The CODESYS Automation Server addresses precisely this need. As a central platform for management, monitoring, and maintenance of CODESYS-based controllers, it combines a wide range of functions: Remote access to controllers, including debugging via the CODESYS Development System, centralized application and project management with versioning and automated rollout, certificate management, field licensing, and extensive options for data logging and analysis via the integrated Data Analyzer. The Automation Server creates a digital twin of every connected controller—providing a complete overview of device status, software versions, active applications, and variable values.

Until now, the system was available exclusively as a Software-as-a-Service (SaaS) solution hosted in the public cloud. Now, CODESYS is expanding its offering with a second deployment option: the Automation Server On-Prem—an installation on the users’ own infrastructure.

The cloud version: a proven foundation

The SaaS version of the CODESYS Automation Server is operated by CODESYS in the AWS cloud. Technically, the architecture is based on multiple Virtual Private Clouds, in which, among other things, a Kubernetes cluster runs the Automation Server and the associated database. The setup is complemented by the Automation Server Manager—a proprietary operations tool for comprehensive system management—as well as a range of AWS services, such as for email delivery, DNS management, and certificate management.

Users benefit from easy access via a web browser, automatic scaling, and no operational overhead. CODESYS handles updates, backups, and security measures. This model is particularly well-suited for companies that want to get started quickly without setting up their own infrastructure and that wish to benefit from the high availability and security standards of the AWS platform.

The new approach: Automation Server on your own infrastructure

However, not every company can or wants to store its control data in an external cloud. Regulatory requirements, industry-specific security demands, geopolitical developments, or simply the desire for complete data sovereignty often make an on-premises solution the preferred—or only—option. This is not uncommon in industrial automation: operators of critical infrastructure, companies in the pharmaceutical sector, or production facilities with strict compliance requirements—such as those in the automotive industry—often face a situation where the relevant infrastructure runs on networks strictly isolated from the internet, or where a cloud-based model is simply not approvable—regardless of how secure the underlying platform may be.

This is exactly where the CODESYS Automation Server On-Prem comes in, which will be available shortly. A fully functional preview version is already available today for extensive testing.

Specifically, “On-Prem” means that the Automation Server no longer runs in the cloud, but on servers that users provide and operate themselves. Everything that was previously handled by CODESYS—database, DNS management, mail server, persistent volumes—is now the responsibility of the operator. In return, the operator gains complete control over his data, infrastructure, and the operation of the system.

What is the difference between Cloud and On-Prem?

Functionally, both variants are nearly identical. The Automation Server On-Prem offers the same scope of features as the cloud version—from control management to remote debugging, project management, and application deployment, all the way to certificate management and the creation of Certificate Signing Requests. Only the Data Analyzer is not part of the on-premises solution. The main differences are in the operating model.

In the cloud version, CODESYS handles the entire operation: infrastructure, updates, security patches, backups, and scaling. Users operate the system without having to worry about the underlying technology. In the on-prem model, this relationship is reversed. User become operators and are responsible for the Kubernetes cluster, the database infrastructure, network configuration, backup strategies, and system maintenance. CODESYS provides all the necessary tools and detailed documentation for this.

Another key difference concerns connectivity. The SaaS solution requires an internet connection, as controllers communicate with the cloud server via the Edge Gateway. The on-premise version, in contrast, can also be operated in completely isolated networks—a decisive advantage for environments where a permanent internet connection is not available or not desired.

There are also differences in the pricing model. The cloud version follows a modular SaaS approach: users select individual functions, pay monthly, and can cancel at any time. The on-prem model always includes the full range of features. Costs are based on the number of controllers to be managed. Users purchase a package with a fixed number of controllers for one year. If needed, the package can be extended or expanded with add-on packages. Volume discounts ensure that the price per controller decreases as the number increases.

The advantages of the on-premise option

For companies that run the Automation Server on their own infrastructure, there are a number of specific advantages.

Complete data sovereignty. All project data, applications, control information, secrets, and additional files remain on the company’s own systems. For industries with strict data protection requirements, this is often a mandatory prerequisite. Sensitive know-how never leaves the company’s own network. Companies decide for themselves where their data is stored, who has access to it, and which retention policies apply.

Independence from external connectivity. Operation in isolated networks becomes possible. Production environments without internet connection, offshore facilities, mobile machines in field operations, or security-critical areas with air-gap requirements can be managed just as easily as networked locations. This makes the on-premises server attractive even for use cases where connectivity is available but unreliable—such as geographically distributed facilities in regions with poor network coverage.

Integration into existing IT landscapes. Since the operator controls the entire infrastructure, the Automation Server can be seamlessly embedded into existing IT systems—whether in terms of network architecture, authentication services, backup systems, or monitoring solutions. Existing security policies and compliance requirements can be implemented immediately without having to make the compromises that an external hosting provider might entail.

Security according to your own standards. From physical access to the servers and network segmentation to encryption and access control—the operator determines which security measures to implement and how to configure them. This also includes the ability to create and manage backups on redundant systems according to your own specifications. Companies that already have a mature IT security concept in place can integrate the Automation Server into this concept without compromise. Additionally, the operations tool, the Automation Server Manager, supports backups and restores.

Multi-tenant capability. Within a cluster, multiple independent Automation Server instances—so-called tenants—can be operated. This enables the clear separation of different customers, locations, or business units on a shared infrastructure. For machine builders who wish to provide their customers with their own server instance, this is a particularly practical scenario. System integrators, engineering firms, and service providers who centrally manage their customers’ infrastructure can make sure that all clients are always clearly separated from one another.

What users get: the on-premises package

CODESYS provides a comprehensive package containing all components for installation and operation. This includes the container images for the Automation Server and the Automation Server Manager, a Helm chart for installation, the complete cluster definition with Kubernetes specifications, database schema, and configuration files, as well as detailed documentation covering the entire installation and operation process.

The installation itself takes place in two clearly structured steps: First, the Automation Server Manager — the central management tool also used in cloud operations—is installed using Helm. Next, the actual Automation Server is set up via the Manager. This is based on a cluster definition provided by CODESYS, which also serves as a vehicle for future updates. New versions of the Automation Server can thus be installed via updated cluster definitions without having to repeat the installation process from scratch.

During ongoing operation, the Automation Server Manager provides a clear interface for the most important administrative tasks: creating and restoring backups, managing licenses, establishing connections to license servers, and creating additional tenants as needed. Licensing itself is also handled directly within the Manager, where all existing licenses can be viewed and managed centrally.

Two variants, one goal

The CODESYS Automation Server On-Prem is not a replacement for the cloud version, but rather a complement. Both operating models address different requirements regarding data sovereignty, connectivity, operational responsibility, and IT strategy—and both provide the same range of features for the centralized management of control landscapes. The cloud version remains the right choice for companies that want to get started quickly, flexibly, and without the need for their own infrastructure. The on-premise version is aimed at organizations that want—or need—to have complete control over their automation platform.

With the introduction of the on-premises option, CODESYS is making the Automation Server available to a target audience that has not been able to benefit from the platform previously. Companies interested in testing the Automation Server On-Prem can contact the CODESYS Group directly. The pre-release version is already available and allows users to thoroughly evaluate installation and operation on their own infrastructure before the final version is released.