New-Tech Europe Magazine | May 2016
What’s needed is a powerful integrated processing system able to talk with local, enterprise or cloud databases. In addition, such a system would be in charge of translating protocols, managing HMI systems, supporting MES systems and even running soft PLCs for real-time control. But that is not all. The customer also expects such a system to perform complex sensor data preprocessing and filtering in the equipment, and of course, advanced cybersecurity operations. The cybersecurity requirements in these kinds of advanced manufacturing facilities vary widely. Advanced security is necessary to protect the status of the production itself, avoiding any malicious or accidental interruption generated by any cyber infrastructure (device, network, software or hardware). It is also necessary to authenticate users and devices that are accessing information or any critical operation. Furthermore, this information and the control protocols need to be protected in terms of authentication and privacy, because factory networks are connected to larger IT networks in an enterprise and outside of it. These challenges can only be addressed with a layered cybersecurity approach that takes into account each plant implementation. A common element in all the projects is the need to support secure boot and storage with encryption and authentication. This feature will make credible the implementation of secure software and secure net works. The trusted embedded system is more and more difficult to protect due to the increasing number of devices and their heterogeneity. For authentication and for networking security, these systems can directly
Figure 2 – The CPPS-Gate40 smart gateway from SoC-e
equipment in the factory. This real plug- and-work operation facilitates plant layout modifications. Furthermore, HSR supports the redundant IEEE 1588v2 submicrosecond synchronization protocol, which simplifies the synchronization of the system to perform precise reconstruction of the sampled sensor data or the implementation of control tasks. In order to provide seamless redundancy, each HSR node sends the Ethernet frames through both directions of the ring. This approach allows “hot” cable or equipment plugging and unplugging. Each node is in charge of forwarding both frames, and the IEEE 1588v2 support corrects the residence and link delay times to ensure timing accuracy in the entire network. Thus, frame hardware processing is mandatory to ensure low and constant latency times in every node. Indeed, the IEC standard recom mends a “cut-through” approach for forwarding the frames in the ring. To avoid circulating frames, for unicast communications the node that receives the frames is in charge of removing them from the ring. For multicast and broadcast traffic, the sender removes the frames when it sees them again in the redundant port. Additional rules regarding circulating frames (such as corrupted frames) are applied to ensure network stability.
HSR, combined in many cases with the Parallel Redundancy Protocol (PRP), is the recommended High-Availability Ethernet protocol in the standard for the automation of one of the most critical sectors worldwide: power sub stations. Other sectors, such as military and aerospace, are also adopting these Layer 2 solutions. Smart gateways provide hardware switching from the Ethernet and serial ports to the HSR infrastructure ring. There are two smart gateways, represented in the left and in the right of Figure 3, that connect the HSR ring with the Ethernet-based enterprise network working as a redundancy box (RedBox). Functionally, the access point represented on the right is optional, as it can be used to avoid the single point of failure that would appear in the case of a network using only one RedBox. We recommend implementing the dual-box setup in cases where high availability is needed, or when it is necessary to manage PRP frames (IEC 62439-3 Clause 5) in the critical nodes in the enterprise network. Additionally, there are internal networking ports in the gateway to the processing elements of the SoC device. In most cases, a “dumb” switching approach is useless to join plant and IT worlds. The heterogeneity in the data and network formats makes straightforward connections difficult.
48 l New-Tech Magazine Europe
Made with FlippingBook