Complex Event Processing (CEP) and event series analysis are used for detecting situations among events. EsperTech provides the Event Processing Language (EPL) designed for concisely expressing situations and fast execution against both historical and currently-arriving events (Espertech.com).

The Esper EPL is quite powerful – details can be found in the Esper documentation. Found also some slides about Esper. The EPL is a CQL (continuous query language), after a statement is created it is running coninously and results are streamed to listeners – in this prototype a listener is sending the results back to WinCC OA datapoints.

A WinCCOA API-Frontend-Manager gathers all value changes from WinCC OA and publishes it by ZeroMQ. The WinCC OA CEP Manager, with the open source Esper-Engine, subscribes to the Frontend-Manager to get the value changes. The advantage is that many subscribers can be connected to the Frontend-Manager, without increasing the load on the WinCC OA system (based on the ideas from CERN).

With the WinCC OA CEP Manager we can define EPL / CQL statements in WinCC OA and the result streams are passed back to WinCC OA on datapoints, where the results can be processed further.

Some simple EPL examples:

Calculate 5 minute average values with intermediate results every 1 minute:

select avg(value), min(value), max(value) 
from event(tag='System1:Meter_Input.Watt').win:time(5 min) 
output snapshot at (*/1, *, *, *, *)

With pattern matching complex event sequences can be observed with EPL. A simple example is: detect if datapoint B is set after datapoint A (A->B), and its value is higher than the value of A.

select a.value, b.value
from pattern [a=Event(tag='System1:Analog1.Input') -> every b=Event(tag='System1:ExampleDP_Trend1.' and b.value>a.value)]

Get a notification when a datapoint is changing more than 100 times within 10 seconds:

select tag, count(value) 
from Event.win:time_batch(10 sec) 
group by tag having count(*) > 100

Get a notification when a datapoint changes and there is no following value change within the next 10 seconds. For example: if meters are normally changing every 5 seconds, possible broken meters/interfaces can be detected with EPL:

select a.tag, count(*) from pattern 
[every a=Event -> (timer:interval(10 sec) and not Event(tag=a.tag))] 
group by a.tag

Other examples can be found here.

Attached is a screenshot of a simple panel where EPL statements can be defined and observed.

Other examples for CEP with Esper: http://www.adrianmilne.com/complex-event-processing-made-easy/

Recently i implemented a JAVA API for WinCC Open Architecture. So, it is possible to implement WinCC OA API Manager in Java. I used this to implement a simple API Manager in Java to connect WinCC OA to MQTT.

MQTT is a machine-to-machine (M2M) “Internet of Things” connectivity protocol. It was designed as an extremely lightweight publish/subscribe messaging transport. It is useful for connections with remote locations where a small code footprint is required and/or network bandwidth is at a premium (http://mqtt.org/).

The example is connected to a WinCC OA datapoint in system 1, sends incoming values through MQTT to HiveMQ (http://www.hivemq.com/try-out/, there is a public available MQTT broker for testing available). Another Java API Manager is subscribed to the MQTT broker, receives the values changes by MQTT and sets it to the WinCC OA system 2…

I have implemented a Database Logger for WinCC OA which supports different databases.

I did now a first test to compare some databases with WinCC OA and time series logging.

The logger is writing 1000 values/second to four databases in parallel: MSSQL Server, InfluxDB, Phoenix (based on Hadoop/HBase) and Oracle.

There are now about 160.000.000 values in each database. About 3.600.000 values are added every hour…

Four Ctrl-Scripts are querying data with dpGetPeriod every 10 seconds, random time frames (between 1 and 2 hours of data).

Oracle seems to be slower (i think this is related to my test environment), but the access and response times are stable with growing amount of data in the database.

remark: at 10pm the Oracle DB backup starts.

On a Mac install the Docker Toolbox.

https://www.docker.com/docker-toolbox

And click on the “DOCKER CLI”

The type: docker run -d -p 3000:3000 –name oa1 vogler/winccoa:influxdb startup

Afterwards you will see your new container and at the preview you can already see the Grafana dashboard, click on it and it will open in your browser.

You have now a running WinCC OA system which is logging some datapoints to the InfluxDB. There is a simple simulation script running which will set random values to Drive1.*

To open the GEDI you have to go to the DOCKER CLI again and type:

bash-3.2$ docker exec -ti oa1 /bin/bash

You now have a bash in the WinCC OA Container. Set the DISPLAY variable to your client (mac). You need a X-Windows-Server on your client (and allow clients to open windows with “xhost +”). At the Mac you may use xquartz: http://www.xquartz.org

dba3d5e6193f:/ # export DISPLAY=macbookpro:0

dba3d5e6193f:/ # gedi &

or type “console”, it will open the WinCC OA Console.

The NoSQL Logger’s configuration file is: /proj/NoSQL/config/config.logger

There you can set the query part of what you wanna log into the InfluxDB. You can specify the FROM clause of a WinCC OA query, also remote queries are possible (if you connect another OA system to this system (distributed system)).

Then you have to restart the NoSQL Database Logger – it is the WCCOAjava program you see in the console. Right, it is implemented in Java with a native API to WinCC OA.

Grafana can be used to create dashboards in a fast and easy way…