Remote communication system and remote communication method

The remote communication system with a cloud server and management software tools addresses security and complexity issues in telecommunication systems by enabling secure, simplified management of factory equipment from external devices, ensuring communication security and efficient updates.

WO2026141439A1PCT designated stage Publication Date: 2026-07-02KAWASAKI JUKOGYO KK

Patent Information

Authority / Receiving Office
WO · WO
Patent Type
Applications
Current Assignee / Owner
KAWASAKI JUKOGYO KK
Filing Date
2025-12-24
Publication Date
2026-07-02

Smart Images

  • Figure JP2025045207_02072026_PF_FP_ABST
    Figure JP2025045207_02072026_PF_FP_ABST
Patent Text Reader

Abstract

A remote communication system 100 comprises: a plurality of types of equipment devices 60; a gateway device 50 that is connected to the equipment devices 60 via a network within a factory 40b; a cloud server 20 that is connected in an encrypted state to the gateway device 50 via a network within a company to which the factory 40b belongs and an external network, and that is provided with a plurality of management software tools 21 for each of a plurality of administrators who manage the equipment devices 60; and a plurality of external devices 10 that are used respectively by the plurality of administrators, are connected in an encrypted state to the cloud server 20, and communicate with the equipment devices 60 managed respectively by the administrators via the corresponding management software tools 21 of the cloud server 20 and the gateway device 50.
Need to check novelty before this filing date? Find Prior Art

Description

Telecommunication systems and telecommunication methods

[0001] This disclosure relates to telecommunication systems and telecommunication methods.

[0002] Conventional telecommunication systems have been disclosed. For example, International Publication No. 2022 / 249435 describes a telecommunication system comprising: multiple pieces of equipment used in a factory; a gateway device connected to the equipment via an internal factory network; a server device connected to the gateway device via the internal factory network and an external network; and an external terminal that communicates with the factory equipment via the server device and the gateway device. In the telecommunication system of International Publication No. 2022 / 249435, the external terminal and the multiple pieces of equipment in the factory are connected under the management of the gateway device within the factory.

[0003] International Publication No. 2022 / 249435

[0004] In the telecommunications system of International Publication No. 2022 / 249435, when each of a plurality of equipment devices is managed by a separate administrator, each administrator must be able to connect to the equipment devices they manage from an external terminal and must prevent connection to equipment devices they do not manage from an external terminal. As a countermeasure for this, for example, a method of installing (installing) software for operating the equipment device remotely by connecting the equipment device and an external terminal to a gateway device is conceivable. However, when installing software on a gateway device installed within the company, there is a possibility that the software may have vulnerabilities, and there is a problem that the company to which the factory belongs cannot confirm security. As another countermeasure, a method of providing a plurality of gateway devices in the factory for each administrator is conceivable, but this method has a problem that the system configuration becomes complicated. As another countermeasure, a configuration in which the gateway device only performs a communication function lower than the application level is also conceivable, but with this method, it is difficult for the company to which the factory belongs to grasp the data content received by the gateway device, and there is a problem that the company to which the factory belongs cannot confirm security. Also, when the equipment device administrator in the factory prepares the gateway device in the factory, there is a case where a device that does not satisfy the communication security conditions of the factory may be installed, so there are cases where the communication security in the factory cannot be ensured. Therefore, it is desired to suppress the complication of the system configuration and ensure communication security.

[0005] This disclosure has been made to solve the above problems, and one object of this disclosure is to provide a remote communication system and a remote communication method capable of suppressing the complication of the system configuration and ensuring communication security.

[0006] The remote communication system according to the first aspect of this disclosure comprises several types of equipment used to produce or transport products in a factory; a gateway device connected to the equipment via the network within the company to which the factory belongs; a cloud server connected to the gateway device in an encrypted state via the factory's internal network and an external network, and equipped with multiple management software tools for each of the multiple administrators who manage the equipment; and multiple external devices used by each of the multiple administrators, connected to the cloud server in an encrypted state, and communicating with the equipment they manage via the corresponding management software tools on the cloud server and the gateway device.

[0007] As described above, the remote communication system in this disclosure involves providing multiple management software tools for each of the multiple administrators managing the equipment on a cloud server, and communication between the equipment managed by each administrator and external devices is facilitated via the corresponding management software tools and gateway devices on the cloud server. This allows each administrator to connect to the equipment they manage from external devices, while preventing external devices from connecting to equipment they do not manage, even if there are separate administrators for each type of equipment, by providing the management software tools for each administrator on the cloud server. This eliminates the need to provide gateway devices for each administrator within the factory, thus preventing the system configuration from becoming overly complex. Furthermore, since gateway devices are not required for each of the multiple administrators within the factory, equipment administrators will not install equipment that does not meet the factory's security requirements. This ensures the security of communications.

