Wireless Ethernet for Industrial Applications

Emerald JADE Submission - Structured Abstract

1. Category of Paper
General review
2. Purpose
Wireless technology continues to evolve for the industrial market; however there are
several issues and challenges that must be addressed to ensure successful
implementation. This paper discusses the development of wireless technology and
standards and those that are currently applicable to industrial applications. Key
considerations for successful implementation of industrial wireless Ethernet are
presented, along with potential applications.
3. Design
An overview of wireless applications is given. Wireless technology development is
discussed, along with pertinent characteristics. The use standard Ethernet with
automation protocols and their use with wireless is examined. Topics to consider
when implementing wireless Ethernet in industrial applications are illustrated.
4. Findings
There are numerous diverse potential application areas for wireless, these include
sensing, information, control and safety based applications with advantages derived
from mobility, cable replacement and tracking opportunities. Each has differing
characteristics. Considerations such as information or control use, and the challenges
of interference, coverage, compatibility, safety, security and cost need be addressed to
ensure a successful implementation. Use of COTS wireless components with
standard unmodified Ethernet and automation protocols is advantageous to maximise
the developments taking place in the wider WLAN market.
5. Practical implications
It is important to understand where wireless is appropriate and where it is not.
Currently, most applications are information related, however, limited control and
safety-related use is possible today with potential future growth. A fully wireless
factory is not feasible yet, since there is still a requirement to provide significant
power to many devices. Technology developments in wireless and associated
technologies will broaden the scope of wireless utilisation in the future.
6. Value
The development of wireless technology and standards, in particular, those applicable
to industrial applications are reviewed. The factors influencing wireless
implementation in industrial environments are presented to assist in successful
implementation. The opportunity to use the combination of an automation protocol,
unmodified Ethernet and COTS wireless provides potential cost benefits, flexibility,
and innovative solutions, whilst providing performance and cost advantages found in
the overall WLAN market.
Keywords:
Ethernet, EtherNet/IP, fieldbus, functional safety, wireless, networks
Wireless Ethernet for Industrial Applications
Abstract
The question of widespread wireless usage in manufacturing is not one of whether or
where it will be applicable, but when it will be applicable. For many users the answer to
this question is now. Typical applications illustrate where wireless can deliver significant
benefits today. Managing risk factors and criteria for successful wireless
implementations are discussed. For many, wireless Ethernet is proving compelling,
particularly with widespread use of fieldbus protocols and Ethernet.

Introduction
Wireless technology continues to evolve for the industrial market, however there are
several issues and challenges that must be addressed to help ensure successful
implementation. This paper provides an overview of a number of wireless standards that
are currently applicable to industrial applications. Key considerations for wireless
installations (i.e. interference, coverage, compatibility, safety, security and costs) are
discussed. Descriptions of several successful wireless application areas are illustrated.

Wireless Applications
Several wireless technologies and standards are deployed in order to solve industrial
applications. To date, no single technology has been suitable for the diversity of
application requirements. This paper will focus primarily on Wireless Ethernet, a
relatively mature technology, and Wireless Sensors, a developing technology.
Information is also presented on enhancements to Wireless Ethernet that will broaden its
application space.

There are numerous excellent applications for wireless in the industrial domain. Some
applications have existed for a long time. One of the most successful applications is
wireless Supervisory Control and Data Acquisition (SCADA), where wireless is used to
economically communicate across long distances in process and utility industries. Cost
savings are also achieved when wireless is used to bridge communication across
obstacles such as walls and rivers. Another excellent application is Radio Frequency
Identification (RFID), which has numerous advantages over barcode, including less
susceptibility to orientation and greater data storage. Innovation in this area is providing
the opportunity for greater automation. Wireless sensing is an emerging market,
promising massive growth due to the large number of potential networked devices, but it
still faces numerous challenges. Wireless I/O for control is a popular topic of
investigation, but has not gained widespread acceptance.

How does one organize and make sense of this diversity of applications? Figure 1, the
Wireless Application Matrix, describes one usage space for wireless. The vertical axis
contains generic wireless use cases, each with distinct benefits. The horizontal axis
refines each use case based on the purpose of applying the wireless transactions to
automation. The boxes list different wireless applications. Solutions can be found in the
market to address each application. Discussions on cable replacement, tracking, mobility,
sensing, information, control and safety are discussed below. This is only one view of the
wireless domain. A similar breakdown was constructed by the ISA-SP100 (Wireless
Systems for Automation) committee. ISA is the Instrumentation, Systems, and
Automation Society based in the US.

Machine Access

-
Environmental Process / Design AGV Location based
Mobility Measurement/ Info. Access HMI
Audit Wireless
Multimedia Emergency Stop
Communication

RFID RFID
Tracking Material Delivery RFID
Condition RTLS RTLS

OEM SCADA SCADA

- Maintenance
Condition based
Cable and Wire Maintenance Modems Wireless I/O
Wireless I/O
Replacement
Crane Control
Process Tuning Remote Device Crane Control
Monitoring

Sensing Information Control Safety

Figure 1 Wireless Application Matrix

The Wireless Application Matrix is now discussed.

