# KNOWLEDGE BASE: INDUSTRIAL IOT & CONNECTIONS

## 🔌 Non-Invasive retrofitting Architecture
Orbit Edge Gateways interface directly with factory infrastructures without altering existing controls:
- **Voltage & Current Tap**: Splicing non-intrusive Split-core Current Transformers (CTs) directly onto main incoming feeder cables.
- **Protocol Sniffing**: Passive listening or direct queries on local automation subnets.

---

## 🎚️ Supported Communication Protocols
Orbit Edge nodes contain native driver registries for complete interoperability:
1. **Modbus TCP / RTU**: Universal support for sub-meters, smart circuit breakers, and auxiliary controllers.
2. **OPC-UA**: Secure, object-oriented industrial middleware, supporting custom nodes, encryption, and telemetry namespaces.
3. **Siemens S7 (TCP)**: Direct read/write connections to SIMATIC S7-300, S7-1200, and S7-1500 PLC datablock registers.
4. **BACnet / IP**: Building HVAC and automation automation networks.
5. **MQTT (TLS 1.3)**: Standard transport protocol used for streaming compiled and compressed data envelopes outbound to the cloud.

---

## 🔒 Outbound-Only Cybersecurity (IEC 62443 Level 3)
Legacy industrial gateways open inbound ports (like Port 502 for Modbus or Port 4840 for OPC-UA), creating high vulnerability vectors. Orbit enforces:
- **Outbound-Only TLS 1.3 Connections**: Edge nodes initiate the outbound TCP connection on port 8883/443 directly to our secure cloud. The factory firewall blocks *all* incoming connection requests.
- **Hardware HSM (Hardware Secure Module)**: Integrated cryptographic chips on ARM Cortex-M4 secure element chips to store local credentials and prevent hardware tamper vectors.