Beruflich Dokumente
Kultur Dokumente
2016 Issue 97
ISSN 1470-5745
www.iebmedia.com/ethernet n www.iebmedia.com/wireless
CONNECTS THE WORLD OF
AUTOMATION WITH THE
INTERNET OF THINGS
Contents
Emergence of OPC UA Contents
The OPC Unified Architecture (UA), released
in 2008, has come into its own in 2016 as Industry news 4
the overwhelming technology solution for
connectivity from the sensor to the cloud. Embedded data encryption down to the last meter 8
By creating a platform independent, service- OPC UA and how it impacts Oil & Gas applications 12
oriented architecture that integrates all the
functionality of the individual OPC Classic
specifications into one extensible framework,
Preemption standard enables high priority frames and traffic 16
OPC UA is functionally equivalent to OPC
Classic but capable of doing much more.
OPC UA industrial networks for digital factory infrastructure 19
Early in 2016, a series of announcements at Smart connectivity transmits data from machines to the cloud 22
the Hannover Fair underlined the reasons
why OPC UA has come so far so fast. As a Automotive parts supplier launches IoT initiative 24
way to connect OT and IT interests, it offers
platform independence (from embedded Exploring fundamentals of automation network efficiency 26
microcontrollers to the cloud), built-in
security features (encryption, authentication Container and microservices cloud architecture and platform 28
and auditing) and extensibility (ability to
continue to add new features). Lower cost of ownership for industrial IoT networks 30
Throughout the rest of 2016, there has been
a series of announcements for companion The evolution of control system integration and networking 34
specifications and working agreements aimed
at technology collaboration and the next Adapting machines to go global with modern industrial networks 37
level of refinements that will create stronger
industrial automation and IoT solutions. One panel PC coordinates 21 robots in manufacturing cell 39
The latest of these was at the AUTOMATICA
trade fair where VDMA Machine Vision Virtual private network for secure remote access 41
(an association of 3,100 machine vision
members) and the OPC Foundation signed Digital wiring devices using Node-RED development tools 44
a Memorandum of Understanding on the
preparation of an OPC UA Machine Vision New Products 45
Companion Specification. The resolution was
preceded by an international study under the Private Ethernet 50
lead of VDMA Machine Vision last summer. It
was aimed at showing which standards are
important to prepare the sector for the future. Industrial Ethernet Book
The next issue of Industrial Ethernet Book will be published in January/February 2017
“We want to make machine vision fit for Deadline for editorial: December 22, 2016 Deadline for artwork: January 13, 2017
Industry 4.0 and for the factory of the future.
We are aiming at straightforward integration Product & Sources Listing
of machine vision systems into production All Industrial Ethernet product manufacturers (not resellers) are entitled to free of charge
control and IT systems via OPC Unified entries in the Product locator and Supplier directory sections of the Industrial Ethernet Book.
Architecture,” said Dr. Klaus-Henning Noffz, If you are not currently listed in the directory, please complete the registration form at
CEO of Silicon Software and in charge of www.iebmedia.com/buyersguide/ to submit your company details.
standardization issues at the Board of VDMA
Machine Vision. Update your own products
If you wish to amend your existing information, login to the Editor section
“Camera interfaces and standards for www.iebmedia.com/buyersguide/register.htm and modify your entry.
communication and networking of various
machine vision components within the system Do you want to receive issues of Industrial Ethernet Book? Call, mail or e-mail your details, or
are already there, tremendously facilitating subscribe at www.iebmedia.com/service/
the work of systems integrators. What is
missing is a generic interface for machine
vision systems at user level,” added Dr. Horst Editor: Al Presher, editor@iebmedia.com
Heinol-Heikkinen, Managing Director of Contributing Editor: Leopold Ploner, info@iebmedia.com
ASENTICS and a VDMA board member. Advertising: map Mediaagentur Ploner, info@iebmedia.com
The fact is that OPC UA has become, or Tel.: +49-(0)8192-933-7820 · Fax: +49-(0)8192-933-7829
certainly is in the process of becoming, the Online Editor: Adela Ploner. info@iebmedia.com
industrial operability standard for information
Circulation: subscriptions@iebmedia.com
integration both at the device level and within
the enterprise. It also looks to be one of the
Published by
enabling technologies that will be required for
the Industrial Internet of Things and Industrie IEB Media, Bahnhofstrasse 12, 86938 Schondorf am Ammersee, Germany
4.0 to reach their lofty goals. ISSN 1470-5745
Al Presher
1 1. 2016 i n d u str i a l e th e r n e t b o o k 3
Wireless network for high
Industry news
SOURCE: ABB
connect closed-circuit television (CCTV)
cameras at two new substations being supplied
by ABB for the Pen y Cymoedd wind energy
project, being developed in south Wales by
Vattenfall, a leading European utility.
The full 76-turbine development, for which
ABB is also providing the grid connection
and the related electrical transmission
infrastructure, is due for completion later this
year and will be the highest capacity onshore
wind farm in England and Wales, delivering up
to 228 megawatts.
The two new substations will step up the
voltage from 33 to 400 kilovolt (kV), ready
to feed into a new 400 kV National Grid
substation. Pole-mounted CCTV cameras
around the perimeter fences of both substation
sites will be connected into a highly resilient
wireless mesh network using ABB’s wireless
routers. The two sites will be linked by optical Around the perimeter fences of both substation sites, pole-mounted CCTV cameras will be connected into a highly
fiber and connected to a control station with resilient wireless mesh network using wireless routers. Both sites will be linked by optical fiber and connected to a
a network video recorder to provide recording control station with a network video recorder to provide recording and monitoring.
and monitoring.
“Our advanced wireless network solution will routers are designed to cope with almost any substation automation, control and protection
ensure that data is directed efficiently through physical challenge, a necessity when routers equipment as part of the overall substation
intelligent routers to where there is capacity,” are routinely installed in outdoor locations in solution. ABB’s sMicroSCADA control and
said Massimo Danieli, Managing Director the field. As the network grows, each smart Relion protection equipment, working in
of ABB’s Grid Automation business unit. router will automatically reconfigure itself, combination with a STATCOM (Voltage Source
“This minimizes delays and gives customers making expansion relatively simple. The mesh Converter based reactive power compensation)
real-time visibility and control of their assets network design offers inherent reliability, solution, will be used to control and regulate
and it is another example of ABB’s Internet of as the network can handle any outage by the output of the wind turbines to ensure they
Things, Services and People approach, a key redirecting data intelligently and seamlessly. remain within National Grid’s rigorous power
element of our next nevel strategy.” In addition to the wireless communication quality standards.
Physical and cyber security is critical for system, ABB is also supplying switchgear,
utility communication networks. ABB’s wireless transformers, and IEC 61850 compliant Industry news by ABB.
4 in d u s t r ial et h er ne t b o o k 11.2016
Looking at Industrial Ethernet’s
Industry news
Underground rescue
The miners were ultimately reached In transporting digital data from the field level into a cloud, existing security mechanisms must be applied intelligently.
underground by drilling a narrow diameter
tunnel down to them, and a rescue capsule structure of the tunnel walls and movements An Industrial Ethernet switch like this
was lowered to where the miners were trapped. of the capsule, and helped rescue teams get is ideal for this kind of extreme situation
They were removed one at a time using the a better understanding of the conditions that because of its small size and light weight,
capsule, which was risky considering it could the Phoenix would be facing in the tunnel. high heat and humidity tolerance, and ability
have become stuck in the long tunnel. The camera could look up, down and inside the to be deployed quickly and easily.
The ‘Phoenix’ capsule weighed 924 pounds, capsule so that rescue teams would know what While it’s too late for a “spoiler alert” to
had an interior height of 6 feet 4 inches and would happen during its movement. One note save revealing the end of the movie, you
a diameter of just 21 inches. A team of NASA is that, for the actual rescue and transport of already know that all 33 miners were rescued
consultants and Chilean navy engineers helped the miners, the switch was removed to help after 69 days…and now you know that
construct the device. The tunnel rescue is make the Phoenix as light as possible. industrial Ethernet played an important role in
actually the setting for the final scene of the Red Lion worked with local partner the actual rescue. Rugged industrial Ethernet
movie. A happy ending indeed as all 33 of the Transworld and donated compact 4-port switches, which are designed and built to
trapped miners were rescued. Ethernet switch for use in the pod. The switch handle extreme conditions, not only worked
One of Red Lion’s Sixnet industrial Ethernet that was used endured 95-degree Fahrenheit well in the Chilean Miner rescue, but are also
switches was mounted in the Phoenix, which temperatures and high humidity to transmit well suited for other harsh environments.
transmitted video images back to a control the video images. A difficult environment,
room on the surface. The network-transmitted but one that industrial-grade Ethernet could Tracy Courtemanche, Director of Red Lion
video feed was used to inspect the rock definitely handle! Controls.
6 in d u s t r ial et h er ne t b o o k 11.2016
general system pack
www.ethernet-powerlink.org O ve r
3,200
OEMs
Leading manufacturers ...
Countless applications ...
High-quality products ...
... trust in powerlink
SOURCE: WAGO
Encryption of sensitive data (SSL/TLS) during storage and transmission is a prerequisite for effective networking (segmentation/firewall/VPN). But a secure standard configuration
along with user authentication and allocation of user roles are also requirements that typically need to be reviewed regularly in audits.
NETWORKED PRODUCTION OF THE FUTURE will of the IT world. Any security breach can about stacking or layering security solutions so
require reliable automation technology and have fatal consequences for companies and that in case of circumventing another layer,
secure communication paths throughout the employees. another protection still provides protection.
entire production process. Production data In the summer of last year, the German The “minimum need-to-know” principle
is considered the most valuable asset of the federal government adopted an IT security assigns users and processes only the maximum
automated future – and must therefore be measure, which is aimed primarily at critical permissible rights. The “redundancy principle”,
protected. infrastructure operators (KRITIS). In addition in turn, relies on technologies to ensure that
In times of Industrial 4.0 and Industrial to regular security audits, it also reports the failure of individual components does not
Internet of Things (IIOT), automation the reporting of IT security incidents to the interfere with the safety functions.
solutions increasingly rely on open and Federal Office for Information Security (BSI). It is also intended to minimize the
networked system architectures of standard In addition, the IT baseline catalogs define impact of an unrestricted requirement for
components. Ultimate productivity gains possible scenarios and protective measures system resources. Concrete technical and
are finally made possible by the transparent based on ISO 27002. organizational measures are, among other
access to the production data. However, These, in turn, build on the various industry- things, the lasting basic protection and system
maintenance, service and legal documentation specific policies and recommendations hardening by means of “patch management”
requirements for complex systems can or that require companies to ensure the (update capability) as well as the long-term
should not be provided by on-site personnel; confidentiality, integrity, authenticity, and availability of the operating systems.
remote access is necessary. The resultant cross- availability of data. These regulations also Encryption of sensitive data (SSL/
linking of functional units results in increased increase the requirements for manufacturers TLS) during storage and transmission is
safety requirements and applies not only to of automation technology and present them a prerequisite as well as a corresponding
spatially limited industrial plants, but also with new challenges. network concept (segmentation/firewall/
to distributed systems of energy technology. VPN). A secure standard configuration and
Holistic security user authentication as well as the allocation
Growing requirements In order to build a secure system architecture, of user roles are also part of the requirements
Against this background, automation systems three different basic principles must be catalog. These measures and processes are
are exposed more than ever to the “dangers” considered. The “defense-in-depth” concept is typically reviewed regularly in audits.
8 in d u s t r ial et h er ne t b o o k 11.2016
IEB97_p9.indd 9 03.11.1644 17:16
Adequate solutions
SOURCE: WAGO
Applications
10 in d u s t r ial et h er ne t b o o k 11.2016
Improve reliability, product quality and energy optimization in the facility at a
fraction of the time and cost of wired solutions.
Communicate
Wireless gateway collects sensor data
and delivers to servers
Gather
Wireless, battery operated sensor nodes
monitor temperature, humidity and air pressure
)!ovides highly reliable environmental monitoring )%!"$rate time-stamped data collection for improved
via wireless mesh network with redundant pathways analytic accuracy
)
""#"'oyment and maintenance with )
"$res data and network security with 128-bit and 256-bit
complete kits featuring wireless technology encryption, authentication and network access control
)$"#"#"overhead by allowing
inter#$#"#!$"ress premise or in cloud
SOURCE: ICONICS
building block that enables users to build
the next generation of automation software
solutions.
The result of a multi-year collaboration of
industry leaders that built an open standard
for exchanging information in a rich, object-
oriented and secure fashion, the key to
the success of the OPC UA standard is that
it represents the answer to a fundamental
need for mapping and exchanging real-life
information in an object-oriented way.
Object-Oriented
The information carried within an object is far
richer than the information carried with simple
raw data, as many automated applications were
designed to process. Rather than analyzing a
single, isolated row of data, however, it’s far
more interesting to analyze the data in terms
of its relationship with other data and in terms
of the operation that can be performed.
Any real-life object carries a tremendous
amount of information within it. For example,
when thinking in terms of objects, the
information carried by an “oil tank” object
is far superior to the simple combination of
individual row data for pressure and tank level.
A physical oil tank is an object that plant
operators can physically interact with by filling
or emptying, by changing a reference pressure
set point or by analyzing how a change of a
parameter affects the others. This information As the scale of Oil and Gas operations continue to expand, managing and extrapolating meaningful relationships from
is logically grouped and must be analyzed all process will only become more and more complex.
together.