[0008] The remote communication method in the second aspect of this disclosure is a remote communication method for remote communication between multiple types of equipment used to produce or transport products in a factory and multiple external devices used by the respective managers of each piece of equipment, wherein the multiple external devices and a cloud server equipped with multiple management software tools for each manager who manages the equipment are connected in an encrypted state, the cloud server and a gateway device are connected in an encrypted state via the factory network and an external network, the gateway device and the equipment are connected via the factory network, and the external devices and the equipment communicate via the management software tools and gateway device corresponding to the external devices.

[0009] The remote communication method described in the second phase of this disclosure involves providing multiple management software tools for each of the multiple administrators managing the equipment on a cloud server, and enabling communication between the equipment managed by each administrator and external devices via the corresponding management software tools and gateway devices on the cloud server. This allows each administrator to connect to the equipment they manage from external devices, while preventing external devices from connecting to equipment they do not manage, even if there are separate administrators for each type of equipment, by providing the management software tools for each administrator on the cloud server. This eliminates the need to install gateway devices for each administrator within the factory, thus providing a remote communication method that can suppress the complexity of the system configuration. Furthermore, since gateway devices are not required for each of the multiple administrators, equipment administrators will not install equipment that does not satisfy the factory's communication security requirements. This provides a remote communication method that can ensure communication security. The communication function of the gateway device can be configured to include only communication functions below the application level, for example. This configuration simplifies the configuration of the gateway.

[0010] The remote communication system and remote communication method disclosed herein can suppress the complexity of the system configuration and ensure the security of communications.

[0011] This is a block diagram showing a remote communication system according to one embodiment. This is a diagram illustrating the communication connection of a remote communication system according to one embodiment. This is a diagram illustrating a first example of updating the software of equipment using a remote communication system according to one embodiment. This is a diagram illustrating a second example of updating the software of equipment using a remote communication system according to one embodiment.

[0012] Hereinafter, an embodiment of this disclosure will be described based on the drawings.

[0013] As shown in Figure 1, the remote communication system 100 is a system for remote communication between external devices 10 and equipment 60 in the factory 40b. Specifically, the remote communication system 100 is a system that allows the equipment manufacturer's managers to remotely operate and manage the equipment 60 in the factory 40b, which is managed by the equipment manufacturer, from their respective external devices 10. In other words, the remote communication system 100 enables remote communication between multiple types of equipment 60, including robots, used to produce products in the factory 40b, and multiple external devices 10 used by the managers of each piece of equipment 60.

[0014] In the equipment-using company 40, products are produced using multiple types of equipment 60 in factory 40b. Factory 40b of the equipment-using company 40 utilizes equipment 60 provided by various equipment manufacturers. The equipment 60 is monitored and maintained by the equipment manufacturer or a management company contracted by the equipment manufacturer. For example, the equipment manufacturer or management company monitors the operation of the equipment 60 by collecting operation logs or by collecting equipment data. While this specification describes cases where the equipment manufacturer or a management company contracted by the equipment manufacturer performs the monitoring and maintenance of the equipment 60, other businesses may also perform the monitoring and maintenance. For example, the equipment-using company 40 itself may monitor and maintain the equipment 60 using a remote communication system 100.

[0015] As shown in Figure 1, the remote communication system 100 comprises multiple external devices 10 used by multiple equipment manufacturers, a cloud server 20, a gateway device 50 installed in the factory 40b of the equipment user company 40, and multiple pieces of equipment 60 used in the factory 40b.

[0016] The equipment-using company 40 includes an office 40a with office functions and a factory 40b with product production functions.

[0017] Office 40a is equipped with a communication network consisting of an office LAN (Local Area Network) 41, firewalls 42a and 42b, and a DMZ (Demilitary Zone) 43.

[0018] Factory 40b is equipped with a communication network consisting of a factory LAN 44, firewalls 45a and 45b, and an iDMZ (industrial Demilitary Zone) 46. In this specification, an iDMZ is a type of DMZ, and an iDMZ is a DMZ installed within a factory.

