4.2018 industrial ethernet book Unlock new services with your machines data! NEW! Flexy 205 IIoT gateway and Remote Access router • Read & monitor your machine’s data in real-time (alarms, HMI’s, etc.) • Easily connect your machines’ data with major IoT platforms • Benefit from a world-class Remote Access solution …and much more! ewon.biz/flexy205 standard for implementing electronically secure industrial automation and control systems, IEC 62443, is now as widely accepted as IEC 61508 and IEC 61784-3 for functional safety. The standard mandates utilization of a proper hardware and software development process. Further, it defines five target levels of security protection, from 0 (none) up to 4 (protection against attackers with high education, high motivation and high resources). For each level, it defines requirements and asks questions about the particular implementation of a device. Certificates Certificates are a means for secure authentication. OPC UA mandates X.509 certificates. A new certificate created for the network manager device role, for example, requires each device with that role to have an instance certificate in order to be able to configure and control devices. All other devices are equipped with the public key network manager certificate and hence can establish a chain of trust. Additionally, each device comes with its own instance certificate, which is derived from a device type certificate, which is derived from a vendor certificate. This way, chains of trust can be established and each vendor can create its own device type family. The device type and network manager certificates can be obtained during the certification process. After first authentication, application certificates for each device are created and deployed, which are used for further authentication processes. Certificate types • Network manager • Network manager instance • Device type • Device type instance • Application instance • (Machine) Configuration Results Time synchronization: The accuracy of time synchronization is usually measured via external PPS pins (pulse per second) under various environmental conditions. The figure on the top of page 24 shows the result for a real setup of 50 B&R IO-devices in a line topology using .1AS. Real-time performance: Depending on the capabilities of the engineering tool, there is no real limitation on the size and complexity of an OPC UA TSN system. We expect systems of up to 10,000 devices to appear in the mid-term. For individual devices, the achievable minimum cycle time depends solely on the hardware and software used. We expect devices with 10 μs cycle time soon. B&R’s prototype I/O head stations achieve 50 μs externally and on the backplane bus. Given a powerful PLC, 200 of them can be operated with 50 μs on one wire. User experience: The main factors affecting the user experience can be seen in the engineering tool of the device or system vendor. Usually in machine automation, the engineering tool for a customer comes from the PLC supplier. However, the merging of IT and OT seamlessly into fieldbus projects allows a much higher degree of automated configuration than before, independent of the tool vendor, resulting in less human intervention. Additionally, since OPC UA and TSN are not tightly bound to a particular vendor, we expect the surrounding ecosystem to grow considerably larger than for distinct fieldbuses in the past. Conclusion and outlook OPC UA TSN is coming. And it will substitute today’s Ethernet-based fieldbuses in a number of applications. The main reasons are: • Vendor independence • Broad adoption in other fields • Converged networks • Large and flexible topologies • Full IIoT capabilities • Unmatched performance • Integrated security and • Modern data modeling The relevant OPC UA standards and TSN standards for industrial use have been already finalized and the few unpublished ones will be published in the first half of 2018. The standards have already been implemented and tested in international test beds like the IIC by numerous international market players with amazing results. At present, the major chip makers are crafting their offers for connectivity in field devices in order to even match with the costs of today’s offerings soon. For single port devices standard Ethernet NICs can be used, hence there is no cost discussion anyway. For two-port devices, marginal HW costs are expected, as TSN will become an integral part of any competitive industrial SoC in the near future. Hence, OPC UA TSN will become a commodity just like CAN used to be. D. Bruckner, B&R Automation; R. Blair, Schneider Electric; M-P. Stanica, ABB Automation Products; A. Ademaj, TTTech; W. Skeffington, General Electric Company; D. Kutscher, Huawei Technologies; S. Schriegel, Fraunhofer IOSB-INA; R. Wilmes, Phoenix Contact Electronics; K. Wachswender, Intel Corporation; L. Leurs, Bosch Rexroth; M. Seewald, Cisco Systems; R. Hummen, Hirschmann Automation and Control; E-C. Liu, Moxa; and S. Ravikumarx, Kalycito Infotech.
Industrial Ethernet Book 105
To see the actual publication please follow the link above