11/12/2012
Staying Connected –
Why Network
Management Matters
Standards
Ian Verhappen P. Eng. CAP, ISA Fellow
Brian Cunningham, Applications Engineer
Certification
Education & Training
Publishing
Conferences & Exhibits
About the Presenter – Ian Verhappen
• P.Eng. ISA Fellow, ISA CAP
• Former Chairman FF EUAC (2001-2006)
– Working with FF technology since 1995
– Project Manager HSE RIO project for Fieldbus
Foundation
• 20 years in the oil sands industry
• Former Director Industrial Networks for MTL Instruments
– Now part of Cooper Crouse Hinds
• Past Vice-President ISA Standards & Practices Dept. and
Strategic Planning Dept.
• Chair of Canada’s IEC 65 Committees
• Author of ISA’s popular Foundation Fieldbus book
ISA / Cooper Bussmann Webinar
November 12, 2012
1
11/12/2012
Presenter Background
 Brian Cunningham
 Cooper Bussmann Wireless Business Unit – Applications
Engineer
 13 Years with Bussmann/OMNEX Control Systems
 21 Years in Process Automation field
 Variety of positions – Product Manager, Distribution
Manager, SCADA Channel Manager, etc.
 Currently in Training/Support role – it’s where the ‘rubber
hits the road’ – I make everything work~! On site if
required.
 Graduate of the Electrical Engineering Program at BCIT,
Specialty in Process Automation and Instrumentation
3
Topics to be covered today
• Why network management is critical.
• What was done in the past.
• What did it cost users in the past (to not have this
knowledge).
• How did they deal with it in the past.
• New diagnostic tools available.
• What these new preventative tools
provide.
• Benefits for plant reliability and
operations.
• What is the bottom line at the end of
the day?
ISA / Cooper Bussmann Webinar
November 12, 2012
2
11/12/2012
Why Network
Management
ISA / Cooper Bussmann Webinar
November 12, 2012
Why Network Management?
 Increased network size
 Increase in number of wireless devices
 Multiple subnets to support
 Increased network complexity
 Wireless and LAN equipment
 Heterogeneous equipment and wireless technology
 Equipment from multiple vendors
 Increased number of remote locations
 Repeater site loss can cut access to many remotes
 Increasing operating cost
 Driving time – some radio links can be 50 miles
 Automatic versus human effort
 Most sites do not monitor quality of signal – only fix when broken
Cut Costs, Save Labor, Increase Reliability
6
3
11/12/2012
Network Deliverables
• Questions to be answered
– (Needs not wants)
– What data speed and response time is needed?
– Definition of Real Time Data
– What distance / environment between nodes?
– Repeaters
–
–
–
–
–
Appropriate Power Supply
Low Price
Minimum Licensing Effort (wireless)
What security is neccesary?
What type of data?
– (can it be gatewayed)
ISA / Cooper Bussmann Webinar
November 12, 2012
Real Time is Relative
• What is real time reporting
–
–
–
–
Meteorology
Process Control
Crane Control
Machine Control
Hours
Seconds
1/10 s
ms
ISA / Cooper Bussmann Webinar
November 12, 2012
4
11/12/2012
How far is far enough?
• What is enough range
–
–
–
–
–
Enviromental
Water
Process Plant
Automation
IT Networking
100
10
1
100
10
km
km
km
m
m
ISA / Cooper Bussmann Webinar
November 12, 2012
Keeping it going - Reliable Power
• Less Radio Power = Less Energy Needed
• Appropriate Power Supply
– Enviromental
– Automation
– Process Sensors
Solar / Wind
24V AC / DC
Batteries / Harvesting
ISA / Cooper Bussmann Webinar
November 12, 2012
5
11/12/2012
Building a System
• Match the hardware to the problem definition
– Bandwidth
– Based on expected traffic
– Data only
– Video
– Distance
– Fiber
– Copper
– Wireless
– Security
– Firewalls
– Switches / Routers
– Environment
– General Purpose / Zone 2
ISA / Cooper Bussmann Webinar
November 12, 2012
No Message = No Control
DCS
FIC-1
PID
Field
• If any link is broken
then it is impossible
to complete control
because the control
loop is no longer a
loop.
FT-1
AI
FCV-1
AO
ISA / Cooper Bussmann Webinar
November 12, 2012
6
11/12/2012
Why physical layer diagnostics are
needed
• The physical layer is critical!