[0019] External devices 10 are used by each equipment manufacturer that manages the equipment 60. In the example shown in Figure 1, external device 10a is used by equipment manufacturer A. External device 10b is used by equipment manufacturer B. External device 10 is a computer. External device 10 is, for example, a personal computer or a portable information terminal. External device 10 includes a processor such as a CPU (Central Processing Unit), a control unit including memory such as ROM (Read Only Memory) and RAM (Random Access Memory), an operation input unit such as a touch panel, mouse, or keyboard that accepts operation input, and a display unit that displays information. External device 10 also includes a communication unit that connects to a network to communicate information.

[0020] The cloud server 20 is a virtual server built on the network. The cloud server 20 is managed by the provider of the remote communication system 100. The cloud server 20 is connected to the gateway device 50 in an encrypted state via the office LAN 41 within office 40a and the external internet 30. For example, the cloud server 20 is connected to the gateway device 50 using a VPN (Virtual Private Network). The cloud server 20 is also equipped with multiple management software tools 21 for each of the multiple administrators who manage the equipment 60.

[0021] The cloud server 20 is connected to the external devices 10 via a network such as the Internet. Furthermore, the cloud server 20 is connected to each of the multiple external devices 10 via secure communication. For example, the cloud server 20 is connected to each of the multiple external devices 10 using a VPN (Virtual Private Network).

[0022] The management software tool 21 is provided with a dedicated tool for each equipment manufacturer. In the example shown in Figure 1, management software tool 21a is provided as a dedicated tool for equipment manufacturer A, and management software tool 21b is provided as a dedicated tool for equipment manufacturer B. In addition, user management software tool 22 is provided for equipment user companies 40 to manage the management software tool 21.

[0023] Each of the management software tools 21 is a dedicated tool for each equipment manufacturer, and only the equipment manufacturer and the equipment user company 40 can access and use it. In other words, management software tool 21a can be accessed and used from the external device 10a of equipment manufacturer A. Similarly, management software tool 21b can be accessed and used from the external device 10b of equipment manufacturer B. Furthermore, management software tools 21a and 21b can be accessed and used from the information equipment of the equipment user company 40. Additionally, user management software tool 22 can be accessed and used from the information equipment of the equipment user company 40. In the above example, the management software tools are shown to be accessible and usable by both the equipment manufacturer and the equipment user company 40, but it is also conceivable that the equipment manufacturer can access and use them, while the equipment user company 40 can only access and view them.

[0024] The management software tool 21, which is dedicated to the equipment manufacturer, is operated and processes are executed by an external device 10 of the equipment manufacturer to be managed. The management software tool 21, which is dedicated to the equipment manufacturer, includes software for connecting the external device 10 of the equipment manufacturer with the corresponding equipment 60 of the factory 40b.

[0025] The management software tool 21, dedicated to each equipment manufacturer, stores information for remotely communicating with the equipment 60 of each equipment manufacturer. For example, the management software tool 21 stores information such as the address information, communication permission information, and communication standard information of the equipment 60 to be managed. Furthermore, the management software tool 21, dedicated to each equipment manufacturer, stores information for remotely managing the equipment 60 of each equipment manufacturer. For example, the management software tool 21, dedicated to each equipment manufacturer, stores information such as the model information, version information, and usage status information of the equipment 60 to be managed.

[0026] Furthermore, the management software tool 21, which is exclusive to the equipment manufacturer, can configure software updates for the managed equipment 60 by operating the external device 10. When the management software tool 21 receives software update data for the managed equipment 60 from the external device 10 and receives a software update instruction from the external device 10, it executes a process to update the software of the equipment 60.

[0027] The dedicated user management software tool 22 for the equipment user company 40 includes software for monitoring and managing communication between the cloud server 20 and the gateway device 50. Furthermore, the dedicated user management software tool 22 for the equipment user company 40 includes software for managing the equipment manufacturer's dedicated management software tool 21.

[0028] Office LAN 41 is connected to the external internet 30 via firewall 42a, DMZ 43, and firewall 42b. Office LAN 41 is also the network within office 40a of the equipment-using company 40. Computers and office equipment used in office 40a are connected to office LAN 41.

[0029] Firewalls 42a and 42b restrict information communication between the Internet 30 and the office LAN 41. Specifically, firewalls 42a and 42b restrict information communication to prevent unauthorized access to the office LAN 41 from the outside. In addition, firewalls 42a and 42b restrict information communication to prevent unauthorized leakage of information from the office LAN 41 to the outside.

[0030] The DMZ 43 is located in an area separated by firewalls 42a and 42b. The DMZ 43 is a neutral area located between the external internet 30 and the internal office LAN 41.

