Academy        

Frequently asked questions (FAQ)

Product Features
IT Infrastructure
Security and Compliance

Task & Order Optimization

What criteria is taken into account for the optimization of task assignment?
Assignment of orders to AGVs is carried out according to a global optimisation of the overall system, taking into account the current positions of the vehicles, the vehicle states (vehicle type, battery status, vehicle mode, order mode) and the order forecast (including demand time and locations) with the aim of meeting demand times while minimising the fleet size.
What criteria are taken into account for the prioritization of orders?
The prioritization of orders is currently derived from the demand times and the overall delay of all available orders in the system. The SYNAOS scheduling algorithm rates orders with a shorter demand time higher than orders with a longer one. The respective parameters to weigh the different penalty categories that define the goal for optimization (fleet utilisation, efficiency, adherence to schedules) can be changed in the config files. however this is not foreseen to be done by the user/ commissioner yet.
Does it take into account historical, current and predictive information?
Order assignments are calculated continuously, so that any kind of deviation on the previously determined plan will be taken into account. We consider order information, dynamical device states and all kind of relevant events from the shop floor in order to continuously optimize order planning.
How are vehicles assigned to specific orders and how are order constraints considered?
SYNAOS IMP allows order demand time updates in order to change implicitly change the priority.  
In case of an explicit urgent transport need a manual order can be conducted by the user via the frontend. In order to achieve this a vehicle needs to be put in manual order mode.

Traffic Management

How does the routing algorithm work and what criteria are taken into account?
SYNAOS chooses/calculates the best route according to weights along the paths which can be adapted in a routing configuration file. Those weights can represent different criteria (distance, time, traffic density, etc.) However today they mainly reflect distance information of the paths. Consequently the routing algorithm chooses the shortest path. 

What strategies are used to prevent deadlocks and traffic jams?
SYNAOS Traffic Management includes a deadlock detection algorithm to avoid unresolvable traffic situations; if a potential deadlock is detected alternative routes are evaluated. The traffic management does not yet explicitly consider traffic density within its calculations, also traffic jams cannot be detected yet.

However with the possibility to manually configure which parts of a road are to be avoided (via graphical interface/ shopfloor editor) the user can influence the routing behavior for subsequent transports to prevent them from running into the jam.
What are the dynamic routing capabilities of the system?
Currently the route for a vehicle is only calculated ONCE at the very beginning of the transport order. A dynamic routing in terms of constantly recalculating the best route (which might change due to several reasons) while performing the transport job is not included in the product yet.

However there are already some functionalities that allow dynamisation within traffic management:
  • Avoidance of paths (New transport orders will avoid routes after the avoid configuration has changed). 
  • Deadlock Prevention: Initially planned routes can be changed in order to prevent running into deadlocks
  • Evacuation orders: Transport orders will be paused and vehicles evacuate predefined zones dynamically in case of an emergency.
What strategies are used to configure traffic behavior and management?
Based on the vehicle and load dimensions. The system calculates a virtual space consumption for the vehicle on the layout and checks whether it conflicts with other vehicles. Only if a vehicle can move to the next node without conflicts, it is released. The user (admin) can define the horizon, i.e. how many nodes of the planned route are to be reserved in advance.
Reservation Barriers can be used to configure the reservation behavior in high density traffic areas in order to prevent too early reservations of heavily consumed areas of the road network and therefore allow a true first come first serve behavior.
Non stopping areas can be used to prevent vehicles from staying (after they have finished the transport order ) in specific areas that are supposed to be clean/ free of traffic.
How is traffic managed at intersections?
In general the SYNAOS traffic management aims to achieve a constant traffic flow of vehicles while avoiding deadlocks in all situations, including intersections. If necessary, the traffic flow can be restricted in order to ensure a deadlock-free situation.
SYNAOS currently works according to a first come, first serve principle within the manged fleet. However, the reservation behaviour can be influenced for certain directions by reservation barriers in order to create the best possible traffic flow in the intersection area.

In addition external traffic participants, such as forklifts, can be integrated with priority via a traffic light system.

