Nerve Features

Nerve documentation

Learn more about Nerve's Features

Nerve is designed for industrial environments and has been developed together with leading machine builders and plant operators. The feature set of each Nerve module is optimized with unique workflows ideally suited for production facilities and machines. Independent of which module you license, Nerve offers a set of base features. These features provide a secure foundation for managing software and devices in Nerve.

Edge Hosting

The Edge Hosting module allows you to run multiple applications in the form of docker containers and virtual machines side-by-side on standard industrial hardware at the edge and manage them remotely from the cloud.

  • Nerve Nodes support multiple virtual machines as workloads. Applications and operating systems can be migrated into Nerve without requiring any modifications. Virtual machines can be created on a node, then pushed to the workload repository in the Management System and distributed to all nodes worldwide.

  • Nerve Nodes support Docker containers as workloads. Docker containers on connected nodes can be managed centrally from the Management System or locally at the edge. Docker containers can be pulled from your private registry or from Docker Hub. Nerve allows to apply persistent configuration files that include specific settings.

  • Nerve integrates a workload repository with built-in version management. The workload repository holds all applications which can be distributed to the Nerve Nodes worldwide. Workload versions can be marked as released and a released workload cannot be modified. This ensures clarity about which exact configuration of a workload is deployed.

  • When workloads are created, they are fully encapsulated with all the parameters needed for installation. Service personnel are not required to modify any network, remote service or resource reservation settings. This ensures that software deployment is straightforward for service personnel.

  • Nerve provides logging services based on the well-known KIBANA system. All system events, node events and applications are logged centrally. Pre-configured dashboards allow users to get started quickly without prior experience of using KIBANA. Nerve provides the infrastructure to log the messages and errors of applications. When applications are configured to log into a Linux Syslog service, Nerve ensures that all logs can be accessed centrally.

Data Services

The Data Service module supports you with creating analytics and visualization applications and with moving data between sensors and the cloud. Using the Data Service module, you can read sensor data or connect to a Siemens PLC, store the data and visualize it in a data base on the node or in the cloud. The Data Service module also includes the license to host a single container on a node to give you the capability of creating edge analytics.

  • The Nerve Data Gateway can be configured to read data from different sources and forward it to data sinks. It is flexibly configurable for multiple sources and sinks. The data gateway is optimized for high performance and permits short cycle times of down to 1 ms. It is graphically configurable for best usability.

  • The Data Gateway can be configured to read from Siemens S7 PLCs (S7-300/400/1200/1500).

  • The Data Gateway also includes sophisticated OPC UA server and client functionality. Both client and server are freely configurable at runtime and support encryption and authentication using certificates or username/password. You can use the OPC UA server to create a digital twin of your machine encapsulating all the data gathered from sensors and PLC.

  • The Data Gateway can directly send data to Microsoft Azure IoT Hub, giving you a head start for your applications on Microsoft Azure.

  • The Data Gateway supports MQTT as input and output protocol, again with certificate and username/password-based security features. The data is formatted in JSON and includes exact timestamping information.

  • For high performance data exchange between applications and the Nerve Python SDK (beta version) the Data Gateway allows the use of ZeroMQ.

  • Accurate timestamping at the source ensures data consistency. The data is time-stamped at the earliest possible moment. The timestamps are transported in the data stream to ensure timing information is not lost on the way.

  • A Time-Series Database is integrated on each Nerve Node and in the central Management System. These edge databases can be easily accessed using SQL with user applications running on the node. Nerve enables users to configure the retention time of the integrated databases, to ensure that storage is never filled up unintentionally. You can inspect data in the databases quickly using the built-in preview.

  • The Data Gateway can buffer incoming data during offline periods to later forward it to the central database. A timeout ensures that the local databases do not overflow during longer offline periods.

  • Nerve has built-in visualization for data at the edge as well as in the central Management System. An unmodified Grafana system is integrated for that purpose. It accesses the built-in databases as data sources.

Remote Services

The Remote Service module offers a range of features that enable you to remotely
connect to workloads and devices in the field.

  • Remote tunneling can be used to connect, for example to a web-based user interface (UI), a command line, or an FTP server. You can connect to services running in workloads or even to external devices in a node’s network. Using the Nerve Connection Manager, you can also connect the CODESYS engineering tool to the CODESYS runtime running on any Nerve Node.

  • Remote access can be configured when creating a workload in the Nerve Management System. Remote access to the workload is then available whenever it is deployed to a node. No additional configuration is necessary.

  • Remote viewing in Nerve does not only cover access to workloads and nodes. Users can easily configure external sources for remote access, like a Windows PC running an RDP server or a device with Secure Shell (SSH) access. Nerve becomes a secure hub (jump host) for remote access to all devices in the machine or production network.

  • Nerve integrates a remote shell access directly from within the browser for workloads and external devices. Alternatively, the remote tunnel feature can be used to bring the SSH connection or console port to a PC.

  • Nerve permits remote access to the screens of virtual machine workloads even if they do not have a VNC or RDP server running themselves. This also enables you to observe the boot and shutdown process of a virtual machine workload.

  • Nerve can be configured to require local acknowledgment for remote access. If activated, a user needs to accept a request for remote access on the node’s local user interface. This ensures that remote access happens only when permission is granted.