The “Cable and Wire Replacement” use case applies wireless in order to replace discrete
wires and cables. There are a variety of reasons to replace a wire or a cable. Sometimes it
is less expensive – especially when large distances are involved, as in the outdoor
SCADA market, where sensors may be separated by large distances. Sometimes there is a
barrier to cross, such as a trench or a control room window. Crossing the barrier can be
expensive as well. Where large ground disturbances are present, such as in electric plants,
cables can carry destructive currents between devices. In these cases, wireless isolation
protects the devices. In other instances, where there is a potential intrinsic safety hazard,
intrinsically safe wired communication could be applied, but this adds to the connectivity
cost. Wireless signals have low energy, making intrinsic safety achievable. Another
example is where wireless is used to replace conductive communication where relative
motion is involved. Often, mechanisms in a machine table rotate relative to its base;
monorail vehicles move relative to a track; cranes move relative to a track, but over a
limited distance. Festoon cables and rotary couplings are often utilized, but they present a
reliability problem. In such cases, wireless communication eliminates the potential wear
in the mechanism.

The “Tracking” use case concerns the question of location for products, packaging,
equipment, and even people. Placing a radio on an item (a tag) allows it to be tracked by
a locating system. RFID readers can locate the tags at discrete locations, whereas Real-
Time Locating Systems (RTLS) operate to locate and track an item or a person’s position
within a given space. Active RFID is similar to RTLS, using battery powered tags. The
advantages of wireless tracking are not limited to cost reduction compared to wiring.
New applications can leverage the unique advantages of wireless over wires. It is hard to
imagine tracking a package by extending a wire from the factory to the customer. Thus,
new opportunities exist in this area.

The “Mobility” use case is also an area replete with new opportunities. There are
compelling reasons to provide mobility in human related applications. In one example, a
maintenance person accesses a diversity of systems to perform a repair. She responds to a
machine problem, carrying her laptop to the shop floor. As she moves to the machine, the
engineering information is automatically loaded for reference. She then accesses the
manufacturing system to find a gap in production and reserves it for maintenance. Next
she accesses the control system (without needing a special adapter cable) and identifies
the problem. From the control vendor’s Web site a fix is found. The control system is
modified and performs as expected. This saves many footsteps and expedites repairs. In
another example, sensors are placed on packages and products to track not only location,
but environmental and other usage extremes. This can lead to better quality, reduced
warranty costs, and even future product enhancements. One other example is Automated
Guided Vehicles (AGVs), where flexible and dynamic routing no longer relies on placing
inlaid floor tracks.

Next the horizontal axis of the Wireless Application Matrix is discussed.

Wireless can be used for the purpose of fixed “Sensor” applications. This category does
not include sensors that are part of a fast control loop, but only for data gathering
purposes. Data sensor applications with slow rates (less than 1 update/minute) are
currently achievable. Promising areas include Condition Based Maintenance (CBM) or
fixed environmental monitoring.

As mentioned above, sensors can also be combined with tracking to collect

environmental information (RFID with sensing). Also, sensors can be mobile. They could
be temporarily affixed for process diagnostics, measuring vibration, temperature,
acoustics, etc. For this application, large or low-life batteries would not be as much of an
issue. Wireless sensors could also be carried by humans for environmental audits, such as
air quality.

Wireless can be used for the purpose of “Information” applications. This is probably the
most pervasive usage. Remote configuration and monitoring replaces modem and
network cables and the protective conduit. This is especially attractive in a legacy
situation, reducing the need to visit the equipment or to add new features based on
collection of operational information.

Information collection for tracking purposes is currently a hot topic. RFID is likely to
become pervasive in products, packaging and environment markers (particularly as the
cost drops). The association of an RFID tag to a product allows matching batches and lots
to a specific item at any point in the product lifecycle. Application to packaging allows
more accurate tracking due to the ability to read multiple RFID tags essentially in parallel
and without opening the packaging. Floor tiles are now available with embedded RFID
tags, enabling an AGV or user to track their location and movement. The possibilities in
this area are nowhere near being fully explored, consider for instance the applications
enabled by wearable RFID.

The first contemporary wireless automation application to mature was mobile

information access, where humans carry mobile information devices. Ideally, all
information sources would be accessible from any location. Transaction-based
applications eliminate paperwork problems and errors by entering information close to its
point and time of creation (e.g. parcel delivery). The first successful mobile information
device was the laptop. Subsequent technology improvements led to a wide range of easy
to carry mobile information platforms, such as PDAs and mobile phones. Wireless
multimedia platforms enable a wide range of applications. For example, Voice-over-IP
could replace walkie-talkies in automation. If robust wireless coverage already exists,
why not use it? Certainly mobile phones drop out in many industrial settings. Sensing of
location adds an additional dimension. Information presentation can be tailored to a
location. One simple way to sense location is by an RFID reader. Certain mobile phones
now have options for an RFID reader. Imagine walking up to a machine or a shipping
pallet, opening your phone, and seeing the critical information you need to know.

