Come together

Integration of plant-floor, building, physical security, and enterprise network means more changes for unathorized access and more need for intelligent security, cooperation, and training.

1 of 4 < 1 | 2 | 3 | 4 View on one page

By Jim Montague, Executive Editor

It had to happen eventually. Driven by potential efficiencies and savings, the evolution from point-to-point hardwiring to twisted-pair fieldbuses and onward to Ethernet, Internet and wireless keeps pushing inexorably outward to seek links and integrate with other networks. At the same time, progressively more sophisticated components, starting with relays and solenoids, followed by PLCs and board-level PCs, and on to Ethernet gateways and switches, continually reshapes plant-floor networks to become more similar to their corporate/environmental/information technology (IT)-governed counterparts.

However, there are just a few more wrinkles to work out.

There are two typical scenarios that demonstrate how plant-floor and corporate-IT networks are becoming more integrated. First, more plant-floor components of all types are being built with Internet Protocol (IP) addresses and other capabilities for linking to other networks, which put them under the jurisdiction of corporate IT departments and managers. Second, some corporate/physical backbones, especially Ethernet-enabled networks, occasionally are extending a few lines beyond their usual deployment, and reaching down to monitor some production functions, rather than replicating another Ethernet network just for the plant floor.

Both of these examples show how formerly separate networks are overlapping, and taking the first steps to overall integration. However, to gain the benefits and minimize the risks of network unification and simplification, users must teach their plant-floor engineers and IT staffs to cooperate, implement some essential security infrastructures, and train these staffs to use and maintain them.

“Before 9/11, security meant I was concerned about keeping valuable tools from walking out of the plant,” says Bill Lessig, plant manager at Honeywell Specialty Materials’ 1,900-acre facility in Geismar, La., which recently integrated its process control and physical security systems. “Now, my security concerns have shifted to thinking about threats from external sources, assuring business continuity, minimizing impacts in the event of an attack, and making sure the surrounding community is safe."

As your network links grow, your problems grow. “Everyone is running into these same issues,” says Bob Huba, DeltaV System Security product manager at Emerson Process Management. “The tendency is to think of requests for links to plant networks and their data as just another IT job, but there’s often a lack of knowledge between the corporate local area network (LAN) and physical control of manufacturing assets. IT departments like to lay their procedures onto plants, but they need to grasp the differences between the process control system and the business level. Each side is listening and learning the other’s issues, but it’s still a little painful.”

Huba reports one of Emerson’s chemical plant customers recently outsourced its IT management internationally, and then found its process controllers couldn’t talk to its network devices through its HMI when their firewall was disabled remotely. He says several misconfigured switches were slowing the network, but it took a week to get through the IT firm’s management layers to secure the required passwords and permissions. Huba adds that another client had a network router that kept failing and refusing to pass data, and that an investigation revealed that a remote IT person was reconfiguring it repeatedly to meet corporate standards from which the router was supposed to be exempt.

Job Descriptions Merging
“In energy management, for instance, most facilities previously had monolithic systems separated by job title for power, HVAC, lighting, elevators, security, and life/fire safety, and each had its own PCs and interfaces,” says Barry Haaser, senior director of Echelon’s LonWorks infrastructure business. "Software changed these industries, and allowed device functions to increase and reliance on separate PCs to decrease. We’ve ended up with peer-to-peer networks that can talk to each other like they do on the plant-floor, and we now have whole buildings that are programmable and driven by software. The true benefit of this is that we can instruct these systems, for example, to lower temperature 2 ºC in occupied area at times when electrical costs are twice normal.”  

In fact, Shaoguan Iron and Steel Group recently implemented a LonWorks network to more accurately measure and manage energy consumption in real-time at its 10-square-kilometer plant, and reduced its operating costs 10%. Now, data from the plant’s energy and control devices is integrated with its manufacturing execution system (MES) to help it identify best-case use scenarios for energy consumption and production. Located in Guangdong, Shaoguan produces 5 million tons of steel per year. 

1 of 4 < 1 | 2 | 3 | 4 View on one page
Show Comments
Hide Comments

Join the discussion

We welcome your thoughtful comments.
All comments will display your user name.

Want to participate in the discussion?

Register for free

Log in for complete access.


No one has commented on this page yet.

RSS feed for comments on this page | RSS feed for all comments