|
| 1 | +--- |
| 2 | +title: "Enable an industrial dataspace on Azure" |
| 3 | +description: "Step by step guide that shows how to enable an industrial dataspace on Azure based on open-source reference implementations." |
| 4 | +author: barnstee |
| 5 | +ms.author: erichb |
| 6 | +ms.service: azure-iot |
| 7 | +ms.topic: how-to #Don't change. |
| 8 | +ms.date: 1/31/2025 |
| 9 | + |
| 10 | +#customer intent: As a manufacturer, I need to provide machine-readable product data to my customers. |
| 11 | + |
| 12 | +--- |
| 13 | + |
| 14 | +# Enable an industrial dataspace on Azure |
| 15 | + |
| 16 | +Many manufacturers need to provide data about their manufactured products to their customers in digital and machine-readable from. Sometimes a law such as the European Commission's [Digital Product Passport](https://data.europa.eu/news-events/news/eus-digital-product-passport-advancing-transparency-and-sustainability) legislation mandates this requirement. To provide this data, manufacturers often create an industrial dataspace between their enterprise systems and their customer's system. The dataspace provides a secure, point-to-point communication channel for digital product data between the manufacturer and the customer. |
| 17 | + |
| 18 | +## What is an industrial dataspace? |
| 19 | + |
| 20 | +An industrial dataspace is a virtual environment designed to facilitate the secure and efficient exchange of data between different organizations within an industrial ecosystem, focusing on the following key principles: |
| 21 | + |
| 22 | +* **Data sovereignty**: It ensures that data providers retain control over their data, including who can access it and under what conditions. |
| 23 | +* **Interoperability**: It uses standardized protocols and governance models to enable seamless data sharing across various platforms and industries. |
| 24 | +* **Security**: It incorporates robust security measures to protect data integrity and confidentiality. |
| 25 | +* **Collaboration**: It supports collaborative efforts by allowing different stakeholders to share and utilize data for mutual benefit. |
| 26 | + |
| 27 | +These principles are relevant in the context of *Industry 4.0*, where interconnected systems and data-driven decision-making are crucial for optimizing industrial processes and creating resilient supply chains. |
| 28 | + |
| 29 | +The following diagram shows an overview of the solution: |
| 30 | + |
| 31 | +:::image type="content" source="media/howto-iot-industrial-dataspaces/dataspaces-arch.png" alt-text="Diagram of an industrial IoT architecture that shows all components." lightbox="media/howto-iot-industrial-dataspaces/dataspaces-arch.png" border="false" ::: |
| 32 | + |
| 33 | +To learn more about the components in the solution, see the [Azure Industrial IoT reference architecture](tutorial-iot-industrial-solution-architecture.md) tutorial. |
| 34 | + |
| 35 | +## Prerequisites |
| 36 | + |
| 37 | +All the required components to enable the industrial dataspace are deployed to Azure during the [install the production line simulation and cloud services](tutorial-iot-industrial-solution-architecture.md#install-the-production-line-simulation-and-cloud-services) workflow. Make sure the simulated production lines are running before you continue. |
| 38 | + |
| 39 | +## Industrial dataspace use case: Provide a carbon footprint for your produced products |
| 40 | + |
| 41 | +Providing the Product Carbon Footprint (PCF) is one of the most popular use cases for industrial dataspaces. It's increasingly important in the buying decision for customers. Products with a low PCF are popular, but accurately calculating the PCF is hard. The [Green-House Gas (GHG) Protocol](https://ghgprotocol.org) is a popular calculation method for the PCF. It splits up the calculation task into scope 1, scope 2, and scope 3 emissions. This example and reference implementation focuses on calculating scope 2 emissions from the simulated production lines. Scope 2 emissions are the emissions produced during a production process. The simulated stations along the production lines provide energy consumption data during production. This energy consumption data is used to calculate scope 2 carbon footprint data for each produced product, if the *carbon intensity* of the electrical energy consumed is known for the location of the simulated production lines. This information is optionally retrieved from a non-Microsoft cloud service operated by [WattTime](https://watttime.org). If the WattTime service isn't configured, the calculation uses an average value. |
| 42 | + |
| 43 | +## IEC 63278 Asset Administration Shell |
| 44 | + |