In software terms, an object is a collection
of properties (pressure and tank levels), Service-oriented solution Impact on Oil & Gas Industry
methods (fill or empty) and events (tank level OPC UA has a dual nature: it is object- Over the past decade, software vendors have
is too high, pressure is too low). Objects are oriented and it is service-oriented. The used object-oriented and service-oriented
organized in hierarchies in such a way that an service- oriented nature of OPC UA allows for architectures to design products that are
object can contain simpler, smaller objects as broader interoperability with a range of other both scalable and reliable. However, these
properties (the valve of an oil tank can, itself, platforms, as well as for increased visibility successful architectural models only recently
be an object that exposes properties, methods and security. started to be used for the exchange of
and events). When thinking in these terms and Communication over a network has information in offshore oil and gas production.
operating parameters, it’s clear how beneficial always been a potential security risk. OPC More recently, the ability to collect and
it would be to map the data of a tank farm into UA security involves the authentication of analyze exponentially growing sets of data is
a hierarchy of objects. clients and servers, the authentication of at an unprecedented level, due to the wide
The object-oriented nature of OPC UA users, the integrity and confidentiality of their adoption of Big Data. At the same time, mobile
software technology enables re-usability communications, and the verifiability of claims devices are transforming the way people
of assets across on-shore and off-shore of functionality. The OPC Unified Architecture interact with the environment, connecting to
operations and provides a common object security model secures communications, while a tremendous amount of information anytime,
management method to support complex and its encryption ensures that data security is anywhere.
flexible data models. held to the highest standards. As the scale of Oil and Gas operations
12 in d u s t r ial et h er ne t b o o k 11.2016
NEW
ix Industrial Series
Rugged, Compact and High-Speed I/O Connectors
provide Ethernet connectivity solutions for Industry 4.0
Security System
PLC
FA Camera
Hirose’s core technologies in miniature connectors offer you a clear commitment for a new standard of Ethernet
connection suitable for Industry 4.0 applications.
SOURCE: ICONICS
Applications
OPC UA standard
OPC UA does not replace existing standards Since mobile solutions are able to connect to OPC UA, BACnet, SNMP, Modbus TCP/IP, web services and more. Use
such as OPC, but rather complements them of mobile devices is enabling operators, field service workers, managers, executives and others in the industry to
securely visualize oil fields, offshore rigs, pipelines and refineries.
by providing a common interoperability
layer for exchanging information and
orchestrating processes. OPC UA embodies all where memory footprint and CPU utilization standard. Software vendors can submit their
the functionality of the existing OPC servers are more important. The Java implementation applications to independent test companies
and allows for backward compatibility with is more suited for the Web environment and that will certify the compliance with the
previous standards. thin clients, but can also be used in other standard using the compliance tools. Having
One of the key problems with standards of environments. Each software vendor can a certified solution guarantees reliable data
this magnitude is that implementing them pick the implementation that they prefer, exchange between applications from different
can be quite challenging. The OPC Foundation depending on the unique requirements for vendors, and is beneficial for everyone.
has taken many steps to guarantee that the performance, cross-platform capability and The OPC UA SDK enables software vendors to
implementation of the standard would be a Internet- friendliness. quickly move information horizontally between
relatively straightforward and easy process. In addition to the SDK, the OPC Foundation devices on different industrial networks from
To facilitate the adoption of the new has also provided a series of binary adapters. different vendors, as well as vertically from the
standard and to reduce the barrier to entry, the The adapter can be used to grant direct access plant through the enterprise of multi-vendor
OPC Foundation developed an OPC UA software to all legacy COM-based OPC servers from the systems – with stops in between.
development kit (SDK). The SDK is the entry OPC UA Client. Simultaneously, the adapter Several leading suppliers have partnered to
point to jump-start your existing applications can also be used to grant access to a subset of provide end-to-end solutions that leverage
and make them OPC UA-enabled. The SDK OPC UA server features from legacy OPC clients. the OPC Unified Architecture to deliver value
consists of a series of application programming to end-user customers. In April 2013, OPC
interfaces and sample code implementations. Compliance tools UA was selected as the protocol standard for
To that end, the UA specification is written Software programming is not an exact science. Master Control Systems (MCS) and Distributed
to be platform- agnostic and, for that reason, Even with the availability of the OPC UA SDK Control Systems (DCS) in offshore oil and gas
the SDK comes in different flavors to facilitate sample code, there is still room for errors production.
adoption on different platforms. The .Net, such as misinterpretation of the specification The MDIS (MCS-DCS Interface
ANSI C and Java sample implementations are or simple coding errors. So how do you Standardization) network chose OPC UA for
provided to OPC Foundation members. reduce the number of errors and guarantee its robustness and reliability, to securely
Each “flavor” of the SDK is designed to fit an unambiguous interpretation of the transfer data and ensure that the data is of the
special needs in terms of platforms, memory standard? How do you ultimately guarantee highest quality. Interest in these technologies
and processor requirements, but they are all interoperability between software produced by continues to increase, ensuring that OPC UA is
capable of seamless interoperation with each different vendors? on the road to success as the leading standard
other. The .Net version of the SDK is more To facilitate the successful adoption of OPC for exchanging information throughout the
suited for rich client/server implementation, UA solutions, the OPC Foundation introduced enterprise for the Oil and Gas industry.
while the ANSI C version is more suited for a series of compliance tools aimed at verifying
thin implementation for embedded devices, that a given product is fully compliant with the Technology report by Iconics.
14 in d u s t r ial et h er ne t b o o k 11.2016
IEB97_p15.indd 15 03.11.1644 15:25
Preemption standard enables
Technology
16 in d u s t r ial et h er ne t b o o k 11.2016
Engineer a Better Network
Introducing the industry’s first field-hardened
SDN-enabled Ethernet switch.
Today’s power system engineers need the convenience of Ethernet combined with
low latency and fast healing to support mission-critical substation applications.
The SEL-2740S Software-Defined Network Switch and SEL-5056 Software-Defined
Network Flow Controller provide an innovative solution that employs software-defined
networking (SDN) to enhance the dependability, performance, configuration, and
management of proactive OT and dynamic IT networks.
• With failover times of less than 100 microseconds, ensure the performance of
mission-critical applications under all conditions.
• Simplify the design, testing, and implementation of critical power utility and
industrial OT networks by using the SEL-5056 Flow Controller.
• Strengthen cybersecurity through deny-by-default network access control.
• Seamlessly integrate with existing network infrastructure through OpenFlow 1.3
standard support.
Order your evaluation system to see the advantages of SDN for yourself.
For details, visit www.selinc.com/betternetwork.
802.3 Ethernet with Preemption disabled (left). 802.3br Ethernet with Preemption enabled (right).
and must be delivered from server to client pre-empted – i.e. every 11.44µs the packet can sequenced. For data streams, like video
within a maximum time of 250µs. Its worst be pre-empted. Now the IACS designer only streaming, this size of delay will not be visible
case transmission time (through a two layer needs to consider a worst case interruption of to the user. Similarly, if there are multiple
star network and excluding switch latencies), 11.44µs. The calculation is the same, but the high priority streams from multiple disciplines
must be considered to be 135.68µs because of answer is very different: (250-11.44)/12.64 = traversing the network, then preemption alone
the possibility of a low priority maximum size 18. For the IACS, the effective bandwidth of may not allow the designer to guarantee all
packet being serviced just before the higher the network has been increased by 80%. In maximum latencies are met and it may be
priority packet becomes available. a linear network, as the number of switches necessary to implement further enhancements
Not a problem, except that IACS applications that the packet must go through grows, the like scheduling.
are characterized by a very large number cumulative effect and benefit increases. In this sample Industrial Automation
of servers connecting to a single client. In In this example the benefit to the IACS Control System application, moving to Gbps
this example, how many servers can transmit of scheduling are only incremental because offers a greater reward. It reduces all of the
‘simultaneously’ and still meet their timely elimination of the last 11.4µs only results transmission times by a factor of 10, but it
delivery requirement? The simple answer is in adding 1 whole device to the network. does not change the fundamental dynamics
determined by the maximum delivery time However, looking at the same equation, but of the mechanical system so the application
minus the worst case interruption all divided from the perspective of the lower priority driven packet rates do not change. Applying
by server transmission time, in this case: (250 packet, the worst case delay must assume that the same mathematics (maximum delivery time
– 123.04)/12.64. The result is 10.04, but the all 18 IACS devices transmit simultaneously – worst case interruption)/(server transmission
number of devices must be an integer, so a and all interrupt its progress. The additional time) shows the maximum number of devices
maximum of 10 devices can be serviced. In delay of waiting to send after eighteen 150 that can be on a network without preemption
this worst case example, the next 750µs has byte frames would be 244.8µs. If this cannot is 188, and with is 196; this is only a 4%
no network traffic. be accepted then additional techniques, like improvement.
Now apply preemption, where every 124 scheduling, must be applied to ensure that This migration to Gbps is not practical for
bytes the maximum size packet can be start points of transmissions are appropriately many systems; in brownfield, retrofit and
high electromagnetic noise environments,
preemption (and scheduling) may be far more
SOURCE: AVNU ALLIANCE
easily deployable.
A public demonstration showing
interoperability and benefits of using
preemption was shown in the Avnu Alliance
booth at the 2016 IEEE-SA Ethernet & IP @
Automotive Technology Day by three member
companies that play roles in the automotive
and industrial ecosystem: test tool supplier
(Ixia), silicon supplier (Renesas) and
conformance test provider (University of New
Hampshire Interoperability Lab).
The Avnu Alliance is a community building
an ecosystem for diverse applications where
precise timing is critical to moving data
across today’s crowded networks. The Alliance,
in conjunction with other complimentary
standards bodies and alliances, drives
ecosystems built on open standards in
professional AV, automotive, industrial control
and consumer industries.
18 in d u s t r ial et h er ne t b o o k 11.2016
OPC UA industrial networks for
Technology
digital factory infrastructure
To achieve a complete integration of the IT and automation infrastructures, from sensors to the cloud, the
OPC UA unified architecture is a vital technology. The goal is end-to-end engineering that unites product
design and production engineering, and creates a new level of performance for flexible automation systems.
SOURCE: SIEMENS
Flexible
Technologies
Automation
End-to-End Semantic
Engineering Integration of Data
Digital Infrastructure
Processes
Sales /
Inbound Outbound Services
R&D Engineering Production
Logistics Logistics
The essential technology areas of the digital factory require a common digital infrastructure.
THE INTEGRATION OF DIFFERENT SYSTEMS assist their human colleagues, are one (for example, by means of freely mobile,
into an IT or automation infrastructure is example of how the consistent performance autonomous robots); the machines therefore
complicated because there are no standardized capability and precision of a machine can need an information infrastructure that is no
interfaces and protocols. So what sort of ideally complement the human capabilities of longer organized on a strictly hierarchical
communication architecture is required for handling complex and dynamic situations. This basis, but takes into account the respective,
networking the ten-thousand devices in the aspect includes such new production methods dynamically changing environment.
digital factory? In this respect, industrial as 3D printing. And thirdly, with the collection The integration of data as a source of
networks and the OPC Unified Architecture and integration of data across the entire life information for analytical, data-based
are regarded keys to the digital infrastructure. of a machine, new services become possible, services leads, on the other hand, to the
The extent of the challenge becomes clear for maintenance purpose, for example. breakup of the horizontal layers. Because in
when one considers the application scenarios order, for example, to gain new insights for
in the digital factory in closer detail. These Vertical and horizontal integration predictive maintenance, a high density of
can be divided into three areas. Firstly, the Present-day solutions usually follow a typical data is necessary at all levels, starting with
end-to-end engineering means that the data “automation pyramid” pattern. In other words, design and engineering, through quality data
from product design can be used for the the individual layers, from the sensor, via the in production, to sensors that deliver their
production engineering, to create control controller and HMI level, to the MES and ERP measured values to the IT systems (cloud)
programs, for example. system, are hierarchically constructed and when a machine is used.
This enables different aspects of an event to often permit no direct access from the top level Under certain circumstances, this data is
be recorded and developed in a standardized systems to the layers further below – unless not relevant for the PLC that controls the
data model, which simplifies changes, helps explicit routing through the intermediate production machine, or would misuse the
to avoid errors, and considerably reduces the layers is provided for this purpose. resources of the controller for data routing
engineering times, including the time required The digital factory, on the other hand, exclusively. It is therefore reasonable that,
to implement production. emphasizes the horizontal integration (that although the sensors act on the one hand as a
Secondly, flexible automation is aiming to is, between components on the same level) source of information, on the other hand they
resolve the (apparent) contradiction between and the vertical integration (communication deliver their results directly to the data pool
flexibility and automation, in order that a between layers) of the communication levels. in the cloud in different cycles, resolutions or
variety of products can be manufactured in On the one hand, this breaks up the previously with different measured values.
the same plant. Collaborative robots, which rigid cellular organization in the digital factory Ultimately, such as digital factory may be
1 1. 2016 i n d u str i a l e th e r n e t b o o k 19
SOURCE: SIEMENS
Technology
Different aggregation levels and a factory backbone in a ring structure form the “Industrial Network Topology“.
imagined, not as an unchangeable system, a network topology. On the one hand, this In order, however, to meet the aims and
but rather as an organism that continually permits fast communication between the requirements of the digital factory, an
adapts itself (autonomously or by means devices in the individual cells and, on the end-to-end network topology is simply not
of engineering) to the new requirements. other hand, it ensures a high-performance enough. What is required is a communication
Accordingly, such an architecture must be link between office network and the various protocol that is open and standardized,
flexible and easy to maintain, in order that sub-areas. provides sufficient semantic information and
the complexity can be intelligently mastered.
SOURCE: SIEMENS
Demands on the data networks
The communications infrastructure that is
necessary as a basis for the architecture
outlined must therefore satisfy different
requirements. On the one hand, properties
such as the use of open standards, availability,
quality of service and, above all, security
are demanded that already characterize an
Industrial Ethernet today. As on the other
hand, however, the connection to IT systems
for data-based services and an increased
transparency across all levels are required, a
link between office and production networks
is necessary.
