Hirose: Connecting the future
Industrial Ethernet Book Issue 70 / 37
Request Further Info   Print this Page   Send to a Friend  

Wireless makes inroads across the process automation sector

Wireless technology is commonplace and WirelessHART, using the IEEE 802.15.4 radio operating at 2.4GHz, is providing tangible benefits in the process industries. The network range has been extended and redundant communication routes provide the crucial 99.9% reliability, reports David Walker who covers integration, device diagnostics, security and standardisation on HART IP as part of his working brief.

Remote pumps communicate wirelessly to a WirelessHART gateway. These Middle-Eastern pumps need performance monitoring so that engineers can make informed maintenance decisions. The gateway connects to the main control system over aWAN so that the engineers gain essential data at their desks. Installing wireless sensors on remote wellheads and other similar applications is much less expensive than hard-wiring.

WIRELESS NETWORKS have been around for about 10 years in the process industries. w- HART is a widely recognised standard that provides a process industry application that, arguably, is as easy to use as a Bluetooth connection to a mobile phone.

WirelessHART (w-HART) was developed specifically to meet the needs of process sector users, who demanded coexistence, reliability, security, multi-vendor interoperability and long battery life. Crucially, power consumption is limited such that process devices can be batterypowered for up to 10 years. The HART Communication Foundation (HCF) worked with process equipment vendors and experts on radio frequency and wireless communications, and came up with a scheme that satisfied all parties. A typical wireless net is shown in Fig. 1.

Fig. 1: A typical wireless plant network architecture. This illustrates the various operational levels and field devices based on a w-HART setup

The network uses the IEEE 802.15.4 radio operating at 2.4GHz. Radios use directsequence spread spectrum (DSSS) technology and channel hopping for communication security and reliability, plus time division multiple access (TDMA) to ensure latencycontrolled communications between devices on the network. Each device in the mesh network can serve as a router for messages from other devices. This extends the network range and provides redundant communication routes with 99.9% reliability.

Complementary Wi-Fi solutions find applications in video over wireless, field data backhaul and control network bridging. Such Wireless Plant Network (WPN) solutions are all IEEE 802.11 - 2007 based.

IMS Research reports that worldwide shipments of industrial products that are wireless-enabled are set to grow from an estimated 1.2 million in 2009 to more than three million in 2015, an average annual growth rate of 18%. In addition, Emerson itself announced in October 2011 that its customers had achieved 580 million total hours of wireless operation across 6100 networks, all based on w-HART.

In total, there are now around 17 vendors making w-HART products, including most of the major process control equipment manufacturers, with more arriving each month. So wireless has certainly gone mainstream.

Having a wireless infrastructure in a plant allows users to cover many applications, such as rotary kilns, safety relief valves and steam traps. Acoustic transmitters allow monitoring of steam traps and pressure relief valves, and they can easily be added to the wireless network. In the US, it has been estimated that there is a 7940 (US$10,424) annual fuel loss per leaking steam trap. With wireless, it's easy to monitor critical steam traps for leaks, and start saving money immediately.

Wireless cameras can be used for monitoring people, hazardous locations or site security, asset tracking and safety mustering. Personnel tracking applications require a plant to have Wi-Fi coverage for tracking RFID tags, often accomplished by aerial mounting of wireless transmitters and receivers. Finally, wireless can be used for backhaul networks.

Two case studies

Wireless solves problems that were too difficult or too costly to approach previously using hard-wired solutions. For example, a Middle-Eastern customer's remote pumps needed performance monitoring so that engineers could make informed maintenance decisions.

Previously, this customer had used a portable vibration analyser. The maintenance people would go to the pumps, collect data and make a decision. However, these pumps are sited in the middle of the desert with an eight-hour drive for access. Often, trips would be made and a pump would not be running, so data couldn't be collected. It was too expensive to install an online vibration monitoring system, so each pump ran until failure.

To resolve this problem, accelerometers fitted to the pump casing with the transmitter located close by communicate wirelessly to the w-HART gateway, which connects to the main control system over aWAN.This vibration data is communicated through the customer's automation system to the enterprise historian, which makes the information available to the reliability engineer at his/her desk through the corporate Intranet.

If customer's reliability engineer - 350km away - sees a pump problem on the historian, he or she, could phone the operations team, who could go out and correct the problem. Such difficult to traverse distances lend themselves well to wireless applications.