Inventory Management

What capabilities does the system have to manage inventory of racks, buffer zones, and handling stations, including material flows such as LIFO and FIFO?
This feature is currently planned in the Outcome Roadmap.
A very first basic implementation can be seen at VW where SYNAOS is managing the inventory of handling stations for 2 load carriers (2 Behälter Prinzip). Based on sensor signals (HS loaded/not loaded & accessible/not accessible) SYNAOS automatically derives if the handling station group allows to do so.

Product Configurability

What user-specific customization options are available?
Currently SYNAOS IMP provides a user management including access rights for two kinds of users:
User -- > read privileges 
Admin → modification privileges
User specific configurations in terms of filter/ sorting settings to customize the respective views is not yet possible.
How can map elements (paths, nodes) be changed and dynamically adapted?
Synaos allows to change and adapt map configurations (assets, road network including paths, curves, nodes, etc.) through multiple tools. The updated maps can be uploaded and applied to SYNAOS IMP afterwards. 
However the benefits of this funtionality highly depend on the vehicle vendors ability to adapt to those road network changes without having to update the base software on the vehicles. Otherwise the map changes will come with bigger necessary breaks.
Where and how are maps generated? 
How are multiple map formats consolidated?
The maps needed to navigate the vehicles (nodes/ edges) can vary a lot depending on the vehicle specific needs. In genereal the vehicle maps are either created by the vendors themselves or by the SYNAOS map editor. In order to ensure heterogeneous traffic behavior SYNAOS consolidates and transforms all the single map files into one format with a unified global coordinate system. During this transformation also map checks/tests are performed to ensure data consistency. Vehicle map changes can still be conducted by the vendor in its specific file format.
In addition to that the map will be enriched with meta information (handling, charging, parkig stations, etc.) via additional map layers.
How can shopfloor elements and settings be edited?
SYNAOS IMP provides lots of features which can be changed on the fly. To mention a few:
  • Routing configurations
  • Avoid functionalities
  • No stopping zones
  • Traffic asset configurations
  • Reservation behavior settings
Other shopfloor elements such as shopfloor assets (handling stations, charging station) that are linked to map elements (nodes/edges) can be edited via map updates and require the vendors to be able to cope with such changes smoothly (see above section “map manipulation”).

System Interfaces and Peripheral Infrastructure

How does the system communicate with other IoT devices and shopfloor assets?
SYNAOS provides a standardized API for the communication with shopfloor IoT devices within the Asset Management. Assets include automated doors, airlock gates, lifts, handling & charging stations, avalability sensors as well as traffic lights.
Those assets are connected to the SYNAOS IMP via message exchange using the MQTT protocol.
How can SYNAOS be connected to or linked with external/third-party systems?
The SYNAOS IMP follows the approach to provide standardized interfaces on multiple hierarchical functional levels to seamlessly integrate into the customer environments. The following standardized APIs (REST) are already in place:
  • Transport order API (for A-B transports)
  • Job API (for more granular, explicit control/management of intralogistics tasks)  
  • Asset API
Soon to come: 
  • Transport Ressource API
  • Inventory Management API
How can orders be created/ brought into SYNAOS?
With the standardized transport order API, A-B transports can be incorporated within SYNAOS IMP. External customer systems such as WMS, ERP can link to this API and forward transport needs in terms of A-B transports to SYNAOS.
If a connection to an ERP/ WMS is not foreseen, buttons, tablet apps (order creation) or other external triggers (e.g. sensor signals, asset states) can be included via adapters to create orders that will be handled by SYNAOS IMP.

Management and Control of AGVs/AMRs

How can the fleet size be extended?
Other mobile robots from the same manufacturer can be integrated directly into the fleet if they operate on the same map. New vendors or vehicles with other maps must have to perform the map mapping process.
How is the integration of AMRs managed?
SYNAOS IMP is capable of orchestrating/controlling AMRs which communicate and behave within the framework of the VDA5050 standard. This also allows obstacle avoidance along edges, however might come with negative impacts on the traffic flow. The VDA 5050 standard might limit individual capabilities specific to AMRs which in that case would need to be examined in more detail.
Indirect communication with the AMR via its fleet management software is not recommended, since a centrally managed traffic among the fleet will not be possible.