– Failure can result in loss of production or plant
• Need to maximize plant availability
– Identify problems before process is impacted
– Reduce troubleshooting time
ISA / Cooper Bussmann Webinar
November 12, 2012
Ethernet & OSI Model
User Layer
7. Application
6. Presentation
HTTP
FTP
Telnet
SMTP
DNS
SNMP
5. Session
4. Transport
TCP
UDP
ICMP
3.Network
IP
ARP
2. Data Link
Ethernet
Copper
Fiber
PPP/SLIP
Wireless
1. Physical
ISA / Cooper Bussmann Webinar
Serial Comms
Ethernet Transmission Media
November 12, 2012
7
11/12/2012
What was done in the
past?
ISA / Cooper Bussmann Webinar
November 12, 2012
Job Security in Acronyms
• IP – Internet Protocol
– Layer 2 protocol
• Layer 3
• TCP – Transmission
Control Protocol
– Handshake protocol
• UDP – User Datagram
Protocol
• Layer 7
• HTTP – Hypertext
Transmission Protocol
• FTP – File Transfer
Protocol
• SNMP – Simple Network
Manager Protocol
– Transmit only protocol
Lots of Protocols which are just different “ways” of
insuring that different types of messages are able to get
from “A” to “B”
ISA / Cooper Bussmann Webinar
November 12, 2012
8
11/12/2012
Simple Network Management Protocol
(SNMP)
• Used in network management systems to monitor
network-attached devices for conditions that warrant
administrative attention. SNMP is a
• Component of the Internet Protocol Suite
– Defined by the Internet Engineering Task Force (IETF).
– Consists of a set of standards for network management,
including
– Application layer protocol
– Database schema
– Set of data objects
• SNMP exposes management data in the form of
variables on the managed systems, which describe the
system configuration. These variables can then be
queried (and sometimes set) by managing applications.
ISA / Cooper Bussmann Webinar
November 12, 2012
TCP/IP Utilities - Ping
• Uses ICMP to forward an Echo Request to the
destination address
• Destination replies ICMP Echo Reply message
• Powerful diagnostic tool
– Demonstrate connectivity between 2 hosts
– Often used by hackers to locate devices on network
ISA / Cooper Bussmann Webinar
November 12, 2012
9
11/12/2012
TCP/IP Utilities - ARP
• Address Resolution Protocol
– method for finding a host's link layer (hardware) address when
only its Internet Layer (IP) or some other Network Layer address
is known.
– not an IP-only or Ethernet-only protocol
• The following is the packet structure used for ARP
requests and replies.
ISA / Cooper Bussmann Webinar
November 12, 2012
TCP/IP Utilities - Netstat
• Network statistics
• Command line tool that displays network connections
– both incoming and outgoing
– routing tables
– network interface statistics.
• Available on Unix, and Windows
• It is used for finding problems in the network and to
determine the amount of traffic on the network as a
performance measurement
ISA / Cooper Bussmann Webinar
November 12, 2012
10
11/12/2012
TCP/IP Utilities
NBTSTAT
HOSTS File
• Protocol statistics and current
TCP/IP connections using
NetBIOS over TCP/IP
• Resolves the mapping of
a “name” to an IP
Address
ISA / Cooper Bussmann Webinar
November 12, 2012
TCP/IP Configuration Utilities
IPConfig
WinIPCFG
• Shows TCP/IP
configuration present in
the host
• WINdowsIP
ConFiGuration
• Same information and
functions as IPCONFIG
but in Windows
compatible format
– Host’s IP Address
– Subnet mask
– Default gateway
• Interface with DHCP to
renew leased IP
addresses
ISA / Cooper Bussmann Webinar
November 12, 2012
11
11/12/2012
TCP/IP Routing Utilities
TraceRT
Route
• Used to trace a specific
TCP/IP communications
path
• Enable manual
configuration of Routing
tables on TCP/IP hosts
• Typical use is for secure
network deployment
where specific route
between 2 points must be
used.
– Traceroute in Unix
– Tracert in Windows
• Shows all connections
between one point and
another
ISA / Cooper Bussmann Webinar
November 12, 2012
Traditional Control Signals
• Current / Voltage to transmit signal
– HART Communications superimposed over analog current
• Ground loops
– Difficult to detect but introduce errors and “noise”
ISA / Cooper Bussmann Webinar
November 12, 2012
12
11/12/2012
More data, more ways
= more challenges
ISA / Cooper Bussmann Webinar
November 12, 2012
Digital Communications
Fieldbuses
Wireless
• Bidirectional
communications of PV
plus diagnostic data
• Remote configuration
• Separate infrastructure
from traditional analog
• Fieldbus without wires
• Gateways to convert from
wireless to “copper”
• Infrastructure required
– Once installed incremental
measurement can be
installed “anywhere” for low
cost
ISA / Cooper Bussmann Webinar
November 12, 2012
13
11/12/2012
Radio Users Language
Modulation
• Common methods of attaching data/voice/picture
information modulated onto carrier wave for
transmission.
