Global Sources
EE Times-Asia
Stay in touch with EE Times Asia
?
EE Times-Asia > Networks
?
?
Networks??

Industrial networks move to standards

Posted: 04 Jul 2005 ?? ?Print Version ?Bookmark and Share

Keywords:networking? network? ethernet? tcp/ip? web protocol?

By Peter Varhol

EE Times

Networking has been an important part of capturing and evaluating data from industrial processes. For the most part, industrial networks have been limited in capability, closed in topology and special-purpose in the protocols and data they've carried. Increasingly, however, these solutions are being supplanted by broader standards, such as Ethernet, running TCP/IP and even Web protocols either in addition to or in place of more-real-time or proprietary interfaces.

The problem with the migration to standardized networks is that those nets were not designed for rugged, real-time environments. Nonetheless, the demand is there, so the onus is on the designer to overcome the obstacles to ensure optimum performance.

Traditional serial networks and controller-area networks have been widely deployed for the purpose of transporting data from a device or sensor to a recording instrument or readout. Though still popular, they are being replaced by newer Ethernet, TCP/IP and Web-based networks in a trend that is driven by several factors. Chief among them is the perceived cost benefit of Ethernet as well as the ease with which the TCP/IP protocol stack can be configured and used for a wide variety of transport purposes.

In some cases, end users have bought into the compelling message that it can be possible to deliver real-time process information right to the executive boardroom. The reality, unfortunately, is that while engineers have the technical wherewithal to deliver any amount of data to any location, that ability has to be tempered by some sober realities as to the side-effects of those configurations.

The Ethernet interface was designed to support general-purpose networking, not for the extreme physical conditions of industrial or manufacturing environments. Also, the TCP/IP protocol stack was designed for reliable delivery of static content and does not guarantee the speed or order of packet delivery.

While both hardware interfaces and software protocols are highly flexible, designers need to be cognizant of the limitations of each in an industrial environment and know how to work around them to deliver robust and lasting solutions for process monitoring and control.

As data acquisition devices, programmable-logic controllers, sensors, instruments and other systems on the factory floor grow increasingly dependent upon each other, end users seek broader networks and network applications that can be used in a highly integrated environment. While the thought of office workers monitoring and optimizing factory processes on their PCs between coffee breaks seems absurd, there are a number of applications where the use of a single network standard can pay off.

But designing such a system and building devices that can take advantage of it pose significant engineering challenges. Possibly the most severe constraints on the network are environmental extremes: Manufacturing facilities and industrial sites are often host to high heat, high humidity and electrical interference. Shielding on conventional Ethernet may be able to protect against much of the electrical interference, but hardware reliability and redundancy are also essential ingredients.

One compelling solution is device-integrated networking-that is, enabling Ethernet networking as a part of the silicon, to yield a solution that's both robust and high in performance.

There are several levels at which this integration can occur. Designers can integrate at the chip level, through a custom ASIC or commercial integrated processor such as NetSilicon's NET+ARM. The NET+ARM processors use the ARM7 or ARM9 processor core and integrate 10/100Base-T Ethernet as well as a number of peripheral connections, such as USB and PCI. NetBurner offers a similar configuration with the Motorola ColdFire 5270 microprocessor, flash memory, SDRAM and 10/100 Ethernet.

Integration can also occur at the board level, with standard processors, Ethernet and other peripherals on the board. Boards can typically add more processing capabilities and external interfaces, such as digital I/O, analog-to-digital and D/A conversion, and serial ports supporting RS-232 and RS-485/422. Advanced Micro Devices, for example, offers the Net186 Embedded Ethernet reference design, which includes the Am186ES microcontroller, flash memory and synchronous DRAM, serial ports, and a network controller.

At the software level, Ethernet with TCP/IP has some less-than-desirable characteristics as a protocol stack. Specifically, these protocols minimize but don't prevent collisions, and they don't guarantee delivery of packets in order or within a specified time.

There are two approaches to mitigating these protocol issues. The first is to optimize either protocols or hardware within the Ethernet stack to compensate. The other is to use the basic hardware and network approach but replace TCP/IP with an alternative that's specifically designed for real-time industrial systems.

Many vendors, including NetBurner and NetSilicon, choose to optimize protocols and interface hardware. Often the user is given the choice of which protocol to use for the data transport, providing the ability to adopt a higher-performance protocol or, in general, one that best meets the needs of the application.

