Renewable net zero
emission energy transition.
application Platform as a Service (aPaaS) provides an agnostic, bare metal server solution that is highly scalable, portable and secure. Clients have the option to run the solution on premise or hosted by Seedz. Our runtime and tests have demonstrated that the Seedz server solution can successfully support over 100’000 DataWeeder edge devices even on modest server hardware. The Seedz server only allows connections from authorized devices, rejecting any requests from non-authorised devices.
​
The connection security model is based on public-private key infrastructure, using strong elliptic cryptography for initial certificate exchange and verification, and AES256 for symmetric channel encryption. It must be noted that DataWeeder also checks the validity of server certificates, thus preventing a connection to non-authentic servers.
The system design is highly modular, allowing for flexible deployment that suits the particular requirements of customers. Using standard virtual machines as basic building blocks, the Seedz server can be easily adapted and deployed on bare metal servers, private or public cloud deployments, such as AWS, Azure, or GCE.
Such flexibility also makes it easy to integrate the Seedz server into the existing customer server and network infrastructure, as well as integration with already deployed SCADA systems.
Using virtual machines as building blocks also allows Seedz to scale particular parts of the system according to customer specifications while keeping the overall solution highly secure. Through our holistic approach, we help companies improve their own IT in a smooth and integrative way, to keep the operations running.
Seedz
For further information and details of our system description, please download our leaflet.
Platform.
WEB USER INTERFACE
Seedz web user interface (UI) is a component responsible for showing the overall system status in dashboards and the configuration for individual DataWeeder's / edge devices and their states to the client.
​
We strive for simple and intuitive solutions, while also fully realising the interfaces for technically advanced users should be fast and functional, freeing client’s staff on doing their jobs. The Web UI also incorporates a geographical information system (GIS) based on OpenStreetMap, which can be expanded based on individual customer requirements, adding new layers.
Seedz offers an optional Modbus to the IEC60870-5-104 component for clients that prefer their SCADA talking a single protocol. The DataWeeders can collect data from various sensors via Modbus protocol and we deliver your data via IEC60870-5-104 instance, configurable as push or pull-only.
​
This way if your SCADA cannot speak Modbus, or such functionality requires an expensive upgrade, you can still get the full variety of data from your devices that do not speak IEC60870-5-104. Just give us a profile for the Modbus register you would like to read and how it should map to IEC60870-5-104 IOA's – we will handle the rest!
MODBUS TO 104
SERVER CONNECTOR
Seedz server-connector is a redundant, robust, secure, and highly scalable component written in Go that is responsible for handling incoming connections and data-streams from our DataWeeder's, independent of which type of protocol or transport profile you are transmitting.
The server-connector virtualises your entire front-end-computer and is capable to manage 100’000 connections in parallel on a cost-effective server solution while maintaining connection security, certificate checks and encryption of the transmitted data.
Seedz server-connector can be expanded on individual customer application requirements if needed.
Seedz uses Machine Learning (ML) in multiple ways. One of the major features of ML is focused on security. So we use ML to make sure the integrity of our platform is intact. The ML algorithms regularly analyse signals from our logs to ensure we don’t see anything unusual. Another ML project is related to the security of client infrastructure. We use ML to learn the type of traffic that passes through our secure network and detect unusual patterns. For example, a breached edge device tries to exploit SCADA via what appears to be a standard protocol.
Our latest ML project is related to the prediction of actions that are taken by Stadtwerke (utilities) to operate solar panels located on prosumer rooftops, based on the latest requirements of VDE-AR-N 4105. On sunny or windy days the supply of energy can exceed consumption requiring the reduction of the energy output of local solar and wind farms. We look at the patterns and relations between weather and actions that need to be taken by Stadtwerke (utilities) as a result and preemptively suggest a plan of action, such as a recommendation to reduce or increase the solar panel output by e.g. 30%.
​
MACHINE LEARNING
WE ARE NOT APPLES
Linux
we run Linux on both servers and edge devices. Platform unification allows us to minimise costs of development and administration.
​
Containers
server deployments are handled via Docker containers. Such deployments improve system security, allow better control over the granularity of permissions needed and can be added to any container orchestration software if needed.
​
Remote Procedure Call (RPC)
Seedz RPC is a highly scalable layer for edge to centre interaction. Seedz RPC provides secure mechanisms for transferring data, commands and streams for each DataWeeder.
​
Encryption & Automated Certificate Management
all information transferred by Seedz from edge devices to the server is secure in transit. We also utilise Automated Certificate Management (ACM) to secure our edge devices (DataWeeders), to make it more difficult for bad actors to breach our defences. Seedz uses a defence-in-depth approach to security, by adding layers of defences and not trusting a single component to provide all the security.
​
Bare metal or cloud
the design choices made by Seedz technical team allows for easy deployment of the solution in a public cloud, private cloud, or bare metal servers. We work closely with clients to determine the right deployment and operation strategies to maximise RoI and integrate it into existing client infrastructure.
WE ARE SEEDZ
IEC60870-5-104 over mobile networks
IEC60870-5-104 is quite time-sensitive, which makes it very tricky to use over mobile networks. Seedz solution allows seamless operation of IEC60870-5-104 enabled connections over mobile data networks which have been deployed and tested in substation automation projects.
​
Cluster & caches
Seedz chose the PostgreSQL cluster as its primary data back-end. We also use Redis as a memory-only cache to improve system performance.
​
Geographical Information System (GIS)
Seedz provides an optional feature that shows the location of DataWeeders / edge devices over a geo map. This is very useful when edge devices are geographically distributed over a wide area. Geo view also allows technical staff to easily determine whether certain areas are affected by outages, faster than traditional methods of looking at the list of offline edge devices. While the built-in GIS handler is using OpenStreetMap (OSM) geo layers, Seedz can modify or add new geo layer(s) for additional features requested by clients.
​
Application Programming Interface (API)
Seedz provides a rich REST API to its system, which allows easy integration with client systems, as well as further development of client software. For example, if a client requires UI to work on a specific mobile platform, it can be handled by external companies or by the in-house dev team just by following API specifications.