[0031] The factory LAN 44 is connected to the office LAN 41 via a dedicated communication line, firewall 45a, iDMZ 46, and firewall 45b. The factory LAN 44 is also the network within the factory 40b of the equipment-using company 40. Computers and equipment 60 used in factory 40b are connected to the factory LAN 44.

[0032] Firewalls 45a and 45b restrict information communication between the office LAN 41 and the factory LAN 44. Specifically, firewalls 45a and 45b restrict information communication to prevent unauthorized access to the factory LAN 44 from the outside. In addition, firewalls 45a and 45b restrict information communication to prevent unauthorized leakage of information from the factory LAN 44 to the outside.

[0033] iDMZ46 is located in an area separated by firewalls 45a and 45b. iDMZ46 is a neutral area located between the office LAN41 and the factory LAN44.

[0034] The gateway device 50 is installed in the iDMZ 46 and transfers information between the internal network of the factory LAN 44 and the external internet. The gateway device 50 is connected to the equipment 60 via the firewall 45b and the factory LAN 44 within the factory 40b. The gateway device 50 performs information communication by converting different protocols and data formats. For example, the gateway device 50 converts protocols so that data can be exchanged between networks using different communication protocols. The gateway device 50 also improves network security by blocking unauthorized access and unnecessary data. Furthermore, the gateway device 50 performs efficient data transfer by monitoring and optimizing network traffic. For example, when communication is performed between the cloud server 20 and the gateway device 50 using a VPN (Virtual Private Network), the gateway device 50 refers to the IP address and port number of the data received via the VPN to identify the equipment to which the received data should be transferred, performs the appropriate protocol conversion on the received data, and transmits it to the destination equipment. The communication protocol between the gateway device 50 and the equipment is, for example, TCP / IP. In this case, the gateway sets the IP address and port number assigned to the destination equipment on the factory LAN and sends the data.

[0035] Furthermore, the gateway device 50 is located in an iDMZ area separated by a firewall 45b from the factory LAN 44 within the factory 40b. Also, the gateway device 50 is a dedicated embedded device, and the installation of additional software is restricted.

[0036] Furthermore, the gateway device 50 is provided in common for multiple types of equipment 60. For example, one gateway device 50 is provided in factory 40b. Note that multiple gateway devices 50 may be provided to increase processing or memory capacity. Also, if there are multiple factories 40b, a gateway device 50 is provided for each factory 40b. In addition, the gateway device 50 centrally manages the management of remotely connectable equipment. Logs are also stored in the gateway device 50, and these logs can be used, for example, in forensic investigations.

[0037] The equipment 60 is used to produce products in the factory 40b. Multiple types of equipment 60, including robots, are installed in the factory 40b. In the example shown in Figure 1, equipment 60a from equipment manufacturer A is a robot. The robots include, for example, robots with horizontal articulated arms and robots with vertical articulated arms. Equipment 60a also includes a control device for controlling the robot's movements.

[0038] Equipment 60b from equipment manufacturer B consists of equipment other than robots. Examples of equipment other than robots include conveying equipment, processing equipment, assembly equipment, welding equipment, and inspection equipment.

[0039] Furthermore, the factory 40b may be equipped with multiple pieces of equipment 60 of the same type. For example, the factory 40b may be equipped with multiple robots of the same type. In addition, it may be equipped with multiple pieces of equipment 60 of the same type other than robots.

[0040] In this embodiment, each of the multiple external devices 10 is connected to the cloud server 20 in an encrypted state. Furthermore, each of the multiple external devices 10 communicates with the equipment 60 it manages via the corresponding management software tool 21 and gateway device 50 of the cloud server 20.

[0041] In other words, in this embodiment, a cloud server 20 equipped with multiple management software tools 21 for each administrator who manages multiple external devices 10 and equipment 60 is connected to each other via VPN (Virtual Private Network) in an encrypted state. The cloud server 20 and the gateway device 50 are connected via the external internet 30, the office LAN 41 in office 40a, iDMZ 46, etc., via VPN (Virtual Private Network) in an encrypted state. The gateway device 50 and the equipment 60 are connected via the factory LAN 44 in factory 40b, and the external devices 10 and equipment 60 communicate with each other via the management software tool 21 corresponding to the external devices 10 and the gateway device 50.