In another application at a Middle East wellhead, a customer has about 2500 wireless devices across many gateways collecting well data, something that was difficult and slow to deliver with a hard-wired system. Temperature devices show the customer whether product from each well is flowing. Previously, they had teams driving around the field in trucks and putting their hands on pipes to determine if the well was producing. This customer found that the payback period was nearly instantaneous, given the tremendous savings in maintenance and operating costs.Water wells are a similar application in the Middle East, and in many parts of Africa.


Wireless field instrumentation devices integrate with the host control system through the w- HART gateway using native DeltaV node (version 10.3); OPC server connection; Modbus TCP/IP connection; AMS HART TCP/IP; HART port; and Modbus serial connection.

The wireless field network comprises several w-HART devices communicating in a selforganising mesh network to a w-HART gateway. For host systems not supporting w-HART native integration, Modbus Serial, Modbus TCP/IP and OPC DA can all be used to directly connect to the w-HART gateway. Figure 2 shows a wireless integration of the w-HART field network via a Modbus TCP/IP interface.

Fig. 2: Wireless integration of the field network through Modbus TCP/IP interface. For all host systems supporting Modbus TCP/IP or OPC.

Working with wireless

In brief, the advantages of wireless over hardwiring are:

• Less expensive;

• Faster to install;

• Easier to maintain;

• Less susceptible to wear and damage;

• Works in almost any terrain;

• Better for mobile assets (Fig. 5).

Fig. 5. Personnel and tracking applications need a plantwideWi-Fi coverage for tracking RFID tags, often accomplished by external aerial mounting of wireless transmitters and receivers.

Instrument engineers know how difficult it can be to hard-wire a field instrument such as a flowmeter or a level transmitter, back to an automation or information system. One reason that w-HART has been adopted quickly by the process industries is because it's so easy to use.

With conventional hard wiring, precautions have first to be taken to ensure that it will be safe and will meet all hazardous-area requirements. Next, hard-wired cables have to be routed through cable trays and I/O concentrators, and through marshalling cabinets or junction boxes at great expense in labour and equipment. Such wiring can be difficult to maintain. Wireless obviates such difficulties, and specific advantages include savings in wiring and related components, fewer cabinets and conduit systems, less need for ancillary equipment such as space heaters and cabinet cooling systems, savings in time and money, as well as a smaller footprint and less weight.

Being a mesh network, w-HART wireless devices talk to each other at a range up to 100m, and autonomously form wireless communications paths back to a local gateway (Fig. 3). This makes for very easy and fast installation and commissioning.

Fig. 3: WirelessHART system architecture diagram. Modern wireless mesh networks likeWirelessHART allows users to link wireless sensors and instruments from multiple vendors to an automation system and/or information system.

To commission an installation of wireless sensors, a user starts with devices closest to the gateway. As these power up, they become aware of their neighbours and make automatic connections. As more devices are added, they self-organise into mesh networks. A user doesn't have to tell the devices which other devices or gateways they should look for as these tasks are handled by the gateway, which may contain a network manager. Once the mesh has formed, any changes - such as by a permanent or temporary obstacle - will be managed by the devices themselves finding an alternative path to the gateway.

Overall, a wireless system is much simpler to modify than its wired counterpart. If a device changes or moves, it's not necessary to make wiring changes. If more devices are needed, another gateway can be added which will handle 100 more devices.

The redundant data paths inherent to a mesh network eliminate single points of failure. Real installations consistently demonstrate greater than 99% data reliability. w-HART uses a full mesh-topology as many as seven hops deep, so a costly infrastructure of multiple backbone routers installed throughout the plant within range of every wireless device is not needed. Running expensive hazardous area power supplies to backbone routers is also not required.

Available tools help plan and monitor the networks, analogous to Foundation Fieldbus and other hard-wired sensor and instrument systems. As with these hard-wired networks, the required tasks are similar - follow best practices, plan the network and it should work without problems.

Built-in security

With no physical barrier surrounding wireless plant networks, wireless security is crucial to the successful deployment of field instrument networks and plant application solutions. Attack vectors include rogue APs, ad-hoc wireless bridges, man in the middle (Evil Twin, Honeypot AP, etc), denial of service (DoS), jamming (also considered DoS), plus reconnaissance and cracking.

However, w-HART communications use a security protocol with 128-bit encryption and 24 hex join codes, making hacking difficult. Another important security feature is that there is no IP address in the wireless devices, making it very hard for would-be hackers to make initial penetration. Other security measures include encryption, authentication, verification, key rotation and sequence number. Moreover, this security cannot be turned off, ensuring these measures are constantly active.

There are three main parts to a wireless defence-in-depth model:

Protecting networks - Each mesh AP's digital certificate authenticates it to the wireless controller and allows it to participate in the secure network, so rogue or perhaps unauthorised APs cannot mimic genuine APs.

