Keywords

1 Introduction

The application of Industry 4.0 technology can help to establish smart factories and virtual production systems in optimized and competitive features. Along with the latest technologies development, the existing mass batch manufacturing mode will be changed to large-scale personalized production mode but is affordable. It means that the production mode innovation will change the market competition manner, i.e., from price competition to comprehensive quality competition. MES is one of the indispensable systems for building an industrial software layer of such smart factories and the virtual production systems. It plays a bridge role between ERP, DNC and the other systems in the entire manufacturing system.

According to the Industry 4.0 technology, an intelligent manufacturing system to a five layers architecture can be inferred as below, i.e., the underlying is automation equipment layer; the second is the information physical system layer; the third is the industrial software layer; the fourth is the enterprise operations and management layers, and the top layer is the enterprise management optimization layer. In the architecture, the MES belongs to the third layer, i.e., the industrial software layer. By integrating with ERP to obtain product design models, manufacturing processes and production planning information, it can provide the necessary data for DNC, WMS, SCADA, and the other related systems in the workshop. It means that the operating efficiency and performance of the automated production system will be greatly affected if the integration of MES and related systems cannot be solved properly. Therefore, MES integration problems can be transformed into data interoperability management between MES and related business systems.

The current research on MES mainly focused on the following aspects: (1) MES and manufacturing system hardware integration [1, 2, 9,10,11], aimed to solve the problem of MES management of workshop manufacturing resources; (2) MES industry applications and related software system integration [3, 4, 8], such as the integration of MES and ERP; (3) with the development of intelligent manufacturing technology, the status, functions and integration platforms of MES in intelligent manufacturing systems issues have gradually become research hotspots [6, 7, 9,10,11,12], including vertical integration of manufacturing assets (i.e., supporting virtual production line evaluation by simulation) and horizontal integration (i.e., cloud manufacturing); (4) the standards and specifications to support MES integration [13, 14]. Therefore, in a broad sense, in-depth research on MES integration objects and integration scope of data interoperability is still lacking or insufficient, especially in the researches on how to incorporate data access security issues in the MES integration architecture.

Therefore, the research objectives/questions are: how to establish a more comprehensive MES data interoperability object model, incorporate the distributed data security access mechanism with the MES integration architecture, and then apply the solution in discrete manufacturing sector.

2 The Related Work

According to ISO/IEC 2382-01, the definition of data interoperability in the basic terminology of information technology is as follows: to require users to have little or no knowledge of the unique characteristics of these functional units, establish communication mechanisms in each functional unit and execute the ability to program or transfer data. The related work on MES interoperability mainly normally includes MES integration specification and MES integration development. The following are briefly discussed.

2.1 Specifications for MES Integration

In supporting MES integration and data interoperability, the popular specifications and standards are ISA-95 and the SPL (Process Specification Language) proposed by the American NIST, and the integration specifications proposed by MES developers for some specific applications. ISA-95 (IEC/ISO 62246 standard) defines a comprehensive set of functional models, which can reflect the organizational functional architecture of an enterprise and can be extended to meet the needs of different integrations [13]. In terms of manufacturing processes, to solve the problem of interoperability of process information, the United States NIST proposed a PSL (Process Specification Language) specification [14]. In terms of MES modeling technology, Witsch [5] developed a novel MES modeling language (MES-ML), which integrates all important and necessary functional views of the MES system; the users can build the interdependence between functional views by MES-ML and then help to create a universal MES system framework model. Thereby it can improve the standardization of the MES software development process.

Aiming at the application integration problem based on the KMPDM platform, our research team developed the user-specific interoperable data display modeling tool based on the KM-software products, i.e., KMPDM/KMCAPP/KMCAD, by expanding the SPL specification [15]. Ultimately, it realized the data integration via XML-based description language.

Based on the above review, the author believes that B2MML (ISA-95) is suitable to describe the information of the production information of MES; PSL can be used for the description of the manufacturing process information, and the user-customized interoperable data display modeling tools we developed in the past can be used for the final MES interoperable data display.

2.2 MES Integration and Development

Earlier, Choi [1] analyzed the MES (Manufacturing Execution System) architecture and explored how to integrate with the FMS (Flexible Manufacturing System) production line in an ERP (Enterprise Planning System) environment, similar to the current MES and Manufacturing system integration issues, in which a two-layer MES architecture was proposed. To further solve the hardware integration problem of the distributed manufacturing systems, Garetti [2] used an integration method based on Ontology and Web services technology to propose a new type of automated manufacturing system control architecture solution, which allowed the control system to be easily implemented, including configuration, update, and extending. This integrated method provided a completely open environment for the operation and control of the manufacturing assets and could easily and quickly troubleshoot the manufacturing system of a new factory.

