Electronic Security Thinkstock

Managing Manufacturing with HMIs and the IIoT

HMIs can be used to gather machine and plant data, process and analyze the data, and then distribute the resulting actionable information to those who need it.

Download this article as a .PDF

Machines installed in industrial plants use a wide variety of smart devices for control and monitoring, including sensors, instruments, and motor drives. These smart devices are connected to controllers such as PLCs, and often to human machine interfaces (HMIs) through the controllers. These devices can also become part of the industrial Internet of Things (IIoT), and HMIs often make the enabling connections.

There are two main types of HMIs. The first is PC-based—usually an industrial PC when used in machine monitoring and control applications. The second is an embedded platform hosting the HMI software (Fig. 1). PC-based HMIs have more features than embedded HMIs. Recent advances have added many capabilities to embedded HMIs, making them similar to PC-based HMIs in many ways, particularly in terms of IIoT functionality.

Once the proper connections are made via various communication protocols (such as AS-i, DeviceNet, Modus, Profibus, and EtherNet/IP), smart device data can be collected using controllers and HMIs.

The HMI can format the collected data as required, then forward it to the cloud or directly to users through the internet, providing security as needed. This creates an IIoT installation which can be used to improve operations.

Although the acronym IIoT contains the word internet, industrial facilities often instead used internal intranets as their communication networks. Whether the network is an intranet or the internet, and whether the users are local or remote, the installation is still an IIoT if it’s used to connect users to machine and plant floor data.


Embedded HMI capabilities have expanded rapidly in recent years, allowing their use in many IIoT applications.

Get Connected

The first step in creating an IIoT installation is connecting the smart field devices—sensors, instruments, and motor drives—to controllers and HMIs.

Simple field devices like a photoelectric or inductive sensor just send a single data point to a controller’s 24 V dc discrete input. More sophisticated smart sensors use a field device network like DeviceNet, IO-Link, or Profibus DP to send additional data, such as device status and diagnostics.

Analog instruments measure temperature, pressure, flow, and other continuous parameters, then transmit the measured information to controllers. Basic instruments just transmit the measured process variable, usually via a 4-20 mA signal.

Smart instruments use digital fieldbus networks such as EtherNet/IP, Foundation Fieldbus, HART, or Profibus PA to connect to controllers. As with smart sensors, these digital networks allow the instruments to transmit status and diagnostic data, as well as one or more measured variables. For example, a Coriolis flow meter may transmit mass flow, temperature, and density data—and also status and diagnostic data. It’s not unusual for a single smart instrument to transmit more a hundred data points to a controller and/or an HMI.

Simple discrete sensors and basic analog instruments can connect directly to controllers, or  else through remote controller I/O networks, which are most often Ethernet-based. Smart sensors and instruments don’t require remote I/O, as they use their own digital networks to multiplex data back to controllers, or directly to HMIs.

Servo drives, variable frequency drives, and soft starters are other types of smart devices. Whether mounted in a control cabinet or distributed on machines, these devices are connected to controllers via industrial Ethernet protocols that include EtherNet/IP, Profinet, EtherCAT, Powerlink, and Sercos III. Control and safety functions are available via the network connection to the controller. Controllers and HMIs can also collect and display drive status and diagnostic data. Controlling a motion profile—or adjusting variables such as RPM, acceleration time, and deceleration time—are common functions.

Controllers are the heart of communication on the plant floor because most field devices connect to them for automation of machines and processes. Some smart field devices may have dual connections to a controller and an HMI. In some rare cases, a smart field device is only used for monitoring and not for control, and can be connected directly to the HMI. One example is a level instrument used for inventory measurement; this is a monitoring function of interest to the HMI users, but not needed at the controller.

Each of these connections ties machines sensors, instruments, and drives to controllers and HMIs, creating the base of an IIoT installation. HMIs can then be used to provide data and information to local and remote decision makers, completing the IIoT installation.

Protect and Throttle the Data

Once field devices and controllers are connected to an HMI, it can act as a gatekeeper for both communications and data. In terms of communication, it can control access to and from the field devices and controllers on the machine or system. The HMI can also store the data, protect it, and make sure it’s only distributed to authorized personnel.

Field devices are data providers, and are typically polled by a controller or an HMI. When a machine—or multiple machines on a plant floor—contain many devices, significant amounts of data are produced. A local HMI acting as a data concentrator can collect this data and store it as necessary. Adjustments can be made to reduce the amount of data stored. One example is storing analog data by exception—that is, only when it changes by a significant amount, as defined by the user.

Although many field devices have the connectivity required to communicate directly with the cloud or the internet, these types of connections are not recommended for two reasons. The first is the flood of raw data produced, and the second is security.

Using an HMI to collect and concentrate data, and then passing the data to the cloud or to the internet, helps with security and bandwidth concerns. The HMI can store all the data and present it for local use, such as trending and real-time analysis. While all the data may be present at the HMI, user levels configured in the HMI can limit access to it.

With an HMI connected to the cloud, it can limit data sent to the cloud, because often only a portion of the total data is needed for remote monitoring. For example, the data may be analyzed and only part count, hourly report and summary information is then sent the cloud. The HMI has thus taken raw data and passed it to the cloud, where powerful analytics have turned it into actionable information, in the process greatly reducing the bandwidth requirements for cloud and internet connections.

