Product Capability Example (Device Provisioning)
Table of contents
1. Device Provisioning Overview
2. Related Requirements
3. IDevID Installation
4. Register the Device in GDS
5. References
Device Provisioning Overview
Automation Vision (AV) controllers are to be shipped to customers with minimal pre-installed software. Upon receiving the controller at the customer site it is to be connected to a control network. This implies trust and security to be in place to establish:
- The controller is coming from a reliable vendor.
- The software inside the controller could be security-checked.
The chain of processes to accomplish this could be referred to as device provisioning.
Above is a simplified pictorial representation of installing an IDevID into an AV controller where:
- ABB PKI CA refers to ABB Certificate Authority which is ABB digital PKI environment to generate IDevID
- Factory Machine refers to an Ubuntu workstation in the factory to request IDevID from ABB CA and install it in the controller
The IDevID is used to verify the AV controller when it is connected to the control network at the customer site.
Related Requirements
IDevID Installation
The first step during device provisioning relates to the installation of a certificate known as IDevID.
The IDevID tool running on the AV controller is responsible for getting the IDevID certificate from the ABB PKI CA via the IDevID Installer app running on the factory machine.
The contents of the IDevID certificate are ProductInstanceUri, X.509v3 certificate, and private key.
Register the Device in GDS
Register OPC UA Apps with GDS
References
| Ref | Document Identity | Document Title |
|---|---|---|
| [Re1] | Controller Provisioning | Controller Provisioning |