CONTACT REQUEST
|

Interface Guide: Connecting Hardware to the Cloud

How industrial plants visualize machine data in real time – a comprehensive architectural guide from IoT Bridge to Next.js dashboard.

💻 Web Development Published on June 2, 2026 | Read time: ca. 25 minutes | Author: Alexander Ohl
Futuristische Fabrikhalle mit Roboterarmen und Wolkenschnittstelle für Maschinendaten
AI context 2026

The Bridge Between the Physical World and Digital Intelligence

In the era of Agentic AI and real-time predictive analytics, exporting machine data to a CSV file once a day is no longer sufficient. Autonomous optimization agents require direct, low-latency access to live telemetry. This guide outlines the architectural foundation for SMEs to connect their physical machinery (OT) to modern web ecosystems (IT) without licensing expensive proprietary middleware.

Executive Summary
  • OT/IT Convergence: Directly connecting industrial fieldbuses to web technologies breaks down data silos and forms the basis for predictive maintenance and automated ESG reporting.
  • Pipeline Architecture: Data flows directionally from PLCs (Siemens S7, Beckhoff) via industrial protocols (OPC UA, Modbus TCP) to an edge IoT bridge, gets transmitted to the cloud ingestion endpoint via MQTT, and is stored in a time-series database.
  • Real-time Browser Visualization: React/Next.js powers the visual layer. Server-Sent Events (SSE) act as the highly efficient gold standard for unidirectional telemetry streams, paired with throttle hooks to prevent UI rendering bottlenecks.
Table of Contents

1. The Convergence of OT and IT in SMEs

For decades, shop floors and software engineering stacks were completely separate domains. On one side was Operational Technology (OT): programmable logic controllers (PLCs), sensors, actuators, and robotic nodes running on isolated, local networks, engineered for extreme reliability and microsecond deterministic execution. On the other side was Information Technology (IT): web servers, relational databases, cloud systems, and modern frontends designed for global scale, rich user experience, and semantic reporting.

Today, keeping these two environments isolated is a severe competitive disadvantage. Bridging the gap to visualize machine data in frontend applications unlocks core business advantages:

Predictive Maintenance

Running real-time telemetry analyses (vibration, heat fluctuations) detects anomalies and prevents machine failures before an expensive unscheduled downtime occurs.

Live OEE Dashboards

Operators and leadership monitor equipment throughput, availability, and error rates in real time via sleek, auto-updating dashboards.

Automated Compliance & ESG

Direct sensor capture records power usage, gas flow, and quality metrics directly at the PLC, generating audit-ready reports for ISO and ESG frameworks.

The primary barrier is not the availability of data. Modern PLCs generate vast telemetry footprints. The hurdle lies in protocol translation: a PLC talks proprietary binary registers over local fieldbuses, while web frontends require JSON over standard web ports. Building the bridge between these environments requires a secure, robust, and low-latency pipeline.

2. The Data Pipeline Architecture: From Sensor to Browser

Structuring a resilient pipeline from the physical sensor to the web dashboard requires a multi-layered architecture. This separation of concerns ensures that high-volume data streams do not compromise local PLC safety and control loops.

Sensor and Control Level (OT)

Sensors measure physical states (temperature, fluid pressure, voltage) and feed values directly to local PLCs (e.g. Siemens S7-1500, Beckhoff CX). The PLC executes control code at millisecond intervals.

Connectivity & IoT Bridge

An edge-based IoT Bridge (such as a hardened fanless industrial PC running Linux) polls PLC registries locally over industrial protocols like OPC UA or Modbus TCP, packing raw bytes into semantic JSON payloads.

Ingestion & Messaging Layer

The IoT bridge sends encrypted payloads over the WAN to a cloud-based message broker (e.g., HiveMQ, EMQX, AWS IoT Core) using the lightweight publish-subscribe standard MQTT.

Storage & Backend Processing

An ingestion consumer parses broker topics. It pipes historical records into a time-series database (like TimescaleDB or InfluxDB) and concurrently forwards active updates to real-time dispatch streams.

Web Visualization (Frontend)

A web dashboard running on React/Next.js geolocated on an edge CDN establishes a persistent Server-Sent Events (SSE) connection to pull live updates, updating interactive graphs without page updates.

Crucially, this architecture isolates the critical control loops of the factory. If the internet connection drops, the PLC continues to orchestrate the machinery without interruption, while the IoT bridge buffers historical data locally to prevent telemetry loss.

3. Industrial Protocols: OPC UA, Modbus TCP & MQTT

Choosing the right interfaces across the pipeline determines security, bandwidth efficiency, and implementation speed. Below is a breakdown of the three key protocols used in hardware integration.

🔒 OPC UA

The Secure Enterprise Standard

An object-oriented, semantic standard featuring built-in encryption, digital certificate validation, and rich information models. Ideal for modern, complex machinery.