Although this ensures the performance in the
Industrial network by means of safeguarding
mechanisms, it nevertheless permits access to
all layers, devices and components. This points
to the use of different aggregation stages and
the introduction of a factory backbone as With the CP 443-1 module, Siemens supports the OPC UA architecture for Simatic S7 400 automation system.
20 in d u s t r ial et h er ne t b o o k 11.2016
translation options, is easy to expand and client and server functionality of OPC UA. In it is no longer to be a matter of technical
maintain, offers maximum security in various this way, other systems can access the data parameters, such as the transmission power
Technology
different versions, and also has memory and areas of the Simatic S7 400 CPU, previously of an RFID reader, or the access to process
processing requirements that are low enough released in the engineering phase, via the data exclusively. Instead it will be necessary,
to be implemented on small devices. standardized interface. Thanks to this module, to standardize functional characteristics
existing plants can be retrofitted with OPC UA according to industry and application which
Communication for digital factory communication options. correspond more with the engineering context
The answer to these demands is the Unified Until OPC UA can be used as an integrated of the plant engineer and less with that of the
Architecture protocol of the Open Platform communication architecture, however, further software designer.
Communications Foundation (OPC UA). The standardized tasks must be completed, as Yet, apart from these future tasks, OPC UA
most important thing about OPC UA is that some areas of industrial communication are today is a unique communication architecture
it is not only a protocol, but also a complete not yet fully covered. in terms of its scope and is indispensable for
architecture that provides software stacks For example, on the level of the sensors, the vertical and horizontal integration within
suitable for the transmission definition for only a few series of devices, or technologies the digital factory.
device and software suppliers, as well as such as radio frequency identification (RFID)
engineering tools for the system integrators. systems, are specified for OPC UA. In addition, Markus Weinländer, Siemens AG, Digital Factory/
In this way, OPC UA offers major advantages. definitions are required at a higher level if Process Industries and Drives
Firstly, the information model ensures
that all data is transmitted on a type-safe
basis. Even complex data types (structures)
are possible. Apart from the exclusively
MORE
data values, OPC UA also transmits semantic
information between the communication
partners. As the architecture functions on an
IIoT
object-oriented basis, the semantics are woven
into an object context – thus comprising
more than just a “speaking” identifier, but
always referring to the overall object with its
properties and methods.
Function calls via the network permit
a certain amount of control over the
communication partner. Finally, events
Data.
are supported as ad-hoc communication or
message brokers for the connection to the
Processes.
cloud. Devices.
The fail-safe nature of the implementation
is enhanced by interfaces that introduce their Locations.
specification to the engineering environment
(browseable interfaces). For each device,
a description file can be imported into the
engineering or read from the device available
online that offers a detailed specification of Red Lion has been connecting devices and moving data for
the interface. years, enabling customers to easily advance to the Industrial
Internet of Things (IIoT). Our IIoT-ready industrial automation
The correct use of the interface in the user
and networking products:
program is ensured by the development tools.
Another key point is the protection against • Connect: Extend equipment lifespan with protocol conversion
unauthorized access. As a defense mechanism, • Monitor: Improve process visibility with visual management
for example, OPC UA uses X.509 certificates • Control: Push control to the edge with remote monitoring
and corresponding security protocols. • Network: Expand network reliability with industrial Ethernet
For actual use in different applications, Learn more today at www.redlion.net/moreIIoT
industrial associations collaborate with the
OPC Foundation on “Companion Specifications”
that supplement the standards of OPC UA
for a specific domain. One example is the
collaboration with PLCopen, in which the
shared block and access procedure for data
has been defined in a programmable logic
Hall 8 Booth 427
controller (PLC). Hall 3.1 Industry Forum 4.0
Suppliers such as Siemens integrate these
mechanisms to enable the integration based
on OPC UA of the controller, for example, Connect. Monitor. Control. I www.redlion.net
with devices from other manufacturers or © 2016 Red Lion Controls, Inc. All Rights Reserved.
with PC/IT systems. For example, the CP 443
1, which is used as a connection module
in the Simatic S7 400 system, supports the
1 1. 2016 i n d u str i a l e th e r n e t b o o k 21
Smart connectivity transmits
Applications
Technology
SOURCE: TE CONNECTIVITY
available today at field level, extracting this
data is often not possible. TE Connectivity
(TE) is therefore currently developing smart
connectivity technology that will bridge the
world of automation and IT. Pilot projects in
the company’s own factories have shown that
productivity can be increased cost-effectively
by adopting this approach.
Connection technology not only has
to become increasingly smaller and more
powerful in the course of factory digitalization
associated with Industry 4.0 and the Internet
of Things (IoT); it also has to become
smarter. In other words, components such as
connectors will become active players that,
for example, pass on information on energy
consumption in a network. To ultimately gain
a detailed insight into the processes, the data
has to be aggregated and enriched so that it
can be analyzed in IT systems.
Proof of practicality
The pilot projects carried out by TE, which
delivered a significant improvement in
overall equipment effectiveness (OEE) – what
previously took a year was achieved within
three months – revealed that the first step is to
establish a digital infrastructure in factories.
Apart from standardizing Manufacturing According to findings by TE, only a fraction of the information available in machines is also actually available for
Execution Systems (MES) and extending the analysis. On average, only five percent of available sensor data is processed in the controllers.
network infrastructure, this also includes
connecting machines to IT systems. Obstacles the costs in the pilot projects were consumed Comprehensive analyses
have to be overcome in the implementation; by manpower that had to be invested in order There are various options for integrating
something which applies not only in TE to interpret and structure the data. Apart from participants in a network and recording,
factories but more or less in all factories. For the huge costs that this inevitably entails, transmitting and analyzing a variety of
example: the ability to roll out such solutions is also data, without the costs necessarily having
While larger systems, such as stamping limited by the availability of employees with to rocket. One such possibility is to install
machines, are connected to a network and the necessary skill set of production and IT additional sensors in the machines for sole
hence also to an MES or SCADA system know-how. use by applications that have nothing to do
(Supervisory Control and Data Acquisition), In blunt terms, automation technology and with control tasks.
many peripheral machines, such as reelers IT are two very different things. The former This is already practiced today, for example,
which roll and unroll reels, are not. Only a is based on deterministic processes and uses when counting good parts. An MES places an
fraction of the information available in the software that has to survive the entire lifetime order and, as soon as this is completed, the
machines is also actually available for analysis– of a machine, based on quality-driven methods machine can be used again elsewhere. But also
according to findings by TE, on average only such as the V-Model. special tasks, such as predictive maintenance
five percent of sensor data is processed in The software in the digital factory, on the of motor or press bearings, can be performed
the controllers. Significant effort is required other hand, will change constantly, owing to, in this way.
to access the remaining data, ranging from for example, new functionalities or security A second option is to install gateways, but
reprogramming controllers through to updates; these are gaining in importance as only data that is offered by the controllers is
extending the capacity of the network. production processes become networked with normally available in this case. This approach
The machine data models are generally the cyber world. This evolution simply cannot is therefore primarily used to monitor the
not uniform, which is why they have to be be achieved with deterministic machine status of machines.
adapted individually. More than 60 percent of control solutions. The third option involves equipping
22 in d u s t r ial et h er ne t b o o k 11.2016
SOURCE: TE CONNECTIVITY
ş 7LPHV\QFKURQL]DWLRQYLD
(WKHU1HW,3RU3URĬQHW
ş +LJKHVWWLPLQJDFFXUDF\LQ
There are a variety of options for integrating participants in a network and recording, transmitting and analyzing a
QDQRVHFRQGUDQJH
variety of data, without the costs needing to sky rocket. One possibility is to install additional sensors in the machines ş 5HGXQGDQF\WKURXJKDXWRPDWHG
for sole use by applications that have nothing to do with control tasks.
VZLWFKLQJRIUHIHUHQFHFORFNV
ş /RFDOJHQHUDWLRQRIWLPHFRGHVOLNH
machines with smart field devices that module will be presented as a prototype by
,5,*%'&)RU33;3XOVHV
allow them to be modeled in detail in IT TE for the first time at SPS IPC Drives 2016
systems and enable the performance to be as well as part of the IoT OmniGate family.
analyzed precisely using methods such as SPC It can be used, for example, to determine
(Statistical Process Control). compatibility with the software of the sensors
One example of this is an I/O module, and controllers, and to generate IP interfaces
IoT OmniGate I/O Module, from TE into for passing on the extracted data in structured
which a mini-computer has been integrated. form to other systems such as ERP systems.
I/O modules capture data from sensors This means that the data no longer has to be
and actuators and forward this data to the requested from different locations, and also
controllers using a higher-level bus system. that its format is always the same, simplifying
The smart I/O module, which acts in work considerably.
addition as a so-called edge computer, allows
a further path to be configured in addition to Conclusion
this real-time communication path; data for Smart connection technology is a core element
smart applications in the sense of Industry of digitalizing factories. TE Connectivity is
4.0 and IoT can be aggregated in the machine currently developing solutions that will allow
OMICRON Lab IEEE 1588/PTP
over this second path and then transmitted to machine data to be extract, aggregated,
IT systems. pre-evaluated and then forwarded to (cloud-
Timing Solutions:
What are the advantages of the IoT based) IT systems. This will enable problems OTMC 100
OmniGate approach for applications? Because to be identified early on, thus avoiding, for ,(((373*UDQGPDVWHU&ORFN
I/O modules are already available in machines example, downtime or costs for excessive
today, they can be replaced ease without energy consumption. TICRO 100
necessarily changing their architecture and In addition, even installed machines ,(((3737LPH&RQYHUWHU
interfaces. Moreover, the semantics of the can be connected to IT systems with smart
data models used to describe the automation connectivity technology, without the need
components can be drawn on to create for such expensive tasks as reprogramming www.omicron-lab.com/timing
new databases. Hence there is no need to controllers.
reconsider each time how to save the data of
specific components. Daniel Walldorf, Industrial IoT Platforms &
A software tool to configure the smart I/O Ventures at TE Connectivity.
1 1. 2016 i n d u str i a l e th e r n e t b o o k
Smart Timing Solutions
Automotive parts supplier
Applications
SOURCE: KEPWARE
HIROTEC AMERICA is part of the HIROTEC
Group Companies, and globally recognized
as a Tier-1 parts and tooling supplier for the
automotive industry. The parts and tooling
supplier designs and builds roughly 7 million
doors and 1.5 million exhaust systems a
year, making it one of the largest private
production companies in today’s global
automotive market.
The Challenge
Operational downtime is a significant issue
facing Original Equipment Manufacturers
(OEMs). In most cases, the machinery involved
runs without condition-based monitoring—
essentially operating until a failure occurs. At
that time, appropriate personnel are contacted
to assess the situation and make the repairs
as expeditiously as possible to prevent
dramatically delaying production schedules.
Outside factors like weather or traffic patterns
might also add to possible downtime scenarios
and lead to organizational inefficiencies and/
Instead of integrating multiple solutions across business functions, HIROTEC turned to KEPServerEX and the
or misallocation of resources. ThingWorx IoT Platform solutions to enable company-wide device-to-cloud connectivity using one toolset.
HIROTEC sought to eliminate this trend of
reactive maintenance and lost opportunities that in order to bolster profits from untapped would be able to provide analytical insight
by utilizing the information and systems it machine-generated information, we needed to into HIROTEC’s data through industrial
had on hand to gain deeper insight into its look towards modern solutions that automated data streamed from the IoT Gateway for
operations and processes. The automotive the process and enabled timely, data-driven KEPServerEX, an advanced plug-in capable of
supplier had long collected industrial data decisions.” pushing information from KEPServerEX into
from sensors and machines across customer Big Data and analytic software applications.
production facilities and its own systems The Approach To support the company’s long-term
to support its decisions and track business Recognizing the need for connectivity, data IoT vision, HIROTEC collaborated with
progress. access, and scalability, executives at HIROTEC representatives at PTC to build an IoT
However, volumes of this data were worked to develop a competitive strategy to framework supported by short, six-week agile
manually separated and stored across capitalize on the potential benefits of the sprints. Where a full IoT implementation
multiple sources—making it inaccessible to Internet of Things (IoT). The initiative began may have taken years to generate a proof of
collective and systematic analysis. In order with identifying the fundamental technologies concept, the Scrum model provided company
to improve quality, reduce downtime, and that would fuel the IoT effort. After executives with visible and quantifiable
optimize production schedules, HIROTEC evaluating several traditional IoT offerings progress in just weeks.
needed to implement a modern, automated from traditional industrial automation “We see and speak with many manufacturing
solution that could gather maintenance and vendors, HIROTEC found that many solutions organizations, and it is clear they are
operational information into one source and were restricted to a single business aspect, interested in the Internet of Things. They see
offer actionable recommendations to its protocol, or standard. the potential and would like to do something
quality professionals. Not wanting to waste time and effort with the technology. Despite the desire that
“A lack of data was never an issue for us,” integrating multiple solutions across several exists, many remain frozen because the
said Justin Hester, Senior Researcher for business functions, HIROTEC finally turned to prospect of a full-blown implementation is so
HIROTEC. “As one of the largest automotive Kepware’s KEPServerEX and the ThingWorx IoT daunting and uncertain,” said Hester. “This
manufacturing suppliers in the world, we Platform (both solutions from PTC) to enable is why we advocate so strongly for the short-
collect volumes of datasets on a daily company-wide device-to-cloud connectivity sprint model we have adopted at HIROTEC.
basis. The problem we were faced with was through one overarching toolset. Working We don’t want to boil the ocean; we want to
transitioning from a data-heavy organization together to deploy a single source of smart start with low-hanging, solvable problems and
to a data-smart organization. We realized solutions for the IoT, the ThingWorx platform build out our case and experience.”
