pass through
the firewall 151.
20 [0132] In the IDS 153 and the IPS 152 in the factory 10
illustrated in FIG. 20, detecting an unauthorized act from
the outside to the remote system 1 and the in-factory
network 11 is a normal operation, and also in this case,
communication between the gateway device 110 and the server
25 device 210 is not inhibited.
[0133] Similarly to the factory 10, in the firewall 351,
the IDS 353, and the IPS 352 in the external facility 30
illustrated in FIG. 20, communication is not inhibited
regarding communication to the outside, such as
30 communication from the external terminal 310 inside the
external facility 30 to the external server device 210.
[0134] In the firewall 251 in the cloud system 20
illustrated in FIG. 20, a setting is made to permit
51
communication for the remote system 1 transmitted from the
gateway device 110 and the external terminal 310. In
addition, setting for the IDS 253, the IPS 252, and the WAF
254 are performed as necessary so that communication for
5 the remote system 1 is not detected as an unauthorized
behavior.
[0135] Furthermore, in the in-factory network 11, when a
web server is disposed between the router 145 and the
firewall 151, the router 145 is set such that the web
10 server can be accessed from the outside of the in-factory
network 11. In such a case, setting is performed on the
firewall 151, which is a network device, to permit
connection from the inside to the outside of the in-factory
network 11 and reject connection from the outside to the
15 inside. Therefore, in such a case, the firewall 151 has a
function equivalent to that of the router 145 in the first
embodiment.
[0136] As described above, the remote system 1 according
to the fifth embodiment can be applied to a network system
20 in which a device for enhancing countermeasures in terms of
information security is disposed, and used without making a
special setting for the remote system 1. Further, also in
this case, it is possible to establish communication
between the external terminal 310 and the production device
25 130 via the server device 210, without changing settings of
the router 145 disposed between the in-factory network 11
and the wide area network 40, the router 245 disposed
between the cloud system 20 and the wide area network 40,
and the router 345 disposed between the external facility
30 30 and the wide area network 40.
[0137] Sixth Embodiment.
In a sixth embodiment, a configuration will be
described in which redundancy in remote access environment
52
is given to the remote system 1 described in the first
embodiment, in which the production device 130 is given
with a function of the gateway device 110 and used in
combination with the gateway device 110.
5 [0138] FIG. 21 is a diagram schematically illustrating
an example of a configuration of a remote system according
to the sixth embodiment. Note that components identical to
those in FIG. 1 of the first embodiment are denoted by the
identical reference numerals, and the description thereof
10 will be omitted. The remote system 1 of the sixth
embodiment includes a plurality of in-factory networks 11
and 11a in the factory 10. The in-factory network 11 has a
configuration in which the gateway device 110 and one or
more production devices 130 are connected via the switching
15 hub 141, similarly to that described in the first
embodiment. The in-factory network 11a includes a
production device 135 with a gateway function, one or more
production devices 130, and a switching hub 141a. The
switching hub 141a causes the production device 135 with
20 the gateway function and one or more production devices 130
to constitute one in-factory network 11a. Each of the
switching hubs 141 and 141a is connected to the router 145.
[0139] FIG. 22 is a perspective view schematically
illustrating an example of a configuration of a production
25 device with a gateway function to be used in the remote
system according to the sixth embodiment. Note that, in
FIG. 22, a case will be described as an example in which a
control device in the production device 135 with the
gateway function is a PLC. The production device 135 with
30 the gateway function includes a PLC configuration unit 170.
The PLC configuration unit 170 includes a central
processing unit (CPU) unit 171, an input/output (I/O) unit
172, and a gateway unit 173.
53
[0140] The CPU unit 171 performs computation according
to a control program, and controls a control target in the
production device 135 with the gateway function. The I/O
unit 172 inputs and outputs signals to and from a control
5 target, a sensor, and the like. The gateway unit 173 has
the function of the gateway device 110 described in the
first to fifth embodiments. However, the I/O unit 172 and
the gateway unit 173 are not essential in the sixth
embodiment. When the gateway unit 173 is omitted, the
10 gateway unit 173 can be substituted by incorporating a
gateway function 175 in the CPU unit 171. Note that, for
the sake of description, FIG. 22 illustrates a case where
the PLC configuration unit 170 includes the gateway unit
173 and the CPU unit 171 incorporates the gateway function
15 175, but it is sufficient that any one of the gateway unit
173 and the gateway function 175 is provided in practice.