Wireless can also be used for the purpose of “Control” applications. Whereas many
sensing and information applications are not safety related, control applications must
consider safety. Even wired control applications need to consider safety, but wireless
brings additional concerns related to interference, coverage, security, and latency.

For control application related wire reduction, getting power is the key issue. It is just not
practical to power the bulk of automation actuators through typical wireless means. But,
replacing just the network cable to an actuator can often reduce cost, since sometimes the
network cable is more difficult to run than a power cable.

If just the sensors in a control application are to be replaced, wireless update rates of 5-
100 ms are typically required. Even here, challenges exist with power delivery. Power
could be carried on a separate wire, but this eliminates much of the cost reduction
advantage, especially since it is common to run the communication and power in the
same cable (e.g. DeviceNet or AS-interface). Power could be scavenged from the
environment (light, vibration, etc.) but these sources are often not available, not reliable,
or not capable of delivering sufficient energy for fast update rates. Power could be
delivered from a battery, but the battery replacement maintenance cost can easily
outweigh wire replacement cost reduction. A very large battery could be used, but it often
impractically large compared with common sensors (photo-proximity or inductive
proximity sensors for example). Low power design has minimized consumption, but still
the generation of a reliable radio signal puts practical real-time control out of the reach of
current technology.
The combination of tracking and control is illustrated when RFID enables processing of a
product. When the product reaches a particular location sensed by an RFID reader,
custom processing (e.g. an assembly step) occurs according to data held on the tag.
Another example is where a set of machines are brought together at different times in a
variety of ways and the interaction changes. For example, conveyor systems can be
reconfigured for seasonal variations in shipment patterns.

The area shown in the figure where mobility intersects control is of interest to enhanced
material handling applications. AGVs can operate to deliver material, and also as mobile
control platforms. Human driven mobile control is common for wireless hand-held crane
controllers. One potential refinement to hand-held control is where location-based
services provide line-of-sight limitations on user actions to further ensure safety goals.

Finally, wireless can be used for safety related applications. The safety category includes
the domain of functional safety that is related to the controlled interactions of the
machine and humans. Here, RFID and RTLS are being used for tracking of personnel
(e.g. buildings, mines, tunnels and offshore platforms). Once tracking is available, a
proper response can be taken to ensure safety. The safety category can also includes
Safety instrumented Systems (SiS) that monitor a process for potential runaway
conditions and override the automatic control in order to maintain a safe state. Since
these systems are usually more critical than the control system, simplicity and
redundancy techniques are applied.

A recent development is the emergence of networked safety device protocols. The

network protocols and device design have particular features to facilitate safety. Of
particular interest is the enhancement of existing industrial networks to incorporate
safety. This topic is discussed in more detail in a later section.

Wireless Evolution
Much of the excitement and accelerated development in wireless stems from the opening
of three unlicensed bands by the Federal Communications Commission (FCC) in May
1985. These unlicensed bands are referred to as Industrial, Scientific & Medical (ISM)
bands, showing the FCC intent. Additional bands are now defined in FCC regulation
47CFR18.301, including lower bands (6.78 MHz, 13.56 MHz, 27.12 MHz, 40.68 MHz),
and higher bands (24.125 GHz, 61.25 GHz, 122.5 GHz, and 245 GHz).

Figure 2 shows a partial lineage of ISM wireless. The three lowest frequency bands are at
902 – 928 MHz, 2400 – 2483.5 MHz, and 5725 – 5875 MHz. There are other higher
bands that have since been allocated (as well as additional allocation between 5 and 6
GHz), but it gets more difficult to develop low-cost radios as the frequency increases. At
the start, 902 MHz could be fabricated in CMOS and 2.4 GHz required expensive GaAs.
Over time, the semiconductor processes have improved. Today, low cost CMOS can
operate above 5 GHz.
International adoption has followed with organizations such as the European
Telecommunications Standards Institute (ETSI), developing compliance rules. The road
to an international radio is not smooth. For example, Japan required a different 2.4 GHz
band and power and in France usage was hindered by an existing military allocation.
Over time, the wireless community has had more influence to get regulatory changes.
Currently, the 2.4 GHz band is the most widely available.

Since the bands are unlicensed, users must share them. To allow sharing, spread spectrum
technology or low power transmission is necessary and required by regulatory
organizations such as FCC & ETSI. Fortunately, the US military declassified spread
spectrum technology in 1981. Early designs required multiple large PCBs due to the
complexity and low levels of integration available. Over time, this has been reduced to
single chip designs.

