Hirose: Connecting the future
Industrial Ethernet Book Issue 103 / 16
Request Further Info   Print this Page   Send to a Friend  

Fast roaming: a challenge for industrial Wi-Fi applications

Fast roaming WiFi offers reliable and secure communication, especially for mobile applications. For train-to-ground applications and automated guided vehicles, wireless IEEE 802.11 networks are suitable because of long range and high data rates, and when participants can be moving over long distances at high speeds.

IEEE 802.11 WI-FI WIRELESS NETWORKS are used today in a wide variety of applications. This technology is well known for its long range and high transmission speeds. However, fast roaming is a particular challenge for the quality characteristics of Wi-Fi networks in industrial environments.


Application example of train-to-trackside communication.

Fast roaming is especially important when the reliability and security of communication in a mobile application scenario needs to be unaffected. However, due to the complexity of this application, optimizing a wireless network for operation is far from straightforward and offers technical challenges.

Wireless networks can offer many new options for the implementation of industrial applications. On the one hand, they offer an easy-to-install option to provide facilities in changing environments with network communications.

On the other hand, the use of wireless networks minimizes the cost of applications in which wear and tear would damage or destroy cable connections quickly. In addition, the use of wireless communication systems becomes mandatory whenever communication between mobile clients needs to be implemented.

Thanks to their long range and high data rates, wireless IEEE 802.11 networks are suitable for the sophisticated application scenarios of Train-to-Ground Communication and Automated Guided Vehicles (AGVs) in which the participants can be moving over long distances at high speeds.


A mobile client on a train or AGV moves through the wireless networks of different access points.

Factoring Wi-Fi network quality

The objective of train-to-ground communication is to establish fast and reliable signal transmission between trains and the subway and track-side infrastructure. The network on a train can connect WLAN clients on the train via specialized Wi-Fi with different access points along the route.

The communication range of the trackside access points and the wireless network on-train clients are particularly important for the reliability and efficiency of such a system since every switchover (roaming) of a client between two different access points along the route causes an interruption of the train-to-ground connection. Hence, frequent roaming degrades the connection quality, especially when the interruption is long.

The network requirements for the AGV application are very similar in terms of coverage and interruptions. In this case, vehicles are moving autonomously through a manufacturing site to independently fulfill various tasks.

The vehicles communicate with the infrastructure about sensitive and time-critical information necessary for autonomous operation, such as receiving control commands. Thus any longer interruption on the communication network might cause the stop of an AGV which could lead to disruptions in the manufacturing process.

The most important quality indicators of how a wireless network can meet the requirements of both applications are:

  • Packet loss rate: the percentage of sent messages (or packets/frames) that are not successfully received by the intended recipient
  • Latency: the delay in transmission for the delivery of a message via a wireless connection
  • Data throughput of the wireless connection: the ability to transmit a certain amount of data within a specified time
  • Interruption: a break in transmission that takes place when a client roams from one access point to another
  • Communication range: the area covered by an access point or the seamlessness in the coverage of a facility that determines whether the Wi-Fi connections are strong enough to reach all necessary locations

Generally speaking, the importance of each parameter varies according to the application. When it comes to train-to-ground communication and AGVs, reliable communication has top priority. The wireless network must deliver a certain data throughput with minimal packet loss at every point of the area.

A standard requirement of a train-to-ground installation is 20 to 80 Mbit/s data throughput with less than 1% packet loss. Especially the requirement on high reliability is similar for AGV scenarios, since any interruption in communication might cause the AGV to stop its operation.


Application example of automated guided vehicle (AGV) communication.

Quality of wireless networks

To ensure this reliability can be achieved, the installation must have sufficient network coverage; in addition, the interruptions of a mobile client during the switch from one access point to another should be as short as possible (typically < 50 ms). Insufficient coverage results in a stark reduction of the data throughput, and frequent interruptions that are too long lead to extreme packet loss.

For these reasons, an optimal mechanism for changing the connection from the client to the access points factors into these both aspects. Roaming needs to occur as quickly as possible and must be initiated precisely when the client leaves the range of the current access point and the next access point offers a stronger signal transmission which leads to a more reliable data throughput.

State-of-the-art technologies

Presently, there are various technological wireless network capabilities to enable client devices to rapidly change between access points. Since the security of the wireless network should be ensured at all times, including in scenarios with high mobility, there should be no compromises of the implemented security technology in favor of faster roaming times.

Therefore, technologies for faster roaming should always be viewed in the context of the underlying security mechanisms. These roaming enhancements are often specific to special hardware or software features and therefore are only available on certain wireless network products. For example, the current BAT devices of the Hirschmann access point series support the following technologies:

Fast roaming

Although a mobile client moves through the transmission range of several different access points, the reliability of the communication and the available bandwidth must be guaranteed at all times. Ideally, to optimize bandwidth, neighboring access points with overlapping radio coverage should operate on different channels to minimize interference. A mobile client can connect automatically to the access point with the best signal. Fast roaming between wireless network access points has been possible for a long time. Interruptions of less than 50 ms can be achieved; however, even faster roaming requires further technical tricks and achieving such fast roaming times with proper security is even more challenging.

Reducing scan times

When roaming between two access points, an on-train client must first identify the next target access point. This is not as simple as it may sound, because in order to avoid interference between adjacent access points, these access points typically operate on different channels, meaning different frequencies. However, a client can only communicate with access points on one channel at a time. Therefore, when searching for candidate target access points, the client must deactivate its current communication connection in order to search other channels/frequencies for suitable access points.