[0042] As a result, the equipment user company 40 can communicate data encrypted through the VPN while connected to the internet via its contracted legitimate connection route, allowing the equipment user company 40 to understand the connection route and manage its security. Furthermore, since the user management software tool 22 is installed on the cloud server 20 with access for the equipment user company 40, the equipment user company 40 can manage the security of the management software tool 21 and the data content communicated by the management software tool 21. In addition, in the remote communication system 100, the communication physical devices managed by the equipment user company 40 are aggregated in the gateway device 50 located in the iDMZ, and since the gateway device 50 is an embedded device, the risk of unauthorized software being additionally installed can be suppressed. As a result, security measures can be implemented efficiently. Moreover, since the VPN is configured on the cloud server 20 with access for the equipment user company 40, the equipment user company 40 can check the VPN settings and the data content communicated over the VPN, thus suppressing the occurrence of security issues related to these.

[0043] Also, each of the plurality of external devices 10 remotely operates and remotely manages the facility device 60 to be managed via the corresponding management software tool 21 of the cloud server 20 and the gateway device 50.

[0044] The cloud server 20 communicates with the external device 10 according to a general-purpose communication standard. Also, the cloud server 20 communicates with the facility device 60 according to the corresponding communication standard for each of the plurality of types of facility devices 60 by the corresponding management software tool 21.

[0045] In the example of the communication connection shown in FIG. 2, the external device 10a of equipment manufacturer A and the facility device 60a managed by equipment manufacturer A in the factory 40b are communicatively connected. The external device 10a is connected to the cloud server 20 in an encrypted state via a VPN. In this case, the external device​​​​​Here, for a plurality of facility devices 60, the communication standards of instruction signals often differ for each facility manufacturer. That is, generally, it is necessary to transmit instruction signals to the facility devices 60 according to different communication standards respectively. Therefore, it is possible to remotely manage the facility devices 60 by converting the instruction signals by an external cloud server 20 into the communication standards corresponding to the facility devices 60 and transmitting them via a secure communication line. In addition, since the management software tool 21 for converting the communication standards of signals can be set by the facility manufacturer to be used, it is possible to set the management software tool 21 so that the facility manufacturer converts to the desired communication standard. In this example, the case where the cloud server 20 performs the conversion of the communication standard is shown. However, it is also conceivable that the communication standard used between the external device 10 and the management software tool 21 in the cloud server 20 is the same as the communication standard used between the management software tool 21 in the cloud server 20 and the facility device 60. In this case, it is conceivable that the management software tool 21 in the cloud server 20 performs processing such as address conversion in the communication standard being used.

[0048] When the gateway device 50 receives a signal of the communication standard corresponding to the facility device 60a, it transfers the received signal to the facility device 60a via the factory LAN 44.

[0049] When communicating a signal from the facility device 60a to the external device 10a, the facility device 60a transmits a signal of the communication standard corresponding to the device to the gateway device 50. The gateway device 50 that has received the signal from the facility device 60a transmits the received signal to the cloud server 20 via the Internet 30 using a VPN.

[0050] The management software tool 21a of the cloud server 20 converts a signal of the communication standard corresponding to the device into a signal of a general-purpose communication standard and transmits it to the external device 10a using a VPN.

[0051] Furthermore, in this embodiment, the multiple management software tools 21 of the cloud server 20 include a user management software tool 22 for users of the factory 40b that allows them to verify the security of communication between the cloud server 20 and the gateway device 50. The user management software tool 22 is used, for example, by an employee of the information systems department of the equipment user company 40. Users of the factory 40b can access and manage the multiple management software tools 21 of the cloud server 20 using the user management software tool 22.

[0052] The user management software tool 22 accesses the equipment manufacturer's dedicated management software tool 21 to manage the communication content between the external device 10 and the management software tool 21, or between the management software tool 21 and the equipment 60. For example, the user management software tool 22 may monitor the data content exchanged between the external device 10 and the management software tool 21, or the data content exchanged between the management software tool 21 and the equipment 60. It may also disable communication between the external device 10 and the management software tool 21, or between the management software tool 21 and the equipment 60. Furthermore, the user management software tool 22 may enable communication between the external device 10 and the management software tool 21, or between the management software tool 21 and the equipment 60.

[0053] Furthermore, the user management software tool 22 stores logs related to the usage history of the cloud server 20. These logs are used, for example, for forensic investigations.

[0054] Furthermore, in this embodiment, when the cloud server 20 receives a notification from the external device 10 to the corresponding management software tool 21 to update the software of the equipment 60, the software of the corresponding equipment 60 is updated.