The ISM band does not dictate a single radio design. Early radio designs came from small
start-up companies and were not compatible. Eventually the Institute of Electrical and
Electronics Engineers (IEEE) sought to standardize and developed the IEEE 802.11
standard working with the early vendors (from 1990-1997). This was a huge boost to the
market. One key element was Ethernet compatibility.

Over time, wireless Ethernet variations have proliferated. The original IEEE 802.11 (1
and 2 Mb/s) was not fast enough for many applications. In 1999, IEEE 802.11b (probably
the most interoperable wireless LAN) was introduced and ran at 11Mb/s. HomeRF,
established in 1998 as a low cost alternative to IEEE 802.11, was forced to increase from
1.6Mb/s to 10 Mb/s by 2001, and then disbanded in 2003 as IEEE 802.11b fell in cost.
Also in 1999, IEEE 802.11a was introduced (54Mb/s in the 5 GHz band). It too
languished due to lack of backward compatibility and the difficulty of making high speed
components. In 2003, IEEE 802.11g (54Mb/s in the 2.4 GHz band) was introduced and
was successful due to utilizing the same 2.4 GHz band as IEEE 802.11b and having a
backward compatibility mode. Advances in semiconductor technology have now enabled
low-cost combined IEEE 802.11/a/b/g/n chip designs.

Beside the Wireless LAN (WLAN) technologies described above, another class of
wireless networks emerged to utilize the ISM bands – Wireless Personal Area Networks
(WPAN). WLAN is optimized for devices and services spread across a facility and for
continuous roaming coverage. A WPAN is optimized for short distances (e.g. an office)
and a small number of tightly-associated devices.

Bluetooth became the first prominent WPAN. Originally designed as a mobile phone to
headset solution, the market hype reached unprecedented levels, largely due to the
promise of a $5 solution. At one point, Bluetooth was expected to do just about
everything - from WPAN to large device networks spanning facilities. A high speed
upgrade was even expected to allow Bluetooth to displace 802.11. But, the routing
technique (scatternet) that was intended to allow broad coverage areas proved to be an
issue. Interference with existing 802.11 installations led to some sites banning Bluetooth.
Even the cost targets were difficult to achieve. In time, the cost dropped and the
coexistence problem was solved, but pervasive deployment continues to be hindered.
Bluetooth has eventually become popular for mobile phone headset usage.

Due to its relative low power compared to IEEE 802.11, Bluetooth became an early
sensor radio with numerous sensor multiplexer designs. This technology is useful in
Condition Based Monitoring (CBM), where vibration and temperature sensor data is
collected and processed. Still, Bluetooth does not meet the low power requirements for
some compact wireless sensor designs. Second generation Bluetooth reduced power for
headsets by increasing the data rate to reduce on-air time. But this has had limited
benefit simple sensors, since they only have small amounts of data to transmit. Also,
Bluetooth has protocol limitations making networking large numbers of sensors
problematic. It is also difficult to connect to distant Bluetooth devices without alternative
interposing media such as wired Ethernet.

These restrictions spurred the development of ZigBee - a better sensor radio. ZigBee
refers to the application protocol that layers on top of the IEEE 802.15.4 radio hardware
and low level protocols (MAC+PHY). The goal here was a $1 radio! The protocols in
IEEE 802.15.4 allow mesh networking, thus enabling a more flexible topology to cover
wider areas and work around obstructions. Low data rate, quick intermittent access, and
deep sleep modes were utilized to reduce power significantly. The ZigBee stack is
considered by many vendors to be problematic. Alternatives have emerged with different
stacks layered on top of IEEE 802.15.4 radios. Advantages include robustness and power
reduction.

ISM
(900MHz, 2.4GHz, 5GHz, ...,
Spread Spectrum)

IEEE 802.11 HomeRF Bluetooth

(2.4GHz, 1 or (2.4GHz, 1.6 (IEEE 802.15)
2Mbit/s, Mbit/s, (2.4GHz, 720 kbps,
FHSS or DSSS) FHSS) FHSS)

IEEE 802.11b ZigBee

IEEE 802.11a (2.4GHz, 11 Mbit/s,
HomeRF (IEEE 802.15.4 )
(5GHz, 54 Mbit/s, (2.4GHz, 10 Mbit/s,
CCK) (2.4GHz, 250 kbps,
OFDM) Wideband FHSS)
D-CPM)

IEEE 802.11g
(2.4GHz, 54 Mbit/s,
OFDM)

Figure 2 Partial Lineage of ISM Wireless Technology

A related wireless technology called Ultra-Wide Band (UWB) has regulations outside of
ISM that allow signal modulation across the 3.1 GHz to 10.6 GHz band. Through a
combination of wideband modulation and low power techniques, UWB is designed to
minimize interference with other devices. Note that as wireless is operated at a distance,
the signal power drops to low levels and interference is possible (especially for the 5.8
GHz band).

Beside the ability to share already existing bands, UWB has the unique potential to have
high data rate, long distance, and low power (but not all at the same time). The current
focus is on high data rates, including USB replacement at 480Mb/s and HDTV signal
routing at even higher rates.

