Automation industry veterans are IoT pioneers and didn’t know it!

Keith Blodorn, Director of Program Management at ProSoft Technology advises what to consider when starting your industrial internet of things journey

Do you consider yourself an Internet of Things Engineer? You should! Think about what the Internet of Things really means. According to Wikipedia, the Internet of Things “is the network of physical objects or ‘things’ embedded with electronics, software, sensors, and connectivity to enable objects to exchange data with the manufacturer, operator and/or other connected devices…” As an automation industry veteran, that sounds really familiar. We have been connecting intelligent devices to control networks for decades. We’re pioneers!

Acoustic coupler!

Acoustic coupler!

So, then, what’s all the fuss about? Looking through automation-oriented magazines and websites, the Internet of Things seems to be all anyone talks about. In the industrial world people call it the “Industrial Internet of Things” or “Industry 4.0” or any number of other names. But fundamentally, what is so different between this new-fangled buzzword and connecting a motor overload relay to a plant communications network like we were doing twenty years ago?

On one hand, these are basically the same idea. The Industrial Internet of Things (IIoT) is about intelligent devices like overloads, photo eyes, variable frequency drives, or PLCs providing data that we use to make our processes more efficient. IIoT is a name for a trend that has been going on in manufacturing and process control for years – remember “shop floor to top floor”? IIoT is about gathering more data from more intelligent things, and using powerful analytical tools to find and eliminate waste.

Remote Monitoring and Equipment Access
I know, we’ve been connecting to PLCs remotely for as long as most of us can remember! In the old days, remote access meant installing a serial modem connected to a dedicated phone line, so the machines we made remote access-capable were limited to the most critical operations.

What’s changed in the IIoT world is the proliferation of wireless connectivity, especially cellular networks and wireless LAN. By some estimates, 85 percent of the world’s population will be covered by high-speed cellular data networks by 2017. This has had several effects that change how we should approach remote access and equipment monitoring. First, it’s becoming feasible to gather a LOT more data from remote machines. Since 2008, the average cost per MB of cellular data has dropped 98 percent, from $0.46 per MB to just $0.01 per MB. Now, all that data that we used to deem not important enough to transmit can be made available from our remote sites.

Second, as consumer demand has driven rapid development of Internet- based user interfaces, these same technologies are making remote access to industrial equipment, and especially to process data, more accessible for more people throughout the organization.

Finally, machine builders and control engineers responsible for widely dispersed global operations can build reliable connectivity into their systems without the need for custom infrastructure and integration at the end site. Cellular technology that works on networks worldwide allows these engineers to design their system around a standard remote connection, and reasonably expect that connection to work wherever the machine ends up. For mobile equipment, access is available just about anywhere the equipment goes.

Machine and Process Control
IIoT technology is not just about cellular connections to remote machines. We are seeing new networking approaches to the old requirements of connecting sensors, operator interfaces, controllers and ERP systems that take advantage of the networking technology of today’s Internet. Major automation vendors like Rockwell Automation® and Schneider Electric® have been offering industrial Ethernet connectivity for PLCs and related devices for more than a decade. Industrial Ethernet protocols like ODVA’s EtherNet/IP provide the kind of performance required for automation systems, while also enabling interoperability with the massive Internet Protocol-based network infrastructure found in virtually every organization.

In many industrial applications, moving equipment presents a major challenge for communication to the sensors, actuators, and controls on that equipment. Many products exist to try to solve this problem, from slip rings to flexible cable trays to festoons.

However, these hard-wired solutions add cost and complexity while increasing the maintenance requirements for the machine. Meanwhile, we roam around our offices and homes with continuous connection to the Internet – no festoons in sight! Today’s automation engineers are taking advantage of the Internet Protocol-based industrial technologies to design more reliable networks for moving equipment.

Asset Mobility
One area of automation where IIoT technology is creating new opportunities involves taking the network connection anywhere in the plant. Old systems offered only so many places to “plug in.” Operators had to run the machine from one place – the operator panel. Maintenance had to jot down measurements and observations to enter into the maintenance management system when they got back to the shop. Control engineers could only program PLCs by plugging into the PLC, or to the PLC’s physical network through a proprietary adapter.