[0055] In the first example shown in Figure 3, an external device 10a from equipment manufacturer A updates the software of equipment 60a in factory 40b. When a software update is configured in the management software tool 21a of the cloud server 20 from the external device 10a of equipment manufacturer A, update data 61a is sent from the external device 10a to the cloud server 20. Specific details regarding the update configured in the management software tool 21a of the cloud server 20 may include, for example, the IP address of the external device 10a, the port number of the software update application stored on the external device 10a, and folder information where the update data 61a is stored. The update data 61a is sent from the cloud server 20 to the equipment 60a via the gateway device 50 by the management software tool 21a. The software update is then performed on the equipment 60a. For example, the software in the robot controller that controls the robot's movements is updated.

[0056] Furthermore, when the cloud server 20 receives a notification from the external device 10 to the corresponding management software tool 21 to update the software of the equipment 60, it sends the software update data to the gateway device 50. The management software tool 21 also sends an instruction to the equipment 60 to update its software.

[0057] In the second example shown in Figure 4, an external device 10a from equipment manufacturer A updates the software of multiple pieces of equipment 60a in factory 40b. When a software update is set in the management software tool 21a of the cloud server 20 from the external device 10a of equipment manufacturer A, update data 61a is sent from the external device 10a to the cloud server 20. The update data 61a is then sent from the cloud server 20 to the gateway device 50 by the management software tool 21a. The gateway device 50 forwards the update data 61a to the multiple pieces of equipment 60a. In parallel, the management software tool 21a sends a signal to update the software to the multiple pieces of equipment 60a. Then, the software update is performed on each of the multiple pieces of equipment 60a. In this embodiment, we considered the case where a factory user verifies the security of the communication between the management software tool 21 of the cloud server 20 and the gateway device 50, but it is also possible that another employee of the company to which the factory belongs, for example an employee of the department that manages information systems, verifies the security of the communication between the management software tool 21 of the cloud server and the gateway device 50, rather than a factory user. Furthermore, it is conceivable that a person who is not an employee of the company to which the factory belongs, but who has entered into a contract such as a subcontract or outsourcing agreement with the company to which the factory belongs, may verify the security of communication between the cloud server 20 management software tool 21 and the gateway device 50. In this specification, these persons will be collectively referred to as employees of the company to which the factory belongs and equivalent persons.

[0058] (Effects of this embodiment) Multiple management software tools 21 for each of the multiple administrators who manage the equipment 60 are provided on the cloud server 20, and the equipment 60 managed by each administrator and the external device 10 communicate via the corresponding management software tool 21 and gateway device 50 on the cloud server 20. As a result, even if there are separate administrators for multiple types of equipment 60, by providing the management software tool 21 for each administrator on the cloud server 20, each administrator can connect to the equipment 60 they manage from the external device 10, but cannot connect to the equipment 60 they do not manage from the external device 10. As a result, there is no need to provide a gateway device 50 for each administrator in the factory 40b, thus preventing the system configuration from becoming complicated. In addition, since there is no need to prepare a gateway device 50 for each of the multiple administrators, the administrators of the equipment 60 will not install equipment that does not satisfy the communication security requirements of the factory 40b. As a result, the security of communication can be ensured.

[0059] Each of the multiple external devices 10 remotely operates and manages the equipment 60 it manages via the corresponding management software tool 21 and gateway device 50 on the cloud server 20. This allows the administrator of the equipment 60 to remotely operate and manage the equipment 60 it manages from outside the factory 40b using the external devices 10.

[0060] The gateway device 50 is located in the iDMZ area separated by firewalls 45a and 45b within the factory LAN 44 of the factory 40b. It is a dedicated embedded device for gateways, and the installation of additional software is restricted. This ensures a high level of security when communicating between the external device 10 and the corresponding equipment 60 via the gateway device 50 located in the iDMZ area. Furthermore, it prevents the addition of highly vulnerable software to the gateway device 50, effectively mitigating the reduction in communication security due to vulnerabilities in the gateway device 50.

[0061] Users of factory 40b can use user management software tool 22 to check the security details of communications between the cloud server 20's multiple management software tools 21 and the gateway device 50. This allows users of factory 40b to easily manage the security of communications.

[0062] The cloud server 20 communicates with the external device 10 using a general-purpose communication standard, and also communicates with the equipment 60 by converting the general-purpose communication standard to a communication standard corresponding to each of the multiple types of equipment 60 using the corresponding management software tool 21. As a result, even if the equipment 60 needs to communicate using a proprietary communication standard that is not general-purpose, the management software tool 21 converts it from the general-purpose communication standard to the communication standard corresponding to the equipment 60, so that communication can be performed between the external device 10 and the equipment 60.