24 in d u s t r ial et h er ne t b o o k 11.2016
SOURCE: KEPWARE
HIROTEC is planning to expand its IoT efforts to include every aspect of its business from operations and IT to
financial forecasting, customer relations, and sales.
1 1. 2016 i n d u str i a l e th e r n e t b o o k 25
Exploring fundamentals of
Technology
SOURCE: ETG
Cycle 1 1 2 3 4 5 6 7 8
26 in d u s t r ial et h er ne t b o o k 11.2016
instance, because power supply disturbances any measures. The earliest time that such an
can impact several nodes at a time. A error can be reported is one incoming cycle
comparable source for errors would be a poor later. Until the error time-out is triggered, the
connection to the protective conductor when system normally needs three cycles.
the direct shield method is used. EtherCAT instead creates direct feedback
EtherCAT documentation does not with the slaves. Fast forwarding enables the
recommend this, but it is mandatory in some incoming data to appear in the master right
consortiums especially because multi-protocol after the output data have been transmitted.
devices must follow that approach and may In case feedback fails to appear, the master
not use alternative methods. Since grounding can start the according actions immediately
in cabinets is sometimes worse than expected, and, thanks to very little forwarding variance,
disturbances on the shield can appear where precise timeout becomes possible.
different parts of the cabling are joined. In principle, EtherCAT acts like a traditional
In such a case, the diagnosis is very fieldbus, arranging for the repetition
difficult – which is the reason why this kind immediately. The latter makes error handling
of disturbance transmission should be avoided within the master more complex. In addition,
if possible because of its potential affect on the availability of actual process data is more
applications. If you use common frames, such preferable than bandwidth (with EtherCAT,
as with EtherCAT, this type of disturbance
transmission only affects the same frame
only about 15 percent), so processor
performance is often leveraged to repair old Unlock new
several times.
In case of short individual frames with the
process data. Thus, EtherCAT aims for short
cycle times, which thereby reduces the effects
services with your
typical switch forwarding method, which is of possible errors. machine data.
defined by the IEEE standard and is normally
at least 10 times slower than EtherCAT, several Higher efficiency benefits
frames are transmitted on different network Last, but not least, when compared to
participants during the same time period. solutions based on individual frames, EtherCAT
During that process, a huge time delay leads facilitates significantly shorter cycle times (in
to several different affected frames in the case this example, by a factor of 6), which leads
1 0 1 0 1 0 1
1 1 0 1 0 1 0
0 1 1 0 0 1 0 1
1 0 0 1 1 0 1 0
0
1
0
1
1
0
0
1
1
0
0
1
1
0
TAGNAME
DATABASE
of a disturbance transmission. to much higher precision as well as increased
1 0 0 1 0 1 0 1 0 1 1 0 1 0 1
0 0 1 1 1 0 1 0 1 1 0 1 0 1 0
0 1 0 1 0 1 0 1 1 1 0 1 0 1 0
1 1 1 0 1 0 1 0 0 1 1 0 1 0 1
As a result, data from different cycles or process robustness. This enables much higher
0 0 0 1 0 1 0 1 1 1 0 1 0 1 0
0 1 1 0 1 0 1 0 1 1 0 1 0 1 0
1 0 1 1 0 1 0 1 0 1 1 0 1 0 1
1 0 0 1 1 0 1 0 1 1 0 1 0 1 0
communication types can be affected. For product quality, as well as faster reaction to
1 0 0 1 0 1 0 1 1 0 1 0 1 0 1
0 0 1 1 1 0 1 0 1 1 0 1 0 1 0
0 1 0 1 0 1 0 1 0 0 1 0 1 0 1
1 1 1 0 1 0 1 0 1 1 0 1 0 1 0
this reason, the disturbance transmission is a errors. The shorter cycle time provides an
0 0 0 1 0 1 0 1 0 1 1 0 1 0 1
01 1 1
100 0
very critical factor that almost always entails excellent method to improve product quality,
10 0 1 011
010 0 11 0 0
10 0 0 100 0
100 0 10 1 0
00 0 0 100 0
101 1 01 0 0
000 0
01 0 1
some kind of domino effect. With an EtherCAT even in case of an error; if no errors occur,
1
system, the forwarding times are short so that the quality gets even better. Overall, EtherCAT
even a disturbance at the beginning of a frame offers the best chance to maintain successful
cannot affect the end of a previous frame in processes, even in environments with heavy
the network. disturbance.
When several single frames are affected, the • Remote Access your
resulting error type is hard to define. Some Conclusion machines (PLC, HMI, IP
input data is new, some is old. Ultimately, the In summary, the EtherCAT approach forms
conclusion that there are only single errors the basis for reliable network design, reduces
Camera, etc.)
with that method is not true. Rather, it rather bandwidth usage leading to lower error • Gather time stamped
requires especially sophisticated and complex frequency, and enables the fast forwarding
error handling strategies. of frames to avoid transmission disturbance. machine data centrally
Additionally, most switches/bridges only Thanks to the peer-to-peer connection via (alarms, KPI, set point,
transmit when they have received a frame Ethernet, reflections and other disturbances consumption, ...)
correctly (store and forward), which leads can be avoided. This makes communication
to different frames at each interface and the more reliable, since the error probability is low • Use or create your own HMI
disturbance transmission to influence a high and the location of an error can be detected
number of frames. easily. • Collect data from the field
In addition, the reliability of a system can to create added-value
Accelerate error handling be influenced positively by lower protocol services
For efficiency reasons, approaches with complexity as well as the reduced frame traffic
individual frames generally do not deliver on the communication connections. Clear
prompt feedback. Direct feedback on updates design is the basis for a good automation
to the output data would require forwarding system and is mandatory for improved
from master to slave and back. This duplication reliability. Discover eWON
of the forwarding time would present a EtherCAT adheres to the fundamental Remote Data
limiting factor for the cycle time. Thus, the principle of automation technology: efficiency
reaction to the loss of individual output and reliability are two sides of the same coin! solution at SPS!
frames is limited to the single components – Hall10, Stand 420
without direct notification of the control unit. Dr. Karl Weber is Senior Technology Expert at
In this situation, the master cannot initiate the EtherCAT Technology Group.
SOURCE: PROSOFT
Using a layered approach to security, a PC’s operating system VPN minimizes the need for user-
installed software. HTTPS is deployed for all communication, requiring a certificate and one-time use
keys to authenticate the gateways, to implement a system that runs on Amazon Web Services.
CONTAINERS AND MICROSERVICES are the terms used to describe an complex host to run the program and the computer operating system.
approach to developing applications for use in a cloud environment. The As more computing functions are moved to cloud hosted systems,
term container brings to mind a shipping container, or a standardized this paradigm is no longer the ideal way to develop computer programs.
box that is used in shipping to make it easier to move products Many applications have been ported to the cloud simply by running
overseas, through ports and across railways. a virtual machine with a specific operating system, and installing an
In cloud application development, a container is a standardized set existing PC- or server-based program to that virtual machine. This is a
of services that support the application running inside the container very inefficient approach since many aspects of the operating system
and provide connection to the cloud host environment. Microservices are not needed by the program. Further, since all of the functions of
are the applications that run inside the containers. the program are interdependent, a failure in any part of the program
As opposed to writing a single, monolithic program to deliver all user can crash the entire service.
functions, developers build microservices that perform a very specific Booting up a new VM with the service can take minutes. Reliability
task. Various microservices come together to form what appears to the is improved by adding “failover” servers, which are entire copies of the
user as a complete cloud-based service. Yet, since each microservice virtual machine running side by side.
and the container it resides in is fully self-sufficient, these functions
are not dependent on each other. Building cloud solutions
Containers and microservices provide a better way to build software for
New approach to development cloud deployment. This approach begins with the compartmentalization
This concept is a departure from the predominant software development of program functions into microservices. A microservice is just a specific
approach of the recent past. For many years, software developers built function of the program, such as a payment service on an online retail
full programs that would install on a computer and run in a specific site. Overall service may have many microservices providing different
computer operating system. All of the functions of the program exist functions. The other key element of this approach is the Container.
within the code, and the entire program is installed together. The container is a standardized interface between the microservice
The program depends on the operating system to provide the required and the rest of the world, similar to how the operating system provided
connections to the world (input devices like the keyboard, output the interface for the monolithic program in the old paradigm. Containers
devices like the monitor and network connections). In addition, all of offer quite a few advantages in the cloud hosted environment. They
the functions within the program depend on each other. This approach are much less resource-intensive compared to virtual machines and
to programming worked well as long as there would always be a fairly full operating systems, so it’s easy to deploy multiple instances of a
28 in d u s t r ial et h er ne t b o o k 11.2016
particular microservice to handle traffic and provide better reliability. to gain access to equipment. Also, software must be kept up-to-date as
Containers “spin up” in less than a second, so failure recovery is vulnerabilities in the underlying software services are discovered and
Technology
extremely fast. Making functions fully independent from one another patched. It also requires only a browser and an OS-native VPN client
also allows the development team to use the best programming to work, so these threats are greatly reduced.
language for each function, rather than choosing one language for Second, the container and microservice architecture enables ProSoft
all functions. If one function is most easily deployed in python, and Connect developers to build a very robust and secure service using
another function in C++, each function can be developed in the optimal the latest state-of-the-art cloud development tools. Containerized
language for that function and deployed in its own container. functions prevent potentially cascading issues, since each function
operates autonomously in its own container. Finally, containers provide
New approach to programming the basic supporting services that a piece of code needs to run. This
Think of the old approach of monolithic programs running on virtual means there are fewer components that might be vulnerable to attack,
machines such as a warehouse. The warehouse, like the virtual machine, compared with a full VM and operating system.
is designed to house any manner of contents. It is large and time- The most noticeable advantage of the choice to use containers and
consuming to build, and contents are dependent on the integrity of microservices is in the ease of use. ProSoft Connect functions were
the warehouse – and can be affected by problems with other contents. built using the best programming language and supporting services
In addition, each warehouse is built with different configurations for each function, which contributes to the simple user experience
(aisles, shelving, doorways), so moving contents from one warehouse of the service. For creating VPN connections to remote equipment,
to another will require changing how the contents are stored. When EasyBridge technology forms a Layer 2 connection between the user’s
things are busy, the warehouse may be full, while at other times, it will PC and the remote PLC network. Containerized services running in the
be nearly empty. Yet it takes up the same amount of space either way. ProSoft Connect service handle the complexity of network routing, so
By contrast, shipping containers are really very small, modular the user can connect to the remote network just as if they plugged an
warehouses. Each one has standard dimensions, handling provisions, Ethernet cable into the remote Ethernet switch.
and configuration. Containers hold all kinds of different contents, yet
it is very easy to manage many containers by stacking them on ships A Platform for the IIoT
or in shipyards. Individual containers take up much less space than Perhaps the most exciting aspect of this technology and its modular
a warehouse, and it’s relatively easy to add containers when more architecture is the promise of things to come. The Industrial Internet
contents need to be stored. In busy times, the shipyard may be full of of Things (IIoT) is a hot topic these days, and for good reason. As
containers stacked in rows. When it’s not busy, far fewer containers are new technologies develop to help manufacturers cut costs, improve
needed. If anything happens to a container, only the contents inside productivity, and deliver products faster, users will have a powerful
that container are affected, and a replacement can be ready quickly. secure platform to connect industrial data to high-value cloud services.
Just as the advantages of shipping containers make logistics
operations more efficient, cloud-native container technologies make Keith Blodorn is the director of ProSoft Technology’s Wireless Program.
cloud-based programs easier to develop, deploy, and operate.
Architectural benefits
ProSoft Connect technology allows customers to securely access
industrial automation devices such as PLCs and HMIs remotely from
anywhere in the world. Secure remote access allows system integrators,
While you look ahead
machine builders, and large end users to troubleshoot problems with … we have an eye for the rest.
their systems more quickly, to gather data from machines or plants
around the world, and plant operators to manage process equipment
spread globally. The unique advantages of the container and
microservice architecture include enhanced service reliability, improved
security, and superior ease of use.
For manufacturing customers, reliability is always a critical attribute.
Secure remote access services are no different. When a machine is
down, engineers need to access the machine control system and begin
troubleshooting immediately. ProSoft Connect users enjoy highly
reliable service in part because the container/microservice approach
allows the service to run multiple simultaneous sessions with minimal
consumption of cloud computing resources. In fact, there are always
at least three of every service running! There is no need for the “fail-
over” servers that old VM-based systems used for reliability. Even if
all of the current instances of a service were to suddenly stop, a new
instance can be started up in under a second. This means that when 360° Network Reliability
an engineer needs to access a remote machine, ProSoft Connect will for Smart Factory Automation
be ready to make the connection.
As more industrial processes connect to the Internet, cybersecurity • Cybersecurity for your entire network infrastructure
is an important aspect of connectivity solutions. The container and • Single point and multi-point network redundancy
microservice architecture helps ProSoft Connect deliver a higher level of • PROFINET, EtherNet/IP, Modbus TCP, CC-Link, SafetyNet
security for users. First, it is a fully cloud-native solution that requires
Moxa Solutions. Protected, easy, intelligent.
virtually no user-installed software. This eliminates a significant attack
surface that past cloud connectivity solutions opened up. User-installed
software is vulnerable to tactics like “watering hole attacks,” where www.moxa.com
hackers embed sniffer code inside the software download and use that
1 1. 2016 i n d u str i a l e th e r n e t b o o k 29
ME_AZ_FA_IEB_85x120mm_E_DU08082016.indd 1 03.08.16 16:17
Lower cost of ownership
Applications
Technology
SOURCE: MOXA
Different costs incurred within the project life cycle including acquisition, operational and support costs need to be aggregated to create a total cost of ownership.
