Difference between revisions of "ES/S-A HOTA"

 
(66 intermediate revisions by the same user not shown)
Line 60: Line 60:
 
<td>Facility Automation
 
<td>Facility Automation
 
</td></tr>
 
</td></tr>
 +
 +
 +
<tr>
 +
<td style="width: 130px;vertical-align: top;">'''Programmed in'''</td>
 +
<td>Java, [[Extensible Object Script]]
 +
</td>
 +
</tr>
 +
 +
<tr>
 +
<td style="width: 130px;vertical-align: top;">'''Origin'''
 +
</td>
 +
<td style="line-height: 12px;">
 +
<ul style="list-style:none;margin-left:0;font-size:14px;margin-bottom: 10px;">
 +
<li>TYRACS (-2017)
 +
  <ul style="list-style:none;margin-left: 10px;"><li>↳ ES/S-A (2017-)</li></ul>
 +
</li>
 +
</ul>
 +
</td>
 +
</tr>
 +
  
 
<tr>
 
<tr>
 
<td style="width: 130px;vertical-align: top;">'''Language(s)'''
 
<td style="width: 130px;vertical-align: top;">'''Language(s)'''
 
</td>
 
</td>
<td>Available in 12 Languages, including Deutsch, Italiano, 中国人, عربي
+
<td>English, varies by used user interface
 
</td></tr>
 
</td></tr>
  
Line 71: Line 91:
  
  
'''ES/S-A HOTA''' ''"Heart of the Appliance"'' is a open [[Virtualized Automation]] System developed on base of the Extensible Services / Server for Automation Platform.
+
'''ES/S-A HOTA''' ''"Heart of the Appliance"'' is a open, modular [[Virtualized Automation]] System developed on base of the Extensible Services / Server for Automation Platform (ES/S-A CS J1).  
 
   
 
   
The Digital Signage software was initially created by Netroda Technologies for Inhouse use only and first went live in 2017. In 2020, Netroda Technologies published the first ready-to-run Installation Binary for Demo Purposes.
+
This Automation system was the first member of the newly created ES/S-A Platform, and was subjected to replace the outdated Predecessor TYRACS, that was both technically and schematically inferior.
 +
 
 +
The ES/S-A Core has been planned extensively in regards to stability, persistency, viability and security. To also serve the technically sensitive subject of public facility automation, the software has been required to pass certain aspects on conventions, reliability and safety. The application is also subjected to certain requirements in engineering that point to it's origins in public applications, the follow-strict escalation sequence is one of these requiements.
  
 
== Overview ==
 
== Overview ==
SignMatic was initially created from 2015 onward. The Commercial extent has been raised in early 2019
 
  
== Licenses ==
+
The first version was published early 2017. The predecessor has been phased out completely mid 2017. The first version had poor support for additional abstraction layers and experienced major issues with persistency (state consistency).
SignMatic, with latest version 1.1.1724, is available in the following license configurations:
 
  
* '''Demo:''' Demo Version. For basic introduction, without the extended tools and features.
+
The need for constant impovements to usability and interopability led the team of engineers to permanently install the current stable version in a one-of-a-kind research building, to monitor, analyze and improve the system under exceptionally real conditions. By 1.2.08-SN (03/2019) most teething has been eradicated, and the platform maintains scalar performance on all supported platforms, including Windows Server
* '''Premise:''' Manages up to 16 Displays simultaneously, licensed per system. It also includes the full-featured Toolkit SMStudio.  
 
* '''Premise Foundation''' Same as Premise, with cloud access managed remotely.
 
* '''Enterprise Retail''' Volume License, The administrator can issue Premise/Foundation licenses on behalf of the owner.
 
  
The license price  also distinguishes whether a license can be used for a Single host systems, multiple hosts systems. Licenses including the FoundationShield Cloud Services are usually slightly more expensive.{{fact|date=July 2022}}
+
== Technical ==
 +
The ES/S-A CS J1 (ES/S Automation Core Services Java 1) is the first Automation Core Services provider that provides the runtime for the
 +
ES/S Modules, Interopability and abstract data types / bindings.  
  
== Pricing ==
+
The ES/S-A Core application consists of the ESSInstance, that monitors, starts and ends all further processes, delegates resources and serves as mediator between components (Modularity). The System has integrated modules for  
Netroda Technologies sells all licenses for a monthly or annual price directly. All three editions can also be obtained from official license resellers.
 