MES is also applied in continued manufacturing sections, e.g., iron and steel industry. For example, Li [3] proposed a three-tier automation system integration scheme based on BPS (Business Planning System)/MES/PCS (Process Control System). The comprehensive functions of this MES were analyzed in detail and were applied in Shanghai Iron and Steel Company. In terms of PLM and MES integration, due to the large differences in the integrated data format, source, scale, etc., Anis [4] proposed to integrate a product design, manufacturing system hardware data, and real-time data generated in the production process to design an intermediary system that resolves syntactic and semantic conflicts. In the integration of various functions within the MES, Jeon [8] introduced a design method of advanced MES (i.e., intelligent MES), by establishing a collaboration mechanism of MES internal functions. It supported the functions improvement and auxiliary management decision-making capability of the MES in data collection and analysis. Anyway, it only analyzed its feasibility by simulation based on the established TO-BE scenario model and AS-IS model.

With the development of Industry 4.0 technology, the status, role and integration methods of MES in intelligent manufacturing systems have also become research hotspots. For example, Novak [6] believes that intelligent manufacturing systems can use a five-layer pyramid to describe an automated system structure. To support dynamic production scheduling, provide the flexibility of intelligent manufacturing systems, and reduce response time, it presented a way to integrate a production planning and scheduling module within MES. However, the levels and integration methods of software such as DNC/CAPP are not concerned. Cai [7] aimed at the integration of the distributed manufacturing services in virtual factories, and adopted the ontology and constraint-based distributed manufacturing service modeling methods to develop a prototype of the semantic Web system of ManuHub (i.e., Manufacturing Center), which provides a friendly graphical user interface to search for the required services and get the semantic annotations for the manufacturing assets services. Ghielmini [9] and Mourtzis [10] believes that the existing ICT solutions have low interoperability in supporting the distributed manufacturing assets integration for small and medium enterprises. Therefore, they proposed a virtual factory framework (VFF) to solve this problem, including semantic shared data models, virtual factory managers (VFM), and so on. Mourtzis [11] proposed an integrated quality monitoring method to support cloud manufacturing in virtual factories. Iarovyi [12] proposed an open, knowledge-driven MES architecture by adopting the base-of-breed method, which can effectively support MES to intelligently expand functions and performance, improve MES application quality, and reduce configuration costs and system downtime.

In summary, according to the aforementioned review, in-depth research on MES integration objects and integration scope of data interoperability is still lacking. In particular, research on how to incorporate the data access security mechanism in MES is also inadequate. Therefore, our research should focus on how to establish a comprehensive MES data interoperability object model, introduce the data security access module with MES data interoperability, and ultimately establish a feasible MES integration framework for discrete manufacturing.

3 Methodology

By comprehensively analyzing the strengths and weaknesses of the existing MES integration and its development technologies, the author believes that starting from analyzing the input and output of MES interoperable objects to establish the MES data interoperable object model is feasible and reasonable.

Then to integrate data access security measures with MES data, it can be used to establish an MES integration framework that is more suitable for the actual application requirements of discrete manufacturing (such as machining workshops) and develop applications verification by referring to the principal of the domain-based security mechanism of the operating system. The concept of domain here can be defined according to the user’s department, role, etc., and the business domain of MES user can be distinguished as well as the corresponding authority. Therefore, the domain is a key concept in MES data interoperability security management. It takes the method of pre-defining the access rights of personnel at different levels and roles in the virtual manufacturing system. The applied methodology is illustrated in Fig. 1.

Fig. 1.
figure 1

Proposed modeling methodology

When establishing the MES interoperability object model, it is necessary to fully investigate the data interoperation types, input and output information, and processes of MES and ERP, CAPP, DNC, WMS, SCADA systems; and then to use the principle of operating system domain security mechanisms to establish a hierarchical architecture of users secure access to the domain data. Furthermore, using the ISA-95/extended PSL specification (application of B2MML to describe production information and extended PSL to describe process information) and the user-oriented personalized data interoperable access interface definition tool, a complete MES integration framework for the data interoperability can be established.