In a world where I can set my home thermostat while walking through an airport, we don’t have to live like this! Automation systems are now benefiting from the same “network everywhere” mindset as our home and office environment.

Things to Consider

Keith Blodorn - the author

Keith Blodorn – the author

The Industrial Internet of Things opens up some interesting new possibilities for automation, so you should begin planning how you can get your system “IIoT Ready.” The good news is that you likely have many pieces in place already – intelligent field devices, industrial networks, perhaps even some Internet Protocol-based infrastructure. Here is some food for thought as you consider how your system can fit into this new world of connected machines.

• Network Migration – While many of your field devices are likely already on a network, it is probably not an Internet Protocol-based network. Not to worry! As you see the need to move device data up to higher-level systems, you won’t need to scrap that tried-and-true device network. Gateway devices and in-rack protocol interfaces in your controller allow you to easily connect those older networks to the IP-based applications that need that device data. Serving up data from smart devices adds value to your operation, but it doesn’t necessarily require changing everything that is already there.

• Cybersecurity – While the interoperability of the IIoT brings great benefits, it also opens up new risks that we need to address. In reality, many automation systems are already “connected,” so cybersecurity should already be on your mind. It is important to understand what equipment can be accessed by whom, what connections are necessary and not necessary, and how data that’s transmitted outside the boundaries of your organization’s network is protected.

• Start Small – Vendors everywhere have grand visions for what the IIoT can do for manufacturers. But remember, you don’t need to dive in head first to get benefits from IIoT. Look for applications in your industry that make sense, and give them a try. One of the best parts of the IIoT concept is its scalability – Internet-based applications can just as easily serve one deployment as one million. Pick an interesting application, and run a pilot in a small area. There’s no better way to learn about a new technology than by giving it a go.

• Get Help – Most importantly, work with vendors you can trust. When it comes to industrial networking, ProSoft Technology® has been helping engineers get different equipment all talking the same language for more than 25 years. We can help you navigate your IIoT course, from connecting older Modbus® and PROFIBUS® networks to enabling remote equipment connectivity via cellular networks. When you’re ready to start the next phase of your IIoT journey, we’re here to help make it happen!

“Were you made for me?” – Choosing the right connector spec.


Connectors come in all shapes and sizes depending on environment and application. There are literally thousands of options, sometimes for the same job. Inevitably, this can cause a lot of confusion. To make sure you find the best product for every job, there are a few questions you might want to ask yourself before making a purchase. Here Amy Wells, business development manager at Electroustic poses the questions you need to be asking when specifying a connector.

ELE060First things first, size matters. Do you know the physical size of the connector you need, or are you limited in space and height by the job? Hundreds of connectors are used in wire looms; perhaps even thousands if these are part of an automated manufacturing line. In each case, the requisite space needs to be analysed and the correct connector specifications chosen. Sounds simple, but you’d be surprised how often people come a cropper. 

The next question you need to be asking yourself is how many poles the connector needs.

Different applications require connectors with different poles. Future-proofing your choice can be a good idea, especially for a new product. So it’s worth considering whether you should go for more poles than originally required.

Do you know how many mating cycles the connector needs be able to make? Despite what you might think, mating cycles refer to the number of connection or disconnection operations the connector can withstand, while still meeting the specifications for maximum resistance and pull force. Every connector has an expected number of cycles before efficiency is compromised and the connector needs replacing.

This brings us nicely onto the proper protection. Connectors may be susceptible to ingress of foreign materials, such as moisture or dust. Connector protection is provided by the housing and the seal. The IP standard rating system defines the degree of protection provided. The first digit defines the protection against the ingress of dust particles; the second digit defines the protection against the ingress of water. Choosing the right connector for the job is key.

