by Gary Mintchell | Jan 4, 2016 | Commentary, Internet of Things, News, Operations Management
Following on to last week’s quick post of PTC’s Internet of Things acquisition of Kepware, I’ve gone a little deeper into the build up to and the strategy of the acquisition.
First off, the Internet of Things is a strategy. It isn’t a “thing.” PTC management seems to “get it.” As you’ll read further down, PTC is not pursuing a simple bolt-on strategy such as what several companies have come to me to help justify. This appears to be a serious attempt to assemble a complete ecosystem / platform going beyond a simple IoT play to offer a business solution to customers.
Warning note. PTC is acquiring software companies and attempting to blend their technologies into a coherent whole. We’ve witnessed many of these seemingly simple processes go south quickly. But PTC has done this before in its core market, then again in the services market. I have confidence the company will show the way in a complete solution.
PTC is paying a large premium for Kepware–Up to $120 million for a company with about $20 million in annual sales. It obviously thinks there is a tremendous upside to its IoT business.
From the press release: PTC announced it has signed a definitive agreement to acquire Kepware, a software development company that provides communications connectivity to industrial automation environments, for approximately $100 million, plus up to an additional $18 million based on achievement of certain strategic initiatives and financial results. The acquisition will enhance PTC’s portfolio of Internet of Things (IoT) technology, and accelerate the company’s entry into the factory setting and Industrial IoT (IIoT).
Founded in 1995 and located in Portland, Maine, Kepware serves customers in more than 120 countries in such industries as manufacturing, oil and gas, building automation, and power and utilities. The company’s flagship product, KEPServerEX, connects disparate devices and control systems, providing users with a single source of industrial data.
Kepware’s KEPServerEX will become a strategic component of the PTC ThingWorx IoT technology platform. Once the companies’ products are integrated, machine data will be able to be aggregated into the PTC ThingWorx platform, integrated with a wide array of internal and external information, and then automatically analyzed using ThingWorx machine learning capabilities. The integration will allow organizations to gain enterprise-wide insight and to proactively optimize mission-critical processes – enabling them to improve operational performance, quality, and time to market.
In its June 2015 research report, entitled The Internet of Things: Mapping the Value Beyond the Hype, the McKinsey Global Institute identified the factory as one of the largest sources of potential value to be realized from the adoption of the Internet of Things. PTC has established a dedicated business segment and has formed a strategic alliance with GE to pursue this brilliant factory opportunity. The acquisition of Kepware is intended to complement the alliance with GE.
Kepware and PTC share many common customers that will be able to realize value from the acquisition. Industrial environments already leveraging Kepware technology will be able to benefit from the added breadth of capabilities available in the PTC ThingWorx IoT technology platform. The acquisition of Kepware will also provide a fast-to-value connectivity option for PTC customers to gain visibility into data from a vast range of industrial controls and production equipment, enabling them to kick-start their smart, connected factory initiatives.
“PTC is committed to helping manufacturers, infrastructure operators, and others realize the enormous value inherent in the Internet of Things,” said Jim Heppelmann, president and CEO, PTC. “With this acquisition, we will gain entry into heterogeneous factory and operating environments with robust technology, an impressive list of customers, and a high-quality, profitable company with incredibly talented employees.”
“Kepware and PTC share a common vision of helping organizations realize the potential of the Industrial Internet of Things,” said, Tony Paine, CEO, Kepware. “We believe this acquisition will benefit our customers, partners, and employees – and ultimately drive software innovation for industrial automation markets. We are excited for the opportunity to become part of PTC.”
Over the past 12 months, privately-held Kepware generated approximately $20 million in revenue. PTC expects to draw on its credit facility to finance this transaction and expects Kepware to be neutral to its FY’16 non-GAAP EPS. The transaction is expected to close in early 2016, subject to customary closing conditions, including regulatory approval. PTC intends to maintain the Kepware partner ecosystem and to continue developing and enhancing the Kepware technology, once acquired.
PTC Internet of Things Acquisitions
2014
Thingworx
The acquisition of ThingWorx positions PTC as a major player in the emerging Internet of Things era.
Axeda
The acquisition of Axeda allows PTC to leverage its core IoT technology to enable companies to establish secure connectivity and remotely monitor and manage a wide range of machines, sensors, and devices.
2015
ColdLight
The acquisition of ColdLight’s Neuron automated predictive analytics platform will enrich PTC’s technology portfolio and extend PTC’s position as a leader in the Internet of Things (IoT) market.