Those pursuing the alternative route can use the LonWorks protocol, a layered, packet-based, peer-to-peer communications protocol designed for the requirements of control systems, rather than data-processing systems. Like the related Ethernet and Internet protocols, it is a published standard and adheres to the layered architectural guidelines of the International Standards Organization's Open Systems Interconnect reference model. The LonWorks protocol works to eliminate packet collisions, which are the primary cause of performance degradation. Connectivity to Ethernet, the Internet or a wide-area backbone network is possible through the use of LonWorks-to-IP routers.

While this alternative diverges from an Ethernet-only solution, it makes it possible to gain connectivity to Ethernet-based networks in order to achieve transport beyond the factory floor. This approach can provide the best of both worlds-better real-time performance on the industrial side of the network, with data accessibility for monitoring and evaluation on the general-purpose side.

A word about security

Virtually all end users perceive the threat by viruses, worms or system hackers to disrupt or compromise their fundamental business. But as Ethernet and TCP/IP-based solutions become more popular, they open up the industrial network to many of these same hazards.

Viruses, worms or other automated intrusion can obstruct or invade systems running monitoring applications. While it's unlikely such rogue code can affect instruments or devices themselves, it can bring down servers or desktop systems that are often used to monitor and record data.

A second hazard is an automated denial-of-service attack, which doesn't affect the network itself but can render the network inaccessible from the Internet. If the software solution includes remote monitoring or control, such an attack would break that link in the chain. Denial-of-service attacks are sometimes intentionally done, either in retaliation or as a blackmail threat.

A final hazard is human intrusion. Such an intrusion is intentionally malicious and can be geared toward either disrupting operations or conducting industrial espionage. Small device networks based on industrial standards offered some level of protection through obfuscation, and from the standpoint of the intruder, there was little to gain. But with broad-based Ethernet networks covering both factory floor and corporate office, the prize has become bigger and the technical challenge within reach.

Another potential threat, still further on the software side, is the increasing use of Linux derivatives as embedded real-time operating systems. While there is nothing inherently insecure about Linux, its increasing use in both computer systems and industrial devices is making it a target for those who understand and exploit weaknesses. Other RTOSes may be safer, if only because they have less exposure to general-purpose use.

How do you design industrial systems to take these and other new security issues into account? Most do this primarily through software, although hardware-based authentication and access are also possible. The software standard for authentication is Kerberos, which is capable of operating on an insecure network. When a user needs to access a network device, first the client requests a ticket for that service from the Kerberos server. The server creates a packet with the content of the request, the current time and the length of time for which the ticket will remain valid.

The server adds the random key and the identifying information to the outside of the encrypted packet, encrypts it again with the key of the principal who asked for it and sends it back. The client then decrypts the ticket and sends that to the server. On receiving the ticket, the server decrypts it using the key for its own principal. Given a successful decryption, it can examine the time stamp to see if the ticket is still valid and make a decision about the identity given.

The code and processing overhead is small; Kerberos for an embedded network requires perhaps 25KB for code and data, with a relatively small processing overhead on a 32-bit processor. Authentication using a method such as Kerberos helps ensure that unauthorized software or users do not get access to the protocol stream.

Design considerations

Ethernet and standard network protocol stacks such as TCP/IP don't necessarily reduce costs in industrial networks, but their use in such applications will continue to grow. Ethernet solutions require silicon and support materials that combine robust performance and reliability in extreme environmental conditions, accompanied by software solutions that guarantee real-time delivery of data.

But getting the right combination of cost, standards and features into an embedded Ethernet solution makes it possible to achieve unprecedented connectivity between the factory floor and general-purpose networks. The most common application of this configuration today is remote monitoring, often through Web browsers. The ability to successfully tie together real-time data on manufacturing processes with other business intelligence can offer a powerful boost to productivity and efficiency. Getting device connectivity right is the most important step.

About the author

Peter Varhol is a technology practitioner and writer based in New Hampshire.




Article Comments - Industrial networks move to standard...
Comments:??
*? You can enter [0] more charecters.
*Verify code:
?
?
Webinars

Seminars

Visit Asia Webinars to learn about the latest in technology and get practical design tips.

?
?
Back to Top