Sparkplug B is an open-source specification that provides for a standardized framework for industrial applications using MQTT. It provides for defined topic namespaces, state management (birth/death certificates), and payload definitions to ensure interoperability, scalability, and context for data between edge devices and SCADA systems.
MQTT SparkPlugB Connector allows you to transfer SparkPlugB data unidirectionally across the MetaDefender Security Gateway (hereinafter Security Gateway). The SparkPlugB Connector is configured on the Security Gateway BLUE and RED sides.
The SparkPlugB Connector acts as an MQTT client on both BLUE and RED sides, performing both publishing and subscribing roles simultaneously on the BLUE and RED sides. The data is transferred to the MQTT client configured on the SparkPlugB Connector on the Optical Diode RED. That MQTT client forwards the MQTT data to a defined MQTT broker on the RED network.
Security Gateway BLUE
A security dongle must be inserted in the BLUE and RED servers to change configuration.
Navigate to Connectors -> SparkPlug B.
Select Edit button.
Type values in the following boxes:
Broker IP or Hostname: Include here the Broker IP address or the Hostname.
Broker Port: Broker's Port number. Default value is 1883 or 8883 if TLS encryption is selected.
Client ID: Include here the Client ID. The Client Identifier identifies the Client to the Server. Each Client connecting to the Server has a unique ClientID.
Primary Host Application ID: Unique ID that identified the central application consuming data from SparkPlugB edge nodes devices. Max length 1,000. /# and + are not allowed.
Keep Alive (sec): Maximum time interval that is permitted to elapse between the point at which the Client finishes transmitting one MQTT Control Packet and the point it starts sending the next. A Keep Alive value of 0 has the effect of turning off the Keep Alive mechanism. Default value is 300, valid values are 0-65535.
Version: MQTT Protocol Version
Receive Maximum: Maximum number of concurrent QOS1 and QOS2 publications that will be processed. Default value is 20, valid values are 1-65535.
Send Maximum: Maximum number of outgoing QOS1 and QOS2 messages that the client will attempt to have in flight at once. Default value is 20, valid values are 1-65535.
Connect Delay (sec): Elapsed time between connection attempts. Default value is 5
Reorder Timeout: Configurable grace window to recover out of order messages before NCMD Rebirth (seconds). Default:5, Range 0-3,600.
Reconnect: This checkbox controls the behavior of the MQTT client when it is unexpectedly disconnected. The default behavior is to attempt reconnection every second until the connection is successful. Marking the checkbox allows the user to change this parameters.
Reconnect Delay (sec): Delay between successive reconnection attempts. Default value is 2, valid values are 1-60.
Reconnect Delay Max: Set an upper bound to the delay. Default value is 2, valid values are 1-60. A value greater than Reconnect Delay is recommended.
Authentication/Encryption: Select authentication/encryption to apply, once the preferred option is selected extra fields will be displayed to include further information for the authentication/encryption as credentials and certificates. Default option is None, other options are:
- None
- User/Password.
- Server Authentication.
- Mutual Authentication.
- TLS-PSK.
- User/Password + Server Auth.
- User/Password + Mutual Auth.
- User/Password + TLS-PSK.
Group ID: Physical/logical grouping of Edge Nodes. The Group ID combined with Edge Node ID must be unique. Max length: 1,000. / # and + are not allowed.
Edge Node ID: An Edge Node in SparkPlugB is an MQTT client responsible for interfacing with one or more physical devices and for communicating their data to the MQTT broker using the SparkPlugB topic namespace and payload structure. Max length 1,000. / # and + are not allowed.
Enabled: This checkbox should be marked to enable MQTT connector.
Click on Submit button to save the changes.
Security Gateway RED
A security dongle must be inserted in the BLUE and RED servers to change configuration.
Navigate to Connectors -> SparkPlug B.
Select Edit button.
Type values in the following boxes:
Broker IP or Hostname: Include here the Broker IP address or the Hostname.
Broker Port: Broker's Port number. Default value is 1883 or 8883 if TLS encryption is selected.
Keep Alive (sec): Maximum time interval that is permitted to elapse between the point at which the Client finishes transmitting one MQTT Control Packet and the point it starts sending the next. A Keep Alive value of 0 has the effect of turning off the Keep Alive mechanism. Default value is 300, valid values are 0-65535.
Version: MQTT Protocol Version
Receive Maximum: Maximum number of concurrent QOS1 and QOS2 publications that will be processed. Default value is 20, valid values are 1-65535.
Send Maximum: Maximum number of outgoing QOS1 and QOS2 messages that the client will attempt to have in flight at once. Default value is 20, valid values are 1-65535.
Connect Delay (sec): Elapsed time between connection attempts. Default value is 5
Reconnect: This checkbox controls the behavior of the MQTT client when it is unexpectedly disconnected. The default behavior is to attempt reconnection every second until the connection is successful. Marking the checkbox allows the user to change this parameters.
Reconnect Delay (sec): Delay between successive reconnection attempts. Default value is 2, valid values are 1-60.
Reconnect Delay Max: Set an upper bound to the delay. Default value is 2, valid values are 1-60. A value greater than Reconnect Delay is recommended.
Authentication/Encryption: Select authentication/encryption to apply, once the preferred option is selected extra fields will be displayed to include further information for the authentication/encryption as credentials and certificates. Default option is None, other options are:
- User/Password.
- Server Authentication.
- Mutual Authentication.
- TLS-PSK.
- User/Password + Server Auth.
- User/Password + Mutual Auth.
- User/Password + TLS-PSK.
Enabled: This checkbox should be marked to enable MQTT connector.
Click on Submit button to save the changes.