THE INDUSTRIAL INTERNET OF THINGS (IIOT) broadly six different stages. The challenge Installation and integration costs
trend is facilitating a growth in connected for network administrators is to have a deep It is rare to see completely new network
devices on networks as well as increasing the understanding of each stage of the project installations in industrial environments. The
scope and complexity of industrial control and determine the key features that a device majority of network deployments involve a
networks that frequently converge with should include or support that are beneficial combination of new equipment and upgrades
traditional IT networks. More now than ever for that particular stage as well as to what using existing SCADA systems, control
before, concerns about security, availability, extent these features will be beneficial in the networks, and devices.
and performance are having an impact future when the needs of the network change. It should be noted that as no two networks
on these industrial control networks. One These features and benefits often don’t are the same, each network has its own set
consequence of the IIoT trend is that simply appear in the hardware specifications of a of unique requirements. One of the skills
purchasing devices for your network isn’t the product, but are essential to keep in mind that a network administrator must have is
end of your expenditure. In fact, it is often when purchasing products. For example, the the ability to choose and deploy the right
only the beginning. Network operators are vendors who provide switches for a project devices to ensure that the current and future
discovering a host of associated direct and can allow those who are deploying and setting requirements of the network are met. A good
indirect costs that can often exceed the initial up the network to make their quotation example of this is ensuring interoperability
investment in networking hardware. more competitive if the deployment and across all devices on the network throughout
This article considers some of the costs that setting up can be completed faster. This the project life cycle. Although there are
are often overlooked, and suggests some best will also allow those who are installing and numerous ways to overcome certain problems
practices and tips on how to lower the total configuring the network to have more time that may arise throughout the project life
cost of ownership (TCO) for industrial control for other projects. The six stages are discussed cycle, one of the best solutions is to choose
networks. After purchasing a switch, a variety below, with scenarios provided to give a products that offer the most flexibility.
of factors need to be considered throughout fuller understanding of the different factors For industrial networks, devices are often
the product life cycle, including installation, affecting the TCO. installed in control panels with other devices
configuration, operations, maintenance, that run on different voltages, so one solution
downtime, and ongoing technical support. Total cost of ownership is to purchase a power converter to ensure
After taking all of these factors into After considering some of the challenges of compatibility. However, this may not be the
consideration, network administrators are in networks, it becomes evident how the costs ideal solution for all network administrators
a much better position to be able to judge associated with commissioning and operating due to size constraints of the panel where the
the true TCO of a project and make the right a network can easily exceed the cost of the devices are being installed or the additional
decisions to ensure that the TCO is kept as networking components. Some of the general costs incurred from purchasing power
low as possible. steps involved in commissioning, operating, converters. For some projects, the cost of
and supporting an industrial network will deploying new cables can add significantly
Challenges for complex networks now be considered in order to gain a better to the overall costs of the project. A better
The time from the start of a project until it understanding of the TCO. alternative is to use a device that supports a
is up-and-running can be broken down into wide range of power inputs that will satisfy
30 in d u s t r ial et h er ne t b o o k 11.2016
Technology
SOURCE: MOXA
Multi-protocol Ethernet communications capabilities make it easier to integrate PLCs with SCADA systems.
the present demands of the network, and devices later on in the project. Reduce maintenance costs
provide added flexibility for devices that Configuration costs are not limited to when The majority of IIoT networks are controlled by
must also be added to the network at a later the network is being set up for the first time. programmable logic controllers (PLCs). When
date. Although the initial expenditure may Any feature that allows copying and saving the network performs scheduled maintenance
be slightly higher for a switch that supports device configurations will provide network and performs a reboot, a PLC will often take
these features, it becomes clear how costs can administrators with the ability to reuse these around 20 seconds to reboot.
be reduced over the duration of a project by settings at a later date, and eliminate the If a PLC boots up before the network is
avoiding additional costs at a later date. need to manually configure new devices that ready to operate, errors will occur that can
are added to the network. cause further delays. Switches that can boot
Reduce configuration costs Configuration is also made a lot easier by up in about 10 seconds as opposed to 100
One of the most time-consuming tasks for an intuitive graphical user interface (GUI). seconds will be ready to operate as soon as
projects in industrial environments, and Some companies will offer an advanced the PLC has rebooted, thereby avoiding the
therefore one of the most expensive, is testing kit, which allows users to test the GUI aforementioned problems.
configuring devices on a network so that and independently validate the claim that Being able to view the current status of the
they have security settings, redundancy, it is intuitive before installing devices on a network at a quick glance via software or an
interoperability, and efficient performance. network. An intuitive GUI can save network app is one of the easiest ways to monitor a
A wide range of options are available, from operators a significant amount of time for the network. These apps and software sometimes
very basic switches that offer no support with duration of a project. incorporate an alert system that warns network
configuration, all the way up to large software administrators that an event is taking place
packages that cost considerable amounts of Reduce operational costs that has the potential to cause a failure on
money on a per-annum basis but greatly assist A key way to lower operational costs is a the network unless the problem is rectified.
network administrators with the configuration design that requires the minimal amount of Alerting the system administrator that a
process. manual work to keep the switches and network problem could happen later on, as opposed to
As the number of devices on a network operational. In addition, ensuring product a system that merely informs the administrator
increases, so do the possibilities for savings. suitability for deployment in industrial that there is a problem now, is an excellent
Below are some of the main areas that have environments will also help achieve optimal way of reducing maintenance costs. These
been identified pertaining to the configuration operational performance. features may increase the purchase price of
stage of a project, all of which have a strong The two main reasons why devices on the switch but over the course of the project
effect on the TCO. industrial networks malfunction is their life cycle are likely to result in substantial
Due to the convergence of industrial moving parts and the power inputs, which savings.
automation and IT systems across IIoT are often referred to as points of weakness.
networks, EtherNet/IP and PROFINET protocols Switches that have an absolute minimum Reduce maintenance costs
must have a way to operate together on of moving parts are much less likely to Finding the root cause of downtime on a
the same network. Devices that have been malfunction or break, resulting in less network large-scale network is very time consuming,
preconfigured to allow for these disparate downtime and therefore reduced expenditure. so any tools that assist network administrators
protocols to communicate automatically Similarly, if the device supports dual-power with identifying the point of failure and allow
allow network administrators to deploy what inputs and one of the power supplies fails, them to quickly fix it will have significant
is essentially a plug-n-play device. These the other power supply will keep the device advantages.
devices will also often support automatic running, allowing the faulty power supply to Another skill of successful network
discovery and the ability to assign IP be replaced without network downtime. For administrators is to be able to calculate
addresses automatically, allowing a significant deployments lasting longer than 10 years, whether the additional costs of features
portion of the time required for configuring which is the norm for IIoT networks, there is a that can help reduce downtime are likely
these devices to be eliminated. Compare this very high chance that network administrators to outweigh the costs of any downtime
with using cheaper devices, which will require will encounter one of these problems at some experienced.
a lot more effort to be spent configuring the point during those 10 years. Devices that can be remotely accessed and
1 1. 2016 i n d u str i a l e th e r n e t b o o k 31
performed manually, the amount of network
downtime is reduced.
Technology
Technology
Conclusion
After considering the life cycle of a project
and the hidden costs that can be incurred
throughout this life cycle, it is clear that
multiple factors must be considered when
determining the direct and indirect costs of
an entire system.
It should be noted that network
administrators can never be 100% sure what
A tool that can play back events to help quickly narrow down the possible cause of the network problem.
the future needs of an IIoT network are,
but having a full understanding of the six
configured are very beneficial because they and help improve the design of the network stages described above ensures that network
allow untrained personnel to perform the infrastructure to avoid this kind of failure in administrators are more knowledgeable about
time-consuming task of going to the field the future. which devices have the best chances of
site, while the trained specialist can perform Devices that back up the switch’s lowering the TCO throughout the duration of
troubleshooting and configuration remotely configurations on a dongle are particularly a project.
from the control center. helpful if the switch malfunctions. To
In addition, a device that offers playback automatically import all of the settings, all Richard Wood, Product Marketing Manager,
support allows the specialist to identify what you need to do is plug the dongle back into Vance Chen, Product Manager and Yiwei Chen,
occurred at the time the switch went down, the switch. As no configurations need to be Product Manager work at Moxa.
32 in d u s t r ial et h er ne t b o o k 11.2016
Reader Service Card
IEB issue 97 - November 2016
Service
IMPORTANT: You must update your subscription
annually to continue receiving your free copy
of Industrial Ethernet Book magazine.
Return by mail to: Or fax back to: Or use our online reader service at:
IEB Media +49 8192 933 7829 www.iebmedia.com/service
Bahnhofstr. 12
86938 Schondorf
Germany
Please enter your contact details below: Company Activity (select one)
□ Aerospace/Defence
Name: ___________________________________ □ Electronics Industrial/Consumer
Position: ___________________________________ □ Instrumentation/Measurement/Control
Company: ___________________________________ □ Manufacturing Automation
Address: ___________________________________ □ Metal Processing
___________________________________ □ Mining/Construction
City: ___________________________________ □ Oil & Gas/Chemical Industry
State: ___________________________________ □ Packaging/Textiles/Plastics
Zip Code: ___________________________________ □ Pharmaceutical/Medical/Food & Drink
Country: ___________________________________ □ Power Generation/Water/Utilities
Phone: ___________________________________ □ Research/Scientific/Education
Email: ___________________________________ □ System Integration/Design/Engineering
□ Telecomms/Datacomms
I want to: □ Transport/Automotive
□ Start a new subscription □ Other: _____________________________________
□ Update my subscription
□ Digital edition or □ Print edition Job Activity (select one)
□ Change my address □ Engineer - Instrumentation & Control
□ I do not want to receive promotional emails from □ Engineer - Works/Plant/Process/Test
Industrial Ethernet Book □ Engineer - Research/Development
□ I want to be removed from the □ Designer - Systems/Hardware/Software
subscription list □ Manager - Technical
□ Manager - Commercial or Financial
Signature: _____________________________________ □ Manager - Plant & Process/Quality
□ Scientific/Education/Market research
Date: _________________________________________ □ Other: _____________________________________
IEB Media reserves the right to refuse an application for a free copy of Industrial Ethernet Book or the provision of information on any of the advertisers or articles
34 in d u s t r ial et h er ne t b o o k 11.2016
client, tag, and upgrade, which can push the ability to complete proof-of-concept to applications through message-oriented-
software costs into the hundreds of thousands prototypes more quickly so that full-scale work middleware (MOM), which reduces bandwidth
Technology
of dollars. This kind of pricing structure makes for project development and implementation congestion and allows for easy scalability.
it extremely challenging, if not impossible, for can be started ahead of schedule. IIoT architectures that employ MQTT and
integrators to provide value to their customers. MOM offer a revolutionary solution to the
Integrators can put themselves at an The Future of Industrial Controls issues of low bandwidth and the need to
advantage by embracing software solutions Our survey respondents have indicated access data from remote devices. IIoT allows
with a simpler and less restrictive licensing that we’re entering an exciting time in the organizations to scale their application
model that eliminates surprise software industrial controls industry. These insights by simply adding connections to the MOM
expenses and offers more value to their into the new technologies and skills that will infrastructure rather than making additional
customers. Additionally, software solutions be vital for integrators in the future reveal connections to edge-of-network devices.
with an unlimited pricing model can empower the need to connect SCADA systems with
integrators to offer customers more scalability enterprise systems in order to properly align Data management and SQL
in the future, without drastically ballooning OT and IT. Which technologies and skills are The convergence of OT and IT and the rise
the budget for future projects. imperative for the future? of IIoT have been triggered by industrial
organizations’ need to access more data. In
Timeframes IIoT and MQTT the survey, 16% of respondents said that
All integrators have experienced the dreaded In our survey, 43% of respondents indicated data management technology is important.
scenario of unrealistic deadlines. In the survey, that the Industrial Internet of Things (IIoT) As more industrial organizations look to
17% of participants said that time-related and Message Queueing Telemetry Transport connect the industrial controls side with the
issues are the most serious challenge. Several (MQTT) are two big developments to watch. enterprise side, integrators must look into
issues can seriously impact an integrator’s IIoT incorporates intelligent machines that data technologies to stay competitive.
ability to meet a deadline. These include issues collect and share massive amounts of data, Traditional SCADA systems were simply
such as defining project requirements, working enabling companies to identify inefficiencies, designed to acquire time-series data and
with proprietary and complex software, and save money, and improve quality. MQTT is store it on process historians. In most cases,
finding enough engineers with specific skills an extremely lightweight publish/subscribe process historians use a proprietary method
to complete a project. messaging protocol that is ideal for remote of data management, which limits the ability
One thing integrators can do to meet strict M2M devices in situations where bandwidth to connect to other systems. To connect to
deadlines more efficiently is to choose a and power are at a premium. MQTT decouples other systems, integrators must implement an
software package equipped with tools for rapid edge-of-network devices from applications; incredibly costly solution that still does not
project development. This gives integrators instead, edge-of-network devices connect meet all of the organization’s requirements.
give organizations total control over adding
36 in d u s t r ial et h er ne t b o o k 11.2016
Adapting machines to go global
Applications
with modern industrial networks
For machines to be ready to go global, there’s no one-size-fits-all solution but there are benefits of choosing
components that meet multiple industry network protocols. Understanding end project goals, available I/O
technology and deciphering which specific features are needed are key to achieving business objectives.
SOURCE: BELDEN
had a secondary goal to simplify their supply
chain and manage a smaller mix of suppliers.
Sourcing and stocking lots of product types –
from different I/O modules and programmable
logic controllers (PLCs), to varying connectors
(4-pole vs. 5-pole) – took up valuable time
and storage space, and strained the budget.
The team therefore needed to source and use
products that offered variety and flexibility so
they could do more with less.