Pulse modulation – sine wave turned on
and off and is rarely used – example Morse
code.
Amplitude modulation – amplitude of sine
wave changes – example picture/image
component of television, AM radio
transmissions
Frequency modulation – sine wave
frequency is adjusted marginally based
upon input signal – eg sound component
of television broadcasts, FM radio.
Message data must contact addressing schema in order
to reach destination point
ISA / Cooper Bussmann Webinar
November 12, 2012
Radio Users Language
Trade off between frequency, channel width and data
throughput:
•Higher frequencies -> allowable use of radio bands
larger
•Larger radio bands -> radio channels wider
•Bigger radio channel width -> more data
throughput but less distance
INCREASING
FREQUENCY
RADIO CHANNEL
Radio bands are comprised of
multiple channels of a given
number eg 902-928 MHz has 26
channels of 1 MHz or 1024
channels of 25Khz etc. Specific
frequencies (eg licensed) has
only one channel to work with.
RADIO BAND
Proliferation of
RF results in
governments
splitting up
spectrum into
bands of RF
signals eg 902928 MHz
CHANNEL WIDTH
Width of channel normally
regulated and wider bands
associated with higher
frequencies result in higher baud
rates of data throughput
ISA / Cooper Bussmann Webinar
November 12, 2012
14
11/12/2012
Radio Users Language
• SNR – BER
– Signal to Noise Ratio
– Bit Error Rate
ISA / Cooper Bussmann Webinar
November 12, 2012
Reliable Radio (Rules of Thumb)
•
•
•
Signal
Signal
Fade Margin = Signal to Noise Radio
> -95dB
< -45dB
> 10dB
SNR =
50dB
-45 dB
Max Signal
-75 dB
Signal
-95 dB
-120 dB
Min Signal
Noise
Reliable
SNR = 8dB
-45 dB
Max Signal
-77 dB -85 dB
Signal
Noise
-95 dB
Unreliable
Min Signal
ISA / Cooper Bussmann Webinar
November 12, 2012
15
11/12/2012
What makes radio unreliable?
• Too Many Messages, Not enough bandwidth
– Repeating and colliding (Hold off, filtering, sensitivity interferance)
– Too many changes (Sensitivity too high, debounce, Block mappings)
• Fade Margin too small
– Interferance (blocking or interferance)
– Weak signal (increase antenna hight, change position)
– Bad earthing/grounding
• Signal Too Weak
–
–
–
–
–
Water in connectors (if external should be watertight taped)
Antenna Damaged (cracked, internal connector loose, try swap)
Antenna mounting failing (position changed, antenna fallen)
Bad Earthing / Grounding
New obstruction (building added, radio position changed)
ISA / Cooper Bussmann Webinar
November 12, 2012
Wireless Options
Licensed
High radio power
50 km L-O-S
VHF, UHF
Narrow channel
Low data rate
Microwave
Wide channel
High data rate
License Free / ISM
Low radio power
Direct path
In industrial plant
2.4GHz, 5.8GHz
1-100 Mb/s, 1 km
<10 Mb/s, 50 m
869 MHz wide band
38-76 Kb/s, 5 km
76 Kb/s, 500 m
900 MHz FH
100 Kb/s , 10km
100 Kb/s, 500 m
458 MHz
10 Kb/s, 10 km
10 Kb/s, 700 m
151 MHz
5 Kb/s, 10 km
5 Kb/s, 500 m
ISA / Cooper Bussmann Webinar
November 12, 2012
16
11/12/2012
How Technology is Used
• Example of what 2.4 GHz is available
802.11
WiFi – wireless Ethernet
• Multiple 11 MHz channels
• Designed for high data rate, normally
in (commercial) applications where
distance is not important
• Generally 30 - 300mW RF power
802.15
ZigBee, Wireless HART, ISA100 – wireless sensors
• Single 5MHz channel or multiple hopping channels
• Designed for very low power consumption, battery
power
• Generally 1 - 10mW RF power
ISA / Cooper Bussmann Webinar
November 12, 2012
Plant Deployed Wireless Protocols
ISA / Cooper Bussmann Webinar
November 12, 2012
Courtesy of WINA (Invensys)
17
11/12/2012
Wireless Field Level Networks
• Different Supplier Solutions
–
–
–
–
–
–
Cooper/Bussman
Pilz
Rosemount
Vega
Honeywell
Siemens
WIB + 802.11
InduraNET
W-HART