A mobile client must therefore periodically interrupt its established connection to scan all eligible channels/frequencies to obtain an overview of signal strengths of the other access points in its environment. Only with this information can a client decide whether there is a possible connection with a better quality than the present quality, and then initiate the roaming process.

Depending on the train′s speed and the associated changes in the environment of the WLAN client, the scanning processes must be performed repeatedly. Since the active connection cannot be used during these scans, it is not possible for the client to transfer the packets for the application during the scan - the network is not available whenever the client scans. For this reason, scan processes should be as short as possible.

Secure fast roaming

Whenever a client decides to switch its connection to a different access point, it will initiate the procedure for the fast BSS (Basic Service Set) transition defined in the IEEE 802.11 standard, meaning the actual roaming to the better access point. In consideration of the highest WiFi security, fast roaming is usually labelled as Fast BSS Transition.

The security of a WiFi connection can only be guaranteed if a client properly authenticates at the target access point when connecting and if a valid key for this connection is provided for encryption of the data packets. This takes time and must be repeated with every roaming process, unless special techniques are used. Fast roaming is therefore only possible using a faster authentication mechanism.

Over time, more and more (necessary and important) security mechanisms have been added to wireless networks, so that wireless networks today are very secure. But this security comes at a price: the connection setup and connection switching between access points is slower because the necessary security parameters must first be negotiated and exchanged. Here too, a certain level of technical trickery is needed to create both secure and fast Wi-Fi when roaming. In order to ensure both a fast and secure exchange, two problems must be addressed:

  • How can the mobile client switch as quickly as possible between access points?
  • How can the time for the negotiation of security parameters be minimized?

The following optimizations lead to a significantly faster roaming while continuing to maintain good security.

PMK (pre-master key) caching

The PMK Caching method also uses a full authentication via IEEE 802.1X. However, the client and access points store/cache the negotiated keys and can reuse them for quick access to their next connection. Nevertheless, this method for fast roaming can only be used to a limited extent, since a client would have to log in to all access points in the system for the roaming processes to use the stored key information for a fast connection later on.

Pre-authentication

The Pre-Authentication method enables the client to authenticate via IEEE 802.1X to the next access point via the wired backhaul network, independent from the actual roaming procedure. This way, the client does not communicate directly with the access point via Wi-Fi but uses its currently active connection with the wired LAN in order to connect to the next access point.

During this early authentication process, the Master Key is already negotiated between the client and the access point, which means that, when roaming at a later point, the connection to this access point is made without authentication.

Although this method makes fast roaming possible, there are still some disadvantages: as a requirement for Pre-Authentication, a client must be able to predict with which access point it will connect as early as possible. This information may not be available in certain circumstances, since a client would have to scan the Wi-Fi channels in its surroundings for access points often and continuously. This in turn leads to loss of performance and interruptions. Alternatively, of course, a client can authenticate itself with as many access points as possible, regardless of whether it will connect with them later on. However, since a full IEEE 802.1X process is required for every authentication, this approach generates a significant load on the authentication server. Therefore, this Pre-Authentication method for fast roaming has limited applicability.

Opportunistic key caching

The utilization of Opportunistic Key Caching (OKC) can provide fast roaming without generating a heavy load on the IEEE 802.1X authentication server. The central approach of this method is the managing of key information for all access points by a Wi-Fi controller. The Wi-Fi controller can distribute the authentication information to all Wi-Fi access points under its control. Therefore, a client must no longer negotiate its own Pre-Master Key for every access point but is able to use the same Pre-Master Key for all access points managed by the single Wi-Fi controller. The Pre-Master Key will be negotiated during the first IEEE 802.1X authentication. Thus, a client must only complete a single IEEE 802.1X authentication to any access point in order to connect to all access points of the network. For this reason, fast roaming times of 50 ms are possible through the use of OKC, despite the use of the full security of IEEE 802.1X.

IEEE 802.11r

A conceptually very similar procedure to the Opportunistic Key Caching, 802.11r is specified in the IEEE standard. A significant difference between this specification and OKC is the use of a defined key hierarchy at the Wi-Fi controller and the connecting clients. Based on this hierarchy, the access point and the client are able to gain access to a part of the necessary information for key negotiation.

System solutions

The software used for access points, clients and WiFi controllers offers solutions for both core challenges of fast roaming. On the one hand, comprehensive configuration options for scanning behavior facilitate efficient, optimal roaming decisions. On the other hand, the mechanisms for fast roaming in combination with IEEE 802.1X authentication, such as Pre Authentication, Opportunistic Key Caching, and IEEE 802.11r are supported as well.

Reliability and security

Both train-to-ground communication and AGV applications need reliable communication between fast moving participants and the stationary infrastructure. Based on the high mobility and the specific requirements for the data throughput with very low packet loss, optimal "fast roaming" with the highest WiFi network security is needed. Only with optimization of the roaming behavior, and with the very short interruptions associated with it, can the target of low packet loss for these mobile applications be achieved.

Dr. Tobias Heer, Technology & Innovations and Dr. Bernhard Wiegel - Embedded Software Development, Hirschmann Automation and Control.


Source: Industrial Ethernet Book Issue 103 / 16
Request Further Info    Print this Page    Send to a Friend  

Back

Sponsors:
Discover Cisco IoT
DINSpace fiber optic and Cat 6 patch panels
Siemens iWLAN
Japan IT Week Autumn

Get Social with us:


© 2010-2018 Published by IEB Media GbR · Last Update: 22.10.2018 · 24 User online · Privacy Policy · Contact Us