1 1. 2016 i n d u str i a l e th e r n e t b o o k 37
Today’s Machine Building Supply Chain multiprotocol solution. The machine builder
Applications
38 in d u s t r ial et h er ne t b o o k 11.2016
One panel PC coordinates 21
Technology
robots in manufacturing cell
The Panel PC handles also handles all robot-to-robot interference detection and OEE (Overall Equipment
Effectiveness) tracking, while managing overall fault detection and annunciation by acting as the HMI for the
machine, and integrating all safety aspects of the machinery.
WITH 32 MANUFACTURING FACILITIES around Bysma, Controls Specialist, Sodecia GTAC. “To The currently realized welding cell with
the world, Sodecia, Portuguese supplier begin, an assortment of small stampings are 21 robots uses a CP6202 Panel PC with
to the automotive industry, maintains its welded robotically into sub-assemblies. They 15-inch screen and Intel Celeron ULV
position as a leading solutions provider are automatically unloaded and transferred processor. The Panel PC also handles robot-
and vehicle manufacturer. Based in London, to subsequent stages, where the different to-robot interference detection and OEE
Ontario, Sodecia’s Global Tech & Automation components are assembled to form the BIW. (Overall Equipment Effectiveness) tracking,
Center (GTAC) delivers highly automated From here the process splits into two while managing overall fault detection and
machine lines, on which the components are identical product pipelines – this split creates annunciation by acting as the HMI for the
manufactured and assembled. redundancy and improves throughput. Various machine, and integrating all safety aspects
sensors carry out comprehensive analysis, of the machinery. The robots are controlled
PC-based controls for example, to ensure that all fasteners by KR C4 controllers from KUKA.
Sodecia GTAC uses PC-based control are placed correctly on the assemblies, and “The TwinCAT development environment
technology in its assembly lines in order to send the data to the controller. After further and various software libraries reduced the
offer high quality while keeping cost under assembly steps, the two pipelines merge back programming time for the robotic cells by
control. into one, and the assemblies move on to a a wide margin,” said Rob Remillard, Lead
“Our current ‘bread and butter’ product final fixture.” Controls Engineer, Sodecia GTAC. “In TwinCAT,
is our successful, turnkey robotic weld cell we can quickly develop sections of code in
solution,” said Brent Lekx-Toniolo, control PC-based control throughout any of the IEC 61131-3 languages and then
system concept developer, Sodecia GTAC. Sodecia GTAC has been using the PC-based deploy them in several instances. With other
“Our largest project to-date was completed controllers from Beckhoff for its BIW assembly platforms this isn‘t so easy.”
in spring 2015 and includes 21 KUKA robots lines since 2008.
of various sizes (series KR 210, KR 30 and “To-date, Sodecia GTAC has built 49 Integrated safety solution
KR 6), which are used in the assembly of manufacturing lines based on Beckhoff EtherCAT factors heavily in the application.
body frame and chassis segments (so-called PC-based control, ranging anywhere from The fast communication system handles all
body in white, BIW), for welding, material machines with a single robot to lines with robotic communications, I/O, and the safety
handling and sealant applications,” said Jon over 20 articulated robots,” said Bysma. functions via the TwinSAFE I/O terminals.
1 1. 2016 i n d u str i a l e th e r n e t b o o k 39
SOURCE: SODECIA GTAC, CANADA
as exceptional physical durability,” Toniolo
Applications
40 in d u s t r ial et h er ne t b o o k 11.2016
Virtual private network
Technology
for secure remote access
With PLCs and machine controllers providing Ethernet ports that support TCP/IP, it is very easy to access
these devices remotely. Virtual Private Network (VPN) connections assure the secure transfer of data from
one network or device, to another network or device over shared or public networks like the Internet.
SOURCE: OMRON
the machine builder and the end user can
enjoy big benefits. The machine builder can
quickly diagnose problems on the machine,
even before they happen. He can inform the
end user to take preventive actions or help
solve issues by providing remote assistance.
And the end user can also benefit from remote
access, as the machine is easily accessible and
can provide real time production information.
The way Virtual Private Networks function is
by using any IP-type communication, and even
communicating to devices that do not have
an Ethernet connection like a serial device by
using IP-to-Serial conversion. There is almost
no limit to the type of communication, and
the possibilities are endless. Having remote
access to a machine is almost the same as
standing next to it, although the user is still
at a remote location.
VPN establishes a connection between two sites, secured by username/password. Data transfer is encrypted.
Virtual Private Networks
A VPN can be used to establish a connection or maintenance must be planned for the drive. can be directly transferred between the
between two sites. The connection is secured This information is of importance to the machine and the machine builder’s office
by username and password, and the data user of the machine in order to prevent independent of the connection between the
transferred is encrypted. This makes it unlikely unintended production stops. In the case two. Router devices can be used to connect a
that outsiders can interfere with the operation where the machine manufacturer has a local network into a bigger network which can
of the machine or access production data. A maintenance contract with his end-user to be the Internet or a factory network.
VPN connection is also called a VPN tunnel maintain the machine and prevent production
because what goes in one side comes out at loss caused by standstill, a pre-alarm can Remote access through VPN
the other side without any changes. prevent costly repairs. The general technology used for remote access
To establish a connection between different Monitoring machine response times is called Virtual Private Network (VPN). This
sites, various standard products are available. or vibrations can help to detect wear of is a connection between two devices where
In this article, an overview is given of the mechanical parts. This can trigger the they start a connection by first finding each
products and technologies that can be used, machine builder to pre-emptively send spare other, then authenticating and negotiating an
the principle of operation and an explanation parts to the end-user site, so the worn encryption. When the connection is active,
of terminology. parts can be replaced at the next scheduled the two devices can transfer data in a safe
Modern machine control systems can maintenance stop. In the end, the end-user way and are protected against intruders. From
provide a wealth of information about the will benefit from a reduction in breakdowns the user’s point of view, it is just like he is
process they are controlling. This can be and emergency repairs. sitting next to the machine. However that
production data, as well as data indicating machine can physically be on the other side
the electrical and mechanical health of Ways of access of the world.
the machine. For instance, the machine With the current communication technologies Imagine such a device having a WAN (Wide
controller can be registering and reporting there are many possibilities to create a Area Network) port to connect to a bigger
the power consumption of a drive. During the connection to the machine. To name a few: network or the Internet and a couple of LAN
design of the machine, the load of a drive is • Wireless connection through a UMTS or (Local Area Network) ports to create a local
calculated and a threshold is defined during GPRS connection. network. Through the routing capabilities of
commissioning. The machine controller can • The machine plugs into the local factory the devices, the two distant LAN networks are
then monitor the current consumption of network. connected to each other and act as one. A
the drive against the threshold, and trigger • There is a direct connection to the device connected to the LAN side of the router
an alarm when the current exceeds the Internet by means of an ADSL, cable, can reach other devices on the other side’s
threshold. An additional threshold could be fiber or similar connection. LAN. This is very convenient as a machine
set for a pre-alarm, warning that inspection Whichever connection type is used, data controller on one side can directly be accessed
1 1. 2016 i n d u str i a l e th e r n e t b o o k 41
from the other side. Instead an
SOURCE: OMRON
endpoint (router) being a box
Technology
Security
Sending data over the Internet or
other networks implies a security
risk. Of course, it is a must to
prevent that somebody can
intercept the data send across
the network and start tampering
with the system. VPN creates a With the current types of communication technologies, there are many possibilities to create a connection to the machine.
secure tunnel and is secure in
the sense that there is authentication of client and connect to the server at the VPN connection. The other VLAN (WAN) is part
when the connection is opened, and that the office of the machine builder. The machine of the factory network and gets its IP-address
data transferred is encrypted. builder may have all of its machines online. and other settings from a DHCP server on the
The authentication can be based on Machines can then report their status directly network. For the factory network, this machine
username/password, pre-shared keys and and continuously, and the machine builder is represented as a single device with only one
certificates or a combination of the three. has the opportunity to react immediately on IP-address.
Often a username plus a certificate is used events, like when there are problems, but also Routing: A router forwards messages from
and encryption can be from a simple to a very to plan scheduled maintenance and/or send one VLAN to another depending on the
high level. Keep in mind that encrypting and consumables on information the machine destination address. It also stops broadcasts
decrypting data takes time. The higher the provides. and multicast message on the factory network
encryption, the more time it takes to prepare entering the local machine network.
the data, and thus a slower transfer time. Solution Details Firewall: When there is an attack from the
An option when a high level of encryption is In a network setup, there are often products factory network, this is stopped by the firewall.
used could be using a device that has enough from different manufacturers used. But these It is also possible to open up the firewall for
processing power to do the encryption/ devices must understand each other and certain types of messages. But this is totally
decryption quickly. Faster devices have often a standardization of protocols is a need. With VPN application specific.
higher price. There is no golden rule to decide technology, there is a lot of standardization DHCP server: This is used to assign
which encryption level to use. It depends on but there is not one VPN standard. Two IP-addresses to devices on the local network
the level of security and communication speed mainstream options are IPsec and OpenVPN and is normally controlling devices have fixed
needed. (also known as SSL) and these two standards IP-addresses. But it could be that a service
made their way to commonly available engineer connects his laptop to this local
Type of data transferred products and services. With commercial-off- network, and then it is convenient that he
In principal, any type of IP-data can be sent the-shelf (COTS) products, anybody can set up gets the correct IP-address assigned.
across the VPN connection. But some practical their own VPN infrastructure. As the machine is part of the factory’s bigger
examples are: network, it cannot be accessed from outside
• Alarms and warnings from machine to VPN use case walkthrough the factory. The factory router that connects
OEM. With the example of a machine controller to the Internet has a firewall and will block
• Bidirectional communication between connecting to the office network of a machine off all incoming traffic. Therefore the router
remote-SCADA or HMI and the machine. builder, standard components can be used to in the machine needs to be the initiator of the
• Recipe or production information to set up a VPN tunnel between the two sites. VPN connection. To let the VPN connection be
and from a remote database server (for In the machine builder’s office, a VPN server established successfully the VPN initiator (the
example, Oracle or Microsoft). can use a network to connect to a machine router in the machine) must have some of the
• New control programs uploaded to the installed in a factory at a distant location (VPN following set up.
machine to deploy modifications or client). The machine’s network is connected Time synchronization: In the negotiation
upgrades. via the VPN tunnel to the machine builders’ and encryption process also the date and
• Status monitoring to assist in fault office network, so there is instant access to time is used. Both the initiator and responder
finding when there is malfunction in the the machine. must have the same time and date. The exact
machine. Could be as simple as checking The machine is hooked up to a bigger factory date and time can be derived from so-called
if a sensor signal is active and learn that network that has an Internet connection timeservers (NTP-servers). A timeserver can be
the sensor needs to be re-aligned. available. The router in the machine is on the Internet or on the factory network.
configured to create a local network LAN in With a timeserver, the date and time is
Client/server, initiator/responder the machine itself and connect one of its automatically set and adjusted regularly.
There is a distinct role for each device in ports (WAN) over the Internet out to the office Domain Name Server: For the VPN initiator
the setup of the VPN connection. One of the network. These local services are: to get to the VPN responder, it needs to know
devices acts as the initiator or client of the VLAN, (Virtual Local Area Network): This is its address on the Internet. However fixed
connection, and the other is the responder used to divide the router’s Ethernet ports into IP-addresses on the Internet are scarce and
or server. The server is waiting for a client to two separate networks. Traffic cannot move quite costly and it is easier to have a domain
connect. As a server, it is not only servicing from one network to the other and vice versa. name and a DNS server to resolve the domain
one but multiple clients. One VLAN (the local network) has its own to an IP-address. The router knows only the
The routers in machines have the role IP-address range, and is one end-point of the name (office.machinebuilder.com) but by
42 in d u s t r ial et h er ne t b o o k 11.2016
SOURCE: OMRON
Technology
At left is the machine builder’s office (VPN server). On the right is the machine network installed in a factory at a
distant location (VPN client). The office network is connected via the VPN tunnel for instant access to the machine.
requesting a DNS server, since the IP-address at a service provider and a SIM-card. the router is in a larger network, it will send
is linked to this name, the responder can be There are different types of wireless data the message to another router. The message is
reached. And it doesn’t matter how often the communication but the most commonly known forwarded until it goes out on the Internet or
IP-address of the responder changes. It is are GPRS and UMTS. GPRS is older and a lower an addressed device on the bigger network is
always reachable through its name. performance technology than UMTS. UMTS has reached. In the case of a direct connection to
On the responder, the following must be communication speeds well into the Megabit the Internet (wired or wireless), the Internet
set: per second range. GPRS throughput is limited will take care of getting the message to the
• As with the VPN initiator time must also to a couple of hundred kilobits per second. addressee. When the Router is VPN capable and
be set correctly in the responder. It can To ensure that data communication is the tunnel is up then the message is forwarded
use the same timeserver as the initiator. always possible, GPRS functions as a fallback over this tunnel and ends up at the other side.
• As the VPN initiator is searching for when it is not possible to establish a UMTS
the VPN responder per name, the router link. For both UMTS and GPRS, the cost of the VPN technology
must announce his name and IP address connection is based on the amount of data There are many implementations of VPN.
regularly at a DNS-server on the Internet. transferred, not on connection time. Therefore But the two currently in use and proven to
This DNS service is called Dynamic DNS. the connection can be up and running all the be reliable and safe are IPsec and OpenVPN
There are a couple of companies that time. (or SSL). Both make use of the same kind of
offer this service like DYNDNS. Wired, directly connected to the Internet. The technologies for compression and encryption.