PLICS
Leaf Nodes
Prop
FF Modbus
Interbus
HART
I/O Hart
Modbus / Prop
Profi bus / Net
• Open IEC Standards
– WirelessHART
– ISA100
ISA / Cooper Bussmann Webinar
November 12, 2012
Single Layer Solution
ISA / Cooper Bussmann Webinar
November 12, 2012
18
11/12/2012
Two Layer Solution
• Sensor Mesh + Wireless Backbone
ISA / Cooper Bussmann Webinar
November 12, 2012
2.4 GHz challenges
• Meshing to solve range problems of 2.4GHz
ISA / Cooper Bussmann Webinar
• For reliable self-healing, each
node should have direct links to
at least two other nodes
November 12, 2012
19
11/12/2012
Wireless Sensor Technologies …
Out-of-Plant Network
WiMax, GPRS
or FF Radio
802.11 or HiPower 802.15.4
Nodes
Plant-wide Network
SP100
Wireless
Sensor
Interface
Wireless I/O and
Gateways
ELPRO 802.11 –
Wireless
Sensor
Interface
ELPRO Wireless I/O and
Gateway Nodes for various
wireless sensor standards
WirelessHART
Interface Devices for Wireless
Sensor Networks
various standards
ISA / Cooper Bussmann Webinar
November 12, 2012
Price of not knowing
ISA / Cooper Bussmann Webinar
November 12, 2012
20
11/12/2012
The Great Unknown
• Uncertainty around the quality of control signals results
in:
– Greater ‘safety margin’ from operating constraint/limit
– Unplanned outage if unable to predict
– Additional capital to be prepared for single fault failure
ISA / Cooper Bussmann Webinar
November 12, 2012
NO CONNECTIONS
NO CONTROL
ISA / Cooper Bussmann Webinar
November 12, 2012
21
11/12/2012
Traditional Network
Management
Responses
ISA / Cooper Bussmann Webinar
November 12, 2012
Keeping it Running
• Network Testing Tools
– Hardware
– “Multi-meters”
– Time Domain Reflectometers
• Software Data Capture and Analysis
Tools
• Security
– Firewalls/Separation
– Tofino Security System
ISA / Cooper Bussmann Webinar
November 12, 2012
22
11/12/2012
Ethernet Diagnostic Tool
• Wireshark
– Open Source contributions of
networking experts across the
globe
– Project started in 1998
– Deep packet inspector
– Wireshark.org to download
ISA / Cooper Bussmann Webinar
November 12, 2012
Today’s Diagnostic
Tools
ISA / Cooper Bussmann Webinar
November 12, 2012
23
11/12/2012
Plant vs. Device Network Components
PC
Operator’s
Console
Ethernet
Switch
Bridge
(Linking Device)
Bridge
(Linking Device)
PLC
Bridge
(Linking Device)
ISA / Cooper Bussmann Webinar
November 12, 2012
Portable diagnostic test equipment
Instrument Management Software
(including fieldbus diagnostics)
Host control system
Fieldbus power
supply system
wiring components
Controller I/O
Fieldbus
Hand-held
Diagnostic Module
ISA / Cooper Bussmann Webinar
November 12, 2012
24
11/12/2012
On-line diagnostic monitoring
Instrument Management Software
(including fieldbus diagnostics)
Host control system
Fieldbus power supply
system
Segment 1 of 8
Field junction box
H1 Fieldbus
Controller I/O
Basic failure
alarms
On-line
Diagnostic Module
ISA / Cooper Bussmann Webinar
November 12, 2012
FF-612 Device Diagnostic Alarms
• Based on NAMUR NE 107
– http://www.namur.de/
• Standardized integration of Diagnostic Data
Maintenance
Out of Spec
?
?
Check Function
?
?
Failure
ISA / Cooper Bussmann Webinar
November 12, 2012
25
11/12/2012
Field Network Tools
HART Communicator
Fieldbus
• Confirms communication
with devices
• Physical Layer is via
“standard” analog tools
• Create false faults to
determine weakest point
prior to fault
• Confirms “margin of error”
before problems begin
– Multimeter
– Ground loop
ISA / Cooper Bussmann Webinar
November 12, 2012
Ethernet Physical Layer Testers
Copper
Fiber
• Wire pairs correctly
terminated
• Signal strength
• OTDR – Optical Time
Domain Reflectometer
– Determines estimating the
fiber's length and overall
attenuation
– Includes splice and
connector losses.
