printer friendly version

IP network technology

Industrial communications – the link between the camera and the scada.

Integration and convergence are changing the face of the security industry; physical security continues to meet logical access control, and the results are good for both information technology (IT) and security end-users who are learning to share knowledge and work together.

According to The Freedonia Group, the global market for private security products and systems is forecast to advance 8% each year through 2010, reaching $85 billion.

Security revenues worldwide will continue to rise, with locks, alarms and access/surveillance now representing the lion's share.

"Especially favourable prospects exist for digital closed-circuit television (CCTV) recorders, which are now outselling analogue types in most countries; biometrics, which have finally entered the access control mainstream and will outsell traditional magnetic stripe cards by the middle of the next decade; and contraband detection designed for border, port and airport security," according to Freedonia's 2005 Report, World Security Equipment Study.

IP cameras typically use industrial networks as the main form of communication between all of the different components in the system, letting controllers, sensors, actuators, and transducers share data with each other on a single bus.

'Industrial Ethernet' and 'Industrial Hardened' describe communications products designed to operate in industrial process control environments or geographical locations where harsh conditions are common. Typical installations include power substations, utilities, manufacturing plants, oil and gas installations, water treatment plants, traffic signal control systems etc.

To meet this level of durability, 'industrial' grade (synonyms for 'industrial' commonly include 'rugged', 'outdoor', 'hardened' and 'substation hardened') communications products are manufactured with special components, connectors and circuitry. This ensures reliable operation in the event of wide temperature swings, electromagnetic interference (EMI), radio interference, vibrations, or moisture and humidity fluctuations. The latest trends also include areas as security, realtime, bandwidth availability, wireless networks, seamless integration with multiple manufactures and scalability. All these are network capabilities of utmost importance.

IP network security

For reasons of both security and cost, a multivendor system should only have one access point for remote maintenance. Ideally, this should also support temporary interfacing with mobile computers such that service engineers employed by the various manufacturers can access system components. This need imposes severe requirements on the service gateway.

First, this infrastructure component has to be able to support all conceivable interfaces that might be used at field and control level. Second, effective security mechanisms are required for system protection against unauthorised access. These mechanisms will also handle communication encryption. Figure 1 shows a possible setup with a communication server at its centre. Using this type of server as a service gateway facilitates uniform IP-based remote access to a multivendor system. In the direction of the control and field level, the gateway offers the required interfaces via a plug-in card system.

Figure 1. Ethernet gateway as a universal remote service exchange

Communication at this level is usually non-secure. In the target direction (the remote service workstations used for remote maintenance and as the access interface for service engineers) secure communication is achieved using the TCP/IP protocols SSH, SFTP and HTTPS. Data encryption is based on SSL.

Experience shows that there is the greatest diversity of interfaces at field level. Alongside Industrial Ethernet - some implementations of which involve a variety of realtime-capable special variants - we also find various fieldbuses, serial links based on RS232/422/485 and special sensor/actuator interfaces that can only be addressed using analogue or digital inputs/outputs.

For serial interfaces at control and field level, the communication server can work in what is known as COM port redirector mode. A redirector of this type is linked at one end to the relevant functional unit (eg a Camera PTZ) via an internal UART - in other words, the physical chip for implementation in a serial interface, Figure 2. The other end of the COM port redirector is connected to an IP-based communication channel, at the end of which there is a virtual COM port driver (VCOM driver) which might run, for example, on the remote service workstation in Figure 1.

Figure 2. Virtual COM port drivers support COM ports located at significant distances

This transmission channel can, for example, be simulated by an Ethernet LAN or any other TCP/IP-capable connection. Even the Internet has been considered as a link between VCOM driver and COM port redirector. In other words, a Windows-based remote service workstation can, for example, use a virtual COM port and a corresponding COM port redirector to access a COM port located (very) far away from it in order to allow camera control. As a COM port redirector, the communication server in Figure 2 links its serial interfaces to IP networks with total transparency, thereby allowing uniform remote access.

Seamless integration with multiple manufactures

On the one hand, those who want to be up there with the leaders in industrial automation worldwide have to offer high quality and highly reliable, state-of-the-art products. On the other hand, these products must have a high capability for integration into the different industrial communication standards and profiles. New concepts like Industrial Profiles, offers a unique range as far as integration into the three major standard protocols Profinet, EtherNet/IP and Modbus TCP is concerned. The industrial profiles are uploaded as firmware into the network equipment (high level switches) and enable configuration and monitoring by the manufacturers' own configuration tools in accordance with the plug-and-play principle.