One of the most important factors is knowing what applications and environment a connector will be operating in – we can’t stress that enough. Electromagnetic radiation can interfere with electrical equipment. In applications where electromagnetic radiation is likely to be higher than usual or where operations are critical, connectors need to have electromagnetic fields (EMF) shielding.

Similarly, connectors used in explosive environments must be ATEX certified and components used in military applications need to have Mil-Spec to ensure the highest levels of performance. 

Furthermore, connectors in particularly harsh environments – like those in the oil and gas industry – need to be up for the job at hand. Knowing the minimum and maximum operating temperature is essential for specifying a rugged connector that meets the temperature range set by the application.

It’s not just the connector’s specs you have to be aware of when planning a job. Lead times from manufacturer to supplier can be lengthy, running from anywhere between four to sixteen weeks. It’s no good specifying a part that has a typical 16 week lead time if it will hold up the production process. To combat this potential issue, a good distributor will always hold a substantial amount of stock on the shelf.

Speaking of distributors, they will also be able to advise you on cost effectiveness.  When crafting wire looms, connectors are ordered in bulk, with the resultant savings passed on to the customer. However, if you need just one connector – perhaps if it’s a specialist part – you won’t be quite as lucky. A good working relationship with an experienced distributor can result in alternatives being sourced for a fraction of the price.  

Finally, as any lifestyle magazine will tell you, compatibility is paramount. If you’re retrofitting new connectors to old or simply mating two together in a loom, they need to be intermateable. If not, you risk damage to the system and or data/power loss.

The road to Wireless – which wireless standard suits you best?


WiFi, Bluetooth or Zigbee? Tom McKinney of HMS Industrial Networks offers a review of the available short range wireless standards for industrial applications.

Tom McKinney, Business Development Manager at HMS Industrial Networks

Tom McKinney, Business Development Manager at HMS Industrial Networks

Recently the buzz around Industrial IoT has grown to a deafening roar. The market for IIoT devices is projected to grow exponentially over the next several years as businesses start to capture more data regarding their operations. That data will be used to monitor and optimize processes, and as companies learn to use the data they capture to improve processes, the result will be increased productivity. Beyond internal productivity, this data may lead to improved company-to-company operations benefiting both the producer and the customer.

Multiple technology advancements have converged to make large-scale Industrial IIoT deployments possible. These advancements include reduced cost of data storage, lower power RF solutions and higher levels of network accessibility. Another important enabler for Industrial IoT is wireless standardization.

Wireless is nothing new
Wireless networks have been used for over 30 years in the industrial market. In the past, these networks were typically sub 1GHz proprietary systems. The solutions used simple modulation techniques like amplitude-shift keying (ASK) or frequency-shift keying (FSK). Radios that supported these types of modulation could be created easily with a handful of discrete parts. The drawback of these solutions were a complete lack of security and limited bandwidth.

Over the last twenty years, several standards have been developed to define robust radio solutions. The most recent standards are secure enough for broad deployment. In addition, several new free-to-use frequency bands where introduced in the 80s including the 2.4GHz and 5GHz bands. Deploying a standardized radio solution today is a cost-effective secure way to both monitor and control devices in the field or factory. Given the number of wireless standards to choose from, the question becomes which standard is the right standard to deploy.

1) WiFi
a. Pros
i. Highest Bandwidth up to 600Mbits/s with 802.11n
ii. Fixed 25 MHz or larger Channels
iii. Support for 2.4 and 5GHz channels
iv. Extensive security features
b. Cons
i. Range is lower with higher data rates and 5GHz
ii. Not a good match for battery powered sensors
2) Bluetooth/BLE
a. Pros
i. Very low power
ii. Massive deployed
iii. Very good performance in congested or noisy wireless environments
iv. Ease of use, no frequency planning or site map requirements
b. Cons
i. Max data rate of 2Mbits/s
ii. No automated roaming standard
3) Zigbee
a. Pros
i. Very low power
ii. Fixed channels between WiFi channels in 2.4 GHz band
iii. Support for sub 1GHz bands
b. Cons
i. Complicated mesh network
ii. Max bandwidth of 250Kbits/s

So let´s take a look at the three most common wireless standards deployed in the 2.4GHz band: Bluetooth, WiFi and Zigbee.