Reference AMRs which are already controlled in customer projects: Bosch Rexroth Active Shuttle, SEW, Omron
How are vehicle-specific functionalities, strengths, and capabilities utilized?
Mainly only functionalities which are supported within the VDA5050 standard can be provided by SYNAOS IMP. 
However through the use of route templates which can be applied for entry/exit manouevers into handling stations vehicle specific actions (which are defined in the templates) can be send out to trigger certain vehicle related capabilities necessary for drive in e.g. Those templates are mainly static and will be applied every time. Exceptions relate to conditions for the handling station loaded state.
What energy saving strategies are implemented?
Users can send several AGVs to sleep mode or switch them off by making multiple selections, thereby reducing battery consumption to a minimum. Possible battery consumption in sleep mode is currently not predicted by the master control system.

Error Management/ Error Handling

How does the system deal with external impact factors such as road closures, asset failures, and system downtime to react and intervene effectively?
The SYNAOS system archtiecture relies on redundant services which provide a system availability of more than 99.8%.
Foreseen external impact factors such as roadclosures can be considered in the routing behavior by configuring routes that should be avoided for example. Asset failures such as connection issues are reflected in the notification center.
How are users notified in case of errors?
The SYNAOS Notification Center offers the user an overview of current faults or error messages which can be categorized in system, vehicle, asset and manual intervention related notifications.
Vehicle specific notifications (errors, warnings) are visible in the shopfloor view as well as in the notification center. Depending on the failure type (e.g. failed handling action, failed order cancellaton, ...) call-to action notifications are raised and displayed more prominently including further instructions for resolvement of the issue.

Informing users via mail, mobile message, etc. is currently not possible.

General

What user authentication will be used to authenticate users?
O-Auth 2.0 with OpenID
Which version of MQTT is supported?
Version 3.1.1
What identity provider are supported?
Most of our customers are using Azure as an identity provider.
What QoS is defined for the MQTT communication?
QoS 0
What connectivity variants are supported for MQTT connections?
Variant 1 - SYNAOS MQTT Broker
The MQTT broker is hosted in the SYNAOS cloud environment. Mobile robots and assets connect directly to the MQTT Broker as MQTT clients.

Variant 2 - Customer MQTT Broker
The MQTT broker is hosted in the customer's environment. The SYNAOS MQTT client connects to the publicly available customer MQTT broker.

Variant 3 - Bridged
MQTT broker hosted in SYNAOS cloud environment and MQTT broker
Defined topics are synchronised between the broker and a configured MQTT bridge.

SaaS

Is your external communication encrypted?
Every communication is encrypted.
What TLS Version is supported?
The latest versions of TLS v1.3 and 1.2 are supported for MQTTS and HTTPS connections. TLS v1.1 is not supported anymore.
What CA is used for you SaaS environment?
Lets Encrypt. The Chain of Trust is available here.
What system authentication options are supported in case the MQTT broker is hosted in the SYNAOS SaaS Cloud environment?
MQTT username and password authentication
Can I log into the MQTT Broker with multiple MQTT clients using the same MQTT client ID?
No. If a second MQTT client connects to the MQTT broker, the previously connected MQTT clients will drop out and lose the connection.

Deployment on premises

In addition to CPU and memory resources for application services. What other services need to be available?
  • PostgreSQL Database
  • KAFKA Cluster (Version 1.3.0)
  • MQTT Broker (Version 1.3.1)
  • Ingress Controller
  • Identity Provider with O-Auth 2.0 Support
Is also an other database supported like Oracle or MySQL?
No. Only PostgreSQL database is supported by SYNAOS IMP.
Can the application services be run in a local Kubernetes environment while hosting platform services such as KAFKA and PostgreSQL in the cloud?
We do not recommend this approach. This is because KAFKA is used as a communication service between our application services and the application services store data in the PostgreSQL database.
If the platform services are only available in the cloud environment, please also run the application services in the cloud.
Are other KAFKA implementations supported by SYNAOS IMP?
Natively Strimzi operator is required for topic management.