– Used to locate faults, such
as breaks
– Measure optical return loss
ISA / Cooper Bussmann Webinar
November 12, 2012
26
11/12/2012
Ethernet Tools
• Network Diagnostic Tool (NDT)
– Presently version 3.6.4
– designed to quickly and easily identify a specific set of conditions
that are known to impact network performance.
– The NDT performs the following tasks:
–
–
–
–
Simple bi-directional test to gather E2E data
Gather multiple data variables from server
Compare measured performance to analytical values
Translate network values into plain text messages
ISA / Cooper Bussmann Webinar
November 12, 2012
Generic Wireless Tools
• Netstumbler
– Netstumbler.com
• Netsurveyor
– http://www.performanc
ewifi.net/performancewifi/main/NetSurveyor.
htm
– Similar to
Netstumbler plus
recording/playback
feature
– NetStress
– Comparison tool
works with
NetSurveyor
ISA / Cooper Bussmann Webinar
November 12, 2012
27
11/12/2012
Generic Wireless Tools
• CommView for WiFi
– program allows you to capture packets and then search them for
specific strings, packet types,
ISA / Cooper Bussmann Webinar
November 12, 2012
Generic Wireless Tools
• inSSIDer
– similar to Net Stumbler application
– Designed to detect wireless networks and report on
their type, maximum transfer rate, and channel usage.
– Includes
graphical
representation
of each
wireless
network’s
amplitude and
channel usage
ISA / Cooper Bussmann Webinar
November 12, 2012
28
11/12/2012
Generic Wireless Tools
• Wireless Wizard
– series of diagnostic tests to
see how well your wireless
network is performing.
– Includes a spectrum analyzer
that recommends the best
wireless channel to use
ISA / Cooper Bussmann Webinar
November 12, 2012
R
Intelligent Network Management
from Cooper Bussmann
29
11/12/2012
Intelligent Network Management
System
MARKET
FOCUS Mining
Chemical
Processing
NMS Objectives
Oil & Gas
Water /
Wastewater
Wireless
Applications
 Provide comprehensive Network
visibility and management for
wireless and wired networks
 to spot problems before they occur
 know immediately when problems arise
Power
Generation
 Increase your network performance
 through intelligent management
 Increase your network scalability and
availability
 through distributed server architecture
 Simplification of operational
processes
 to support ease-of-use operational
workflows through automation
 Reduction in operating cost
59
Highly Scalable Network Architecture
Network
Management
System
Internet
Private DCS/SCADA Network
Gateway
Gateway
Gateway
Wireless Mesh Network
Data
Control
System
30
11/12/2012
Intelligent Network Management System
Visualization
Intuitive User Interface
with Network Topology
map, visible network
performance and alarm
recognition.
Historization
Standard Reporting and
Graphing tools to assess
network performance.
Provisioning &
Configuration
Intelligent
Wireless Network
Management
System of the
Future
Simplified installation
and configuration of
Nodes.
Security
Management
System Administration
management and setting
User policies. Automated
intrusion detection,
alarming and reporting.
Monitor &
Performance
Management
Fault and Alarm
Management
Advanced selfdiagnostic and selfhealing adjustments.
Problem tracking,
alarming and
notification.
Continued monitoring of
Nodes and network links.
Automated performance
adjustments during
network degradation.
Wireless Network Management System for
increasing productivity, simplifying
operational processes, increasing network
quality and reducing operating cost.