• VPN connection settings of the initiator machine’s router can be connected directly to One difference is that IPsec uses a kind of
must be registered at the responder. the Internet. This connection is an ADSL, cable username/password for authentication, while
If there is a connection request coming in, or fiber connection. A local service provider OpenVPN uses certificates that need to be
its credentials will be checked and if correct installs the connection and the Internet is generated at the server. Also OpenVPN uses
the connection is accepted and the tunnel is directly accessible from the machine. the same method of communication (https://)
up. The machine’s network is now connected to Wired, connected to a bigger local network. that secure websites use. This makes it easier
the office network and data can be exchanged The router in the machine is connected to a to let OpenVPN traffic pass firewalls in routers,
between them directly. For direct wireless or larger local (Factory) network. From within this as the firewalls judge this traffic to be regular
wired connections, the connection method is larger network, a connection can be made to web-traffic.
a little simpler but still largely the same. the Internet. The router in the machine must
know how to route out onto the Internet. But Summary
Connection technology normally these routing settings are available A Virtual Private Network is a secured
When creating a VPN tunnel, a connection from a DHCP server on the larger network. All connection between two devices/routers/
must be established from the client to the the above-mentioned connection types feature networks. The connection can be established
server. In many cases, this connection is that they are up and running all the time, so over local and public networks. Security is
over the Internet. There are several ways to there is instance access from one side to the by authentication and encryption. There
connect to the Internet depending on what other. are clients and servers, or initiators and
is available at a location. In general there Routing: An essential part in VPNs is the responders. The clients initiate the connection
are three variants: wired or wireless, directly routing. For a device on one network to reach to the server and the server can accept
connected or via a bigger local network. a device on the other side, there shouldn’t be connections from multiple clients. The VPN
too many hurdles in setting up the connection connection between the client and the server
Wireless at the device. For the device it is only is a transparent link between the two. Any
There are locations where only wireless access important to know to which router address a type of data can be sent. And it doesn’t matter
is possible, for instance on a remote site message should be sent when it is not on the on which side of the VPN connection you are,
where there is no ADSL or cable connection. local network. It is then up to the router to and how far apart the two networks are.
However, if there is a mobile network with handle the rest of the communication.
data communication available, accessing When a message arrives at the router, it René Heijma, European Product Specialist for
this mobile network requires a subscription needs to forward it to a known address. If OMRON.
1 1. 2016 i n d u str i a l e th e r n e t b o o k 43
Digital wiring devices using
Applications
Technology
SOURCE: OPTO 22
the Industrial Internet of Things is poised to
deliver, using Big Data generated by billions
of things to solve problems before they occur,
increasing operator situational awareness on
the plant floor with mobility, and identifying
business opportunities. But developing a
successful IIoT application requires leveraging
completely different technology disciplines
that for the most part were never designed to
work with one another: OT and IT.
To increase the enterprise’s competitive
advantage, operations and information
technology professionals must converge and
create new applications that access, share and
analyze business information by leveraging
new tools like artificial intelligence, machine
learning, and predictive analytics. Building VPN establishes a connection between two sites, secured by username/password. Data transfer is encrypted.
applications that connect information from OT
devices and data stores to IT resources and curve for users of all levels and requires few other developers and applications, promoting
systems has traditionally been difficult. The or no programming skills. Instead, Node-RED the idea of social application development.
two groups use entirely different application takes advantage of pre-programmed, reusable
development tools tailored for their specific code blocks called nodes. These nodes make Rapid IIoT application prototyping
disciplines. Enter Node-RED, an open-source IIoT application development simpler, easier Linking technology assets and services together
development environment invented by Nick to repeat, and faster to scale. Built on the to build IIoT applications often requires layers
O’Leary and Dave Conway-Jones of IBM popular Node.js JavaScript runtime, Node-RED of complex software development and long
Emerging Technology Services. Node-RED is benefits from a large Node-RED library that development cycles that quickly erode IIoT
part of the newly launched JS Foundation, and contains over 600 prebuilt and ready-to-deploy application ROI. Node-RED’s existing pool of
recently became a Linux Foundation Project. nodes, allowing IIoT application developers to code blocks enables nearly anyone to rapidly
leverage existing software code and deploy it prototype and develop IIoT applications to
Node-RED for IIoT directly into their applications. connect data streams from industrial assets to
Node-RED is a tool for digitally wiring together The development environment is any IT assets, bridging the gap between the worlds
hardware devices, APIs (application program standard web browser, and it uses a drag- of physical equipment and digital computing
interfaces), and online services in new and and-drop interface. The simplicity of Node-RED systems. Developers can even prototype
interesting ways. Node-RED provides engineers allows IIoT application developers to focus on applications on low-cost maker boards such
with an easy way to connect edge computing identifying an opportunity and developing a as Raspberry Pi and then seamlessly deploy
systems such as automation controllers to solution, rather than building the components them to an industrial-grade suite of products.
cloud services such as Amazon Web Services of an application from scratch. If you want OT and IT began to converge many years
(AWS) IoT, IBM Watson IoT, and Microsoft to create an application to poll data from a ago with the rollout of Ethernet and TCP/IP
Azure. Node-RED is an open-source technology Modbus/TCP slave, log that data to an SQL on the plant floor. Suddenly systems became
available on GitHub.com and npmjs.org. database, and move it into a machine-learning much easier to connect together. Productivity
The development environment can run on program like IBM’s Watson, there are nodes in the factory and on the plant floor improved
almost any platform from OS X, Microsoft for all of those functions already developed and support costs were lowered, all because
Windows, Linux, and Raspberry Pi to cloud and ready to deploy without having to write, devices began using the same protocols
offerings like IBM Bluemix and AT&T Flow. This debug, or support software code. Drag, drop, across the same type of media—TCP/IP and
extends to industrial products like hardened wire together, deploy. It’s that easy. Ethernet. OT/IT convergence is continuing up
IIoT application development platforms with Advanced JavaScript functions can also be the technology ladder, and the next rung is
built-in industrial protocol support like the created within the editor using a Function software. Node-RED is poised to be a major
groov Box appliance from Opto 22. node. A built-in library saves useful functions, contender for standardized IIoT software
templates, or node flows for re-use. Flows application development.
Lowering the technical bar created in Node-RED are stored using the
The Node-RED development environment offers widely known JSON format, which can be Matt Newton is Director of Technical Marketing
a gradual and easily approachable learning easily imported and exported for sharing with for Opto 22.
44 in d u s t r ial et h er ne t b o o k 11.2016
Industrial managed switches provides an efficient toolset for IIoT application
Product News
developers and fuses together an industrially
rugged hardware platform, data visualization
for mobile and web clients, robust industrial
automation protocol support including Modbus/
TCP and OPC UA, and advanced data flow
processing. Add these to an ability to connect
multiple data sources including devices, portfolio to offer customers additional PoE
databases, and third-party APIs (application options that drive operational efficiencies while
program interfaces), and groov becomes a addressing industry demands.
cohesive platform for IIoT or edge computing The NT24k-16TX-POE is Layer 2
applications. managed Gigabit switch that provides 16
10/100/1000BaseT(X) RJ45 ports. Advanced
WAGO: New 852 Series switches are individually OPC UA user role system PoE management allows quick and easy
configurable and offer reliable networking of all allocation of the switch’s 240 Watt PoE power
ETHERNET nodes to ensure continuous access to budget to any of its 16 ports (up to 30 Watts
machines and systems. per port). Additional comprehensive features
Rapid Spanning Tree, Dual Homing, Dual include auto IGMP configuration, N-Link and
Ring, Jet Ring, ERPS v1/v2 and its fast Xpress N-Ring technology, RSTP, N-View monitoring,
Ring protocols enable the creation of redundant CIP messaging, SNTP, IEEE802.1x and Radius
network structures with short recovery times remote server authentication.
of less than 50 ms. This guarantees secure The 1008TX-POE+ is an industrial
communication, even when connections are unmanaged Gigabit switch that provides 8
faulty. Every switch also features a redundant 10/100/1000BaseT(X) RJ45 ports, including
power supply for uninterruptible data B&R Industrial Automation: A new user role 4 PoE+ capable ports (up to 30 Watts each),
communication (transmission rate up to 1 system that is part of the Automation Studio jumbo frame support and LED link/activity and
GBit/s). This value-add feature contributes to software development environment simplifies PoE status indication.
secure operation of machines and systems on management of OPC UA access rights. This The 1000-POE4+ is an 8-port Gigabit
board ships. feature prevents unauthorized users from mid-span PoE+ injector that provides 4
The switches also support up-to-date accessing an OPC UA system, modifying data or 10/100/1000BaseT(X) RJ45 ports (data in) and
security functions, such as Mac Limitation, Port performing certain actions. 4 10/100/1000BaseT(X) RJ45 PoE+ ports (data
Security, and authentication per IEEE 802.1x. Any number of roles can be defined, which and power out) that support 30 Watts per port.
IGMP Snooping, broadcast and bandwidth can then be assigned individual access rights
limitation enable additional data flow control. for each node. Typical access rights include CAN-to-Ethernet gateway
The advanced security functions support these reading, writing or browsing. It is even possible
next-generation switches in protecting your to completely hide a node so that it is invisible
systems against cyberattacks and accidents that to members of a specific role group. To make
can adversely impact people, machinery and the configuration even easier, the rights of a parent
environment. node can be inherited by its children.
A user is assigned one or more roles, with
Node-RED on groov box additional protection provided by an encrypted
password. The user role system can also be
updated during operation. This includes, for
example, assigning a username and password
to a new system operator. These functions are
available directly in the application program on HMS Industrial Networks: The new IXXAT CAN@
the controller using function blocks. net NT 200 is a CAN-to-Ethernet gateway which
In order to ensure secure and trusted data allows users to connect CAN and Ethernet. CAN@
exchange, digital certificates in accordance net NT can be used as CAN-Ethernet-CAN bridge
with the X.509 standard can be used in the and as CAN-to-Ethernet gateway. Equipped with
OPC UA system. The Transport Layer Security two CAN interfaces, it supports an even wider
(TLS) subsystem in Automation Studio and range of use cases compared to the well-known
Automation Runtime support the management CAN@net II.
of these certificates. Certificates can be A key feature of CAN@net NT especially
displayed, created and transferred to the useful in building automation is an ability to
certificate store on the OPC UA server. separate CAN networks that are distributed
Opto 22: The Node-RED development over large areas. CAN@net NT couples the
environment is now available for running on Ethernet Plus (PoE+) gigabit CAN networks via a backbone Ethernet system,
the groov Box industrial appliance, significantly Red Lion Controls: Three new additions have allowing existing infrastructures to be used.
decreasing IIoT application development time been added to its N-Tron series of industrial This segmentation also increases the reliability
and complexity. Node-RED makes it easier to Power over Ethernet Plus (PoE+) Gigabit and stability of the overall system.
prototype, develop and deploy applications for products: NT24k-16TX-POE, 1008TX-POE+ and Designed for harsh environments, another
connecting physical assets to cloud applications 1000-POE4+. common application for CAN@net NT is remote
and IT systems. These new POE+ switches and injectors access to CAN networks via Ethernet, in wind
With the addition of Node-RED, groov complement Red Lion’s industrial networking power plants or the manufacturing sector.
1 1. 2016 i n d u str i a l e th e r n e t b o o k 45
IoT development kits Distributed Control System (DCS), Programmable
Product News
46 in d u s t r ial et h er ne t b o o k 11.2016
DIN-rail mountable platform The new IO-Link master supports up to eight
Product
Industry News
IO-Link devices, and is based on the IO-Link
specification V1.1. It is capable of storing up
to 40 timestamps of sensor events on each
channel. This event history can help users track
changes and more easily diagnose issues. Input
timestamps of all sensor data also can be sent to
the controller upon a change of state. These and
other diagnostics available through the module
can reduce issue-resolution time by as much as
90 percent, improve preventive maintenance Standards are an important basis for
and optimize overall system performance. meeting increasingly complex requirements.
While the new ArmorBlock IO-Link master is This naturally relates to both the software
Moxa: The new MC-1100 DIN-rail mountable ruggedized for use in harsh applications, the and hardware in industrial components – OPC
computing platform is designed to meet Rockwell Automation portfolio also includes UA as communications interface being just
the critical challenges of various industrial an in-cabinet solution for use in decentralized one example. Device software also has to be
automation applications in harsh indoor and control boxes. The on-machine option allows you subjected to reliable testing, making individual
outdoor environments. to mount the module right next to the sensors, changes especially for small volumes costly or
The advanced thermal design of the MC-1100 minimizing the number of components in the impossible.
ensures reliable system operation in extreme cabinet, reducing wiring time and resulting in Additional functions such as project-
temperatures ranging from -40 to 70°C without increased uptime and lower costs. specific direction recognition algorithms
the use of a fan. In addition, the MC-1100 and individual decisions based on additional
complies with DNV, IEC 60945, ATEX, and IECEx Secure Link to IoT clouds information from the ETB sensor transponder
Zone 2 standards, which makes it ideal for etc. can be added later in an extra software
deployment in heavy-industry, oil and gas, and container. This does not limit the system
marine applications. integrator to specific programming languages:
Featuring a power-efficient Intel® Atom™ C, Python, C++, Java – anything supported by
E3800 series processor and a variety of I/O LINUX can be used.
connectivity options, including 4 Gigabit
Ethernet ports, 2 serial ports, 1 VGA port, 1 Measurement technology modules
DisplayPort, and dual storage, the MC-1100
series is built to provide outstanding Softing: The dataFEED OPC Suite is a secure IoT
performance while enabling a new level of cloud data application that can now be easily
versatility and control in industrial automation implemented. A new MQTT Connector enables
applications. The MC-1100 also offers a Mini the integration of automation devices via MQTT
PCIe socket that supports a variety of wireless Publisher functionality in IoT cloud applications,
options, including Wi-Fi and 3G/4G LTE. e.g. IBM Bluemix Cloud. Highest security
In order to maximize system uptime, the during transmission is guaranteed through the
MC-1100 supports Moxa’s Proactive Monitoring encryption of the data using SSL/TLS.
and Smart Recovery software tools to help Softing‘s dataFEED OPC Suite combines OPC
businesses continuously monitor the status Server and OPC Middleware functionality into
of their computers and take predictive one compact software solution. The integrated
maintenance measures. MQTT gateway allows easy integration of legacy Beckhoff: Ultra-precise, fast and robust
and new controllers into IoT solutions. It is also measurement technology modules are becoming
IO-Link master possible to integrate components without MQTT an integrated part of PC-based control solutions.
support such as, for example, Siemens, B&R and New EtherCAT measurement technology modules
Rockwell controllers. can be directly integrated into the modular
Its user interface with intelligent, common EtherCAT communication system and combined
sense default settings and intuitive user with the extensive portfolio of more than 500
guidance is designed to make it easy for plant other EtherCAT Terminals. New metal housings
manufacturers and maintenance engineers to optimise shielding and cooling in measurement
quickly configure their IoT communication. technology applications.