Wireless Technology Characteristics

The major wireless technologies can be divided into two categories – Wireless Local
Area Network (WLAN) and Wireless Personal Area Network (WPAN). WLAN is best
suited for information purposes, whereas WPAN is suited for wireless devices such as
sensors (Figure 3). Note the trade off between distance, data rate and power
consumption.

Figure of Merit

Status
Figure 3 Characteristics of Selected Wireless Technologies

Band(1)
Wireless Ethernet in Industrial Applications
The current state of adoption of wireless Ethernet for industrial control parallels the wired
Ethernet adoption several years ago, lagging the IT world. However, a number of
industrial protocols use standard Ethernet physical layers (EtherNet/IP, Modbus TCP, and
Foundation Fieldbus HSE for example) allowing their automation protocols to be carried
over Commercial-Off-The-Shelf (COTS) wireless media. For example, EtherNet/IP
technology, the Common Industrial Protocol (CIP) on standard unmodified Ethernet
provides media independence by utilizing TCP/IP and UDP/IP to carry application-level
automation messaging (Figure 4).

Application

Figure 4 Mapping of CIP Automation Protocol over Ethernet

Many of the concerns that previously existed for using Ethernet for control are similar to
the wireless Ethernet today.

Most wireless applications presently installed tend to be information based, however, in

certain circumstances non-time-critical control is possible with the following
considerations:

Transport
 • Slow updates allow retries (allowing repeats and switching between wireless
points and recovery from various errors)
• Application design ensures safe state on link loss
• Transmission protocol adds data integrity
• Modulation techniques add to noise/interference immunity
• Alternative routing paths protect against lost coverage
• Quality of service gives priority to control traffic

Potential industrial application areas are often split into three categories, device/system
configuration, data collection (monitoring) and control of an application or process. For
applications involving device or system configuration, a variance of a few 100ms
between packets is not visible to the user, and solutions are readily available. For
monitoring/data collection application, where variance of a few 100ms between packets
is acceptable, solutions are once again readily available, however, caution is advised. In
wireless control of an application or process (I/O usage), variances of a few 100ms are
probable between packets, and generally unacceptable. For such applications solutions
are available, however any implementation requires a cautious approach and consultation
with a suitably knowledgeable wireless provider.

Ethernet Infrastructure
The various Ethernet infrastructure possibilities (Figure 5) provide a number of wireless
solutions dependent upon the individual application.
Application: Point to point Ethernet Application: Point to Multi-point Ethernet
BridgeEthernet Wired LAN Switch
Bridge
Ethernet Wired LAN HUB or Switch

10BaseT

11 Mbps
Master
Bridge
Mode
11 Mbps
Client Bridge
Mode

Master Bridge Maximum 32 Clients

10BaseT
Mode
Client Bridge Client Bridge Client Bridge
Switch Ethernet Wired LAN Mode Mode HUB or Switch Mode

Ethernet Wired LAN

Remote PLC

Application: Ethernet Access

Point
HUB or Switch
Ethernet Wired LAN

11 Mbps 10BaseT

Access
Point Mode EtherStation
Mode

Maximum 255
Clients
Remote
802.11b Devices PLC
Client Mode
Client Mode

EtherStation
Client Mode Mode

Remote
PDA’s Video Monitoring
EtherStation Mode

Figure 5 Standard Ethernet Infrastructure Solutions

Source: Electronic Systems Technology (ESTEEM)
Point to point Ethernet bridges can connect two physically separate LANs. Connection is
often between buildings and with properly aimed directional antennas can span large
distances.

Point to Multi-point Ethernet Bridge is typically used outside. The assumption is made
that end radios cannot hear each other. However, all the end radios can hear the central
radio. The protocol is a token passing protocol, where the central master device controls
access. Typically the master has an omni-directional antenna and the end devices have
directional antennas. This gives the greatest possible distance for outdoor applications
such as SCADA.

By far, the most common indoor topology is Ethernet access points, allowing fixed and
mobile devices. Mobile devices maintain continuous connection through a hand-off
mechanism as they roam. Radios can normally listen to each other and no token passing
is utilised. End devices will generally use omni-directional antennas, especially if they
are designed to roam and it would be inconvenient to aim an antenna at an access point.
Fixed devices may still use directional antennas with access points, but the likelihood of
channel contention increases. Once the infrastructure is in place, adding more devices is
relatively less expensive.

Real-time Communication over Wireless Ethernet

The capability of wireless Ethernet to carry real-time traffic is improving. The IEEE
802.11e standard adds Quality of Service (QoS) mechanisms. Usage is driven by
multimedia needs – especially voice and video. Multimedia packets must to arrive on
time or users notice. QoS helps guarantee on time delivery, even with variable data traffic
in the same wireless network, through prioritizing delivery.

