ALP-CONNEX Overview
Summary
ALP-CONNEX is a modular protocol translation platform designed to bridge IoT devices with industrial SCADA/control systems. The primary use case involves converting MQTT/JSON data from intelligent station sensors into IEC 60870-5-104 protocol for integration with control systems like PSIcontrol, Vivavis HIGHLEIT, Siemens Systems.
Key Benefits
- Web-based Management: Configuration and monitoring through a modern browser UI — no special software required
- API-driven Automation: The Management API is fully accessible via REST, allowing external systems to automate connector configuration, mappings, and monitoring through API calls — ideal for integration into existing provisioning workflows or CI/CD pipelines
- Secured with OAuth: Both the Frontend and the Backend API are secured with Microsoft Entra ID (OAuth 2.0 / OpenID Connect). Users authenticate via their organizational account, and all API requests require a valid Bearer token — ensuring only authorized access to the platform
- Modular & Extensible: New protocols can be added as independent connector modules without impacting existing components
- Scalable Deployment: Fully containerized with Docker Compose, deployable on ARM64 edge devices or cloud infrastructure
Problem Statement
Industrial control systems (SCADA) typically communicate via IEC 104, while modern IoT devices use MQTT/JSON. ALP-CONNEX solves this protocol incompatibility by acting as a middleware that:
- Ingests IoT sensor data via MQTT
- Translates and maps data points to IEC 104 addresses
- Exposes data as an IEC 104 server (controlled station)
Architecture
The platform follows a hub-and-spoke architecture with three key layers:
| Layer | Component | Purpose |
|---|---|---|
| Data Store | Valkey (Redis-compatible) | Central process image storing all data points |
| Connectors | MQTT, IEC 104, (Modbus planned) | Protocol-specific adapters |
| Management | Backend API + Web UI | Configuration and monitoring |
Design Principles
- Loose Coupling: Connectors never communicate directly; all data flows through Valkey
- Bidirectional Flow: Connectors can read from or write to the process image based on mapping configuration
- Extensibility: New protocols can be added as independent connector modules
Data Model
Each data point in the process image contains:
- Value: The actual measurement (int/float/bool)
- IEC 104 Addressing: CASDU (station) + IOA (data point address)
- Metadata: Type ID, quality flags, timestamp, source
Current Capabilities
| Feature | Status |
|---|---|
| MQTT Client (subscriber) | Implemented |
| IEC 104 Server | Implemented |
| Dynamic JSON-to-IEC mapping | Implemented |
| Web-based configuration UI | Implemented |
| Dynamic config push to connectors via Valkey | Implemented |
| Connector ↔ Mapping linking | Implemented |
| Data flow visualization (Workflow) | Experimental |
| Process Updates with live statistics | Implemented |
| Real-time dashboard via SignalR | Implemented |
| Dark mode | Implemented |
| Modbus TCP/RTU | Planned |
Container Registry
All ALP-CONNEX components are delivered as OCI-compliant container images via the ALPSCALE Container Registry. The registry provides versioned images for all connectors and the management platform, supporting both AMD64 and ARM64 architectures.
Security & Vulnerability Management:
- Automated vulnerability scanning for all container images
- CVE detection and reporting integrated into the delivery pipeline
- Security advisories published for identified vulnerabilities
- Regular base image updates to address known security issues
For registry access instructions and current health status, visit: health-registry.alpscale.io