61
61
Network Management Platform
 Flexible Web-based technology
 Supports various hardware configurations from Laptop to
Desktop to multi-Server Clusters
 Network Agnostic




Manage any size of network
Monitor wireless & wired networks
Adapt to any wireless protocol
Allow for low/high latency network applications
 Device Agnostic
 Support of ELPRO devices (I/O, Modem, Gateways , Access Points)
 Integration of 3rd party wireless devices and LAN equipment
 Flexible and Scalable Architecture


Management of 5,000 + Nodes (already managing 1,000+)
Accessible by 64 simultaneous users from “Anywhere”
 Option to Interconnect to DCS/SCADA systems via OPC or
SNMP (future release)
Your Expansion Platform for the Future
62
31
11/12/2012
Network Visualization
 Visualization of Wireless & Wired Networks
 Practical navigation and intuitive graphical representation
of networking information and alerts
 Provides a central view of the network with visual cues for
node and link status and node information
(e.g. Temperature, RSSI, Voltage, Signal quality, Duty cycle, etc)
 Access device information via “One-Click”
 Automatic refresh of Network Topology upon changes in
the network
 Network representation according to your specific needs:
• Virtual Network Topology
• Google Map or Google Earth
• Import of pictures
 Powerful, user definable dashboards provide at-a-glance
access to important monitoring information
 Network/Node Provisioning
 Auto-Discovery and Device Authentication
 Comprehensive Test Automation with network impact
analysis (future release)
Envision your Network
63
Network Visualization
 Network Status Map
Ease of Device Localization and Getting Information
64
32
11/12/2012
Network Visualization
 Google Map
Place any Device at Exact Geographical Location
65
Network Analysis & Performance
 Node Configuration & Diagnostic



Template-based configuration –to accelerate deployment and to
improve efficiency and reduce errors (future release)
Consistency checking for accepting or rejecting changes (future
release)
Scheduled OTA Firmware upgrades (future release)
 Network Monitoring and Performance Analysis



Proactive network monitoring (scheduled, manual) with
performance thresholds to trigger events and actions
Intelligent Node and Link performance analysis utilizing Network
Performance Parameters and Device Diagnostics
Access to historical network and equipment performance graphs to
optimize availability and predictive maintenance
 Fault & Alarm Management




Color-coded Fault and Alarm indicators to provide real-time
notification
Proactively identify and fix network degradation
Automated / Semi-automated fault recovery
Real-time notifications and alarm escalation to ensure high
availability of devices
Increased Productivity Through Intelligence
66
33
11/12/2012
Network Analysis & Performance
 Host Detail Information
View Host Details for all Devices in the Network
67
Network Analysis & Performance
 Host Performance Graphs
Graphical Performance for Entire Network
68
34
11/12/2012
Network Analysis & Performance
 Monitoring Process
Quick Health Check and Scorecard
69
Network Analysis & Performance
 Fault & Alarm Management
 Monitor all open Services Issues
Reduced Down-Time Through Alarm Management
70
35
11/12/2012
Network Data Management
 Security
 Intrusion detection, alarming and reporting
 User Authentication via User ID and Password
 Account Management
 User profile management with classifications of users and definition of
user rights and policies
 Logging & Statistic Manager
 Recording of all system and network events
 Data Analysis utilizing commercial graphing tools
 Historization of Data
 Historical reports provide record of network events, alerts and alarms,
notifications, network/node outages, system usage and performance
 Consolidated performance metrics
 Exporting of Data
 Convert data into CSV-format
 Option for external interface to DCS/SCADA via OPC or SNMP (future
release)
Administrative Tools for Easy Management
71
Network Data Management
 Security and Account Management
Control Users, Access, and Security
72
36
11/12/2012
Network Data Management
 Historization and Exporting of Data
Historical Data Stored and Available to Export
73
Summary
Expertise
Scalability
Availability
Efficiency
Easy
Visualization
Configuration
Monitor
Alarm
Management
Productivity
Simplification Real-Time Monitoring
Increased Network
Performance
Comprehensive
Solution
Intelligent Management
Your Complete Network Management System
74
37
11/12/2012
It starts with Design
ISA / Cooper Bussmann Webinar
November 12, 2012
Wireless Network Survey Project
• Security Survey
– Physical and Network analysis
• Site Survey
– Physical signal measurements & Analysis
• Two activities must both be completed as part of full
system analysis
– Aware of ‘competing’ demands for same frequencies from other
ISM users
ISA / Cooper Bussmann Webinar
November 12, 2012
38
11/12/2012
Getting Started
• Identify User Requirements
• Corporate Policies, Procedures, System Management for
Wireless Spectrum
• Conduct an RF Site Survey
– Identify signal paths and potential interference sources
– IT, Industrial, Cellular
• Maintenance, Support as part of plan
• Integrate security and mobility products with enterprise
identity solutions
• Develop policies on classes of devices connected to
which network
• Identify wireless platforms growth
• Storyboard the application(s)
ISA / Cooper Bussmann Webinar
November 12, 2012
Security Survey
Preparation
• Amount of
effort to
compromise
system
• Timing of
activity
Audit
• Determine
‘leakage’
• Packet logging /
analysis
• Identify Access
Points
• Exploit system
(optional)
Report
• Report &
Recommendations
• Implementation
Plan
ISA / Cooper Bussmann Webinar
November 12, 2012
39
11/12/2012
Site Audit
Radio
Survey
Preparation
• Site layout • Spectrum
/ drawings
Competition
– Bluetooth,
• Mobility /
IEEE 802.nn
Required
coverage • Rogue Sources
– Microwave,
• Planned
Electrical
Growth
• Moving
equipment
– Cranes, etc.
