Introduction:
Xemelgo software offers tracking of work orders, parts, inventory, assets, and shipments on the factory floor. Xemelgo brings together cloud, mobile, AI, and IoT to provide users with real-time visibility of the factory floor and alert users as issues arise on the factory floor.
Architecture:
Xemelgo has three main layers to its application:
1. Edge – Xemelgo Edge application runs on the RFID readers, and enables them to communicate to the Xemelgo Cloud Service as an IoT device. Edge application reads the RFID tag data, filters the data to ensure bandwidth usage is optimized and then encrypts the data to send it to the cloud layer. Edge layer also supports the Xemelgo Cloud Service to remotely manage all readers, like firmware management, reader configuration, and log retrieval.
2. Cloud service – Xemelgo Edge application sends data over to the cloud application which runs in a highly scalable and secure instance of Amazon Web Services (AWS). Xemelgo stores data on a highly scalable multi-tenant database hosted by AWS. Data is then exposed to the UI and other integration applications through an API layer.
3. Web and Mobile User Interface – Xemelgo provides a secure web URL using HTTPs that can be used to access the web application. Xemelgo mobile application can also be downloaded through the IOS and Android app store.
Security:
Xemelgo has the following security features built into the application.
1. Protocols
Xemelgo Web application is accessed over HTTPS.
Xemelgo Edge application uploads logs and downloads firmware from Xemelgo cloud service over HTTPS (Port 443).
Xemelgo Edge application communicates with Xemelgo cloud service over Secure MQTT. (Port 8883).
Xemelgo Edge application communicates with the RFID readers over LLRP.
RFID readers deployed on customer site connect using a Wi-Fi or PoE to communicate to the Xemelgo cloud application. Customers can create separate VLAN networks for the readers to communicate over, to ensure keep the readers secure.
2. Authentication/Authorization
Users create an account using their company email address. An email is sent to them with a one-time temporary password which users must change on first login.
Xemelgo has password requirements of a minimum 8 characters and must include at least 1 number.
User passwords are encrypted using a one-way hash and stored in AWS Cognito services that provides a secure mechanism to manage user credentials.
Xemelgo supports Admin and Viewer roles today. Roles can be used to limit access.
Xemelgo can provide additional roles if needed.
3. Data Management
Xemelgo Edge application transmits RFID tag data (EPC - Electronic Product Code), RFID reader config and logs to the cloud instance.
Xemelgo Web application can run independently or integrate with existing business systems.
When running independently customers can choose how much data to store in Xemelgo. At a minimum Xemelgo stores user information (user email, password), location information and item or job number that maps to the EPC.
If users want to integrate with external systems - Xemelgo provides two options. One is to integrate using secure APIs and two is transfer data using secure file transfer.
Xemelgo data is stored in highly scalable graph database hosted by AWS. The customer data is secured by allowing authorized users to only access to data. All data is encrypted at rest, as well as in-transit.
Xemelgo is a multi-tenant platform. Data access for each tenant is controlled using authentication. Each user is authenticated to their defined tenant and cannot access other tenant data.
Approach:
At Xemelgo our goal is to constantly work on improving our software and add additional security features requested by customers. Please reach out to us - contact@xemelgo.com for Sales Queries and support@xemelgo.com for Questions on software usage.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article