Low-power Wireless Ethernet Devices

A number of low power wireless Ethernet designs are beginning to emerge. One design
targets Voice over IP (VoIP) telephony. The ever-shrinking mobile phone battery sizes
have necessitated usage of low power techniques. The same techniques that make
Bluetooth and ZigBee low power (low leakage, sleep timers, and fast on air/off air
operation) are migrating into Wi-Fi designs.

Another vendor provides a Wi-Fi based active RFID tag. The tag reports (transmits)
every 40 seconds resulting in a 5 year battery life on 2 AA batteries. One key is the low
10uA standby current. Numerous types of sensor inputs are available on the device.

It seems probable that IEEE 802.11 Wireless Ethernet standard and design enhancements
will allow its utilization in an expanding range of applications. The key IEEE 802.11
advantages are market entrenchment and backward compatibility.
Functional Safety over Wireless Ethernet
EtherNet/IP has safety extensions as part of CIP, which form a part of the draft standard
IEC 61784-3 (Figure 6), and meet the requirements of IEC 61508 SIL3, a basic safety
standard for functional safety.

ISO/FDIS
ISO/FDIS 12100-1
12100-1 & & ISO
ISO 14121
14121
IEC
IEC 61918
61918 Safety
Safety of
of machinery
machinery –– Principles
Principles for
for
Installation
Installation Guidelines
Guidelines design
design and
and risk
risk assessment
assessment

Design of safety-related electrical, electronic and programmable electronic

SILcontrol
basedsystems (SRECS) for machinery
PL based
IEC
IEC 61784-4
61784-4
Cyber-Security
Cyber-Security
Design objective
Applicable Standards

ISO
ISO 13849-1,
13849-1, -2-2
IEC
IEC 60204-1
60204-1 Safety-related
Safety-related parts
parts
Safety
Safety of
of electrical
electrical of
IEC
IEC 61784-3
61784-3 ofmachinery
machinery(SRPCS)
(SRPCS)
equipment
equipment Non-electrical
Functional Non-electrical
Functional Safe
Safe
Communication
Communication
Electrical
Electrical

IEC
IEC 62061
62061
Functional
Functional safety
safety
for
for machinery
machinery
(SRECS)
(SRECS)
IEC
IEC 61158
61158 // 61784-1/2
61784-1/2 IEC
IEC 61508
61508
Fieldbus
Fieldbus &
& Real-time
Real-time Functional
Functional Safety
Safety
Ethernet
Ethernet extensions
extensions (Basic
(Basic Standard)
Standard)

Figure 6 Standards Related to Functional Safety Extensions for Industrial Networks

Source: Draft IEC 61784-3-1

CIP Safety does not rely on the underlying network. The network is often referred to as a
black channel, where the communication is effectively ‘un-trusted’. Essentially any non-
safety component, such as a bus repeater a switch or a wireless device, is viewed as
untrusted. Untrusted communications layers (Figure 7) are used to encapsulate a safety
message. The safety message is formed in a high-integrity or “trusted” section of a
safety-related device, shown as the safety application layer. This safety application layer
can be implemented using redundant hardware and software techniques to achieve the
required integrity level. Additional safety procedures and safety codes (e.g., CRC,
Checksum, etc.) are added at this layer to ensure message integrity. Wireless
transmission is possible due to due several CIP Safety features, including time-stamping
and configurable time expectation. These allow safety packets to be retransmitted and
the communication link to remain active as long as a safety packet is received during the
expected time interval. This provides for less unintended or nuisance shut downs should
the safety packet fail to arrive in the expected time interval. The CIP Safety data age
algorithm accounts for potential delay induced by the wireless interfaces, and is
specifically designed to mitigate potential long start-up delays in systems using multiple
interfaces, multiple media, smart switches or other devices.

Safety
Safety
Communication
Communication
Layer
Layer
Transport
Transport
Figure 7 Safety-related Communication Layers and Safety Packet

Challenges to Wireless Usage

Interference Layer
Layer
A university study on background noise in factories revealed that automation equipment
produced significant background noise in the VHF bands (below 327MHz), but very low
levels of background noise in the UHF bands (above 1.2 GHz). More recently, Rockwell
Automation performed site surveys in a variety of automation settings. Background noise

Data Link
measurements revealed little background noise in the 2.4 GHz band from the automation
equipment. Most WLAN utilizes high frequency bands, especially the 2.4 GHz band.

Data Link
Interference was experienced from other sources. In particular, there was interference
from other users of the 2.4 GHz band. One potential concern is microwave ovens. In

Layer
microware ovens, a 2.4 GHz source causes water molecules to resonate and produces

Layer
heating. Older microwave ovens had insufficient shielding and some cafeterias are
located near automation areas. In one case, the microwave was in a small room with a
wireless operator interface (about 3 feet, 1 metre away). This was a modern microwave
and caused no substantial interference. In another case, IEEE 802.11 radios were left

Physical
installed from prior experimentation - generating wireless traffic without anyone’s
knowledge. The solution was to turn them off. In another instance, the IT department was
operating a wireless bridge to traverse a portion of the factory area. Without explicit
channel coordination with IT, co-existence problems may have resulted.