At a joint presentation with the ODVA, Sercos standards boss Peter Lutz spoke of the ease with which CIP Safety could be applied across both the earlier fieldbus variants of the interface as well as the latest Ethernet version, a better development route than working independently, he said. The fact that the CIP Safety protocol sits as an applications layer near the top of the OSI seven layer model makes it virtually independent of the actual transmission medium. What works across the ODVA's fieldbus and Ethernet-based transport layers for DeviceNet and EtherNet/IP, etc, clearly does the same for the Sercos family.

Rockwell Automation's stand included the now familiar but remarkable motion drive demo over absolutely standard Industrial Ethernet infrastructure. Using only the QoS prioritisation facility of standard managed switches, the 16-drive application clearly indicated the concept's practicality; along with the priority-tagged motion data for the synched up drives, the Ethernet frames also included streamed slow frame video and HMI functional data.

Phoenix Contact's Roland Bent used SPS to sound off at length about the progress that his company had made in becoming a one stop shop for automation infrastructure. Several years ago, the company took the strategic decision to back industrial Ethernet development based on Profinet rather than pressing forward with an historic commitment to the Interbus fieldbus community.

Wireless networks

Data transmission over cables is cost-effective, safe and reliable - provided the cable installation is static. But there are many instances where industrial automation systems require data linking to moving platforms. Communication with such highly dynamic processes may be better handled through a wireless link. A successful application outcome will depend on the correct choice of wireless media. Users have called for a wireless-supported fieldbus system for many years; its feasibility has been proven in various studies. With Industrial Ethernet for production automation, wireless technology checks out as being both functionally and economically suitable.

On the other hand the installation of radio networks in the factory automation is still characterised by relatively expensive hardware and expensive planning and start-up costs. There are opinions to hear claiming to reduce both, the costs of hardware and the cost of installation. The solution of the problem will be as follows: an increase of intelligence will be shifted from the access point to the attached network. Following it will be possible to install more access points at the same costs. Intelligent mechanisms eg, security mechanisms or roaming will be enabled by central units in the cable-based backbone, and last but not least these mechanisms will also be accelerated. This model will be particularly successful in the factory automation if it will be possible to keep the existing cable-based network unchanged, and if the shift of intelligence from the access points into the Backbone will be possible by adding the central intelligent instance only.

Today, each individual access point has to render its economical right to exist, and the network is mainly designed for momentary needs only - in particular related to the number of expected mobile participants and thus related to the to be expected network load - in order to achieve the desired reliability in terms of quality of service. Understandably, there are more and more opinions to hear claiming to reduce both, the cost of hardware and the cost of installation.

The solution of the problem will probably appear in the near future as follows: An increase of intelligence will be shifted from the access point to the attached network (see figure), whereby first the importance and second also the costs of the access point will sink. Accordingly to that, it will be possible to install more access points at the same costs. Intelligent mechanisms eg, security mechanisms (Authentication in accordance to IEEE 802.1x) or roaming will be enabled by central units in the cable-based Backbone, and last but not least these mechanisms will also be accelerated.

Scalability

When planning an Industrial Ethernet deployment, it is important to make a distinction between standard Ethernet (IEEE 802.3) and different 'standards-based' Ethernet versions. To gain full benefit from connecting industrial systems with the corporate information side, it is important to select an implementation that leverages these standards without modification or extension.

By using a single underlying standard, manufacturers are freed from the complexity of making several proprietary networks work together. In addition, an Ethernet-based control network can exchange information seamlessly with an organisation's ERP system, extending the exchange of realtime information to the factory floor device. Most of the Ethernet solutions in the market (Ethernet/IP, Modbus TCP, HSE, Profinet, etc) not only provide a common set of tools for physical connectivity but also rely on TCP/IP for logical addressing. This essentially provides visibility and management of any device from any location on the planet.

Ethernet routinely offers data rates that can run into the gigabits per second range; most proprietary and fieldbus systems cannot achieve even a fraction of this data transmission capacity. This substantial increase in bandwidth provides a scalable foundation which enables manufacturers to run new applications over their factory floor network as business needs dictate.

For details contact Industrial Automation and Control, +27 (0)12 657 3630, [email protected], www.aicontrol.co.za

Share this article:

Further reading: