Guide to Industrial Networking and Connectivity Solutions
April 5, 2022
Comprehensive Solutions for Critical Infrastructure Protection
July 25, 2023
There is much discussion in the industry about factory data: what to collect, how to collect it, and even how much data is enough. And what if we collect too much data and don’t know what to do with it? A risk is that excessive data collection, without proper planning, can rapidly overwhelm a plant Ethernet network due to poor design. Here are a few things to consider for your data collection network plan on the factory floor.
It is advantageous to collect data from the factory floor
Real-time downtime analysis from a single location can instantly show where resources should be applied to boost productivity. Long-term data analysis can reveal maintenance trends, staffing shortages or process bottlenecks. Older assets can be linked to the internet to improve process uptime. With the right equipment, even older machines with only relay logic controls can be monitored. Data collection is about more than just traditional cycle time reporting issues. Predictive maintenance data, such as monitoring motor vibration, has reduced costly downtime.
Network administration traffic is more important than ever before
The number of devices on the factory floor has increased dramatically over the years. Frequently, networks were added as an afterthought, with no regard for potential problems. Many large networks currently experience bottlenecks due to speed issues and the continued use of unmanaged switches. Multicast protocols, often designed for a small cell, can inundate and overwhelm a network if properly managed switches are not in place.
The intersection of IT and OT
The IT (information technology) and OT (operational technology) worlds are rapidly merging. Both sides have the same goals, but they approach the process differently. The two parties agree that a well-balanced and segmented network is essential. This is sometimes accomplished through a top-down design, in which versions of the office switches are sent down to the factory floor, where environmental factors such as heat and vibration must be considered.
Industrial routers can help with segmentation and connectivity
How does an organization handle networking equipment that may arrive from outside sources? Machinery is now quite commonly delivered by an outside vendor or OEM. Is it too much to ask to retain the original IP address scheme? A NAT (network address translation)-capable industrial router or switch could be a solution.
The case for multiple machine cells
Consider that an OEM has delivered 20 machines consisting of a PLC, HMI, and VFD over the years. The OEM used the same IP address allocation pattern because they were originally manufactured as individual machines. Thus, 192.168.1.1 is for the PLC, 192.168.1.2 is for the HMI, and so on (see Figure 1).
Figure 1 – Problems will occur if multiple machines with the same IP address allocation pattern were simultaneously plugged in to a plant network.
What happens when all 20 machines must be linked?
In the preceding example, IP address conflicts would occur if all machines were simultaneously connected to the plant network. Some problems include documentation issues, the unforeseen introduction of multicast protocols into the larger network, and the unexpected reprogramming of individual assets.
A device with NAT capabilities will be useful. A NAT-capable switch or router allows a factory floor automation engineer to create a table providing one-to-one correspondence from an internal address to an external plantwide address. Nothing needs to change on the edge while the plant network maintains security and uniqueness.
Use firewall rules to increase security
Another advantage of these devices is the ability to add a firewall for added security. For example, if a SCADA machine on the plant network is only required to communicate with the PLC, rules can be set up to prevent all other communications except those from the SCADA computer. Routers and switches that support NAT and port forwarding are just one way to segment and secure networks. Many organizations have implemented VLANs (virtual LANs) to separate traffic.
Make sure to consult professionals from both the IT and OT sides about working solutions to help improve network operation and security as your business grows.
To get started with your next networking and connectivity project, reach out to the Motion Automation Intelligence team today.