One solution to interference is to use a different frequency band. The IEEE 802.11
standard provides three essentially non-overlapping channels. An area can be covered
with a cellular pattern of tiled hexagons. As mentioned, band usage must be coordinated
across the facility. It is also necessary to consider three-dimensional re-use patterns in
multi-floor facilities.

Another solution to interference is the use of spread spectrum systems, based upon
military technology, that take advantage of pseudo random signals to avoid detection, or
to reduce the possibility of jamming. The spread spectrum property of anti-jamming
allows different systems to share the band with certain immunity to each other’s signals.
This is most applicable where multiple types of radios must share the same area. For
example, Bluetooth and IEEE 802.11 can potentially share an area with minimal
interference.

Potential interference arising from technology advances in other areas is possible.

Fortunately, the FCC recognizes the significance of established markets. One example is
Fusion Lighting, a high-efficiency light source created by enclosing sulphur gas and
subjecting it to microwaves. This lighting reportedly provides a superior visible spectrum
to mercury vapour and is four times as efficient. This could have substantial energy
savings in lighting large areas such as factories, warehouses, and parking lots. Whilst
excellent for operating budgets and the environment, the radio signals used to excite the
gas are in the same spectrum as the popular IEEE 802.11b (Wi-Fi) wireless networks.
Therefore, there is the potential for wireless networks to be affected by a fusion lighting
bulb located up to half mile (0.8 km) away. Currently, these lamps are not in production.

It is noteworthy that interference can be managed. A site survey should be performed to

identify existing interference sources. A plan should be established for utilizing wireless.
Facility-wide coordination is essential. Controls should be instituted for wireless
additions. Some radio systems now have management functions to measure background
interference and locate rogue devices.

Coverage
Coverage is the top challenge in many automation wireless installations. Signal reflection
and absorption can have a massive impact on distance and wireless data rate.

Direct and reflected transmissions (multipath) arrive and combine with different delays
and amplitudes (called the delay spread). Reflections are time shifted, with distances and
rate varying in closed environments. It is even possible for the received signal to be
completely cancelled, the effect is known as multi-path fading. Radios vary in the
multipath tolerance. Some vendors will publish a specification number. Low cost radios
will typically have a lower number and may be more susceptible to multipath problems.
One troublesome RF environment is where a large open area is bounded by flat metal
walls. This can send a strong reflected signal back from the wall - with a delay that
exceeds the ability of the radio to compensate.

The emerging IEEE 802.11n standard may improve the situation. Multiple antennas are
used simultaneously to reduce multipath problems. MIMO (Multiple-input multiple-
output) technology exploits multipath propagation to increase throughput, or reduce bit
error rates, rather than eliminating multipath effects. MIMO has been added to the draft
version of IEEE 802.16e (WiMAX) and it will be part of the IEEE 802.11n (High-
Throughput) standard, which is expected to be complete mid 2006.

Another challenge is blockage of the signal. Several layers of brick walls can absorb
much of a signal. Solid metal wall cannot be penetrated.

A number of techniques can be used to increase continuous coverage. Overlapping access

points provide switch-over for roaming and redundancy in case of coverage loss. Fall-
back data rates allow the collection of more energy over time to provide better signal to
noise ratios at fringes and during multipath fading. Directional antennas couple energy
more directly between devices in intended coverage areas. Diversity antennas create
redundant paths between devices to minimize multipath problems. There is a certain
amount of art involved in selecting the correct system that optimizes cost.

Again, coverage can be managed. A consultant with industrial site survey experience
should be engaged. Office space coverage is generally less challenging. Application
usage needs to be considered ahead of time. Fixed and mobile coverage are distinct.
Redundancy requires more equipment. Using the IT Ethernet backbone rather than the
factory backbones may minimize cost but will add security concerns. Long term changes
in construction and usage (such as forklift movement) need to be considered.

Security
A typical concern of wireless users is security. Wireless security problems can include
loss of sensitive information, alteration of system operation (hacking), or denial of
service attacks.

The problem becomes worse for wireless networks because RF signal leaks can be
received at a great distance, even up to 25 miles or 40 km with a high gain antenna. Some
protection can be achieved by proper antenna usage. Patch antennas can minimize the
leakage by directionality. This helps against casual listeners, but a determined listened
can get specialized equipment. The signals cannot be completely eliminated.