WiFi or IEEE 802.11a/b/g/n is the widest deployed consumer and enterprise wireless TCP/IP network solution. WiFi is short for Wireless Fidelity and is a standard used to identify Wireless Local Area Network (WLAN) devices. The committee managing this standard is aims to create the best possible wired TCP/IP network replacement. The committee prioritizes security and speed over all other tradeoffs. As a result, 802.11n has the highest bandwidth of any short range wireless standard. The drawback is power consumption and processing power required to effectively manage the 802.11 stack. These drawbacks created a gap in the market and several standards have emerged to address the very low power wireless market.

Bluetooth and Zigbee were both introduced to address markets not serviced well by WiFi. The Bluetooth standard addressed the needs for a low power Personal Area Network (PAN). A PAN is defined as the network that surrounds a person or a smart device. The requirements include fast association, simple human-to-machine interfaces and low power. In a PAN, multiple transmitters can be placed very close together – Bluetooth includes timing to ensure device transmitters don´t overlap. Bluetooth was also designed under the assumption it would have to co-exist with WiFi and includes a frequency hopping algorithm to ensure Bluetooth messages can get through even when multiple WiFi channels are active. Finally, because Bluetooth uses a very low power transmitter, it is less sensitive to multi-path compared to WiFi. As a result, Bluetooth can be deployed successfully without extensive RF site reviews and planning. The system is very resistant to noise and interference.

Zigbee is based on IEEE 802.15.4 which is a general-purpose, low-power wireless radio standard that allows different protocols to be built on top of the standard radio. Zigbee set out to support low power sensor networks capable of covering a large area. Zigbee uses meshing networking and a very aggressive power profile to meet the needs of this niche market. Zigbee´s protocol is designed for quick turn-on and turn-off, thereby saving power. Several other protocols have been built on top of 802.15.4 including ISA100, WirelessHART and 6LoWPAN.

Bluetooth Low Energy
Bluetooth Low Energy (BLE) was introduced as an update to the Bluetooth standard. Leveraging some of the techniques used in 802.15.4, BLE was able to achieve even lower power points when compared to Zigbee and support many of the features originally created by the Zigbee standards effort.

Selecting the standard for you
So which standard is the right standard to deploy? That depends on the system requirements. In summary, WiFi has the highest bandwidth and most comprehensive stack but Bluetooth, BLE and Zigbee offer features ideal for particular applications. For example, if monitoring battery-powered sensors over a very large area, Zigbee would be the ideal standard. Bluetooth/BLE works well as a cable replacement point-to-point technology or for monitoring sensors over a smaller area. BLE has a huge installed base of tablets and phones making it an excellent choice for human-to-machine interfaces.

Although technology standards may vary, there is no doubt that more and more applications will be wirelessly connected in the near future. With the advent of Industrial IoT, billions of devices will need to hook up to the Internet, and many of these connections will undoubtedly be wireless.

It’s not a Cable, It’s an Antenna!

Keith Blodorn of ProSoft Technology, tells us there are several conditions in industrial communication systems where using a radiating cable as an antenna offers major benefits.

Why would someone want a cable that acts like an antenna? After all, much research and development has gone into improving cable shields precisely to prevent this! As it turns out, there are several conditions in industrial communication systems where using a radiating cable as an antenna offers major benefits. The most common cases are for communicating to equipment moving along a track, replacing slip rings in rotating equipment, and providing a clear RF signal where obstructions or plant-floor layout prevent a clear “Line-of-Sight” to transmit from a traditional antenna.

What is a Radiating Cable?
Kabel_radiating_thick.jpg_ico500A radiating cable is a long, flexible antenna with slots to radiate RF signals that can be installed around corners, along monorail systems and through tunnels to propagate wireless data signals in situations that are tough or impossible for traditional antennas. Since the radiating cable antenna can be mounted within inches of where the signal needs to be received, it isolates the wireless signal from going to other machines that may be on the plant floor. And, the cable comes in multiple lengths to meet the needs of most applications.