[0141] FIG. 23 is a view schematically illustrating
another example of a configuration of the remote system
according to the sixth embodiment. Note that components
20 identical to those in FIG. 1 of the first embodiment and
FIG. 21 of the sixth embodiment are denoted by the
identical reference numerals, and the description thereof
will be omitted. While FIG. 21 illustrates a case where
the in-factory network 11 and the in-factory network 11a
25 are not connected, in FIG. 23, the in-factory network 11
and the in-factory network 11a are connected via the
switching hub 141b. By adopting such a form, when any one
of the gateway device 110 and the production device 135
with the gateway function fails, communication with the
30 server device 210 can be continued by using another. That
is, redundancy is imparted to communication via the gateway
device 110 and the production device 135 having the gateway
function.
54
[0142] The CPU unit 171 having the gateway function 175
or the gateway unit 173 has a function equivalent to that
of the gateway device 110 described in the first to fifth
embodiments, so that it is possible to relay remote access
5 to devices other than the production device 135 with the
gateway function, such as an HMI and an inverter. In this
case, a communication path has a configuration such that
the gateway unit 173 or the CPU unit 171 having the gateway
function 175 directly communicates with the server device
10 210.
[0143] Further, in the configuration having the
redundancy illustrated in FIG. 23, device information in
the device-information-storage-unit 213 of the server
device 210 has a configuration in which a plurality of
15 devices each having a function of gateway can be registered
for a device identifier of one production device 130. The
connection control unit 211 of the server device 210 may
select a device with a function of gateway that is
installed in a path having the best communication
20 environment such as communication availability from among
paths to the target production device 130, to perform a
relay operation.
[0144] In the above description, it is described that
the PLC configuration unit 170 has the gateway function in
25 the production device 135 with the gateway function as an
example, but other devices such as an inverter may have the
gateway function.
[0145] In the sixth embodiment, the in-factory network
11 including the gateway device 110 and the in-factory
30 network 11a including the production device 135 with the
gateway function are installed in the factory 10. As a
result, the production devices 130 in the factory 10 can be
divided into a plurality of groups for each device having
55
the gateway function. In addition, by connecting the
plurality of in-factory networks 11 and 11a including the
device having a gateway function, it is possible to provide
redundancy to a remote access environment.
5 [0146] Here, a hardware configuration of the gateway
device 110 and the server device 210 will be described.
The gateway device 110 and the server device 210 according
to the first to sixth embodiments are specifically
implemented by a computer system. FIG. 24 is a diagram
10 illustrating an example of a hardware configuration of the
computer system that implements the gateway device and the
server device of the remote system according to the first
to sixth embodiments. As illustrated in FIG. 24, this
computer system 700 includes a control unit 701, a storage
15 unit 702, and a communication unit 703, which are connected
via a system bus 704.
[0147] In FIG. 24, the control unit 701 is, for example,
a CPU or the like. The control unit 701 executes a remote
connection program in which the remote connection method
20 explained in the first to sixth embodiments are described.
The storage unit 702 includes various memories such as a
random access memory (RAM) and a read only memory (ROM),
and a storage device such as a hard disk drive (HDD) or a
solid state drive (SSD), and stores a program to be
25 executed by the control unit 701, necessary data obtained
in a process of processing, and the like. Further, the
storage unit 702 is also used as a temporary storage area
of the program. The communication unit 703 is a
communication circuit or the like that performs
30 communication processing. The communication unit 703 may
include a plurality of communication circuits each of which
supports corresponding one of a plurality of communication
schemes. Note that FIG. 24 is an example, and the
56
configuration of the computer system 700 is not limited to
the example of FIG. 24.
[0148] Here, an operation example of the computer system
700 until a state where the remote connection program
5 according to the first to sixth embodiments becomes
executable will be described. In the computer system 700
having the above-described configuration, for example, the
remote connection program is installed in the storage unit
702 from a CD-ROM or DVD-ROM set in a compact disc (CD)-ROM
10 drive or a digital versatile disc (DVD)-ROM drive (not
illustrated). Then, when the remote connection program is
executed, the remote connection program read from the
storage unit 702 is stored in an area serving as a main
storage device of the storage unit 702. In this state, the
15 control unit 701 executes the remote connection processing
in the gateway device 110 or the server device 210 of the
first to sixth embodiments, in accordance with the remote
connection program stored in the storage unit 702.
[0149] Note that, in the above description, the remote
20 connection program is provided using a CD-ROM or a DVD-ROM
as a recording medium. However, without limiting to this,
for example, a program provided by a transmission medium
such as the Internet via the communication unit 703 may be
used depending on the configuration of the computer system
25 700, a capacity of the program to be provided, and the like.