4 Proposed Integration Architecture

According to the above section, the exploration of interoperation data object modeling, the discussion of the data interoperable secure access modules based on domain security mechanisms, and the exploration of user-oriented data interoperable personalized interface development methods will be carried out successively as the following.

4.1 Data Interoperation Object Modeling

According to the investigation result of data interoperation type, input and output of MES and ERP, CAPP, DNC, WMS, SCADA systems, the MES data interoperation object model are established as Fig. 2.

Fig. 2.
figure 2

MES integration object model

Among them, the main input and output information is as follows. (1) MES is responsible for receiving planning instruction information issued from the upstream ERP (Enterprise Resource Planning) system, i.e., how many products are completed at what time; products information is also sent to MES, i.e., what the products needed to manufacturing, including products function specification, size, material, etc. (2) MES feeds back the relevant information about the production and the progress of component manufacturing process execution to ERP. (3) The CAPP system sends the products manufacturing methods, processes, and the required types of manufacturing assets (such as machine tools and equipment, etc.) to the MES, i.e., how the products are processed, the processing steps and their operations and the required processes equipment (e.g., tools, fixtures, gauges, and accessories, etc.). (4) MES will feedback on the execution status of the parts processing to CAPP so that the process planners can refer to the execution information of the process task when they design new manufacturing processes or execute processes change design. (5) The MES sends the CNC machining instructions in the CAM to the DNC system according to the production plan, and then the DNC system downloads the cutting program to the CNC machine. (6) DNC needs to feedback the equipment information to the MES (information of the parts being processed by the machine tool, processing status, processing start time and estimated end time). (7) The MES sends the materials and quantity information of the currently processed parts to the WMS. After the processing is completed, it is stored in the warehouse and the completed part information is entered into WMS/ERP. (8) MES interacts with SCADA. On the one hand, when the MES is scheduled for production, it is necessary to obtain the status of manufacturing assets from SCADA (whether the equipment is normal, whether the operators are on the job, whether the inventory is sufficient, etc.), and pass the processing parameters to the processing equipment and testing equipment; on the other hand, MES sends statistical analysis data of workshop equipment to the SACADA and then the management staff can access the information by graphical viewing tools.

4.2 Domain-Based Data Access Security

The application of MES in the distributed manufacturing mode needs to provide a secure access mechanism to the data of all parties to meet the privacy protection requirements of the group’s distributed applications. In this designed security mechanism, the system can use the “domain” to identify the organization’s access scope to the individual data, and users belonging to the current organization are allowed to access the current domain data. If domain users need to access data in other domains, it needs to grant the users who need cross-domain access through the system administrator to realize.

Usually, there is only one “primary domain” in the system, and the system administrator has the administrative rights of the primary domain. The domains that the system administrator creates later are all subdomains, and users in the subdomains can only access data in their private domains. The system administrator can access the data of all sub-domains as required. The domain-based data security policy definition process is shown in above Fig. 3.

Fig. 3.
figure 3

Domain-based data security policy definition process

Main Domain and System Administrator.

After logging in to the main domain, the system administrator can perform domain-related operations and manage subdomains and related activities. These include:

  1. (1)

    Add, modify, and delete the subdomains, i.e., creating subdomain, naming administrator of the subdomain.

  2. (2)

    Browse and management subdomain. However, under normal circumstances, the primary domain administrator should not directly manipulate the subdomain data, but only manage the subdomain and its organization, and the subdomain administrator and users manage the corresponding data.

  3. (3)

    Check and manage the logged-in users of the MES, and intervene in the management of operations that do not meet the private data access management requirements.

  4. (4)

    Modify the configuration and metadata definitions belonging to the main domain.

Only the system administrator of the primary domain is a superuser. The other organizational users’ data access authority in the primary domains are the same as users in the subdomains. Usually, they can only log in to the domain to which they belong.

The data in a specific subdomain can be manually specified by the system administrator, and users in other domains can access them through the pre-defined processes and tasks. This mechanism is also called a data sharing policy, which can support work collaboration between multiple domains.

Role and Authority Management.

Role is a concept that is independent of users and refers to the role played in the organization of the corresponding responsibilities. Therefore, users in an organization can have multiple roles, but a role may also be the attribute of multiple users. However, only when the role is specifically associated with the user can the permissions of the “user + role” in a specific domain be determined, and the domain should be specified when the permissions are defined.