In a typical coaxial cable, a metallic shield wrapped around the cable isolates the signals transmitted on the cable from the electromagnetic waves in the air around the cable. This helps to maintain a strong signal on the cable, and prevents that signal from creating interference with radio frequency (RF) equipment nearby. Without the shield, the cable would act like an antenna, transmitting the signal it carries into the air, and receiving radio waves from other RF devices. For those who remember analog cable TV, we experienced this phenomenon when we saw “ghost” images on certain channels. Instead of just receiving the video signal sent from the cable company along the coaxial cable, we were also receiving that channel’s over-the-air broadcast of the same video signal as picked up by the coaxial cable working like an antenna. This was an unintentional use of radiating cable, and produced undesirable results.

The same principle that gave us blurry television pictures back then is used to make a cable that intentionally radiates signals. This is called a radiating cable, or leaky feeder cable. The difference between radiating cable and poorly shielded TV cables is that the shield on a radiating cable is designed with exacting slots that allow for the transmission of signals at a specific frequency. In this way, these cables are tuned to the RF equipment to which they are connected. The cable’s shield still works to block unwanted RF, but will allow signals of the correct frequency to emit from, and be received by the cable inside. That makes a radiating cable act just like an antenna.

Placing RF Signals Precisely in Crowded Plants
Another benefit of using radiating cables comes from the ability to place RF power very precisely. The use of wireless communication equipment in factories is growing rapidly, which means that factory floors are becoming crowded with radio waves on all the common frequencies. For machine builders who need to use wireless, this creates a real problem. With a radiating cable solution, new machines can co-exist within the crowded plant RF space without adding to the cacophony. This is because radiating cable emits RF in one direction, and only needs as much power as it takes to link with another antenna at a relatively fixed distance. While the plant’s general wi-fi network is screaming to everyone who will listen, the equipment on the new machine can operate at a whisper.

This benefit is especially important in rotating machinery which traditionally used slip rings to conduct communication signals from I/O on the moving part of the machine to a controller on the fixed part. Slip rings are expensive to install, require regular maintenance, and even still suffer from poor communication speeds due to noise on the rings and in the pick-ups that ride on the rings. Traditional wireless solutions can work, but often the motion of the machine will obstruct the wireless link, requiring higher gain antennas that result in greater RF “noise pollution.” Radiating cable is used in these applications to provide a clear, consistent path to the rotating antenna, without interfering with other nearby wireless systems.

Radiating cable also benefits from its inherent flexibility. Since it is a cable, it can follow almost any path to provide wireless signal in places where antennas just can reach. One of the early applications for radiating cable was to enable two-way radio connectivity for emergency workers inside highway and rail tunnels. In the industrial setting, there are many hard-to-reach places, whether those are actual tunnels or “RF tunnels” created by obstructions. An example of that would be a warehouse, where the metal racks and merchandise on those racks can cause obstruction and reflection issues for a traditional antenna. Radiating cable can be installed along the aisle ways to provide a strong signal just where it’s needed.

For certain industrial communication challenges, radiating cable offers unique advantages. Radiating cable provides consistent data rates over a long distance, can be shaped to provide signal in difficult-to-reach environments, and reduces plant RF congestion by constraining its RF signal to the exact area where it’s needed. These benefits are especially valuable in applications where machines move along a pre-defined path, where the terrain of a facility is particularly difficult to reach with broad coverage, and where signals on rotating equipment are otherwise transmitted through slip rings. Care must be taken in selecting and installing the components of a radiating cable solution. However, with a bit of preparation and advice from an experienced industrial RF vendor, a radiating cable system can provide trouble-free communications for your toughest applications.

• ProSoft Technology® designs industrial communication solutions that connect automation products seamlessly. ProSoft Technology is a highly diversified, customer intimate, global organization with a focus on quality and ease-of-use. Their products include in-chassis communication modules for PLC/PAC controllers, standalone protocol gateways, and a wide range of robust, field-proven wireless solutions. These are found in applications spanning the industrial marketplace.