[0150] The production-device-connection-control-unit 111
and the server connection control unit 114 of the gateway
device 110 illustrated in FIGS. 2 and 13 are implemented by
the control unit 701 of FIG. 24. The connection-device30 information-storage-unitdevice-information-storage-unit 112
and the connection-setting-information-storage-unit 113 of
the gateway device 110 illustrated in FIGS. 2 and 13 are a
part of the storage unit 702 illustrated in FIG. 24.
57
[0151] In addition, the connection control unit 211, the
device management unit 212, and the access control unit 217
of the server device 210 illustrated in FIGS. 2 and 13 are
implemented by the control unit 701 of FIG. 24. The
5 device-information-storage-unit 213, the gateway
information storage unit 214, the user information storage
unit 215, and the access control information storage unit
216 of the server device 210 illustrated in FIGS. 2 and 13
are a part of the storage unit 702 illustrated in FIG. 24.
10 [0152] The configurations illustrated in the above
embodiments illustrate one example and can be combined with
another known technique, and it is also possible to combine
embodiments with each other and omit and change a part of
the configuration without departing from the subject matter
15 of the present disclosure.
Reference Signs List
[0153] 1 remote system; 10 factory; 11, 11a infactory network; 20 cloud system; 30 external facility;
20 40 wide area network; 110 gateway device; 111
production-device-connection-control-unit; 112 connectiondevice-information-storage-unitdevice-information-storageunit; 113 connection-setting-information-storage-unit; 114
server connection control unit; 130 production device; 131
25 robot arm; 133 camera; 135 production device with gateway
function; 141, 141a, 141b, 241, 341 switching hub; 145,
245, 345 router; 151, 251, 351 firewall; 152, 252, 352
IPS; 153, 253, 353 IDS; 170 PLC configuration unit; 171
CPU unit; 172 I/O unit; 173 gateway unit; 175 gateway
30 function; 210 server device; 211 connection control unit;
212 device management unit; 213 device-informationstorage-unit; 214 gateway information storage unit; 215
user information storage unit; 216 access control
58
information storage unit; 217 access control unit; 254
WAF; 310 external terminal.
59
WE CLAIM:
[Claim 1] A remote system for implementing remote
connection to a production device by an external terminal,
wherein
5 a local area network including the production device
and a gateway device, and
a server device to relay communication between the
production device and the external terminal that is an
information communication device
10 are connected via a wide area network,
the remote system comprising:
a network device to permit connection from an inside
to an outside of the local area network and rejects
connection from the outside to the inside of the local area
15 network, the network device being installed at a connection
point of the local area network and the wide area network
or between the connection point and the production device,
wherein
the gateway device includes a server connection
20 control unit to request the server device to establish a
first session between the gateway device and the server
device,
the server device includes:
a device management unit to compare device
25 identification information for identifying a target
production device designated from the external terminal
with the device identification information set in the
production device; and
a connection control unit to establish the first
30 session in response to a request for establishment of the
first session, establish a second session between the
external terminal and the server device when the device
identification information of the target production device
60
matches the device identification information set in the
production device as a result of comparison by the device
management unit, and link the first session and the second
session, and
5 the connection control unit of the server device
relays communication between the external terminal and the
production device, by using the first session and the
second session that are linked with each other.
10 [Claim 2] The remote system according to claim 1, wherein
the gateway device further includes a productiondevice-connection-control-unit to search for the production
device connected to the local area network and request the
production device to transmit the device identification
15 information, and
the server connection control unit of the gateway
device registers the device identification information in
the server device when the server connection control unit
receives the device identification information from the
20 production device.
[Claim 3] The remote system according to claim 2, wherein
the device identification information of the production
device is registered in the production device by the
25 external terminal.
[Claim 4] The remote system according to claim 2, wherein
the production device has a function of generating the
device identification information.
30
[Claim 5] The remote system according to claim 1, wherein
the gateway device further includes a productiondevice-connection-control-unit to search for the production
61
device connected to the local area network and generate the
device identification information of the production device,
and
the server connection control unit of the gateway
5 device registers the device identification information in
the server device when the server connection control unit
generates the device identification information.
[Claim 6] The remote system according to any one of claims
10 1 to 5, wherein, when the device management unit of the
server device receives a device connection request
including device identification information for identifying
the target production device from the external terminal,
the device management unit compares the device
15 identification information in the device connection request
with the device identification information set in the
production device.