Usage: Modern PLCs & Complex Cells
Modbus TCP

The Minimalist Register Protocol

Extremely simple and universally supported. Lacks native encryption or type definitions, meaning values are read from raw 16-bit register addresses. Requires local encapsulation for security.

Usage: Legacy Hardware & Basic Sensors
☁️ MQTT

The Lightweight Cloud Broker

A publish-subscribe messaging standard featuring tiny header overhead, designed specifically for transport over unreliable WAN networks. Includes client authentication and message queuing.

Usage: Edge-to-Cloud Transport

A fatal mistake in industrial architecture is exposing legacy Modbus TCP or raw PLC ports directly to the internet. Because Modbus lacks authentication, an internet-exposed port allows anyone to overwrite control registers and physically damage machinery. Encapsulating local traffic through an edge bridge is mandatory.

4. The IoT Bridge: Translating OT to IT

The IoT Bridge acts as the protocol converter. It connects to the PLC locally, reads values periodically, constructs structured JSON, and pushes it outward to the cloud broker over mTLS.

Below is a production-grade Node.js script illustrating how an IoT bridge connects to an OPC UA server, monitors a specific temperature node, and streams modifications to a secure MQTT broker:

import { OPCUAClient, AttributeIds, TimestampsToReturn } from "node-opcua";
import mqtt from "mqtt";

const mqttClient = mqtt.connect("mqtts://broker.pragma-code.de:8883", {
  username: "edge-device-01",
  password: "secure-token"
});

async function run() {
  const client = OPCUAClient.create({ endpointMustExist: false });
  await client.connect("opc.tcp://192.168.10.50:4840");
  
  const session = await client.createSession();
  
  // Subscribe to PLC temperature sensor
  const subscription = await session.createSubscription2({
    requestedPublishingInterval: 250, // 250ms interval
    requestedLifetimeCount: 100,
    requestedMaxKeepAliveCount: 10,
    maxNotificationsPerPublish: 10,
    publishingEnabled: true,
    priority: 10
  });

  const itemToMonitor = {
    nodeId: "ns=3;s=Mold_Temperature_Sensor_1",
    attributeId: AttributeIds.Value
  };

  const monitoredItem = await subscription.monitor(
    itemToMonitor,
    { samplingInterval: 100, discardOldest: true },
    TimestampsToReturn.Both
  );

  monitoredItem.on("changed", (dataValue) => {
    const payload = {
      timestamp: new Date().toISOString(),
      machineId: "injection-molder-01",
      temperature: parseFloat(dataValue.value.value.toFixed(2))
    };
    
    // Publish structured JSON to the cloud
    mqttClient.publish(
      "machines/injection-molder-01/telemetry",
      JSON.stringify(payload),
      { qos: 1 }
    );
  });
}

This edge translation ensures that cloud backends do not need to deal with low-level register maps or polling timers. They consume cleanly structured telemetry payloads.

5. Ingestion & Storage: Handling High-Velocity Streams

Industrial installations quickly generate massive data volumes. A single sensor polling at 100ms writes 864,000 values daily. Scale that across 20 machines and multiple variables, and you exceed 17 million rows daily. Relational databases like MySQL struggle to keep up with index operations at these ingestion rates.

SMEs should deploy a dedicated time-series database:

  • TimescaleDB: A PostgreSQL extension that automates table partitioning into "chunks" (hypertables). It preserves full SQL querying while offering rapid time-indexed writes and built-in compression.
  • InfluxDB: A specialized time-series store featuring a custom query language, highly optimized for raw metric write throughput and data retention management.

Pro-Tip: Implement Edge Deadbanding

Do not stream noise. Configure your IoT bridge to use deadband filtering: only transmit a sensor value if it deviates from the previously sent value by a set percentage (e.g., 0.5%). For stable variables like heater states, this deadband reduces telemetry transmission volume and network costs by up to 80% without losing critical anomalies.

6. Frontend Ingestion: WebSockets vs. Server-Sent Events (SSE)

To successfully visualize machine data in frontend dashboards, the browser needs a streaming connection. Let's compare the two primary web-streaming options.

Comparison: WebSockets vs. Server-Sent Events (SSE)

WebSockets (Bi-directional)
  • Communication: Full-duplex connection. Both client and server can transmit data concurrently over the same link.
  • Protocol: Custom framing protocol (`ws://` / `wss://`). Sometimes blocked or degraded by legacy corporate firewalls and proxies.
  • Complexity: High. Requires building manual heartbeats, connection retries, and protocol state tracking.
Server-Sent Events (Uni-directional)
  • Communication: Unidirectional pushing from server to browser. Ideal for live dashboard monitoring.
  • Protocol: Runs over standard HTTP/2, passing seamlessly through enterprise proxies, WAFs, and load balancers.
  • Complexity: Low. Supported natively by modern browsers via the `EventSource` interface, including automatic reconnection logic.