Upgrade from the horse and buggy!

From this...

From this…

It takes years of practice, driver training and numerous rules & regulations to safely drive a car on a highway. We need similar experience and rules to safely travel the Internet highway.

Heavy traffic is expected ahead!
What needs to be done to make sure that Internet cruisers don’t crash and burn? There are many signposts on the internet highway that need to be learned and mastered. It is easy to get lost, easy to get into a serious accident where your personal data is stolen and compromised. this - without accident? this – without accident?

A new whitepaper from Green Peak talks all about international web regulations and government policies, internet privacy and data security, data ownership, and safely avoiding the wrong way drivers and other hazards.

When compared to our highway system – the learned knowledge of how we should travel on the internet highway, relatively, we are still in the horse and buggy days.

Download the whitepaper from the Green Peak site (pdf)

Does Industry know its I from its T?

Industry IT security shortfalls persist!

A recent survey conducted by Electroustic revealed industry’s unsustainable approach to information security. The survey showed a pressing lack of information about the most common security risks in an age where industrial internet and remote data access are steadily being implemented on the factory floor. An impressive 34 per cent of respondents said their companies don’t have an information security policy.

The survey identified hacking as the biggest security concern – with 31 per cent of respondents worried about it – followed by human error (17 per cent) and cloud computing (11 per cent).

While it’s true that most security breaches are caused by outsider attacks, these often come in the form of malicious software and can easily be averted with the correct staff training and appropriate infrastructure.

tofino“The huge range of available IT security products for industry is a double-edged sword for many companies,” explains Paul Carr, managing director and owner of Electroustic. “Although there are a lot of options to choose from, inexperienced companies can easily end up spending a fortune on IT security systems that might not be appropriate for their specific needs.

“In terms of network security, establishing multi-layered defences using industrial firewalls, like Tofino’s Xenon (pictured), is crucial. A reliable industrial firewall should be easy to implement and manage, while also being versatile and rugged. A good IT security system should ensure a company meets and exceeds NERC CIP (North American Electric Reliability Corporation Critical Infrastructure Protection) requirements and ISA/IEC-62443 Standards.”

User education and awareness are two additional points in the Electroustic survey where respondents didn’t fair particularly well, which suggests industrial companies need to do more to tackle the problem.

User security policies describing best practice when using a company’s Information and Communication Technologies (ICT) systems should be formally acknowledged in employment terms and conditions. Additionally, IT induction programmes should be complemented with regular training on the cyber risks faced as employees and individuals.

The latest industry trends, including industrial internet, remote data access and Industry 4.0 are drastically changing the industry landscape and the skills employees are expected to bring to the table. Companies need to do more to prevent and address IT security breaches and the best way to do so is by training staff, implementing reliable industrial security solutions and keeping up to date with the latest industry developments.

• For companies just starting on the road to industry security, the latest version of the British government’s 10 Steps to Cyber Security guide is available on the GCHQ website.

Securing automation systems – a step by step approach


Prof. Dr. Frithjof Klasen, the writer of this presentation, is a member of the Managing Board of the PROFIBUS Nutzerorganisation e.V. (PNO), Director of the Institute for Automation & Industrial IT (AIT) at FH Köln, and Director of AIT Solutions GmbH in Gummersbach.

Prof. Dr. Frithjof Klasen

Prof. Dr. Frithjof Klasen

The big problem when it comes to security for automation systems: there are no simple solutions.

A system is only safe if the threats are known. Typical security threats in production include infection by malware, unauthorized use (both intentional and unintentional), manipulation of data, espionage and related know-how loss, and denial of service. The consequences can be loss of production, reduced product quality, and endangerment of humans and machines.