[0063] The gateway device 50 is provided in common for multiple types of equipment 60. This eliminates the need to provide multiple gateway devices 50, thus simplifying the system configuration.

[0064] When an update for the equipment 60's software is set in the corresponding management software tool 21 from the external device 10, the software on the corresponding equipment 60 is updated. This allows the administrator of the equipment 60 to easily update the software of the equipment 60 they manage, even from outside the factory 40b.

[0065] When an external device 10 configures the management software tool 21 to update the software of the equipment 60, the management software tool 21 sends the software update data to the gateway device 50. This means that if there are multiple pieces of equipment 60 of the same type and their software needs to be updated at the same time, the software update data only needs to be sent once between the cloud server 20 and the gateway device 50. This eliminates the need to communicate the same update data multiple times between the cloud server 20 and the gateway device 50, preventing congestion caused by concentrated communication data. As a result, software updates can be performed efficiently.

[0066] (Variations) The embodiments disclosed herein should be considered in all respects to be illustrative and not restrictive. The scope of this disclosure is indicated by the claims rather than the description of the embodiments above, and further includes all modifications (variations) in the sense and scope equivalent to the claims.

[0067] In the above embodiment, an example was shown in which one management software tool is provided on the cloud server 20 for each equipment manufacturer that is the manager of the equipment, but this disclosure is not limited to this. For example, one management software tool may be provided on the cloud server 20 for each type of equipment. In other words, if multiple types of equipment from the same equipment manufacturer are installed in a factory, a management software tool may be provided for each type of equipment.

[0068] In the embodiments described above, an example was shown in which the equipment user company includes one office and one factory, but the disclosure is not limited thereto. For example, the equipment user company may include multiple offices and multiple factories. If the equipment user company includes multiple factories, a gateway device may be provided for each factory.

[0069] Furthermore, the gateway device may not be installed inside the factory, but rather at a location outside the factory belonging to the company to which the factory belongs (the equipment-using company). For example, the gateway device may be installed in the office of the equipment-using company.

[0070] If the gateway device is installed within the factory, the equipment and the gateway device are connected via the factory's network. If the gateway device is installed within the office, the equipment and the gateway device are connected via the office's network and the factory's network. In either case, the equipment and the gateway device are connected via the factory's network.

[0071] When the gateway device is installed within the factory, the cloud server and the gateway device are connected via, for example, the factory's internal network, the office's internal network, and an external network. In another configuration, when the gateway device is installed within the factory, the cloud server and the gateway device are connected via, for example, the factory's internal network and an external network. In the latter case, it is assumed that the factory's internal network is directly connected to the external network. Furthermore, when the gateway device is installed within the office, the cloud server and the gateway device are connected via the office's internal network and an external network. In all cases, the cloud server and the gateway device are connected via the network within the company to which the factory belongs and an external network.

[0072] The above embodiment shows an example of communication from a cloud server to the factory network via the equipment user company's office, but the disclosure is not limited to this. For example, communication may be made by directly connecting from the cloud server to the equipment user company's factory network.

[0073] The functions of the elements disclosed herein can be performed using circuits or processing circuits, including general-purpose processors, dedicated processors, integrated circuits, ASICs (Application Specific Integrated Circuits), conventional circuits, and / or combinations thereof, configured or programmed to perform the disclosed functions. A processor is considered a processing circuit or circuit because it includes transistors and other circuits. In this disclosure, a circuit, unit, or means is hardware that performs the enumerated functions, or hardware programmed to perform the enumerated functions. The hardware may be hardware disclosed herein, or other known hardware that is programmed or configured to perform the enumerated functions. If the hardware is a processor, which is considered a type of circuit, then the circuit, means, or unit is a combination of hardware and software, and the software is used to configure the hardware and / or the processor.

[0074] (Embodiments) The exemplary embodiments described above will be understood by those skilled in the art to be specific examples of the following embodiments.

[0075] (Aspect 1) A remote communication system comprising: multiple types of equipment used to produce or transport products in a factory; a gateway device connected to the equipment via a network within the factory; a cloud server connected to the gateway device in an encrypted state via a network within the company to which the factory belongs and an external network, and equipped with multiple management software tools for each of the multiple administrators who manage the equipment; and multiple external devices used by each of the multiple administrators and connected to the cloud server in an encrypted state, which communicate with the equipment they manage via the corresponding management software tools on the cloud server and the gateway device.