Physical
Survey
Report
• Physical
Security
• Report &
Recommen
dations
• Buildings and
enclosures
• Implement
• Fading Zones / ation Plan
Coverage
• Off site
leakage
• Antenna
location(s)
ISA / Cooper Bussmann Webinar
November 12, 2012
Survey Report Summary Topics
• Radio
– Type
– Location(s)
– Existing
– New
• Mounting Surface(s)
– Radio
– Antenna
• Enclosure
• Power Configuration
• Three Dimensions
• Antenna
– Type
– Cable length
– Pathway
• Power Feed
• Data Feed
• Signal Strength
Measurements
– Radial distance
– Signal strength (dB)
• Site Photos
ISA / Cooper Bussmann Webinar
November 12, 2012
40
11/12/2012
Survey “Maps”
n Signal Strength Reading
8
1
7
2
3
6
5
4
ISA / Cooper Bussmann Webinar
November 12, 2012
Range & Propagation
• When paths are
obstructed and
attenuation cannot be
accurately calculated
MANDATORY to
simulate/test interdevice
communications
– Radios (mesh)
– Access Point(s)
ISA / Cooper Bussmann Webinar
November 12, 2012
41
11/12/2012
RF Physics Principle 1:
• Relative to higher frequencies, lower frequencies have greater
abilities to:
– Reflect (bounce) of objects.
– Refract (bend) around objects.
– Are less likely to scatter.
• The combined effect of improved relative (eg 900Mhz vs. 2.4Ghz)
reflection, refraction and less scattering, in conjunction with less
attenuation (remember higher power with lower frequencies), gives
lower frequencies the ability to reliably propagate between
transmitter and receiver.
• Assumption - again principle assumes we are dealing with identical
telemetry path and typical RF power transmissions.
ISA / Cooper Bussmann Webinar
November 12, 2012
Communications Channel Considerations
•
•
•
•
•
Inherent sensor accuracy,
Robustness
Power demand (battery life),
Ease of implementation.
Check uncorrected bit error rate (BER)
– Trade-off between BER and data rate
– error-correcting codes must be added to the data stream to
accommodate potential errors in the transmission.
– Determine the robustness and likely failure scenarios for a given
implementation.
• Better the uncorrected BER, the better the potential for
getting the data through.
• Narrower the bandwidth, lower the over-the-air data rate
ISA / Cooper Bussmann Webinar
November 12, 2012
42
11/12/2012
Rules of Thumb
• Radio with transmit power ≤ 5W
– Minimum distance to nearest Receivers
– ≥ 2 meters (6 feet vertically)
– ≥ 3.2 meters (10 feet horizontally)
• Antenna Mounting
– Space antennas of similar frequency as far as possible from
each other
ISA / Cooper Bussmann Webinar
November 12, 2012
Typical RF Loss
Substance
Loss (dB) Efficiently Range Loss
Space
0
0%
Windows (W/o Metal)
3
30%
Windows (W/ Metal)
5-8
50%
Dry Wall
5-8
50%
Wood Wall
10
70%
6’’ Wall
15-20
85%
12’’ Wall
20-25
90%
Ceiling
15-20
85%
Thick Ceiling
20-25
90%
ISA / Cooper Bussmann Webinar
November 12, 2012
43
11/12/2012
Your future Wireless Plant - what’s
important?
• DON’T PANIC!
• Understand the basics of Wireless
– Frequency bands, data rate, distance, security
– What products are available?
• Manage your wireless spectrum
– Plan how different wireless services will co-exist
– Use the different frequency bands available
– Implement Defense-in-depth strategy
ISA / Cooper Bussmann Webinar
November 12, 2012
87 of 45
The Future Of Radio
• What is the right solution?
• The right system/supplier is one with the answers for the
future not just this installation
– Use a supplier working within available standards
– Understand the basics of wireless, frequency bands, data rates,
what products are availalble
– Manage your wireless spectrum. One frequency will not be
enough for all your wireless apps.