| 45 | +To provide product data in a machine-readable and standardized fashion, this example uses the IEC 63278 Asset Administration Shell (AAS). This example automatically creates an AAS for a sample of the simulated products produced and stored in an AAS repository. The repository is provided as an open-source reference implementation by the [Digital Twin Consortium](https://www.digitaltwinconsortium.org). This reference implementation supports AAS modeling with [OPC UA](https://opcfoundation.org/about/opc-technologies/opc-ua). This approach simplifies AAS modeling because you can use any OPC UA modeling tool such as the [Siemens OPC UA Modeling Editor (SiOME)](https://support.industry.siemens.com/cs/document/109755133/siemens-opc-ua-modeling-editor-(siome)?dti=0&lc=en-US) or the [CESMII Smart Manufacturing Profile Designer](https://profiledesigner.cesmii.net). The configuration of the deployed AAS repository happens automatically during the deployment workflow and comes with its own web dashboard. To access the dashboard, navigate to the **Overview** page of the AAS repository Container App from the Azure portal, and select the **Application URL** displayed to open the repository's dashboard. Expand the **AAS Environment** tree control to see the individual Asset Admin Shells. Navigate to the **AAS Environment > Objects > Submodels > CarbonFootprint > ProductCarbonFootprint > PCFCO2eq** node in the OPC UA tree and select it to display the calculated scope 2 CO2 PCF. |
| 46 | + |
| 47 | +> [!NOTE] |
| 48 | +> The AAS repository has a REST interface that's [OpenAPI](https://swagger.io/specification) compatible. To access the Swagger UI, add `/swagger` to the AAS repository URL in your web browser. To authenticate and authorize with the REST interface, select **Authorize** on the Swagger webpage. Enter `admin` as the username and use the password you chose during deployment of this reference solution for the password, then select **Authorize** followed by **Close**. To try out any of the REST interface methods, select it, select **Try it out**, provide any necessary parameters, and select **Execute**. The response from the AAS repository is available in the **Server response** text box. |
| 49 | +
|
| 50 | +### Optionally, configure the WattTime service |
| 51 | + |
| 52 | +Optionally, to optionally configure the WattTime service for a more accurate carbon footprint calculation: |
| 53 | + |
| 54 | +1. Go to [Register New User](https://docs.watttime.org/#tag/Authentication/operation/post_username_register_post) and choose a username and password for the service. You need these credentials later in this guide. |
| 55 | + |
| 56 | +1. From a Windows command prompt, enter `wsl` to start the Windows Subsystem for Linux. If WSL isn't yet installed on your computer, install it by running `wsl --install` and reboot your computer. |
| 57 | + |
| 58 | +1. To register your user account, enter the following command, making sure you replace `<username>` and `<password>` with the values you chose previously: `curl -L -X POST -d '{"username":"<username>","password":"<password>","email":"[email protected]"}' https://api.watttime.org/register --header 'Content-Type: application/json' --header 'Accept: application/json'`. |
| 59 | + |
| 60 | +1. From a web browser, navigate to the [online basic auth header generator](https://www.debugbear.com/basic-auth-header-generator) and enter your username and password. Copy the generated access token. |
| 61 | + |
| 62 | +1. To validate your registration, sign in to the service using the following command, making sure you replace `<YOUR_ACCESS_TOKEN>` with the token from the previous step: `curl -L -X GET https://api.watttime.org/login -H 'Authorization: Basic <YOUR_ACCESS_TOKEN>'`. If the validation succeeds, you get a token as a response. |
| 63 | + |
| 64 | +1. [Contact WattTime](https://watttime.org/contact) to upgrade your free account to a pro account. This enables access to the carbon intensity API the AAS repository carbon footprint calculation service uses. |
| 65 | + |
| 66 | +1. Wait until you receive a confirmation from WattTime that your account was upgraded to a pro account. Then, from the Azure portal, navigate to the Azure Container App instance for the deployed AAS repository. Follow the steps in [Add environment variables on existing container apps](/azure/container-apps/environment-variables?tabs=portal#add-environment-variables-on-existing-container-apps), navigate to the **Environment variables** section of the **Edit a container** panel, select **Manual entry** for the **Source** field, and enter your WattTime username and password in the **Value** field of the two existing environment variables **WATTTIME_USER** and **WATTTIME_PASSWORD**. Select **Save** and then **Create** to deploy a new revision of your AAS repository. |
| 67 | + |
| 68 | +## ISO 20151 Eclipse Dataspace Components |
| 69 | + |
| 70 | +The Eclipse Dataspace Components (EDC) is designed to support secure and sovereign data sharing between organizations. Here are the main components: |
| 71 | + |
| 72 | +1. **Connector**: Facilitates data exchange between participants such as the manufacturer of products and the customer of the manufactured products. Two connectors, a *provider* connector and a *consumer* connector, are automatically deployed in this reference solution. |