[Claim 7] The remote system according to claim 6, wherein
20 the server device further includes a deviceinformation-storage-unit to store device information in
which the device identification information of the
production device is associated with gateway identification
information for identifying the gateway device connectable
25 to the production device,
the device management unit of the server device
determines whether the device identification information in
the device connection request is included in the device
information, and
30 when the device identification information in the
device connection request is included in the device
information, the connection control unit of the server
device acquires, from the device information, the gateway
62
identification information corresponding to the device
identification information in the device connection request,
and the connection control unit links the first session and
the second session, the first session being established
5 between the server device and the gateway device that
corresponds to the acquired gateway identification
information.
[Claim 8] The remote system according to any one of claims
10 1 to 5, wherein
the server device further includes a deviceinformation-storage-unit to store device information in
which the device identification information of the
production device is associated with gateway identification
15 information for identifying the gateway device connectable
to the production device, and
the connection control unit of the server device
displays, on the external terminal, information regarding
the production device registered in the device information
20 in a list, the connection control unit establishes a second
session between the external terminal and the server device
when the production device is selected from the list by the
external terminal, and the connection control unit links
the first session and the second session, the first session
25 being established between the server device and the
selected production device.
[Claim 9] The remote system according to claim 8, wherein
the external terminal has a function of reading and
30 outputting configuration information including a model name
of the production device selected from the list or project
information including a program, a parameter, and a label.
63
[Claim 10] The remote system according to claim 8,
further comprising:
a camera to capture an image of a control target of
the production device, wherein
5 the external terminal has a function of causing
execution of a program of the production device selected
from the list, and displaying an image captured by the
camera including an operation of the control target of the
selected production device.
10
[Claim 11] The remote system according to any one of
claims 1 to 10, wherein
the server device further includes:
a gateway information storage unit to store gateway
15 information for authenticating the gateway device; and
an access control unit to compare the gateway
information with gateway authentication information for
authenticating the gateway device, the gateway
authentication information being transmitted from the
20 gateway device, and
the connection control unit permits establishment of
the first session between the server device and the gateway
device when the gateway device is an authorized gateway
device as a result of comparison.
25
[Claim 12] The remote system according to any one of
claims 1 to 11, wherein
the server device further includes:
a user information storage unit to store user
30 information for authenticating a user of the external
terminal; and
an access control unit to compare the user information
with user authentication information for authenticating the
64
user, the user authentication information being transmitted
from the external terminal, and
the connection control unit permits access by the
external terminal to the production device when the user is
5 an authorized user as a result of comparison.
[Claim 13] The remote system according to claim 12,
wherein
the server device further includes an access control
10 information storage unit to store access control
information in which access authority to the production
device and the gateway device is set for each user, and
the access control unit determines extent accessible
by the user with reference to the access control
15 information.
[Claim 14] The remote system according to any one of
claims 1 to 13, further comprising one or more of a
firewall, an unauthorized intrusion detection system to
20 detect unauthorized communication, an unauthorized
intrusion prevention system to block unauthorized
communication, and a web application firewall to protect a
web application from an attack that abuses vulnerability of
the web application.
25
[Claim 15] The remote system according to any one of
claims 1 to 14, wherein the gateway device is the
production device having a function of gateway.
30 [Claim 16] The remote system according to any one of
claims 1 to 15, wherein
a plurality of the local area networks are provided,
and
65
the gateway devices of a plurality of the local area
networks are connected to one another.
[Claim 17] A remote connection method for implementing
5 remote connection to a production device by an external
terminal, wherein
a local area network including the production device
and a gateway device, and
a server device to relay communication between the
10 production device and the external terminal that is an
information communication device
are connected via a wide area network,
the remote connection method comprising:
a step of permitting connection from an inside to an
15 outside of the local area network and rejecting connection
from the outside to the inside of the local area network,
by a network device installed at a connection point of the
local area network and the wide area network or between the
connection point and the production device;
20 a step of requesting, by the gateway device, the
server device to establish a first session between the
gateway device and the server device;
a step of establishing, by the server device, the
first session in response to a request for establishing the
25 first session;
a step of comparing, by the server device, device
identification information for identifying a target
production device designated from the external terminal
with the device identification information set in the
30 production device;
a step of establishing, by the server device, a second
session between the external terminal and the server device
when the device identification information of the target
66
production device matches the device identification
information set in the production device as a result of
comparison;
a step of linking, by the server device, the first
5 session and the second session; and
a step of relaying, by the server device,
communication between the external terminal and the
production device by using the first session and the second
session that are linked with each other.