GE Alliance
GE and PTC announced that the two companies are partnering to deliver an innovative manufacturing solution that will be available within GE’s Brilliant Manufacturing Suite. This new GE-branded manufacturing solution leverages the capabilities of PTC’s ThingWorx Industrial Internet of Things application enablement environment. The result is an industry-hardened solution that features flexible dashboards and powerful data analytics integrated with GE’s software capabilities on the manufacturing plant floor.
ThingWorx IoT Platform
- ThingWorx Composer
ThingWorx Composer is an end-to-end application modeling environment designed to help you easily build the unique applications of today’s connected world. ThingWorx Composer makes it easy to model the things, business logic, visualization, data storage, collaboration, and security required for a connected application.
- Codeless Mashup Builder
ThingWorx “drag and drop” Mashup Builder empowers developers and business users to rapidly create rich, interactive applications, real-time dashboards, collaborative workspaces, and mobile interfaces without the need for coding. This next-generation application builder reduces development time and produces high quality, scalable, smart connected applications which allows companies to accelerate the pace at which they can deliver value-add solutions, resulting in greater market share against new and existing competitors.
- Actionable, Correlated Data from People, Systems and Things
ThingWorx is the only platform that can store and correlate data from three dimensions: people, systems, and connected things. This capability allows companies to make business sense of the massive amounts of data from those three dimensions – making the data useful and actionable. The platform supports scale requirements for millions of devices, and provides connectivity, storage, analysis, execution, and collaboration capabilities required for applications in today’s connected world. It also features a data collection engine that provides unified, semantic storage for time-series, structured, and social data at rates 10X faster than traditional relational databases.
- Search-Based Intelligence
ThingWorx SQUEAL (Search, Query, and Analysis) brings search to the world of smart connected devices and distributed data. With ThingWorx SQUEAL’s interactive search capabilities, users can now correlate data that delivers answers to key business questions. Pertinent and related collaboration data, line-of-business system records, and equipment data get returned in a single search, speeding problem resolution and enabling innovation.
- Collaboration
ThingWorx dynamically and virtually brings together people, systems, and connected equipment, and utilizes live collaboration sessions that help individuals or teams solve problems faster. The ThingWorx data store becomes the basis of context aware collaboration and interaction among the systems users, further enhancing its value. Additionally, the tribal knowledge exposed during the process is automatically captured and indexed for use in future troubleshooting activities.
- Flexible Connectivity Options
ThingWorx “inclusive” connectivity strategy maximizes market opportunity and minimizes integration efforts. ThingWorx supports connectivity to devices via several methods, including 3rd party device clouds, direct network connections, Open APIs, and AlwaysOn connectivity.
KEPServerEX Overview
KEPServerEX is a communications platform that provides a single source of industrial automation data to all of applications. The platform design allows users to connect, manage, monitor, and control diverse automation devices and software applications through one intuitive user interface.
KEPServerEX leverages OPC (the automation industry’s standard for interoperability) and IT-centric communication protocols (such as SNMP, ODBC, and web services) to provide users with a single source for industrial data. Designed around the four product pillars of Proven Interoperability, Centralized Communications, On-Demand Scalability, and Industrial Strength, KEPServerEX is developed and tested to meet our customers’ performance, reliability, and ease-of-use requirements.
Product Features
KEPServerEX provides critical technical features that are centralized around accessibility, aggregation, optimization, connectivity, security, and diagnostics.
Accessibility
OPC
OPC is the leading standard for industrial automation connectivity. KEPServerEX supports the OPC Unified Architecture (OPC UA) specification and many of the OPC Classic specifications, including OPC Data Access (OPC DA), OPC Alarms and Events (OPC AE), and OPC Historical Data Access (OPC HDA).
Automation Interfaces
KEPServerEX has preferred access to leading automation software, including iFIX by GE Intelligent Platforms (NIO) and InTouch by Wonderware (SuiteLink/FastDDE). KEPServerEX also supports preferred access to Oracle MES and MOC solutions through their proprietary API.
IT Interfaces
KEPServerEX supports multiple interfaces for integration with IT applications, including ODBC for logging information to a database and SNMP for providing information to a Network Management System (NMS). With the advent of IoT and Big Data applications, KEPServerEX now includes the ability to communicate with Splunk software and cloud services via the Industrial Data Forwarder for Splunk.
Cloud Interfaces
With the IoT Gateway, KEPServerEX can seamlessly stream real-time industrial control data directly into Big Data and analytic software for Business Intelligence and Operational Excellence. Its customizable data format supports most MQTT and REST applications—enabling users to choose the vendors and communication methodologies right for their system.
