ACC’s Smart Solution for a Secure Data Pipeline to Support Covid Vaccine Manufacturing


The Starting Point
Johnson & Johnson’s pharmaceutical arm, Janssen, embarked on a global effort to combat the COVID-19 pandemic. To support their goal of supplying one billion doses of vaccine, an agreement with a contract manufacturer was reached. Large-scale manufacturing of Janssen’s vaccine would take place at the contract manufacturing site, which is designed for rapid manufacturing of vaccines and other treatments in large quantities during public health emergencies.

The Problem
Janssen required access to near real-time data in order to monitor key production and quality metrics and assure the success of each batch. The contract manufacturer’s Operation Technology (OT) infrastructure of control systems and data collection is isolated from both internal and outside networks – particularly networks with internet access. The contract manufacturer tasked ACC with creating a secure data pipeline providing this information to Janssen.

The Solution
A secure and scalable architecture was required to meet Janssen’s information needs. Janssen provided an Azure IoT Hub to receive the production and batch data from the contract manufacturer’s system. 

ACC proposed Inductive Automation’s Ignition software platform with Cirrus Link’s MQTT modules as the heart of this secure data pipeline. Ignition provided a powerful development environment and support for MQTT messaging. MQTT was ideal for this application as it is designed for secure, real-time, mission-critical data.

The Benefits
– Accelerate the speed of tech transfer
– Ability to produce in an external, unfamiliar environment while preserving quality
– Ability to manufacture with less operators, particularly important with COVID-19 social distance requirements

Solution Details
The heart of the solution is the Cirrus Link MQTT Transmitter, Distributor and Engine plus the Azure Injector, all running on the Ignition Platform from Inductive Automation.Utilizing MQTT, ACC established a secure gateway that ensured only Janssen’s data is transmitted.

The system consists of (3) main components that work together:

– The Ignition Edge Server – acts as the MQTT transmitter at the contract manufacturer plant, gathering only Janssen’s key process data directly from the control system and publishing it on change through an outbound-only port on the control network firewall to the MQTT server. This connection is also secured via user authentication.

– The MQTT Server – acts as a secure bridge between the MQTT transmitter and the cloud. It contains a data and history buffer dedicated to Janssen’s data. The store and forward capability ensures data is not lost if the connection becomes unavailable. The MQTT server also hosts the Azura Injector.

– Cloud Repository – Connection to the cloud is made via an outbound-only port on the enterprise-level firewall. The cloud repository is based on Azure IoT hub and is secure with SSL authentication certificates provided by Janssen.

What is MQTT?
MQTT is a publish/subscribe messaging protocol originally developed over 20 years ago to address the need for lightweight communications over low bandwidth networks. It is based on a topic structure, like a file structure on a computer, and a payload of data. The Sparkplug B specification defines this structure for industrial applications including the topic namespace definition (OT side of things), the payload definition (IT side of things), and the state management for client connections allowing IIot applications to talk to one another seamlessly.

MQTT architectures need three components:

– MQTT Transmitters – the MQTT Clients that produce the data (usually directly connected to the control or SCADA system)

– MQTT Engine – the MQTT Clients that consume data

– MQTT Servers (Distributor Module) – distributes data from the MQTT Transmitters to the MQTT Engine. 

Benefits of MQTT:

– Simple and Open
– Bandwidth efficient – up to 90%