  
In December 2018, Netroda Technologies announced the first Preview version of SignMatic. The FoundationShield Cloud Service has been topic of current Price Increase and forced upgrades due to end-of-life policies, becoming its first price adjustment in 2 years of business. The company raised the prices of all SignMatic licenses, alleging it was to cover the increasing cost of support and management over the past two years. Following the announcement, Netroda Technologies created a FAQ page to clarify any questions about the new pricing adjustment.
+
* HTTP(S) Web Services
 +
* TCP/IP Communication
 +
* PBX Interfaces
 +
* Public Announcements and SIP Calling
 +
* E-Mail Signaling
 +
* Primitive Abstraction Layers (PAL)
 +
* Facility Services
 +
* Primive Data Points
 +
* Complex Objects
 +
* Script Engines ([[Extensible Object Script]])
 +
* Building Model Providers
 +
* Network Cell Presency
 +
* HVAC and Climatization
 +
* Energy Monitoring
 +
* Electric Planning and Lookup
 +
* Fire and Threat Protection
 +
* [[Almbus/IP]]
  
== Globalization ==
+
== Third-Party Modules ==  
SignMatic is available in 12 Languages
+
* Primitive Abstraction Layers
* English
+
** INEG-L Protocol, via UDP/IP
* Deutsch
+
** Modbus/RTU/ASCII/TCP via IP (open-mbus), Serial
* Francais
+
** EIB/KNX Bus IEC 14543-3 via IP (cEMI), USB, Serial
* Espanol
+
** Artistic Licence ARTNET for DMX512, via IP, USB
* Italiano
+
** Modbus RTU/IP, via IP, USB, Serial
* 中国人
+
** ASHRAE BACnet, via IP
* عربي
+
** X10 (CM11A) Protocol, Serial
 +
 
 +
* Autonomous Instances
 +
** Asterisk PBX
 +
 
 +
* Printer Drivers
 +
** ESC/POS
 +
** ESC/P2
 +
** IBM ProPrinter
  
== Support ==
+
== User Interfaces ==
Live, Phone and email support for SignMatic is available in [[English language|English]], [[Russian language|Russian]], [[Spanish language|Spanish]], [[German language|German]], [[Portuguese language|Portuguese]], and [[Japanese language|Japanese]]. SignMatic licenses purchased directly from Netroda Technologies include full free support.
+
ES/S-A HOTA runs as command-line output only application. Most of the User interfaces are delivered via HTTP and renderen in a Browser Window. User interface can be serve interactive resources that are either directly accessible or require a middleware.
  
== Version history ==
 
 
{| class="wikitable" style="float:center; margin:0 0 0.5em 1em;"
 
{| class="wikitable" style="float:center; margin:0 0 0.5em 1em;"
 
|-
 
|-
! Product
+
! User Interface
! Released
+
! Type
! Extended Support
+
! Audience
! End of Life
 
 
|-
 
|-
| 1.1.1724
+
| '''sv_ata'''
| 31 August 2022
+
| HTML5 (HTTP/S)
| {{tba}}
+
| Residential focused user interface with support for mobile devices and touch screens, rich animated using extesively graphics elements, fun to use and interact with. Low technical knowledge required. Has many features like Screensavers, News, Weather forecast, Graphs, Visual control, Virtual Tours and more.
| {{tba}}
 
 
|-
 
|-
| 1.1.1723
+
| '''sv_gna'''
| 11 October 2021
+
| HTML5 (HTTP/S)
| {{tba}}
+
| Professional focused user interface with support for multi-screen setups. Technical knowledge required to address all functions.
| {{tba}}
 
 
|-
 
|-
| 1.1.1720
+
| '''mta'''
| 16 June 2020
+
| JSON (HTTP/S)
| {{tba}}
+
| Used for the MicroTaskInvoker application (Native Windows Application). Provides minimal acces to preconfigured functions.
| {{tba}}
 
 
|-
 
|-
| 1.1.1700
+
| '''cisco'''
| 29 December 2019
+
| XML (HTTP/S)
| {{tba}}
+
| Used for Cisco SCCP Telephones to access the system via various Cisco IP Phones. Provides secured access to number and call registers, system shortcuts and control of devices.
| {{tba}}
 
|}
 
 
 
== Timeline ==
 
{| class="wikitable" style="float:center; margin:0 0 0.5em 1em;"
 
 
|-
 
|-
! Date
+
| '''telnet'''
! Milestone
+
| TCP/IP
 +
| Provides remote control of the system using minimal bandwidth. Has access to many features of the system. Please notice that remote access must be provided by using an encrypted tunnel like IKEv2, because Telnet does not support TLS encryption.
 