Exporters
Some applications require information to be made available from a file or database. This information is typically exported at a predefined rate and includes both current and historical data. KEPServerEX has the ability to export historical Electronic Flow Measurement (EFM) data (via the EFM Exporter plug-in) or historical trend data (via supported drivers) to files and/or databases.
Aggregation
Centralized Platform
KEPServerEX is a communications platform that can support connections to thousands of data sources and provide information to hundreds of applications. The platform design simplifies the configuration of the connected applications by providing a single point of entry to all information. KEPServerEX also enables troubleshooting and issue diagnosis, provides control to the access of information based on user roles, and the ability to restrict the frequency of communications over bandwidth-limited telemetry-based environments.
Unified Configuration
KEPServerEX provides a unified configuration for managing connectivity to any data source. Anything can be added, configured, or deleted while the server is on-line and operational. Users can configure projects manually using a step-by-step wizard or programmatically through the export and import of XML and CSV files.
Data Storage and Retention
KEPServerEX is capable of archiving the real-time data it collects to local storage. By leveraging the Local Historian plug-in, applications can access this historical data (via OPC HDA) for future analysis. KEPServerEX can also store information in any ODBC-compliant database using the DataLogger plug-in, which has a store-and-forward capability for when a database is unreachable or unable to process the information fast enough.
Optimization
Data Conditioning and Reduction
In addition to providing raw values to connected applications, KEPServerEX can perform linear or square root scaling, perform basic arithmetic expressions, or apply deadband calculations on raw data and provide its aggregate. This provides minimal bandwidth and resource utilization by providing only the most critical updates.
Redundancy
KEPServerEX is used in critical applications where highly-reliable systems are required for maximum uptime. It includes the ability to define redundant network paths, primary and secondary data sources, and applicable failover criteria.
Load Balancing
In large networks that have many devices and applications requiring information, flexible control is necessary to allow for customized load-balancing of data collection and information flow. KEPServerEX provides tools to schedule the frequency of communications and throttle the demand across the network.
Communications
KEPServerEX optimizes communications with devices by aggregating identical requests from different applications whenever possible. Multiple demands on data can be batched together into the fewest requests possible. These optimizations are unique to each protocol, and are designed to reduce network overhead and device processing.
Machine-to-Machine Linking
In a typical industrial automation network, devices and controllers must communicate with one another even if they are not from the same manufacturer or do not support the same protocol. KEPServerEX provides the ability to establish links between data values in different data sources, allowing Machine-to- Machine (M2M) communications as close to the device as possible.
Connectivity
Driver-Based Access
KEPServerEX offers the broadest range of drivers available, supporting devices across various verticals within the Industrial Automation Industry. While most drivers act as masters that initiate requests, there are many drivers that can emulate a device where communications are driven by a controller. KEPServerEX drivers also support a variety of wired and wireless network mediums for Ethernet, serial, and proprietary networks. Although most drivers connect directly with hardware devices, some are designed to connect with other applications—such as databases, custom software applications, or other OPC servers.
Telemetry Environments
Industrial automation equipment can be deployed in a dry and heated factory, but it can also be installed inside a vehicle, on a remote pipeline, or in a well or pump station. In these remote environments, there are often a variety of telemetry solutions in use like cellular, radio, or satellite modems. KEPServerEX supports these telemetry configurations and provides additional ways to optimize communications through virtual networks, timing parameters, device demotion, and by scheduling communications across devices.
Rapid Deployment
As automation networks have grown from ten controllers to thousands of controllers, tools that aid and accelerate deployment are critical to a solution’s success. KEPServerEX provides many tools that speed the deployment of new devices, including Automatic Tag Generation (ATG) and Device Discovery (when supported by the device and communication protocols). Users can also export, manipulate, and import an XML project file to programmatically define the configuration.
Simulation
As systems are configured, components must be implemented and tested before the entire system becomes available. KEPServerEX allows any data source to be placed into simulation mode prior to deployment. In addition, the Memory Based driver can be configured to create a range of static and dynamic data points. The Advanced Simulator driver can leverage a database and its contents to drive application-specific simulation data into connected applications.
Security
Configuration
Access to the KEPServerEX configuration can be restricted through the User Manager. This tool allows the administrator to define user groups and users with restricted access to certain project configuration tasks, and also provides the ability to disconnect client applications.