For standard monitoring views, Server-Sent Events (SSE) is the architectural gold standard. Since the browser only reads telemetry and does not write commands back to the PLC, WebSockets' bidirectionality is not required. SSE is easier to load-balance, has less server overhead, and is naturally resilient to connection drops.

7. Code Deep Dive: Hooking React Up to Live Telemetry

High-frequency data streams can easily lock up browser rendering engines. If a sensor updates every 50ms, updating React state on every message triggers continuous re-renders. This blocks the main thread, degrading page responsiveness (leading to high INP values).

We mitigate this by building a custom React hook that buffers incoming events and flushes them to state in throttled batches (e.g., every 200ms):

import { useState, useEffect, useRef } from "react";

export function useMachineTelemetry(machineId: string, throttleMs = 200) {
  const [data, setData] = useState<any[]>([]);
  const bufferRef = useRef<any[]>([]);
  const lastUpdateRef = useRef<number>(Date.now());

  useEffect(() => {
    // Open Server-Sent Events stream to backend API
    const eventSource = new EventSource(`/api/machines/${machineId}/stream`);

    eventSource.onmessage = (event) => {
      const parsedData = JSON.parse(event.data);
      bufferRef.current.push(parsedData);

      const now = Date.now();
      if (now - lastUpdateRef.current >= throttleMs) {
        // Empty buffer and apply updates in a single React state batch
        const newBatch = [...bufferRef.current];
        bufferRef.current = [];
        
        setData((prev) => {
          // Retain only last 50 data points for active graphing
          const combined = [...prev, ...newBatch];
          return combined.slice(-50);
        });
        
        lastUpdateRef.current = now;
      }
    };

    eventSource.onerror = (err) => {
      console.error("SSE Stream error:", err);
      eventSource.close();
    };

    return () => {
      eventSource.close();
    };
  }, [machineId, throttleMs]);

  return data;
}

Pairing this hook with canvas-based visualization libraries (like Chart.js or D3.js configured with canvas renderers) keeps dashboard CPU utilization low, ensuring a smooth 60 FPS user experience even under heavy industrial data loads.

8. Cybersecurity & Network Isolation via the Purdue Model

Connecting industrial hardware to the cloud increases the factory's digital attack surface. Ransomware targeting OT systems can stop production entirely, resulting in massive financial losses.

To secure these systems, deploy a multi-layered security architecture based on the Purdue Model for Industrial Control Systems:

OT Network Isolation

Never connect PLCs directly to the corporate office network or the internet. Industrial equipment must sit on a separate, air-gapped VLAN.

DMZ Encapsulation

The IoT bridge must sit inside a DMZ between the OT network and the corporate IT gateway. The edge computer uses dual network interface cards (NICs) to physically isolate OT packets from the internet routing table.

Outbound-Only Firewalls

Configure firewalls to block all inbound traffic to the DMZ. The IoT bridge must initiate all connections outbound to the cloud broker over encrypted port 8883 (mTLS).

Industrial Software Licensing Traps

Etablished industrial automation vendors often charge high license fees for proprietary router software to convert OPC UA data into web-compatible JSON. Using open-source edge tools (such as Node-RED or custom Go/Node.js services) running on fanless Linux edge PCs saves significant costs while giving your team complete code control and integration flexibility.

9. Conclusion & Action Plan for SMEs

Connecting complex industrial hardware to modern web applications is not a matter of budget, but of clean software architecture. By bypassing proprietary silos and using open protocols, SMEs can build future-proof data pipelines that scale.

To succeed, OT engineers (PLC programmers) and IT developers must align on message schemas early. Utilizing standards like OPC UA, MQTT, and Server-Sent Events guarantees a robust, scalable dashboard ecosystem that is ready for downstream optimization via AI agents.

Quick-Check: Your OT Integration Checklist

Audit Inventory: Document all PLC models and protocol compatibility (Modbus TCP, OPC UA, or S7 protocol).
Isolate Networks: Design a DMZ with outbound-only firewall rules before installing any bridge hardware.
Deploy Prototyping: Set up an open-source bridge (Node-RED on a fanless PC) to validate data extraction.
Optimize Client Streams: Choose Server-Sent Events (SSE) and client-side throttling to keep dashboard interfaces performant.

Do you have questions about hardware integration?

Book a free strategy call now

Frequently Asked Questions (Glossary)

IoT Bridge

A hardware or software component that acts as a translator between physical machine protocols (e.g. OPC UA, Modbus) and cloud services (e.g. MQTT, REST APIs).

Server-Sent Events (SSE)

A web technology where a server continuously pushes real-time updates to the browser over an existing HTTP connection without the client having to poll repeatedly.

Time-Series Database

A specialized database optimized for storing and querying data points indexed in time order, such as sensor readings or machine states.

Relevant Topics:
hardware to cloud connection visualize machine data in frontend iot interfaces for smes modernizing industrial plants software 💻 Web Development