|-
 
|-
| 2015
+
| '''esterm'''
| First Release used inhouse and for Development
+
| TCP/IP
|-
+
| Provides partial graphical control of the system using text-only transmission utilizing the ESTERM Protocol, can be used with Netroda Technologies [[NETerm]].
| 2017
 
| Plans for Commercial Usage raised
 
|-
 
| 2018
 
| Announcement of the first Commercial Version
 
|-
 
| 2020
 
| first Commercial Version published
 
|-
 
| 2022
 
| Launch of Plesk 12
 
 
|}
 
|}
  
 +
== Globalization ==
 +
ES/S-A HOTA uses English only, the various user interfaces that can be installed have variying international support.
 +
sv_ata currently supports 4 languages
 +
* English
 +
* Deutsch
 +
* 中国人
 +
* Tiếng Việt
 +
 +
== Support ==
 +
Support for ES/S-A HOTA is available is currently limited to e-mail support in english only.
 +
 +
== Security ==
 +
ES/S-A HOTA Supports TLS for the Secure HTTP Service (HTTPS) version 1.3. The web interfaces can be protected from bogon requests, internet access in WAN Networks. Network services feature automatic blacklisting and source-network abuse query. By utilizing FoundationShield or any other Firewall or Network monitor, ES/S-A HOTA can be securely exposed to the internet, following a positive risk assessment concering stability agains Distributed DOS (DDoS) attacks.
 +
 +
The default configuration does neither allow anonymous users, nor default credentials or insecure WAN access to recude the probability of security issues by misconfiguration or negligence.
 +
 +
The architecture requires modules accessing the core or other modules to obtain required privileges to execute specific actions. Responsible for distribution and approving is the ESAuthority, a integral core module. The system works by identifying module instances with unique and temporary tokens, that must be validated prior to execute actions in the target module. Applicable modules must provide necessary API functionality (ESAuthorityAwareService, ESAuthorityAwareCaller) and are responsible to correctly implement these by themself. ESContextAuthority provides information of call origins, and can differentiate many cases, such as automation, user interaction or remote procedure requests.
 +
 +
A zero-day vulnerability involving remote code execution in Log4j 2, (a Logging utility for Java) , given the descriptor CVE-2021-44228, was found and reported to Apache by Alibaba on November 24, 2021, and published in a tweet on December 9, 2021. Investigations proceeded and it was reported to customers, that ES/S-A HOTA is not affected, as Log4j (used by various components) is replaced by the distributed debugging service in release versions.
 +
 +
It is recommended to protect facility systems with at least two firewalls from different vendors or with different software.
  
 
== See also ==
 
== See also ==
* [[Digital Signage]]
+
* [[Virtualized Automation]]
* [[Comparison of Digital Signage License models]]
+
* [[Field Bus]]
  
 
== References ==
 
== References ==
Line 167: Line 210:
 
{{WebManTools}}
 
{{WebManTools}}
  
[[Category:Digital Signage]]
 
 
[[Category:Windows Software]]
 
[[Category:Windows Software]]
[[Category:Cloud Services]]
 
 
[[Category:FoundationShield]]
 
[[Category:FoundationShield]]
 
[[Category:Extensible Services Server]]
 
[[Category:Extensible Services Server]]

Latest revision as of 04:15, 19 August 2024

ES/S-A HOTA

ES/S-A HOTA Icon

Console and User Interface
Developer Netroda Technologies
Product Family Extensible Services / Server
Licenses N.P.A.L., FoundationShield (EULA)
Initial release 14 February 2017
Current Version 1.9.05-SN (November 2022)
Timeline

ENTHALPY (1.9.05-SN) (Current Version)

Platform Windows NT, FreeBSD, macOS, GNU Linux
Type Facility Automation
Programmed in Java, Extensible Object Script
Origin
  • TYRACS (-2017)
    • ↳ ES/S-A (2017-)
Language(s) English, varies by used user interface


ES/S-A HOTA "Heart of the Appliance" is a open, modular Virtualized Automation System developed on base of the Extensible Services / Server for Automation Platform (ES/S-A CS J1).

This Automation system was the first member of the newly created ES/S-A Platform, and was subjected to replace the outdated Predecessor TYRACS, that was both technically and schematically inferior.

The ES/S-A Core has been planned extensively in regards to stability, persistency, viability and security. To also serve the technically sensitive subject of public facility automation, the software has been required to pass certain aspects on conventions, reliability and safety. The application is also subjected to certain requirements in engineering that point to it's origins in public applications, the follow-strict escalation sequence is one of these requiements.

Overview

The first version was published early 2017. The predecessor has been phased out completely mid 2017. The first version had poor support for additional abstraction layers and experienced major issues with persistency (state consistency).

The need for constant impovements to usability and interopability led the team of engineers to permanently install the current stable version in a one-of-a-kind research building, to monitor, analyze and improve the system under exceptionally real conditions. By 1.2.08-SN (03/2019) most teething has been eradicated, and the platform maintains scalar performance on all supported platforms, including Windows Server

Technical

The ES/S-A CS J1 (ES/S Automation Core Services Java 1) is the first Automation Core Services provider that provides the runtime for the ES/S Modules, Interopability and abstract data types / bindings.