Runtime
There are various tools available within KEPServerEX to control user access to the server, data source, or data values. The Security Policies plug-in limits access based on OPC UA user credentials while supporting default handling for anonymous users (both OPC UA and other client interfaces). The ability to dynamically address information can be disabled, limiting user access to tags defined within the project. KEPServerEX supports a number of secure client standards including SNMP (v3 security), OPC UA, and OPC DA (DCOM security) to further restrict access to the server, as well as a number of secure device protocols to meet the requirements of DNP3, SNMP, and OPC UA data sources. Secure data tunnels can be configured by leveraging multiple KEPServerEX instances at remote endpoints to pass data through firewalls and meet authentication and encryption requirements across the Internet.
Diagnostics
OPC Diagnostics
OPC Diagnostics provide a real-time and historical view of OPC events between any OPC client and the server, including method calls made by the client or callbacks made by the server. The ability to view actual communications and responses is invaluable when troubleshooting client accessibility. The diagnostics tools within KEPServerEX greatly speed deployment and reduce downtime.
Communications Diagnostics
Communication Diagnostics provide real-time capturing of the protocol frames transferred between the server and any device, as well as indications on the driver’s performance. All read and write operations can be viewed or tracked directly in an OPC client application using built-in diagnostics tags. This is useful when modifying key communication parameter settings (such as baud rate, parity, or Device IDs), because corrections are immediately visible.
Third-Party Diagnostics Integration
Diagnostics information can be viewed within KEPServerEX and by third-party applications. Diagnostics information is provided through system-defined tags and accessible to the same clients connecting to the data sources. KEPServerEX logs event information, which is accessible within the configuration tool or to any application that supports the OPC Alarms and Events specification.
by Gary Mintchell | Dec 9, 2015 | Internet of Things, News
The Internet of Things (IoT), or specifically the Industrial Internet of Things (IIoT), is all the rage right now. All companies want to be seen to be developing it. Or using it. I’ve even seen some standards bodies ask how their standards reflect the Internet of Things.
There are some problems here. No one really knows what the Internet of Things is. Maybe because all the analysts (including me) are rushing to be the one to provide the definitive definition. I’ve been discussing “ecosystem” to describe the phenomenon in its entirety. Recently I saw another analyst also use the term.
Further, there are no standards. If you don’t know what it is, then there can be no standards. However, it is built upon standards. IP communications, for example.
Kepware Technologies is taking a stab at the situation. It announced Dec. 8 the launch of its IoT Alliance program. The alliance is composed of a strategic network of IoT solutions providers that are committed to growing the global IoT market potential and shaping the direction of industry through smart technology, thought leadership, and marketing initiatives. Alliance members will have access to proprietary technology from Kepware that enables their respective solutions to access industrial data from the industry’s communications platform, KEPServerEX.
“The IoT Alliance has the potential to be a disruptive force in the Industrial Automation market,” said Tony Paine, CEO, Kepware. “By collaborating closely with Kepware and fellow alliance members, we have the capability to release new, innovative, and proven solutions—reducing risk and accelerating time to market. This translates to tangible IoT solutions for our customers.”
Kepware offers IoT Alliance members a connected network of more than 40 technology partners, 80 system integrators, and 90 Kepware resellers operating in more than 100 countries. By establishing relationships between alliance members and existing partners, Kepware aims to introduce members to new markets and opportunities. Furthermore, the alliance offers members proprietary insight into Kepware’s product road map and creates a safe environment for interoperability and proof of concept testing.
Kepware recently released the IoT Gateway for KEPServerEX, which streams industrial data into Cloud and on-premise solutions for real-time analytics.
The initial Alliance partners are:
- Aizoon – sells Consulting Services in IT, Innovation for business, Engineering, Process and Organization, Cyber Security, IoT, Smart Factory
- Altizon – created an Enterprise Internet of Things (IoT) Platform with special focus on Manufacturing and CleanTech (Energy) Sectors
- DeviceLynk – embraces Industrial IoT technology by creating informative dashboards that are cloud based and capable of collecting and visualizing data from any connected device
- Falkonry – enables analysts to produce real-time condition predictions from complex sensor datasets
- Informatica – delivers enterprise data integration and management software powering analytics for big data and cloud
- IOT Technology Solutions – provides product management resources and customer teams that deliver the complete definition, architecture, design, coding, testing and deployment of an IoT platform, solution or product
- Mnubo – it’s SmartObjects service transforms ‘connected things’ into ‘smart objects’. Its focus is to help extract true value from sensor data by delivering advanced real-time analytics, strategic insights and enabling richer applications
- Perseus – provider of managed services for high-precision, high-speed, high-performance applications
- Splunk – operational intelligence platform that allows customers to search, monitor, analyze and visualize machine data
- ThingWorx – A PTC company providing connectivity solutions
by Gary Mintchell | Dec 7, 2015 | Automation, News, Security
SCADA devices and networks remain a prime target for cyber attacks. Everything I’ve written has approached cybersecurity from a different angle. This is the first solution that has come my way that uses a deception approach.
