Achieving Deterministic Behavior

Different mechanisms can be implemented to achieve reliable and deterministic behavior on a network. Scale and criticality are two key factors for determining when to implement such mechanisms. Just as a back country road often can effectively move traffic and manage the potential for collisions with a single lane, traffic in larger metropolitan areas generally demands multi-lane, multi-level highways. As the amount of traffic increases, the need for mechanisms that can guarantee a given performance becomes evident.

In general, two factors drive the need to implement performance mechanisms in EtherNet/IP networks.

• Scale: Small networks that will not be sharing their resources with other applications, such as video, voice, non-control data, etc. have lower potential for congestion and consequent jitter, latency, and frame losses. As the networks grow and the hosts begin sharing data through a producer-consumer model, the need for mechanisms such as IGMP snooping and QoS become indispensable to guarantee a deterministic behavior.

• Criticality: Some applications can tolerate lost data without any significant impact on the manufacturing process, and other applications can be adversely affected by even small latency or packet loss. Even small disruptions can have a big economic impact on a manufacturing facility. In these cases, it is normally a requirement to implement cost- effective solutions that reduce the potential for a work stoppage.

Large EtherNet/IP deployments or deployments where a line stop is critical should consider implementing:

• A fully switched network. This will eliminate collisions and improve the deterministic behavior of the data network.

• Quality of Service (QoS) traffic prioritization. QoS prioritization allows time critical traffic to have preferential handling over supervisory traffic.

• Logical segmentation of the network. VLANs improve security and contain broadcast messaging.

• IGMP snooping. This will control multicast messages that can slow the performance of the network hosts. It also exponentially reduces the amount of traffic on the network, reducing the chance for congestion and consequent packet loss.

4.13

Managing the Interface between Control and IT

Managing the interface between control and IT requires cooperation between two disparate sets of needs. Covered here is the technology of integration—connecting EtherNet/IP networks to enterprise networks. There is no doubt that EtherNet/IP networks can solve the “islands of automation” syndrome that has plagued manufacturers for so long, but making them work with the enterprise network will require a commitment for cooperation between a manufacturer’s enterprise Information Technology Department and plant-floor network engineers.

It is important to keep in mind that everyone is working for the same team and toward the same goals. This spirit of cooperation is a prerequisite to achieving an effective plant-floor-to-enterprise information system. Business leaders also must realize that while engineers from both disciplines share the same ideals—performance, speed, and security—they tend to employ different problem-solving methods to achieve the same ends.

EtherNet/IP networks installed by control engineers will be carefully scrutinized by IT network specialists before interconnecting them to business-level applications. For example, the IT department probably will insist that any Ethernet infrastructure devices follow IT guidelines, policies, and procedures.

In addition, the IP addresses used on EtherNet/IP networks will need to be coordinated with an IT IP address administrator. Network management policies will need to be changed to give IT operations’ support personnel access to Ethernet switch configuration parameters. The security threats posed by devices on the EtherNet/IP networks will require gateway and/or firewall protection for the IT network. Conversely, control engineers are likely to insist on “owning” the EtherNet/IP network switch hardware installed on the plant floor. They will require that any piece of communication equipment conveying control signal traffic be locally monitored, readily accessible, and replaceable by on-site maintenance personnel. Control engineers may deem the IT support policies for critical production equipment to be not sufficiently real-time for the uptime demands of the factory floor, and an IT department counter-proposal to install redundant networks to ensure communication reliability may be deemed too expensive for the return-on-investment metrics of the plant. Control engineers may complain that the IP address

administration policies and procedures are not workable for their plant-floor requirements, and may insist on the ability to modify or expand control system networks without outside interference.

In one respect, IT security practices may be criticized for being too excessive for the control system environment. Conversely, control system vendors are very cautious about operating system security patches, and will want to verify that any operating system patches are compatible with control systems before they are applied. Indiscriminate application of operating system and security patches has been known to shut down some control system software that has not yet been checked out for operation with the patches.

Who owns EtherNet/IP networks? This is not a simple question. EtherNet/IP networking issues span both the information technologies’ and control systems’ organizational boundaries.

Having looked at isolated and non-isolated networks and provided detailed instructions for designing and planning EtherNet/IP networks, as well as covering wiring issues, network topologies, and factors that affect network performance, perhaps the most important issue is the “people factor.” Control engineers and IT engineers need to work together on the top-down approach presented here to build an effective plant-wide information system that gets the right data to those who need it wherever they are, and to get the data to these destinations promptly and securely.