Domain and its data access permission rules should be created according to the domain in which they are created, that is, all permission rules have a clear domain. Data access permissions and function usage permissions created by the system are displayed in the graphical interface according to the domain. Cross-domain permissions are physically isolated and cannot be displayed directly in the subdomain. Instead, they need to be accessed through the management function of the main domain.

The system authority management adopts three layers of management: system administrator, security administrator, and security log auditor. The system administrator, security administrator, and security log auditor are three independent roles with different responsibilities, namely: the system administrator is responsible for creating and defining the domain organization structure and associated the roles with the personnel, of which the primary domain administrator is only responsible for the subdomain management, and normally the subdomain administrator is responsible for the management of the subdomain’s organizational structure. The system security administrator defines data access rights and management functions for users in the domain according to data access requirements; the security log auditor is responsible for the security issued to the system abnormal log management, tracking rectification, and ensuring the data access security for the entire distributed collaborative work environment (Fig. 4).

Fig. 4.
figure 4

User-oriented integration hierarchy model for MES data interoperability

The data access rights management adopts a hierarchical strategy, which supports the definition and management of data object operation rights, software function use rights, extended function rights, position roles, discarded object operation rights, and attribute authorization interfaces. The information about level-level rights management is stored according to the tree structure, and the tree nodes are displayed according to the domain in which they are located, achieving hierarchical management and control.

User-Oriented MES Data Interoperability Integration Framework.

First, the foundation (bottom layer) of the integration framework is the security layer. As mentioned above, the security mechanism uses a domain-based three-layer security management mechanism, that is, a system administrator, a security administrator, and a security log auditor. Data access requests are initiated by users in the domain. Through the top-level data interoperability integration framework interoperability layer, a three-layer secure data access mechanism and DBMS are used to obtain data from ERP, PDM, CAD/CAPP/CAX, and other related systems; then through the personalized interface implementation layer development tool can establish the data display models required by users and provide them with multi-dimensional MES data display services.

The second layer is the MES data interoperability layer. In our earlier development of the KMMES system, the interoperation mode of MES and systems such as PDM, ERP, WMS, DNC, SCADA mainly adopted the three modes: rule-based file sharing, rule-based database sharing, and web service-based data shared. The interoperation framework is logically isolated through the work domain. The data access scope of users in the domain and the data sharing strategy of the MES (intra-domain sharing or cross-domain sharing) are predefined. Among them, the MES data access types are general business data, relevant data created along with the workflow execution, and data affected by data associations. These data can be grouped into three categories, namely production data, quality assurance data, and distributed manufacturing assets data (machine tools, equipment, robots, operators, etc.).

The top level of the integration framework is the personalized interoperation data display deployment layer. This layer consists of three parts, namely: integrated specifications and integrated development tools, personalized data display GUI modeling tools, personalized GUI model management tools. The integration specification and integrated development tools provide extended PSL language and B2MML language, describe the data obtained from the interaction layer, and display the data after parsing by the software tools. In the toolkit, a GUI graphical definition dynamic link library is also developed by Visual C++ which supports the encapsulation for the common controls, so that users can easily define the personalized GUI by drag and drop, including text boxes, dialog boxes, buttons, etc. The personalized data display GUI modeling tool supports logic modeling, GUI interface layout design, and GUI control and data association definition. The model management tool provides personalized GUI model creation, modification, deletion, and other operations.

After defining the personalized data display GUI through the deployment tool of the implementation layer, users can browse the predefined data through the MES GUI. If the corresponding permissions are defined, the required data can also be edited and deleted.

5 Conclusion and Future Work

MES, which focuses on the integrated management of distributed manufacturing resources, is facing how to integrate these resources and how to perform data interoperation with related software systems. The research starts with the establishment of an MES data interoperability object model and discusses the types of data interoperability, input and output information, and processes of MES and ERP, CAPP, DNC, WMS, and SCADA systems; proposes a three-level data security access mechanism by the system administrators, security management and security log auditors, which not only supports data security access for users in the domain but also provides cross-domain data sharing rule definitions to support distributed business collaboration. The integrated framework modeling method was applied in KMMES developed by Wuhan KM-Soft Co., and more than 40 sets were deployed in aerospace, automotive, shipbuilding and other sections.

To better support the virtual factory application system, next, we will continue to research on how MES integrates virtual factory horizontal and vertical integration technology, optimize the production plans of the distributed MES, and improve the management level of virtual manufacturing assets.