Page 17

Industrial Ethernet Book 99

Industrial network data flow The data flow in industrial network infrastructure is characterized by horizontal and partly by vertical communication. In contrast to the purely vertical client-server communication in office IT, in many industrial networks data is exchanged directly between devices (horizontal communication). Vertical communication can also differ to some extent, for example, between a field device and a controller. Cyclic communication with deterministic clock synchronicity and very low jitter is a key prerequisite for industrial control components to operate smoothly. This requires a continuously active communication connection which does not, however, exist in any other part of the company’s IT in the case of client-server-based Ethernet communication operating according to the “best-effort principle”. As a rule, an industrial plant must function without interruption, for example to ensure a high degree of availability over a long period often exceeding ten years. The design of the industrial network with rugged components and suitable redundancy procedures, such as seamless redundancy for motion applications or system redundancy for process applications, provides the basis for the increased availability of a production plant and can even maintain the operation in case of a fault. If service or even troubleshooting becomes necessary, despite best efforts, an industrial facility cannot generally be restored quickly enough under the usual IT SLAs (Service- Level Agreements). Even constantly available service may not be enough if a response time of between two and four hours is defined in the SLA. What matters is fast restoration, i.e. that the plant runs smoothly again within the shortest possible time. Especially in complex network infrastructure fast and simple fault localization is not possible without the use of suitable integrated diagnostic and monitoring tools that automation personnel can also operate. The tools must also monitor all relevant end devices connected, including control and drive units and peripherals, and not just be restricted to infrastructure devices such as servers and switches. What is the benefit? In order to replace defective components and bring them back into operation as quickly as possible, it also makes sense to also arrange the aggregation networks, such as the industrial backbone, directly in the plant, keeping the service path and the response time low. The ambient conditions in a production facility, a distribution station, or a filling or transfer line differ greatly from the climatic conditions in a data center or office. It therefore goes without saying that rugged components, for which spare parts will be Rugged access points provide an effective, robust communications solution, with version designed for special environmental requirements and use in applications such as buses and trains. SOURCE: SIEMENS available even after many years, must be used. To ensure plant availability, a hotline familiar with the entire plant should be available at all times. Experience has shown that a homogenous concept and focusing on a single automation manufacturer greatly facilitate fast and effective solutions for control and network components. Outsourcing and personnel The outsourcing of office IT has become common practice for many companies. However, in order to ensure the necessary high availability of industrial facilities, the corresponding networks are hardly ever outsourced. Employees of the company itself are responsible and capable of handling maintenance work and malfunctions, and spare parts for particularly critical areas are kept on site. Furthermore, when planning and operating industrial infrastructure, care must be taken to have enough trained personnel available on site to ensure trouble-free operation. Not every company is able to have IT professionals available at all times. It therefore comes as no surprise that the contact persons are typically automation experts with IT knowledge and not IT specialists. Considering this, the network technology deployed at any location should be designed in such a way that it can also be handled by trained automation technicians, since “non-IT specialists” often have to service individual components. In any case, this role must be filled by skilled personnel who can form an interface between automation technology and IT and serve as a competent contact for both sides. Besides the wired industrial IT architecture, this role also involves the management of radio channels (WLAN, BT, Wireless HART, ...) in industrial environments. Safety and security In industrial environments a distinction is made between safety – that is functional safety, and security – i.e. data security. Safety covers all the functionalities that serve to protect people, machines and plants. In an emergency it must be possible to transfer individual machines, plant segments, or entire plant complexes to a safe state. This requires fast and direct data transmission to the critical control elements. The safety signals must be reliably transmitted with the highest priority independently of the media used. If network sections are implemented with “emergency stop” functionality, the corresponding network connection must be ensured in both wired and wireless network infrastructures (such as Wireless LAN). To meet the security requirements of industrial networks, special cell protection and firewall concepts, for example, need to be implemented. These must protect each production area against unauthorized access. Especially for sensitive remote access, professional security concepts are required, for example in order to perform maintenance work on defined plant sections according to clearly defined rules. Version management also differs from the typical office IT: Patches for industrial plants must be loaded within the time slots scheduled for maintenance, because updates during operations can result in critical performance losses. For example, unplanned network scans can unintentionally bring entire plants to a standstill. Conclusions and outlook Considering all these aspects, an integrated network concept based on a physical network separation with a connection concept fulfilling both security and performance requirements is highly recommended for a failsafe industrial plant. Users should treat convergence concepts that simply integrate the industrial network like any other logically separated network, or do not even provide a VLAN separation, with the utmost care. As has been proven in countless industrial applications, the network as part of the automation process plays a crucial role in smooth operations. It is therefore of prime importance for the success of industrial companies that industrial networks are planned and implemented on the basis of key criteria. Gert Mikuta, Siemens AG Process Industries and Drives. 17 4.2017 industrial ethernet book


Industrial Ethernet Book 99
To see the actual publication please follow the link above