A method of detecting a vulnerability in a Web service can include determining, using a processor, whether a Web service uses identity of a requester to select one of a plurality of different paths of a branch in program code of the Web service. The method further can include, responsive to determining that the Web service does select one of a plurality of different paths of a branch according to identity of the requester, indicating that the Web service has a potential vulnerability.

A system and method for creating, executing and managing processes of cross-enterprise businesses using nano server architecture, is disclosed herein. A process store tool (e.g., a graphical interface visual tool) at the end-user (such as, a business entity or an individual process developer) provides an open, flexible workflow engine for supporting the creation and enforcement of at least one business process with respect to the end user. A cluster having at least one nano server (also referred as lean server) configured within a data centre for storing, executing and managing processes with respect to the end user within the cloud environment. The nano servers of the cluster are the micro app servers with a small memory foot print consuming minimal resources. The nano servers are multi-threaded processes which houses the services that is consumed by the end user.

A method performed by an OPC UA client includes importing a node set file pertaining to an OPC UA-enabled automation device, the nodeset file defining validation logic used to validate data to be written to the automation device; preparing data to be written to the automation device; and using the validation logic to validate the prepared data. An alternative method includes importing a nodeset file pertaining to an automation device in which a OPC UA server is embedded, the nodeset file defining validation logic used to validate data to be written to the automation device; receiving data to be written to the automation device; and using the validation logic to validate the received data.

A distributed process control system having at least one automation unit on the plant side that calculates a plurality of first process variables and influences the process that is connected by first data link to a monitoring system that controls and/or monitors the process. The system has an external computing unit that is connected by a distributed communication mechanism to the automation unit and exchanges data with it using a second data link. The external computing unit calculates a plurality of second process variables that the of the automation unit uses to influence the process. A method for extending the function of at least one plant-side automation unit is also disclosed.

A method for analyzing data provided by a robot system located in a plant. The method includes operating a plurality of robots in the robot system and collecting first level data concerning operating parameters of each robot while they are being operated. The method further includes analyzing the first level data in a first data collection device located in the plant using first level analyzation software, analyzing the analyzed first level data collected in a second data collection device using second level analyzation software, and analyzing the analyzed second level data collected in a third data collection device in the cloud using third level analyzation software. A web portal outside of the plant can be used to gain access to the analyzed third level data.

Adapting access rules for a data interchange between a first network and a second network by the second network is provided based on a service-specific integrity information item of the first network, wherein the first network processes data for carrying out a service and the service defines multiple components. A respective integrity status is transmitted for each of the components by each respective component via a communication link within the first network to a management unit of the first network. The service-specific integrity information item is computed based on each respective integrity status by the management unit. The service-specific integrity information item is transmitted by a network access point of the first network to a receiver in the second network for adapting the access rules. Access by the receiver to each respective integrity status is prevented.

A programmable logic controller (PLC) system is provided. The programmable logic controller (PLC) system includes a storage unit storing a user program; a main control unit performing a scan operation based on the user program, measuring a scan time required for the scan time, and determining whether there is a need to process a web based service; and a web based service control unit processing the service data based on the scan time service request details, and service data that are transmitted from the main control unit, according to a result of the determination on whether there is a need to process the web based service.

An industrial system includes a plurality of machines that define respective hardware and automation functions associated with the hardware. The industrial system further includes an engineering module hosted within the industrial system, and an application programming interface (API) communicatively coupled to the engineering module. The industrial system can further include a web application communicatively coupled to the engineering module via the API. A computing device can be configured to access the engineering module via the web application and the API, and the engineering module can be configured to configure the plurality of machines based on instructions received by the web application.

A field device (1) and interface (2), a method for operating a field device (1) as well as a cloud service that achieve simplified data communication is obtained in that the interface is a cloud interface (2) via which data communication takes place between the field device (1) and a cloud (3).

Industrial automation system with a system for embedding a web application to be embedded in a surrounding web application and method for embedding a web application into a surrounding web application, wherein the web application to be embedded is provided to run in a separate execution and display region of the surrounding web application, the web application to be embedded is provided by at least two web servers so as to increase redundancy, monitoring capability and operability and therefore fault tolerance, to reduce complexity, to reduce communication traffic and to obtain improved options for access restriction for personnel, particularly in large industrial automation systems, such as process control systems.