| 73 | +1. **Federated Catalog**: Enables participants to discover and publish data offerings. |
| 74 | +1. **Identity Hub**: Manages identities and ensures secure access. |
| 75 | +1. **Registration Service**: Handles the registration of participants and their data assets. |
| 76 | +1. **Data Dashboard (Management UI)**: Provides a user interface for managing and monitoring the dataspace. |
| 77 | + |
| 78 | +These components are open source, designed to be extensible and interoperable, and support various protocols and standards. |
| 79 | + |
| 80 | +### Configure the Eclipse Dataspace Connectors |
| 81 | + |
| 82 | +The two EDC Connectors *provider* and *consumer* automatically deployed in this solution are provided as an open source reference implementation by [Fraunhofer IOSB](https://www.iosb.fraunhofer.de/en.html) and contain an extension for accessing an AAS repository like the one deployed in this solution. To configure the connectors, follow these steps: |
| 83 | + |
| 84 | +1. From the Azure portal, navigate to the overview page of your **AAS repository** instance. Copy the **Application URL** displayed. |
| 85 | + |
| 86 | +1. From a web browser, navigate to the [online URL encoder](https://www.urlencoder.org) and copy the AAS repository application URL into the text box and select **> Encode <**. Then copy the encoded URL. |
| 87 | + |
| 88 | +1. From the Azure portal, navigate to the overview page of your **EDC provider** instance. Copy the **Application URL** displayed. |
| 89 | + |
| 90 | +1. From a Windows command prompt, enter `wsl` to start the Windows Subsystem for Linux. If WSL isn't yet installed on your computer, install it by running `wsl --install` and reboot your computer. |
| 91 | + |
| 92 | +1. To register the AAS repository with the EDC provider, enter `curl -L '<EDC provider URL>:8281/api/service?url=<URL-encoded AAS repository URL' -d '{"type":"basic","username":"admin","password":"<deployment password>"}' --header 'Content-Type: application/json' --header 'x-api-key: password'`. Replace the `<EDC provider URL>` with the previously copied EDC provider URL but change `https` to `http`, replace the `<URL-encoded AAS repository URL>` with the previously copied URL-encoded AAS repository URL and replace the `<deployment password>` with the password you picked during deployment of this reference solution. The message **Registered new AAS Service at EDC** confirms a successful registration. |
| 93 | + |
| 94 | +1. To display the metadata provided to the EDC provider from the AAS repository, navigate to `<EDC provider URL>:8281/api/selfDescription` in your web browser. Replace the `<EDC provider URL>` with the previously copied EDC provider URL but change `https` to `http`. You might need to check the **Pretty-print** checkbox in your browser, if available, to read the formatted version of the returned data. From the **submodels** section, copy one of the **id** values displayed, you need this value in the next section of this guide. |
| 95 | + |
| 96 | +### Trigger an automatic digital contract negotiation through the dataspace protocol and transfer a PCF |
| 97 | + |
| 98 | +The EDC Connector supports an automated EDC digital contract negotiation where the entire workflow is handled automatically. To trigger this automatic contract negotiation, followed by the transfer of a PCF from the AAS submodel for which you copied the ID in the previous step, complete the following steps: |
| 99 | + |
| 100 | +1. In the Azure portal, navigate to the overview page of your **EDC provider** instance. Copy the **Application URL** displayed. |
| 101 | + |
| 102 | +1. In a web browser, navigate to the [online URL encoder](https://www.urlencoder.org) and copy the EDC provider application URL into the text box, but change `https` to `http`, and select **> Encode <**. Then copy the encoded URL. |
| 103 | + |
| 104 | +1. In the Azure portal, navigate to the overview page of your **EDC consumer** instance. Copy the **Application URL** displayed. |
| 105 | + |
| 106 | +1. At a Windows command prompt, enter `wsl` to start the Windows Subsystem for Linux. If WSL isn't yet installed on your computer, install it by running `wsl --install` and reboot your computer. |
| 107 | + |
| 108 | +1. To see the AAS submodel containing the PCF returned in a JSON document, enter `curl -L -X POST '<EDC consumer URL>:9291/api/automated/negotiate?providerId=provider&assetId=<assetId>&providerUrl=<URL-encoded provider URL>%3A8282%2Fdsp' --header 'x-api-key: password'`. Replace `<EDC consumer URL>` with the previously copied EDC consumer URL but change `https` to `http`, replace `<assetId>` with the AAS submodel ID copied in the previous section, and replace `<URL-encoded EDC provider URL>` with the previously copied URL-encoded EDC provider URL. |
0 commit comments