Even though adequate wireless security solutions exist, hesitation lingers amongst
potential adopters. The original IEEE 802.11 included a privacy protocol called Wired
Equivalent Privacy (WEP) which is known to be weak. Many networks do not even use
this minimal security. WEP was released without proper peer review and was flawed.
The response was the development of IEEE 802.11i security enhancements. This time
there was peer review.
The IEEE 802.11i standard provides a framework for high integrity security that includes
user authentication, access control to the protected network, packet integrity checks and
dynamic encryption keys to protect data privacy. Devices are now usually certified with
WPA (Wi-Fi Protected Access) or WPA2 that bring various IEEE 802.11i improvements
over WEP. WPA is a limited subset that facilitated firmware upgrade for most devices.
WPA2 adopts the full IEEE 802.11i suite, but requires more substantial device capability.
One WPA improvement is the Temporal Key Interchange Protocol (TKIP) that
exchanges encryption keys before they can be determined. WPA2 adds further
improvements by replacing the original RC4 cipher stream encryption method for the
Advanced Encryption Standard (AES) block cipher. NIST adopted AES as stronger
encryption was required for the internet. Not all vendors support all the same protocols.
Careful hardware selection is critical to avoid weaknesses.

Even though the radio hardware enables stronger security, it must be part of an integrated
security system. Often an IEEE 802.1X enabled RADIUS (Remote Access Dial-Up User
Service) server is hosted by IT for authentication. Access to the wireless network then
depends on a user name and password scheme that only allows approved users to access
the network. Stronger solutions rely on Public Key Infrastructure and certificates to
identify the end points. Occasionally, the access points are placed outside the company
firewall and Virtual Public Network (VPN) systems are used to control access, but this
can interfere with roaming.

Close coordination with the IT department is vital, especially if IT already supports a

wireless security system and it is desired to have single sign-on and continuous roaming
across the facility.

Proper security can protect against eavesdropping and intrusion, but there is no real
protection against denial of service, other than locating and removing the source of
interference. Someone with malicious intent may for instance enter a facility with a
device that broadcasts to jam the wireless network. It is therefore not advisable to use
wireless for a highly critical application.

Security can be managed. Strong security solutions are available and should be
employed. Minimize external signals during design. Consider whether the application is
appropriate for any additional risks that wireless entails. Work with IT.

Environment
Another challenge is the automation environment. Typical COTS devices are usually not
subjected to such extremes. Smelting operations can create tremendous heat stress.
Outdoor operations can cause heat, cold, and condensing humidity. Grease and dust can
cover antennas. Corrosives can destroy antennas and cables. Electricians, operators, and
forklifts can cause physical damage. High electrical transients, including lightning from
outdoor operations can destroy the electronics. Food industries need to wash/hose down
the radios and clean with caustic substances.
These challenges can be managed as well. Automation engineers are used to utilising
enclosures as needed. Expertise from the SCADA wireless industry can deal with the
outdoor environment. Some new radio designs are IP67/NEMA 4 compliant to withstand
wash/hose-down. Other radios are even intrinsically safe. Choose a partner with
experience in this area.

Conclusion and Recommendations

There are already numerous excellent applications for wireless. It is important to
understand where wireless is appropriate and beneficial and where it isn’t. Currently,
most applications are information related, however, limited control usage is possible
today with potential growth in the future. A fully wireless factory is not feasible as there
is still a need to provide significant power to many devices. Technology improvements in
wireless technologies, batteries, energy consumption, and power scavenging are bound to
widen the range of wireless devices in the future. Since the industrial WLAN networking
is a relatively small market, industrial WLAN users can take advantage of price and
performance enhancements from the wider WLAN market by utilising COTS products
with automation protocols running on standard unmodified Ethernet.

Some applications that suit wireless today include:

− Workflow improvement, such as access to multiple information sources without
travel or second party involvement, information entry for paperwork reduction,
auditing, and alert;
− Legacy device retrofit for existing maintenance connections and new information
gathering;
− Low-rate sensing for equipment condition monitoring
− Temporary or experimental process sensor deployment, especially prior to a major
investment or upgrade to a system;
− Cable replacement for festoons and rotary couplings;
− Long distance implementations such as SCADA.

Implementations require proper management to achieve success and optimal cost.

Success is assisted by IT involvement in security, LAN re-use and maintenance, the
undertaking of site surveys, including experimental sighting and working with a provider
who has industrial wireless packaging and installation expertise.

Biographies

David Brandt

David holds a BSEE from the University of Wisconsin - Milwaukee. David is a Principal
Engineer in the Rockwell Automation Advanced Technology group. He has been
involved in Automation since 1989 and has performed various industrial communication
R&D activities, including activities assisting the development of DeviceNet and
ControlNet. He has been involved with wireless investigations since 1993, including
wireless prototypes and customer site surveys. Email: ddbrandt@ra.rockwell.com
Dr Richard Piggin EngD CEng MIET

Richard promotes EtherNet/IP technology with Rockwell Automation across Europe to

developers and end-users. He holds an Engineering Doctorate (in Fieldbus Technology)
from the University of Warwick. Richard is active in national and international fieldbus
standards activity and is a UK expert and ODVA liaison to IEC SC65C/WG12, currently
developing IEC 61784-3.
Email: rpiggin@ra.rockwell.com