Soft PLC

The Soft PLC module can be used to run machine control workloads on standard
industrial hardware and access fieldbus-level sensors and actuators.

  • The integrated CODESYS Soft PLC (Version 3.5) is fully managed and applications can be distributed to nodes via the Nerve Management System. The CODESYS Soft PLC runs down to 1 ms cycle time, taking advantage of the computational power of Intel CPUs.

  • The Soft PLC supports multiple fieldbus protocols. It can act as an EtherCAT master, Modbus Master, PROFINET master and PROFINET device. Nerve supports a dedicated, high speed network port for the fieldbus connections to CODESYS.

  • Nerve provides a connector from the CODESYS Soft PLC directly to an influxDB Time-Series Database, optimized for high throughput. Using an Intel Atom class CPU, more than 10,000 samples per second can be pushed into the database.

  • Nerve Nodes support CODESYS 61131-3 PLC applications as workloads. 61131-3 PLC applications can be programed and tested using the CODESYS IDE. The Nerve Management system can distribute these PLC applications to all Nerve Nodes in the system.

    A Nerve Node can be configured to require local acknowledgment for modification of PLC applications. Where the integrated CODESYS Soft PLC is being used to control machine movements or critical operations, administrators can require that modifications are only made when a local user actively permits the change.

  • The CODESYS Soft PLC includes retain variable support. Nerve provides a library to help users with this feature.

Base Features

Independent of which module you license, Nerve offers a set of base features.
These features provide a secure foundation for managing software and devices in Nerve.

  • The Nerve Management System provides a central point for managing all connected nodes. Users can manage nodes, update firmware, monitor device status and deploy and manage workloads. It is available as a hosted service run by TTTech Industrial, or for on-premise (or on customer cloud) installation.

  • Nerve includes a wealth of features to ensure that the system always operates securely and keeps production data secure. All connections are secured using TLS. Nerve is regularly penetration tested. Software processes are according to IEC62443.

  • Nerve includes a Role-Based Access System to control the access for individual users to certain features of the Management System. Users can be managed through the built-in user and rights management system or connected to LDAP/active directory.

  • Nerve Nodes offer full functionality even when not connected to the Management System for whatever reason. When a node comes online, the Management System syncs to the node and recognizes any modifications made while it was disconnected.

  • Nerve can be managed through an API for automating repetitive tasks or for connecting the Nerve Management System to other systems.

  • Nerve platform software and all the applications can be updated remotely. The read-only file system ensures integrity of the platform software.

Technical Specifications

  • Base system
    • Linux/based kernel
    • Support for Atom, Core I5 and I7 based COTS hardware (qualifiable as Nerve Devices)
  • Hardware support
    • TTTech MFN 100, Kontron A-250/A-150, Siemens Simatic IPC 127E/427E, Vecow SPS 5600, SuperServer E100-9AP-IA/1019D-16C-FHN13TP/5029C-T
  • Hypervisor
    • XEN (ACRN and KVM on request)
  • OS support
    • Linux and Windows (as virtual machines)
  • Soft PLC
    • CODESYS 3.5 (PROFINET Master/Slave, EtherCAT, Modbus TCP/IP)
    • Cycle time down to 1 ms
    • Hosted in a real-time virtual machine to ensure isolation
  • Workload management
    • Local user interface (UI) for workload management
    • Resource management to ensure application performance
  • Updates
    • Over-the-air updates for base system
  • Communication security
    • Encrypted Transport Layer Security (TLS 1.2) based communication
    • Firewall friendly - communication to the Management System uses port 443
  • Application sandboxing
    • Applications are hosted as virtual machines and containers to maintain system separation
  • Network segmentation
    • Configurable networking for separation of workload networks
  • Database
    • Timescale Time-Series Database
  • Multi-protocol gateway
    • Graphical user interface for configuration
    • Accurate time-stamping at ingestion point
  • Input protocols
    • MQTT Subscriber, Modbus Client, Modbus, Siemens S7 Client, OPC UA Client, OPC UA PubSub Subscriber, ZeroMQ Subscriber
  • Output protocols
    • MQTT Publisher, OPC UA Server, OPC UA PubSub Publisher, Timescale DB (SQL), InfluxDB, Microsoft Azure IoT Hub, ZeroMQ Publisher, Nerve Database
    • Offline buffering and automatic synchronization
  • Data visualization
    • Grafana locally on Nerve Device and remotely in Management System
  • Analytics
    • Python SDK and toolchain for analytics container creation
    • Analytics support built with Intel MKL and DAAL libraries
  • Management System
    • Hosted on Azure cloud or on-premises/customer cloud
    • Deployable as Linux Docker with browser-based graphical user interface (GUI)
    • Supports low bandwidth and intermittent connections to Nerve Devices
  • Workload management
    • Support for local repositories (service PC or server)
  • Permission management
    • User management via LDAP
  • Remote access
    • Remote service access (VNC, RDP, Shell), remote port tunneling (e.g. for FTP)
    • Connection via http and https proxy server in local UI network setup
  • Logging and monitoring
    • Centralized logging support (Elasticsearch/Kibana)