Access Control

Does your solution provide support to prevent unauthorized access?
Yes. We rely on the customer’s identity provider and don’t have user/password management in our product. To connect to the identity provider we support OAuth 2.0 / OIDC.
Does your solution support integration with third-party authentication systems and standard authentication protocols?
Yes. We support OAuth 2.0 / Open Id Connect (OIDC).
Connecting our product to your Azure AD or any other OAuth 2.0 compliant identity provider works out of the box.
Does your solution support managing permissions and privileges using groups and roles?
Yes. Our product restricts access based on predefined roles.
You can assign these roles to your users in your identity provider, e.g., Microsoft Active Directory (AD) or any other OAuth 2.0 compliant identity provider.

Data Protection, Encryption

How do you protect against cyber-attacks?
We only expose authenticated endpoints which require valid credentials for acces. 
We follow best practices to harden our product against attacks, such as input sanitation, regular vulnerability checks, etc.
At regular intervals, an independent penetration test is performed on our software and cloud infrastructure.
Is all network communication encrypted?
All network connections to our product are encrypted:
  • User interface and API: https (SSL/TLS)
  • Mobile robots and assets: MQTT over SSL/TLS

Application Security, Vulnerability Detection

Do you have a ISO27001 or SOC2 certification?
Not yet. ISO 27001 certification is planned.
How do we protect our software against the most critical security risks according to the OWASP top 10 list?
You can find the top 10 list of the OWASP (Open Web Application Security Project) here.

A01:2021-Broken Access Control:
  • All endpoints require authentication
  • Authentication and authorization are performed via OAuth, our software does not perform user management.
  • We follow all OAuth best practices, e.g., short-lived tokens, automatic logout on user inactivity. etc.
  • All requests go to the same host, and cross-origin resource sharing is not allowed.

A02:2021-Cryptographic Failures:
  • All data in transit is encrypted
  • We mandate TLS 1.2 or 1.3
  • We do not store passwords
  • We do not use deprecated encryption algorithms and follow best practices in algorithm selection.

A03:2021-Injection:
  • All requests are sanitized and validated. We only use prepared statements, making SQL injection impossible.

A04:2021-Insecure Design:
  • We follow best practices and secure design patterns, e.g., in authentication, authorization, input validation, DoS protection, etc.
  • We use the security mechanisms from standard libraries (such as Spring Security) where possible.

A05:2021-Security Misconfiguration:
  • We use base images without unnecessary components for our services
  • We use the recommended security settings for our standard libraries (e.g., Spring Boot).

A06:2021-Vulnerable and Outdated Components:
  • We maintain a software bill of materials (SBOM) for all of our software components.
  • We regularly perform vulnerability checks and update vulnerable dependency versions accordingly.

A07:2021-Identification and Authentication Failures:
  • Our software does not perform identification and authentication, but uses OAuth to delegate these tasks to an identity provider, such as Azure Active Directory.

A08:2021-Software and Data Integrity Failures:
  • We only use trusted registries as source of dependencies.
  • Each change to our CI/CD pipeline is peer-reviewed and tracked in our code repository.
  • Our APIs do not send or receive serialized data.

A09:2021-Security Logging and Monitoring Failures:
  • All API requests are logged, also if the request is rejected due to failed authentication or insufficient permission.
  • Validation failures are logged.
  • Monitoring and alerting is in place.

A10:2021-Server-Side Request Forgery:
  • There is no frontend input field or API endpoint which fetches content based on a user-supplied URL.
Do you use a structured Software QA test process or method?
We have thousands of automated test cases. Only if they run successfully on a change, the change lands in production or become part of a release.
We have documented development guidelines. Compliance with the guidelines is checked via static code analysis as part of our continuous integration pipeline.

Each code change is peer-reviewed to ensure a high software code quality and compliance with our development guidelines.
How do you protect against cyber-attacks?
We only expose authenticated endpoints which require valid credentials for acces. 
We follow best practices to harden our product against attacks, such as input sanitation, regular vulnerability checks, etc.
At regular intervals, an independent penetration test is performed on our software and cloud infrastructure.

Data Privacy & GDPR

Please provide us a link to your Privacy Notice.
Our privacy policy can be found here.
Is your product compliant with the EU General Data Protection Regulation?
Our application does not store personal information.
Created with