In order to evaluate threats, the properties and possible weak points of devices and systems must be known. After all, a property that is useful from the automation perspective – for example, the ability for a programming device to access a controller without authentication – is seen as a possible weak point from the security perspective. It is necessary to distinguish these weak points in order to assess risks, develop security solutions, and take appropriate measures:

  • Weak points that arise due to incorrect implementation (for example, faulty device behavior).
  • Conceptually planned and accepted properties. These include all features that can also be exploited for attack purposes. An example here would be an integrated web server in an automation device.
  • Weak points that are caused by organizational measures or lack thereof.

Field devices not only contain communication technologies for transmission of process signals (real-time communication) but also standard IT technologies, such as FTP services. In addition, field devices also operate as network infrastructure components (switches) and therefore have services and protocols that are needed for network management and diagnostic purposes. The fact of the matter is that most communication protocols at the field level have no integrated security mechanisms. Devices and data are not authenticated and, consequently, within the scope of a possible attack, systems at the field level can be expanded at will and communications can be imported. Even the transferring of PLC programs often takes place without use of security measures such as user authentication and integrity protection.

There is no panacea

Ideally, users would like to have a tool, certification, or system that promises them long-term security. The difficulty, however, is that such solutions don’t provide lasting security. In order to develop secure systems, users must not only implement technical measures but also conceptual and organizational measures. And everyone will know from their own experience that processes can be implemented in technologies much faster than in the minds of people.

However, conceptual and organizational weak points can be more easily overcome when they are described in guideline documents. For example, PI developed a Security Guideline for PROFINET in 2006 and published a completely revised version of this guideline at the end of 2013. This guideline specifies ideas and concepts on how security solutions can be implemented and which security solutions should be implemented. The subject of risk analysis is covered, for example. This analysis estimates the probability of a damage event and its possible consequences, based on protection goals, weak points, and possible threats. Only on the basis of an analysis of this type can appropriate security measures be derived that are also economically feasible. A series of proven best practices are also given, such as the cell protection concept.

Making devices more secure
Another measure concerns the device security. After all, robust devices are the basis for stable processes and systems. They are a basic prerequisite for security in automation. Weak points due to incorrect implementation can be eliminated only through appropriate quality assurance measures and certifications. In large networks, system availability matters the most. To achieve this, devices must respond reliably to various network load scenarios. In systems with many devices, an unintended elevated broadcast load can occur on the network during commissioning, for example, when the master attempts repeatedly to access all devices even though only a few devices are connected. The available devices must be able to handle this abnormal load. It is difficult for operators to predict such scenarios since the probability of a high data volume is dependent on the system. The reason is that the data traffic is determined by cyclic and acyclic data exchange as well as the event-driven data volume.

With the help of the Security Level 1 Tester developed by PI for certification of PROFINET devices and free-of-charge to member companies, such network load scenarios up to and including denial of service can be simulated already in advance. The field devices are tested under stress conditions to simulate an unpredictable load and, thus, to reduce device failures. Uniform test specifications have been defined for this, which can be systematically applied by the test tool. In addition, various network load-related scenarios have been developed that take into account various frame types and sizes as well as the repetition period and number of frames per unit of time, among other things. The network load-related test is already being required by various end users such as the automotive industry. This test is already integrated in the device certification testing according to the latest PROFINET 2.3 specification and must therefore be passed in order for a device to be certified. Users that purchase such a certified device can rely on having a correspondingly robust device.

By no means are all problems solved
Only those who know their devices can protect them. Still, not all manufacturers provide comprehensive information about the utilized protocols and services and communication properties of their devices. Another problem: in spite of security, users must still be able to handle and operate systems. No maintenance technician wants to be looking for a certification key for a failed device at 2 AM in order to bring a system back online. Future-oriented concepts therefore master the tightrope walk between usability and security.

Securing_Automation_Systems• PI has been dealing with the issue of security for years. For example, one PI Working Group is concentrating continuously on security concepts. A product of this is the PROFINET Security Guideline, which can also be downloaded free of charge by non-members. Moreover, further development of the Security Level 1 Tester is being advanced here. In so doing, it is important to all participants that the described and recommended procedures are sustainable and practicable and ultimately also accepted by users. Only in this way can protection concepts be truly successful.