The modular design of the suite offers the user At the same time, the durable housings
the greatest possible flexibility since only the provide enhanced flexibility at the interface
required functionality has to be licensed. level, such as for LEMO or BNC plug connectors
or for the established cage clamps as a quickly
RFID RF-R300 customisable standard solution. Measurement
HARTING: A software virtualisation concept has accuracy of 100 ppm at 23 °C, precise
been derived from the company’s MICA open synchronisation of < 1 μs, and the high sampling
modular platform. rate of up to 50,000 samples per second
Rockwell Automation: The machine mountable, With its modular software design, the new guarantee high-quality data acquisition.
IP67-rated, Allen-Bradley ArmorBlock IO-Link UHF RFID reader, although equipped with High-precision measurement reduces the use
master builds on the company’s IO-Link extremely robust hardware and standardised of raw materials and energy in machines and
portfolio with event and process timestamping software interfaces, is designed for tailored plants while forming the basis for condition
capabilities for on-machine applications. customer solutions. monitoring and predictive maintenance.
1 1. 2016 i n d u str i a l e th e r n e t b o o k 47
Pump control via multi Ethernet devices, motion devices, vision systems, and OPC UA has the advantage of being platform-
Product News
safety controllers with a single cable. Machine independent, and it ensures the seamless flow
information can be checked by monitoring the of information among devices from multiple
status of the connected components. vendors. From sensors to cloud, OPC UA is fully
The NX1P can monitor sensor data through scalable, object oriented and allows use of
the IO-Link master unit to reduce downtime structures or models which makes managing
by detecting errors and to perform predictive maintenance tasks much easier.
maintenance by monitoring status. The OPC UA server is particularly valuable when
users need to share key values and parameters
Profi Line Modular Switch related to equipment on the factory floor. The
system offers quick configuration and operates
completely independent from the PLC.
As of firmware version 11.2, the Flexy features
Bosch-Rexroth: With the appropriate pressure an OPC UA server that allows easy access to tags
and flow rate adjustment for hydraulic pumps, through an OPC UA Client. The OPC UA server
Rexroth improves the control quality and supports DA layer of OPC UA making easy to
energy efficiency of fluid technology. The configure tags to be published on the OPC server.
control cabinet-based Hydraulic Pump Control
(HPC) control electronics and SY(H)DFED fully Wireless thermal energy harvesting
integrated into the valve fit into a wide rage
of automation structures through a multi
Ethernet interface. The IndraWorks trans-
technology engineering environment simplifies
commissioning with software assistants and
predefined technology functions.
System and machine manufacturers achieve
noticeably improved dynamics and precision MICROSENS: New Profi Line modular switches
in the motion sequences for hydraulic provide Power-over-Ethernet with up to 60
systems through digitally regulated variable Watts.By doubling the performance of end
displacement pumps. The newly developed devices, users can draw on a wide range of new
motion controls cover a variety of applications application options, such as an energy supply
with similar functions. With the intelligent for LED/IR illumination units in the security
controllers, machine manufacturers can, in environment or the feeding of performance-
many cases, also reduce the installed power driven WLAN and LoRa wireless communications
and the load peaks in power consumption. The systems.
average power consumption is reduced through The new switches offer increased PoE
appropriate swivel angle and pressure controls. performance also numerous features such as
With switchable multi Ethernet interfaces for modular extensibility to up to 25 ports for
sercos, EtherNet/IP, PROFINET RT, EtherCAT, a demand-oriented, economically efficient
Varan, POWERLINK and optionally for Profibus expansion of networks using high performance
for the HPC, the controllers fit, future-proof, Gigabit Ethernet over copper and fiber optic
into a wide range of automation structures. lines. High fault tolerance is achieved using
a redundant power supply and a ring-shaped Emerson: The company has announced the
Entry-Level Controller cabling structure, as well as short restore adoption of advanced thermal energy harvesting
times via the storage of the firmware and the as a power source for its wireless products.
configuration file on an SD card. Power Puck thermoelectric energy harvesters
convert ambient heat commonly released in
Flexy OPC UA compatible industrial processes into electricity for powering
Rosemount wireless transmitters.
Perpetua’s Power Puck energy harvesting
solution is especially advantageous to wireless
OMRON Corporation: The NX1P comes equipped devices in power intensive applications, where
with the built-in EtherCAT port and controls up a conventional power module may require
to eight servo systems. Motion control for up to replacements more frequently. The company’s
four synchronized axes increases machine speed Power Puck thermoelectric energy harvester
and precision. provides continuous, reliable power for the life
Electronic cam for continuous and high-speed of the transmitter and includes an intrinsically
machine operation and interpolation for safe power module for back-up power.
precise machining improve productivity and A heat source is all that is required to fully
manufacturing quality. power wireless transmitters at their fastest
Data can be collected from devices via eWON: The company’s Flexy product now update rate using Power Puck. Configurations
EtherCAT and IO-Link for high value-added features an OPC UA server and can use the allow connections to most heat sources,
manufacturing. EtherNet/IP enables data communication protocol for secure and reliable including flat and curved surfaces with
sharing with a host PC and between controllers exchange of data in industrial automation temperatures up to 840°F/449°C. Power Puck
on different machines. EtherCAT connects I/O applications. solutions are safe for use in hazardous areas.
48 in d u s t r ial et h er ne t b o o k 11.2016
Smartswarm Modbus eavesdropper providing a high level of immunity against for the respective task. They can be used both
Product News
electromagnetic interference and heavy centrally, i.e. directly on the CPU, as well as
electrical surges which are usually found on locally in the ET 200MP I/O system. 25 mm and
plant floors or in curb-side traffic control 35 mm modules are available.
cabinets.
The IGS-604HPT-M12 can be easily mounted Ethernet over coax extender
on a DIN rail or wall taking up less space. Each
of the four Gigabit PoE+ ports provides 36 watts
of power, which means a total power budget of
up to 144 watts can be utilized simultaneously
without considering the different types of
PoE applications being employed. It also
provides a quick, safe and cost-effective
Power over Ethernet network solution to IP
security surveillance for small businesses and
B+B SMARTWORX: The Smartswarm Modbus enterprises.
eavesdropper can translate SCADA protocols to Transition Networks: New extenders deliver data
IT in real-time without disrupting, interrupting Failsafe I/O modules and power to IP network devices over existing
or reconfiguring your existing networks. By coaxial cable.
recognizing and extracting data from Modbus The immediate availability of its Ethernet
SCADA systems, it transforms it into actionable Over Coax Extender with PoE+ reduces cost
information, and presents it to IT systems and accelerates time to service by utilizing
without interfering with the Modbus Master. existing coax cabling infrastructure to upgrade
SmartSwarm 351 discovers and maps the from analog to IP-based surveillance cameras
network, analyzes message exchanges between or connect other IP devices to the Ethernet
the existing OT master and slave devices, and network. The new extender conforms to the
uses this information to build a comprehensive IEEE 802.3 af/at standard for compliance with
picture of the status of the underlying plant. In other PoE / PoE+ powered devices, allowing
near real time, Modbus data is delivered to IT/ edge devices to be quickly and easily located in
OT systems that normally would not see SCADA places where power was previously not available
information. and helping to avoid unnecessary and costly
Unlike alternatives, this is accomplished electrical installations.
without disrupting the Modbus Master and
SCADA network communication. Mission POWERLINK integration
critical process control systems are completely
undisturbed. Connecting to enterprise
applications by a local Ethernet connection or
an internal cellular modem, the gateway can
switch between these connections at any time,
providing redundancy. Siemens : Compact Simatic ET 200MP Failsafe I/O
Rather than overwhelm the IT/OT system with modules simplify S7 1500 controller distributed
meaningless data, SmartSwarm 351 collects, configuration. The F-DI 16x24VDC PROFIsafe
filters, enriches and aggregates raw data and F-DQ 8x24VDC / 2A PPM PROFIsafe modules
through simple user configuration, requiring no support a “no dip” concept, eliminating the
programming. Using the newest IoT protocols, need to assign PROFIsafe addresses via a DIP
MQTT topics and JSON; payload formats securely switch. Each module comes with a standard Code EPSG: KUNBUS simplifies the integration
construct the data so it is easily consumable by Element Type F Plug. of sensors and actuators into a POWERLINK
upstream IT applications. Featuring low parts variance, the 35mm-wide network. The new KUNBUS-COM module for
modules simplify mounting, ordering, logistics, POWERLINK enables Ethernet-based interface
Layer 2+ managed Ethernet switch and inventory management with a uniform front connections without affecting the design of
connector. Channel-specific diagnostics enable the circuit board. This makes it easy to retrofit
fast and clear process error identification and a POWERLINK interface with minimal added
reduce plant standstills. development.
The scalable ET 200MP Failsafe modules also With its compact dimensions of 85 x 65
offer mechanical slot coding to ensure proper millimeters, the module can easily be plugged
module and front connectors assignments to into the control card of existing sensors and
reduce errors during configuration and module actuators or connected by a cable. In terms of
replacement. The signal modules or I/O modules software, the module features a Modbus RTU, a
provide the interface between the controller and shift register interface, a dual port RAM interface
the process. The controller detects the current and an easy-to-program script interpreter. The
PLANET Technology: The IGS-604HPT-M12 process status by means of the connected interface for the electrically isolated POWERLINK
Industrial Layer 2+ managed Ethernet switch sensors and triggers the corresponding actuator network is formed by two RJ45 connectors. The
comes with an IP67-rated industrial case, reactions. module also has two rotary switches for setting
4-port 10/100/1000T 802.3at PoE, 2-port The digital and analog modules provide the node address and integrated LED indicators
10/100/1000T, and static Layer 3 routing, exactly the inputs/outputs that are required for diagnostics.
1 1. 2016 i n d u str i a l e th e r n e t b o o k 49
The electric rider:
Private Ethernet
shells that protect from sharp objects. You may not need the built-in headphones, but
www.pocsports.com the world-class protection could proof to be
extremely useful.
50 in d u s t r ial et h er ne t b o o k 11.2016
Private Ethernet
hand warmer and a portable power bank. The
power curve design allows for comfortable
use in both your hands and a pocket, while
also maximizing the contact points for heat
transfer.
The hand warmer is good for a full day of
heat – up to 12 hours, at temperatures up to
114°F. The 10,000 mAh rechargeable lithium
battery can charge smartphones, tablets, sport
cameras, MP3 players and other USB-powered
devices. Dual out ports allow for charging 2
devices at once.
www.celestron.com
Fog-free goggles
PHOTO: CELESTRON
There is quite a bit of temperature difference
between the powder falling from above and
the body heat generated while skiing though
bumps.
The ThermoCharge 10 portable power bank and hand warmer can provide 12 hours of heat at Every time you pause, your goggles tend to
temperatures up to 114°F (45°C) fog so quickly and completely that you have to
take them off and try to dry the lenses.
Heated insoles With it you can simply adjust the tempera- The Smith Turbo Fan Prodigy goggles employ
Now that your hands are kept warm, how about ture to the setting of your choice: no heat 5X anti-fog technology, which is claimed to
your feet? (standby), medium (100°F/38°C), and high provide 5 times the fog absorption compared
The Thermacell ProFlex heated insoles offer (111°F/44°C). to anything else on the market.
comfort and ease-of-use, utilizing a flexible One charge lasts up to 5 hours of constant This technology is combined with an inter-
polyurethane insole material, a comfortable use on medium heat setting. The battery changeable lens and what Smith calls a
and resilient Poron battery cover cushion, and recharges in 4 hours using wall a charger or “military-derived Turbo Fan”. This tiny quiet
a removable, rechargeable battery. Thermacell any USB port. fan is built into the frame to actively promote
claims that the batteries last at least 500 heat.thermacell.com the circulation of air even when the skier is
charging cycles, equivalent of 2,500 hours or stopped. It runs at two speeds.
about four winters of heavy use. Thermocharge Turn the fan on when you get to the hill
There are a number of heated insoles on the There are typically two problems when using and in the low setting, the Turbo Fan system
market, but the ProFlex offer a neat little extra: your smartphone on a skiing trip. For one will run continuously all day long to exhaust
A wireless remote control. thing, power outlets are not readily available moisture from inside the goggle. The high
in the wilderness. setting can be used to quickly exhaust moisture
Second, your fingers get frozen stiff when in extreme conditions.
spending too much time tapping on that If the goggles start to fog when you stop
touchscreen (unless you are wearing the after skiing hard, just slide the switch to the
eGlove mentioned above). Celestron has come higher speed for a few minutes and they clear.
up with a clever 2-in-1 device to tackles both www.smithoptics.com
problems.
PHOTO: THERMACELL
What we all have been waiting fot: A wireless The Smith Turbo Fan Prodigy goggles have a tiny two-speed fan built into the frame to actively
remote control for your insoles. promote the circulation of air.
i n d u s tr i a l e th e r n e t b o o k 11. 2016 51