The ES/S-A Core application consists of the ESSInstance, that monitors, starts and ends all further processes, delegates resources and serves as mediator between components (Modularity). The System has integrated modules for

  • HTTP(S) Web Services
  • TCP/IP Communication
  • PBX Interfaces
  • Public Announcements and SIP Calling
  • E-Mail Signaling
  • Primitive Abstraction Layers (PAL)
  • Facility Services
  • Primive Data Points
  • Complex Objects
  • Script Engines (Extensible Object Script)
  • Building Model Providers
  • Network Cell Presency
  • HVAC and Climatization
  • Energy Monitoring
  • Electric Planning and Lookup
  • Fire and Threat Protection
  • Almbus/IP

Third-Party Modules

  • Primitive Abstraction Layers
    • INEG-L Protocol, via UDP/IP
    • Modbus/RTU/ASCII/TCP via IP (open-mbus), Serial
    • EIB/KNX Bus IEC 14543-3 via IP (cEMI), USB, Serial
    • Artistic Licence ARTNET for DMX512, via IP, USB
    • Modbus RTU/IP, via IP, USB, Serial
    • ASHRAE BACnet, via IP
    • X10 (CM11A) Protocol, Serial
  • Autonomous Instances
    • Asterisk PBX
  • Printer Drivers
    • ESC/POS
    • ESC/P2
    • IBM ProPrinter

User Interfaces

ES/S-A HOTA runs as command-line output only application. Most of the User interfaces are delivered via HTTP and renderen in a Browser Window. User interface can be serve interactive resources that are either directly accessible or require a middleware.

User Interface Type Audience
sv_ata HTML5 (HTTP/S) Residential focused user interface with support for mobile devices and touch screens, rich animated using extesively graphics elements, fun to use and interact with. Low technical knowledge required. Has many features like Screensavers, News, Weather forecast, Graphs, Visual control, Virtual Tours and more.
sv_gna HTML5 (HTTP/S) Professional focused user interface with support for multi-screen setups. Technical knowledge required to address all functions.
mta JSON (HTTP/S) Used for the MicroTaskInvoker application (Native Windows Application). Provides minimal acces to preconfigured functions.
cisco XML (HTTP/S) Used for Cisco SCCP Telephones to access the system via various Cisco IP Phones. Provides secured access to number and call registers, system shortcuts and control of devices.
telnet TCP/IP Provides remote control of the system using minimal bandwidth. Has access to many features of the system. Please notice that remote access must be provided by using an encrypted tunnel like IKEv2, because Telnet does not support TLS encryption.
esterm TCP/IP Provides partial graphical control of the system using text-only transmission utilizing the ESTERM Protocol, can be used with Netroda Technologies NETerm.

Globalization

ES/S-A HOTA uses English only, the various user interfaces that can be installed have variying international support. sv_ata currently supports 4 languages

  • English
  • Deutsch
  • 中国人
  • Tiếng Việt

Support

Support for ES/S-A HOTA is available is currently limited to e-mail support in english only.

Security

ES/S-A HOTA Supports TLS for the Secure HTTP Service (HTTPS) version 1.3. The web interfaces can be protected from bogon requests, internet access in WAN Networks. Network services feature automatic blacklisting and source-network abuse query. By utilizing FoundationShield or any other Firewall or Network monitor, ES/S-A HOTA can be securely exposed to the internet, following a positive risk assessment concering stability agains Distributed DOS (DDoS) attacks.

The default configuration does neither allow anonymous users, nor default credentials or insecure WAN access to recude the probability of security issues by misconfiguration or negligence.

The architecture requires modules accessing the core or other modules to obtain required privileges to execute specific actions. Responsible for distribution and approving is the ESAuthority, a integral core module. The system works by identifying module instances with unique and temporary tokens, that must be validated prior to execute actions in the target module. Applicable modules must provide necessary API functionality (ESAuthorityAwareService, ESAuthorityAwareCaller) and are responsible to correctly implement these by themself. ESContextAuthority provides information of call origins, and can differentiate many cases, such as automation, user interaction or remote procedure requests.

A zero-day vulnerability involving remote code execution in Log4j 2, (a Logging utility for Java) , given the descriptor CVE-2021-44228, was found and reported to Apache by Alibaba on November 24, 2021, and published in a tweet on December 9, 2021. Investigations proceeded and it was reported to customers, that ES/S-A HOTA is not affected, as Log4j (used by various components) is replaced by the distributed debugging service in release versions.

It is recommended to protect facility systems with at least two firewalls from different vendors or with different software.

See also

References

Template:Reflist

Template:WebManTools