If all the “things” in IIoT are destinations, then Ethernet is the multiplying avenues between them.
“We don’t have a consensus on what IIoT is because it’s not a term we use internally. We’re seeing a tangible increase in Ethernet connections, and a decline in proprietary communication protocols and networking hardware that’s less attractive to end-users,” says Shingo Yuki, P.Eng./M.Eng, senior process automation engineer at Jordan Engineering Inc. Located in St. Catherine, Ontario, near Niagara Falls, Jordan is a member of the Control System Integrators Association (CSIA). “Fifteen years ago, there was lots of proprietary, coaxial cable, but now distributed I/O or anything else can run on Cat 5 or Cat 6 Ethernet cable that’s widely available.”
For example, Yuki reports that Jordan recently helped a specialty chemicals client connect its subsystems, such as chillers, vacuums and filtration equipment, via Ethernet to an M580 PLC hot-standby system from Schneider Electric. “These types of Ethernet solutions were already common by 2016, but previous projects were more complex, costly and needed longer lead times because they had to use Modbus Plus or another proprietary language and specialized cabling. They worked well, but users were also beholden to their suppliers for specialized hardware,” explains Yuki. “Now, implementation is more open because we don’t have to rely on just one supplier for cabling and networking hardware, and we have more vendor options that are becoming more interoperable thanks to increasingly standardized Ethernet protocols. For example, Schneider Electric natively supports Modbus TCP and Ethernet/IP for field-device communication. Devices like variable frequency drives (VFD) can be configured to communicate with a variety of industrial protocols like Ethernet/IP and reside on the same physical network used by remote I/O modules from R. Stahl, which streamlines network architectures.”
Yuki adds that IIoT via Ethernet is also simpler, less time-consuming and more familiar to many users than proprietary network components. “While working with a power-generation company in Ontario, we met a technician who didn’t know how to crimp coaxial cable. He over-crimped it, causing intermittent communications failures that took two days to troubleshoot,” says Yuki. “Cat 5 and 6 cables are far more common, and Ethernet’s requirements and tools are well-known to more users, so there are far fewer mistakes. Ethernet’s ubiquity and typically easy availability also means it’s less subject to today’s supply chain bottlenecks and other disruptions.”
Openness requires vigilance
Beyond enabling production devices to reach managed switches, gateways and PLCs, Ethernet’s history on the IT side means it’s even more adept at allowing PLCs to reach up to manufacturing execution systems (MES), enterprise resources planning (ERP) packages, cloud-computing and analytics services, and other business-level functions. However, as usual, all these additional, non-proprietary links increases the chances of potential cyber-probes, -intrusions and -attacks.
“Access to all these points must be carefully controlled for cybersecurity,” says Yuki. “IIoT is enabled by following established cybersecurity standards that may involve segmenting the network using virtual local area networks (VLAN), which requires planning and forethought. Traditional networks and devices didn’t need as much authentication because they were proprietary and typically confined to individual facilities with airgaps and limited access. IIoT and Ethernet’s openness requires its users to be super-vigilant in overseeing its networks and traffic with passwords, authentications, certificates and port management policies. Users must define ahead of time what work processes are critical for their IIoT application, so they can tell whoever is configuring their managed Ethernet switches and firewalls to open the appropriate pathways and block unnecessary connections. Doing these types of configurations ahead of time is much cheaper than doing it in the middle of an installation when it will be exponentially more disruptive and costly.”
Data deluge diversion
So why do users flock to IIoT despite the security risks that come with its added connections? Well, all those extra upstream and downstream links generate boatloads of potentially valuable data, which can be analyzed and used to make more profitable decisions.
“Ethernet used to be a novelty in process applications, which didn’t have to wait for 96-baud communications. However, the sheer volumes of data moving between plants, PLCs and the cloud today are so huge that their throughput can cripple networks with undersized switches and Ethernet modules,” explains Yuki. “This is why many users are adding a second Ethernet card to their PLCs, so they’ll have one for SCADA and historian functions north of the PLC, while the second card receives data and works with I/O, motor controls, instruments, sensors and specialty devices south of the PLC. In this case, the PLC also serves as a gateway that controls for cyber-access and enables flexible performance.”
Besides stressing networks and devices, Yuki reports that big data from IIoT also requires users to decide if they can piggyback on their existing infrastructure, or if they need to build more on-premises capacity or use cloud infrastructure.
“Our specialty chemicals client has an IT rack, and they had to decide whether to use SCADA and MES servers onsite, or if they should move some functions to the cloud. Real-time production and SCADA must stay on-premises, perhaps in a newly built cabinet, but data logging and analytics capacity can be rented from cloud services like Amazon Web Services (AWS) or Microsoft Azure,” says Yuki. “For instance, they could send all their logged data to a cloud Historian run by Aveva, which is almost indistinguishable from an onsite version, and is accessible from a wide range of computing devices including smartphones. As long as they’re not critical to production or safety, it’s OK if users don’t want to run these functions onsite. It’s a tradeoff. The onsite advantage is that you may have more direct control over disaster recovery strategies because you can maintain backups and swap hard drives without calling someone. The downside is the on-premises option may be more costly than subscribing to a cloud service, which also performs patch management, troubleshooting and cybersecurity.”
For example, another client does its own IIoT management onsite, but Jordan helps with maintenance, an annual review, and parts replacement onsite. “This client also buys some services from Aveva, and builds them into an annual subscription,” adds Yuki. “It’s not free, but it is convenient, especially if you don’t want to start from scratch or build your own racks. We consult on these questions because one size doesn’t fit all.”
Some new software tools
Yuki reports that Jordan and its clients also use several software-based tools in their IIoT-related projects, including Docker software packages, Node-RED visual programming tool, and JavaScript object notation (JSON) and file formatting that uses human-readable text.
“They’re all mixed into what we do. They let us virtualize at the application level, develop programs in an operating system (OS) environment, and use them interchangeably in another application, such as a Windows environment that’s now available in Linux. We’re no longer constrained by a desktop PC or plant-floor rack, and have maximum flexibility in the solutions we can implement,” says Yuki. “For instance, Schneider Electric’s Edge Compute module has a card that fits into a PLC. It can run custom applications on the PLC that may, for example, do analytics and contextualize plant floor data, which is directly accessible from the PLC’s tag database over the backplane. This means users don’t need to write IEC 61131-1 code to look at information, and can just tell the PLC when to read and write data to the tags to perform tasks. There are infinite possible companion programs like this that can run at the edge. Users can take real-time tags in a PLC, add SQL content such as energy prices, and instruct production processes to run when prices are low, shut down when they’re high, and report back to the PLC.”