[0076] (Aspect 2) The remote communication system according to aspect 1, wherein the cloud server is provided with a user management software tool for users that can verify the security of communication between the management software tool of the cloud server and the gateway device.

[0077] (Aspect 3) The remote communication system according to aspect 1 or aspect 2, wherein each of the plurality of external devices remotely operates and remotely manages the equipment to be managed via the corresponding management software tool of the cloud server and the gateway device.

[0078] (Aspect 4) The remote communication system according to any one of aspects 1 to 3, wherein the gateway device is located in a DMZ area separated by a firewall within the factory network, is a dedicated embedded device for the gateway, and the installation of additional software is restricted.

[0079] (Aspect 5) The remote communication system according to any one of aspects 1 to 4, wherein the cloud server communicates with the external device using a general-purpose communication standard, and communicates with the equipment by converting the communication standard to one of the multiple types of equipment using the corresponding management software tool.

[0080] (Aspect 6) The remote communication system according to any one of aspects 1 to 5, wherein the gateway device is provided in common for multiple types of equipment.

[0081] (Aspect 7) A remote communication system according to any one of aspects 1 to 6, wherein the cloud server transmits software update data to the corresponding equipment when a software update for the equipment is set in the corresponding management software tool from the external device.

[0082] (Aspect 8) The remote communication system according to aspect 7, wherein the cloud server transmits software update data to the gateway device when the external device sets a software update for the equipment to the corresponding management software tool.

[0083] (Aspect 9) A remote communication method for remotely communicating between multiple types of equipment used to produce or transport products in a factory and multiple external devices used by the respective managers of each piece of equipment, comprising: connecting the multiple external devices and a cloud server equipped with multiple management software tools for each manager who manages the equipment, in an encrypted state; connecting the cloud server and a gateway device in an encrypted state via the factory network and an external network; connecting the gateway device and the equipment via the factory network; and the external devices and the equipment communicating via the management software tools and gateway device corresponding to the external devices.

[0084] 10, 10a, 10b External devices 20 Cloud servers 21, 21a, 21b Management software tools 22 User management software tools 30 Internet (external network) 40 Equipment user companies 40a Offices of equipment user companies 40b Factories of equipment user companies 42a, 42b Firewalls 44 Factory LAN (internal factory network) 45a, 45b Firewalls 50 Gateway devices 60 Equipment 60a Equipment, robots 60b Equipment 100 Remote communication systems

Claims

1. A remote communication system comprising: multiple types of equipment used to produce or transport products in a factory; a gateway device connected to the equipment via a network within the factory; a cloud server connected to the gateway device in an encrypted state via the network within the company to which the factory belongs and an external network, and equipped with multiple management software tools for each of the multiple administrators who manage the equipment; and multiple external devices used by each of the multiple administrators and connected to the cloud server in an encrypted state, which communicate with the equipment they manage via the corresponding management software tools on the cloud server and the gateway device.

2. The remote communication system according to claim 1, wherein the cloud server is provided with a user management software tool for users that can verify the security of communication between the management software tool of the cloud server and the gateway device.

3. The remote communication system according to claim 1, wherein each of the plurality of external devices remotely operates and remotely manages the equipment to be managed via the corresponding management software tool of the cloud server and the gateway device.

4. The remote communication system according to claim 1, wherein the gateway device is located in a DMZ area separated by a firewall within the factory network, is a dedicated embedded device for the gateway, and the installation of additional software is restricted.

5. The remote communication system according to claim 1, wherein the cloud server communicates with the external device using a general-purpose communication standard, and communicates with the equipment by converting the communication standard to one that corresponds to each of the multiple types of equipment using the corresponding management software tool.

6. The remote communication system according to claim 1, wherein the gateway device is provided in common for multiple types of equipment.

7. The remote communication system according to claim 1, wherein when a software update for the equipment is set in the management software tool from the external device, the cloud server transmits software update data to the corresponding equipment.

8. The remote communication system according to claim 7, wherein the cloud server transmits software update data to the gateway device when the external device has set up a software update for the equipment to the corresponding management software tool.

9. A remote communication method for remotely communicating between multiple types of equipment used to produce or transport products in a factory and multiple external devices used by the respective managers of each piece of equipment, comprising: connecting the multiple external devices and a cloud server equipped with multiple management software tools for each manager who manages the equipment, in an encrypted state; connecting the cloud server and a gateway device in an encrypted state via the factory's internal network and an external network; connecting the gateway device and the equipment via the factory's internal network; and the external devices and the equipment communicating via the management software tools corresponding to the external devices and the gateway device.