All lawful wireless network communications are encrypted to prevent eavesdropping or packet manipulation. Rogue APs cannot insert themselves in the middle of the wireless infrastructure or otherwise compromise the network. Ideally, wireless user access should be deployed with a wireless intrusion prevention system. Also, scan for rogue clients/APs.

Control access - Every user/device must authenticate with a centralised network domain authority. One way is to use an Authentication, Authorisation, and Accounting (AAA) server with the RADIUS authentication protocol coordinating access to the wireless network resources with the existing IT security infrastructure.

Ensure client integrity - Antivirus software must be installed to prevent any primary infection of the device. Good security practices should be in force. Ideally, control devices (wired or wireless) should have no email or Internet access.

WirelessHART field network inherent security features include:

• AES-128 encryption (NIST/IEEE compliant) for all communications within the device mesh network and the gateway;

• Individual device session keys to ensure endto- end message authenticity, data integrity, receipt validation, and secrecy through data encryption;

• Hop-by-hop CRC and MIC calculations to ensure message authentication and verification as to communications source/receiver;

• Devices must have a pre-configured 'join key';

• White listing (ACL). If individual join keys are used, devices are explicitly given permission to join the network through the gateway or network manager via an ACL entry (also includes their globally unique HART address).

Internal firewall

The connectivity from the w-HART gateway to the host system is secured by an easily configured internal firewall that allows only the protocols and ports required for the field solution to be enabled for communication. Ethernet-based protocols (Modbus, OPC, AMS, HART Port, https) all support SSL-protected communications, while the gateway's internal bi-directional firewall should default to 'reject all'. Note that the firewall needs no active management.

The above security features provide an easy to manage yet very robust communications system. Figure 4 shows a table of field wireless attacks against mitigating defences.

Fig. 4: Plant wireless attacks against mitigating defences.WirelessHART field network inherent security features include AES-128 encryption, individual device session keys, hop-by-hop CRC and MIC calculations, a pre-configured 'join key' for devices, and white listing (ACL).

Some wireless solutions use an 802.11-2007- based Wi-Fi Mesh technology. Note, however, that 802.11 can be a security risk because wireless signals can be received by any commercially available 802.11 compliant device. By authenticating users before allowing them to access the wireless network, most attackers can be deterred, but it is recommended that all wireless data transmitted within the Wi-Fi mesh network, and between it and all client devices, should be encrypted.

Device diagnostics

The diagnostics information available from a wireless sensor or instrument is similar to that from a hard-wired fieldbus device or a conventional HART-based instrument. It is known that many users installed HART-based instruments mainly because of the extensive diagnostic information available, but estimates are that only 10% of installations actually use this information to the full extent. Many companies instead limit their use to handheld devices employed to manually calibrate and check field instruments during commissioning and calibration.

Part of the problem with wired HART devices is they have to communicate over a relatively slow 4-20mA connection, and special software is involved. However, with w-HART, the full range of HART diagnostics is available via the high speed wireless connection, and asset management software can extract the HART information. Yet w-HART is still familiar to users, who don't need to buy new tools or undertake more training programs.

Older, wired instruments can be added using a w-HART adapter, opening up a new area for maintenance and diagnostics. For example, many industrial and process plants have valves that have to be pulled from the line for an overhaul on a regular basis.

By adding a wireless adapter to a HART-based valve actuator, users can gain access to all the details needed to make an informed and proactive maintenance decision, instead of running to failure or performing unneeded maintenance. The same applies to flowmeters and related instruments.

On the horizon

The HCF continues to develop new technologies for HART and w-HART. Coming in the near future is standardisation on HART IP, an abbreviation for Highway Addressable Remote Transducer over IP.

HART IP can use both TCP and UDP as the transport protocol. Typically, most wireless gateways are connected to automation and information systems using Modbus, but the available bandwidth is low. HCF envisages HART IP over an Ethernet physical layer, as a better way of getting data into automation and information systems.

Being able to obtain information on the performance and operational state of the mesh network is also desirable. HCF is responding to feedback from NAMUR testing to see if this is possible.

David Walker is Sales Director forWireless Solutions, Middle East & Africa at Emerson Process Management.


Source: Industrial Ethernet Book Issue 70 / 37
Request Further Info    Print this Page    Send to a Friend  


Analog Devices: Time Sensitive Networking
DINSpace fiber optic and Cat 6 patch panels
Japan IT Week Autumn

Get Social with us:

© 2010-2018 Published by IEB Media GbR · Last Update: 14.11.2018 · 28 User online · Privacy Policy · Contact Us