If more data needs to be remotely accessed, an HMI can act as a buffer, only sending data when bandwidth is available. Some or all data can be forwarded to a database or an historian in the cloud, either in raw or compressed form. However, it’s important to be aware of the “Big Data” trap. Care needs to be taken to not collect unnecessary data just for the sake of collecting data.

Getting to and Using the Data

HMI software can be used to format data and send it directly to the user or to the cloud to complete the IIoT connection (Fig. 2). As mentioned, this raw data can be turned into actionable information, reducing bandwidth requirements and simplifying remote monitoring.

When designing an HMI for the machine, users must consider how to collect, analyze and report the data. With the potential to collect large amounts of data, filtering is often needed to make it more usable by the operator and remote users.


Connections to smart devices and controllers are just the start of an HMI’s capabilities as a communication hub.

Many of the features built in to an HMI can be used present data and information on a remote PC, smartphone, or tablet. The graphics on the displays can be configured to provide information at a glance, with the ability to deep dive into detail as desired. Beyond basic indication and numeric are alarm and message displays, along with real-time trend data. All of this information can be displayed in real time or historically, with comparisons possible between the two types of data. This capability is built in to most HMIs in varying degrees, providing important information to users.

For example, a technician troubleshooting a problem may wish to compare current operating conditions to a point in the past when another machine was known to be operating properly. Pulling operating information from similar machines and overlaying real-time with historical data on a trend screen can facilitate this task, providing insights that lead to solutions.

Some HMIs also feature business intelligence templates. These templates provide simple software configuration (not custom coding) to create information dashboards with KPIs. The HMI enables this information and intelligence by combining the dashboard with real-time and historical data. The information can be made available to machine overall equipment effectiveness (OEE) dashboards, maintenance systems, process improvement software, and ERP systems.

Some HMIs can connect with or use statistical tools, analytics, and data mining techniques. The ability to view machine information via trends, statistical analysis, and dashboards with appropriate data resolution can quickly highlight machine and process improvement opportunities.

Implementing Cybersecurity

Modern HMI software has several built-in security features, offering layers of access control. It is extremely important not to expose critical machine control infrastructure to the outside world through an intranet, internet, or other communication network.

Many HMIs provide some built-in tools to implement cybersecurity procedures and rules. To start, users should consider push technology—essentially, where the information generator (the HMI, in this case) pushes data rather than having others pulling the data from the information generator or central server. This eliminates open network ports to the machine. The HMI only sends machine data out and doesn’t allow incoming data, using a technique often referred to as a data diode.

The IT department should be involved with the installation, and connection rules must be followed. There are minimum infrastructure requirements for connecting to the IIoT. For example, a virtual private network (VPN) can be installed before connecting an intranet to the internet or the cloud.

Modern cybersecurity systems use a technique referred to as defense-in-depth or layered security. Each layer is designed to stop or slow down an attacker. One layer is physical access security, where an operator must be present to operate a machine. Another layer is data and communication encryption, where Ethernet switches and VPN connections encrypt the data.

Authorization and authentication is another layer of IoT security. Both operating systems and HMI software have controls available to restrict access to only some data and functions. The built-in username and password functions of any HMI connected to a machine should be implemented including role-based access controls to limit access to only what’s required for the particular user. For example, a technician responsible for remote monitoring of many machines may require a very high level of access, but a manager may only require access to KPI information. Access lists can add security by limiting access to users on the list. 

PCs, smartphones, and tablets should all use authentication to restrict unauthorized users from accessing any functionality or data on the plant floor, in a database, or through use of an HMI.


Máquinas Fix’s solution included InduSoft Web Studio as the HMI, selected for its remote access capabilities and simple configuration. The HMI provides local viewing of data via a touch screen mounted to the machine. Connection to the Beckhoff controller via TwinCAT communication enables real-time machine information to be provided to the operator in the form of process variables, trends and alarms. The ability to quickly analyze real-time data from this brick press and other machines resulted in a 50% improvement in brick manufacturing production time.

Using the IIoT to Improve Brick Manufacturing

In one example, Monteiro Tijolos—a Brazilian producer of ecological bricks—needed help manufacturing its product. It teamed with Máquinas Fix, a local system integrator. Monteiro Tijolos needed a solution with the flexibility for future hardware and software additions. The company also needed good remote data visibility of the multiple processes and machines, as well as the ability to perform remote maintenance functions.

Brick manufacturing includes raw material processing such as batching, mixing, and moistening. It also includes machines for compacting, shaping and handling the brick to meet final specifications (Fig. 3).

Using the InduSoft Web Studio for the HMI and a connection to a Beckhoff controller via TwinCat, the real-time information shows status of the brick press, compactor pressure, overall status of the product, composition, and density—along with overall accept or reject status and more.

The HMI embedded in the machine makes it possible to quickly check the overall efficiency of the machine and evaluate the product to ensure it complies with necessary standards. A variety of alerts helped local and remote operators react quickly to problems. One of the many improvements included use of HMI charts, objects, and dashboards. Máquinas Fix estimates graphical display of multiple data points, and resulting analysis allowed them to improve production by 50%.

Whether connections are made locally through an intranet, or remotely through the internet (and possibly the cloud), IIoT installations enabled by HMIs have the potential to improve machine and plant operations.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.