Skip to content

MindSphere Remote Service: Engineering-Option

The Engineering Option allows apps residing inside a Service Network or its secondary network to connect to apps and data residing on devices in a remote Device Network, whilst using customizable IP-based protocols. This enables remote use of engineering or maintenance tools such as Siemens TIA Portal or for routing Audio/Video streams such as access to remote cameras.

Engineering Option

The following Service-to-Device protocol setups are being supported:
- Dynamic Transparent Tunnel (DTT) for routing of TCP/UDP using custom port settings
- Proxy Unaware (PU) routes connetions not designed for routing and is only available on certain Windows® versions
- Web Application enables for connecting to HTTP or HTTPS servers

Note: The setup and configuration of this documentation's reference tenant, its users, Sites and Devices can be found in chapter Sample Setup Used in Documentation.

Note: The product structure and the protocol routing capabilities of the individual optional capability packages are described in chapter Product Structure and Procurement.



Example - Administrator creates Protocol Application for a video stream

If we want to use a video stream such as RTP in order to access a camera, then a tenant administrator has to create the associated Protocol Application upfront, so that it becomes available within the Protocol Application catalog of MRS. In MRS V.2 this is done by first selecting the "blue box icon" on the top left, which will open the Protocol Application menu. Click "Create New Protocol Application".

Admin creates Protocol Application for Video

Now you see the Protocol Hub listing all available protocol templates. The ones associated with the Engineering Option are tagged accordingly. Select "Dynamic Transparent Tunnel".

Admin creates Protocol Application for Video

In this step we assign the DTT application with the name DTT for Video Stream and set the port settings for video streaming. Press "Save" when done.

Admin creates Protocol Application for Video

The newly created Protocol Application DTT for Video Stream now shows in the catalog. It may be assigned to Devices in subsequent steps.

Admin creates Protocol Application for Video



Example - Site Owner assigns video stream protocol to Device

The owner of a site wants to access a camera device and thus leverages the previously predefined Protocol Application for doing video streaming. The intended setup is as follows:

Access to video stream

Press the blue device icon in the top left corner of MRS V.2, which opens the Device menu. We select Device PC p01 from the device tree on the left and then press the blue button "Assign Protocol Application".

Owner assigns video to Device

The catalog lists all available Protocol Applications. Select the needed DTT for Video Stream and press the blue arrow icon next to it.

Owner assigns video to Device

Now the needed DTT for Video Stream is listed as an assigned Protocol Application on the right-hand side. Press "Save".

Owner assigns video to Device

The assigned DTT for Video Stream is now ready for use - a click on the blue chain icon next to it would initiate a connection.

Owner assigns video to Device



Example - Site Owner assigns web application protocol to PLC Device

The owner of a site wants to access a web server located on a PLC Device. Some PLCs offer such web servers for configuration or status supervision purposes. So a predefined Protocol Application enabling encrypted routing of HTTPS will be assigned to an already onboarded PLC device named PLC p01. We use MRS V2 and the Device menu available via the blue icon in the top left corner. Select PLC p01 from the organizational tree and click "Assign Protocol Application".

Owner assigns WebApp to PLC Device

We assume, that an administrator already used the MRS Protocol Hub to create a Protocol Application named WebApp for PLC by using the Web Appliation template. Click the blue arrow icon next to WebApp for PLC to assign it to PLC p01.

Owner assigns WebApp to PLC Device

The WebApp for PLC is now listed as a Protocol Application assigned to PLC p01. Click "Save".

Owner assigns WebApp to PLC Device

The WebApp for PLC can now be used for PLC p01 by creating a tunnel via the blue chain icon. Once the connection will have been established, you may start a browser on your PC residing in a Service Network, which will then be able to connect to the web server of the PLC residing in a remote Device Network.

Owner assigns WebApp to PLC Device

Note: please ensure that respective Service Endpoint and Device Endpoint are up and running.



Example - Administrator creates proxy unaware Protocol Application for remote engineering with TIA portal

Some users want to do remote engineering with Siemens TIA portal, so that the TIA portal is not located within the local Device Network, but within a Service Network such as the network of an OEM acting as a contracted Service Provider. That enables an OEM's technicians to perform maintenance or commissioning tasks from remote.

TIA portal use case

The tenant administrator role selects the blue box icon from the top left of the screen and then selects "Create New Protocol Application".

TIA portal use case

This leads to the protocol hub, which offers protocol templates. We now select Proxy Unaware.

TIA portal use case

In the next screen we assign the name Proxy for TIA to our new Protocol Application. To complete the setup, we press "Add Configuration" in the port mapping section at the bottom of the screen.

TIA portal use case

We now assign port 102, since this is the standard for running the required RFC-1006 protocol (also known as ISO protocol) on top of TCP. Then we press "Save".

TIA portal use case

Now the newly created Proxy for TIA shows up in the catalog of Protocol Applications and is ready for being assigned to a Device.

TIA portal use case

Finally, the administrator assigns the new protocol to a device by selecting PC m01 from the device tree and then pressing "Assign Protocol Application".

TIA portal use case

The Protocol Application Proxy for TIA must be assigned and then be confirmed by pressing "Save", so that users may later initiate this type of connection to PC m01.

TIA portal use case



Example - User establishes remote connection for TIA Portal

A user wants to perform remote engineering with Siemens TIA Portal. The user's PC must host the TIA portal and the TIA cloud connector. Furthermore, the user must have downloaded and launched a Service Endpoint as outlined in section Getting connected.

Note: the downloaded Service Endpoint is a ZIP file, which contains an MSI installer for an operating system driver supporting Proxy Unaware protocol routing on Windows® based computers. This installer must be executed once to make this driver available.

Proxy Unaware Driver

As an initial step, the user opens the MRS organizational device tree via the hexagonal icon in the top left and then navigating to Device PC m01. From here the connection can be established via the blue chain icon next to the assigned Protocol Application named Proxy for TIA.

TIA portal use case

When the status of Proxy for TIA will have turned to green, the connection is ready for use, and the TIA portal may be launched.

TIA portal use case

Any questions left?

Ask the community


Except where otherwise noted, content on this site is licensed under the MindSphere Development License Agreement.


Last update: November 18, 2022