– Test instalations before commiting
– Use technology fitting all requirments not just speed
–
–
–
–
Range
Responce time
Compatibility with other equipment
Security
ISA / Cooper Bussmann Webinar
November 12, 2012
44
11/12/2012
Security Matters
ISA / Cooper Bussmann Webinar
November 12, 2012
IT versus Process Automation Security
Objectives
Industrial Automation
Corporate LAN
• Availability
• Integrity
• Confidentiality
• Confidentiality
• Integrity
• Availability
ISA / Cooper Bussmann Webinar
November 12, 2012
45
11/12/2012
Access Attempts & Attack pathways
Personnel Controls
Defense in
Depth includes
more than the
network
infrastructure
Laptop – covert
Wireless attack
Physical Access Controls
Wireless Network Controls
Wired Network Controls
Compromised
Historian
Containment Measures
Attack
Target
FEP
Utility Staff
member without
Authorisation
Laptop –
Engineering Access
Each security layer is equally important
ISA / Cooper Bussmann Webinar
Courtesy of CISCO/Dust Networks
November 12, 2012
Key to Automation Security
• Apply products and services supporting a defense-indepth architecture
– All Layers
– Security Service and Policy
– Physical
– Guns, guards and gates
– Network
– Network protection and control
– OS
– OS Patching
– Application
Security
Physical
Services
Perimeter
Network
Enforcement
Operating
System
Application
Device
Device
Security
Security
– Change Management
– Patch Management
– Device
– Device protection and control
ISA / Cooper Bussmann Webinar
Slide Courtesy of Rockwell Automation
November 12, 2012
46
11/12/2012
Axioms of Industrial Automation and Controls
Security
1. Safety Trumps All
2. Business Takes Next Priority
3. Internet Access From The Shop
Floor is a Recipe For Disaster
4. Proprietary Isn’t Safer
5. The First Firewall is Only a
Speed Bump
6. Everything Is A Weapon, and
Everything is a Target
7. Isolated Networks … Aren’t
8. Technology Isn’t The Problem
9. It Isn’t About The Viruses and
The Hackers …People Are The
Biggest in a System
10. It is not Possible to
Protect the Shop Floor
Through the Same
Mechanisms as the IT
Space
11. Switched Networks,
Especially Unmanaged,
are no More Secure
ISA / Cooper Bussmann Webinar
November 12, 2012
Slide Courtesy of Rockwell Automation
The “Key Three”
• Experience Shows that focusing
Filtering
on these three key elements
and Blocking
dramatically improves industrial
•Firewalls
Access Control
automation security
•VPN
•Policy
• These should be implemented
•VLAN
•Active Directory
with an “80/20” principle as
guidance… 80% policy,
procedures, and training, 20%
technology
• These are not a perfect solution,
Backup and
but are the three most important
Recovery / CM
areas for control systems
•Policy
• Disaster
Recovery
Planning
ISA / Cooper Bussmann Webinar
Slide Courtesy of Rockwell Automation
November 12, 2012
47
11/12/2012
Using Zones: A Refinery Example
ISA / Cooper Bussmann Webinar
November 12, 2012
95
The bottom line
ISA / Cooper Bussmann Webinar
November 12, 2012
48
11/12/2012
Rewards for Getting it Right
• Increased system reliability
– Greater throughput
– Higher quality product
• More measurements at lower costs
• Workforce mobility
• New Measurements
– Smaller, Less intrusive
• New applications
– More data, more places
– More opportunities
• Improved HSE
• Plant Security
ISA / Cooper Bussmann Webinar
November 12, 2012
Cooper Bussmann Wireless
Aging
Infrastructure
Process
Control
Key Differentiators
Movable
Machinery
Rotating
Equipment
Brands
 Tailored solution for high growth end markets
 Universal interconnectivity
 Broad basket of wireless products for
deployment in harsh environment
Integrated Product Solutions in Key Verticals
98
49
11/12/2012
Intelligent Network Management System
 Partnership with IT Network Management technology provider
(Nagios Xi core – Cooper Industrial Wireless extension)
 Core NMS engine being used by over 1,000,000 users worldwide
and many Fortune 500 companies
 Cooper developed complete software enhancements to monitor
and configure Wireless Networks
915U-2
245U-E
945U-E
455U-D
A Decade Long Proven Platform
99
Questions & Contact Information
To learn more please contact:
Brian Cunningham
Applications Engineer, Wireless
a business unit of Cooper Bussmann
#74 - 1833 Coast Meridian Rd.
Port Coquitlam BC Canada V3C6G5
brian.cunningham@cooperindustries.com
(Toll Free) 1 866 713 4409 x 298
(Overseas) +1 604 944 9247 x 298
www.cooperbussmann.com/wireless
ISA / Cooper Bussmann Webinar
November 12, 2012
50