How does the groov Box work in my system?

The groov Box plugs into a standard Ethernet network, just like a computer. Here are some ways you may want to use it:


For more information, see the Guide to Networking groov.


groov on your premises, using an existing Ethernet network

A single network simplifies setup. If you want to use the groov Box within your facility only (not remotely) and you already have a wired Ethernet network in place for your automation system, you can just plug it in.

Authorized users (human or software) can use data, or monitor and control equipment with your groov View operator interface, as long as they are on the wired Ethernet network. If you have users on mobile devices, you need a wireless network, too.

The following diagrams show the basic architectural components:

  • You plug the groov Box into the same Ethernet network as the industrial automation system. 
  • groov View can connect to Opto 22 SNAP PACs and Modbus/TCP devices on the network, while the Ignition Edge OPC-UA drivers in the groov Box can connect to PLCs and other equipment.
  • Both groov View and Node-RED in the groov Box can connect to PCs on the network running database and spreadsheet software, to show or store data.
  • You build your groov View operator interface on a PC that is on the same wired network as groov.
  • Authorized users can access data and use your interface from computers on the same wired network. With a WiFi connection, authorized users can also use your operator interface from their mobile devices.
groov Edge Appliance used on local network

Here’s the same network, but with people and systems in place of boxes:

groov system architecture on premises

Adding a wireless network for mobile users

If a wireless network does not exist in your facility, but mobile device users need to connect wirelessly to groov View, you can configure a groov Box to create its own private WiFi network with WPA2-PSK security. This feature is called SoftAP (software enabled wireless access point).

To set up SoftAP, you’ll need a GROOV-AR1 with groov Admin v 1.570.39 or higher, and an approved wireless adapter. See the groov Box User’s Guide for a list of compatible adapters and how to install them.

The following image shows two network subnets separated by a groov Box. The wired Ethernet network is for control. The SoftAP wireless network is for nearby mobile devices using groov View; these can include any WiFi-capable device, such as phones, tablets, and laptops.

groov system architecture: groov Box as SoftAP


Using groov in a facility with segmented systems

For security reasons, you may choose to take advantage of the multiple network interfaces on your groov Box to separate your trusted network traffic from your untrusted network. A trusted network is any network where you know exactly who has access to it, for example, an IT-managed corporate network. An untrusted network is any network where you don’t know who has access to it, like the internet.

We strongly recommend that architecture for groov. Your automation system typically does not have internet access; a company computer system may. The image below shows the groov Box with the trusted automation system connected to one network interface and the untrusted computer system connected to the other.

groov system architecture: segmented networks

Solving facility network issues with pub-sub

Sometimes a facility has multiple networks, for example, separate networks for controlling each production line plus a separate network for office computers. Connecting these networks can be problematic, involving IT expense, time, and security concerns.

One way to lessen these problems and still get data from production lines is to connect networks using a pub-sub communication method instead of a request-response one. MQTT/Sparkplug in the groov Box simplifies this solution.

Instead of setting up firewalls and VPNs for each network, place a groov Box on each network as shown in the following diagram, and enable MQTT/Sparkplug. For this solution, you’ll need to set up a local MQTT broker.

groov system architecture: MQTT connects internal networks


Beyond your facility: communicating over the internet

When your control system and your company computers or mobile devices are connected by a local network, communication between them is easy. But you may have very good reasons to communicate with your control system from a different network, miles away. Here are just a few:

  • An engineer needs to adjust a setpoint at another site.
  • Status data from remote equipment needs to be tracked and analyzed for predictive maintenance.
  • Logistics personnel need to track physical locations and other data for delivery trucks.
  • Production managers want to know the number of widgets produced in the last hour, even while they’re traveling.
  • A technician has been notified of a malfunction in another building and needs to quickly switch from pump #1 to pump #2.

These are simple examples of the industrial internet of things (IIoT) at work. With the groov Edge Appliance, all these and many more become possible. If you set up the groov Box so that one of its interfaces can access the internet, you gain additional capabilities:

  • Your Node-RED logic flows can incorporate data from a wide assortment of online services, including environmental and geographical services, regulatory information, data storage and analysis systems such as Amazon Web Services and IBM Bluemix, and much more.
  • The Ignition Edge OPC drivers in the groov Box can tap into data from automation equipment located outside your local network and at remote locations.
  • Your groov View operator interface can include data and controls for all these outside sources.

Any two networks can be used for the IIoT as long as both are connected to the internet:

  • A computer in one location can get data from a control system at another location.
  • Online software and services can supply data or receive data.
  • A groov View operator interface on a computer or mobile device far away from your control system can access it for monitoring or control.
  • A mobile device with cellular service (which goes through the internet) can use the cellular network if it can’t reach the wireless LAN.

When two or more networks are connected to the internet, devices on them can communicate. The following diagram shows some examples. For more information on secure methods, including MQTT/Sparkplug and VPN (virtual private network), see the  Guide to Networking groov.

groov system architecture: using the internet

For OEMs and machine builders

If you're an original equipment manufacturer (OEM) or machine builder, you may find the groov Edge Appliance especially useful. The fanless, small-footprint groov Box takes up little space in your machine, and you can use it in three ways:

  • For an inexpensive, off-the-shelf HMI for machine operators
  • For troubleshooting and updating machines yourself, either onsite or remotely, through an operator interface
  • For tracking data about the machine, through a database, spreadsheet, online service, or other software

For an HMI, you can do one or all of the following:

  • Run a groov View operator interface on a PC connected to the same network as the machine.
  • Build an off-the-shelf mobile device into the machine to use as an operator interface. On an iPhone or iPad, use Guided Access mode to lock down the device so all it does is show your groov View interface.
  • Provide a localized wireless network around the Box so operators can use it from phones, tablets, or laptops, and you or a technician can troubleshoot or update the machine onsite. (You can use a groov Box with an approved WiFi adapter and SoftAP.)
  • Connect one of the groov Box's network interfaces to the internet and use a secure VPN to troubleshoot or update the machine remotely.

To track machine data while it is installed at a customer’s site—for example for billing, checking machine performance, and predictive maintenance—you can:

  • Connect one of the groov Box's network interfaces to a network with internet access
  • Use the included Node-RED to communicate machine data to software either locally or in the cloud for tracking, logging, and analysis.
  • Use the customer's secure VPN, or use the Ignition Edge MQTT transport protocol with Sparkplug messaging to publish machine data to a broker. With either Node-RED or MQTT, no changes are required to the customer’s firewall, because all communications from the groov Box are outbound. That means the groov Box originates the connection; an exterior device doesn't ask the Box to open a connection. Communication through this  outbound connection is still bidirectional.
groov architecture: using MQTT/Sparkplug for efficient data collection