Attivo Networks announced Dec. 7, 2015 a release of its deception-based Attivo BOTsink solution that provides continuous threat detection on Industrial Control Systems (ICS) SCADA devices used to monitor and control most manufacturing operations as well as critical infrastructure such as natural gas, oil, water, and electric power distribution and transmission systems around the world. Cyberattacks on these targets can and have resulted in disruption of critical local, regional, and national government and commercial infrastructures. As a result, when they are breached, the impact on societies they serve stands to be catastrophic.
According to a study by the Pew Internet and American Life Project, 60 percent of the technology experts interviewed believe that a major cyberattack will happen. The damages to property and ensuing theft will amount tens of billions of dollars, and the loss of life will be significant.
Scalable SCADA protection
“We are proud to be the first in the industry to provide customers a globally scalable, deception-based threat detection solution for SCADA protection,” emphasizes Tushar Kothari, CEO of Attivo Networks. “Many of our customers from the energy industry have requested the extension of our Attivo Deception Platform into their production and manufacturing control networks so they can get real-time visibility and the ability to promptly identify and remediate infected devices. As one stated, ‘a breach on those networks can be catastrophic and Attivo wants to do everything we can to prevent a disaster or risk to lives.”
SCADA systems had originally been designed to monitor critical production processes without consideration to security consequences. Security had been generally handled by keeping the devices off the network and the Internet using “air gaps” where malware could only be transmitted by the thumb drives used by technicians. However, today vulnerable SCADA systems are increasingly being connected to the corporate IT infrastructure and Internet, making them easily accessible to a remote attacker.
Examples of this would be the Sandworm malware that attacked Telecommunications and Energy sectors, Havex malware that infected a SCADA system manufacturer, and BlackEnergy malware that attacks ICS products manufactured by GE, Siemens, and Advantech. These attacks primarily targeted the operational capabilities of these facilities. With the increased malicious and sophistication of malware, concerns are now escalating to fears of an irreversible disaster.
Situational awareness
“Industrial systems have increasingly come under scrutiny from both attackers and defenders,” said Chris Blask, Chair of the Industrial Control System Information Sharing and Analysis Center (ICS-ISAC). “Situational awareness is the focus of the ICS-ISAC and its membership, including the ability for asset owners to detect and respond to incidents on their systems.”
These devices generally have long lifecycles creating an exposed environment driven by equipment that is less hardened and patches made infrequently. Additionally, because of their critical functions, SCADA devices cannot be taken offline frequently or for any length of time. This, along with costs that can run into the millions for every hour the network is offline, has made patching very difficult, often as infrequent as once a year, leaving many industrial facilities open to attacks. These risks are quite large considering these devices are found everywhere in electrical facilities, food processing, manufacturing, on-board ships, transportations and more.
“Companies operating in critical infrastructures like energy, utilities, nuclear, oil and gas know that they are not only vulnerable to the same security issues faced by most enterprises, they have the added enticement as a rich target for cyber terrorism,” stated Tony Dao, Director Information Technology, Aspect Engineering Group. “They recognize that securing their industrial control processes is not only critical to them, but to the institutions they serve. A loss would not only have repercussions throughout their economic sector but throughout the entire economy.”
The vulnerabilities begin with the use of default passwords, hard-coded encryption keys, and a lack of firmware updates, which pave the way for attackers to gain access and take control of industrial devices. Traditional perimeter-based solutions are designed to detect attacks on these devices by looking for suspicious attack behavior based on known signature patterns. SCADA supervisory systems are computers running normal Windows operating systems and are susceptible to zero day attacks, in which there are no known signatures or software patches. Several vulnerabilities also exist in the standard and proprietary protocols within Logic Controllers. Popular protocols include MODBUS (supervision and control), DNP3 (Energy and Water), BACNET (Building Automation), and IPMI (Baseboard Management Control).
Deception technology
Attivo Networks takes a different approach to detecting cyber attacks on ICS- SCADA devices. Instead of relying on signatures or known attack patterns, Attivo uses deception technology to lure the attackers to a BOTsink engagement device. Customers have the flexibility to install their own Open Platform Communications (OPC) software while running popular protocols and PLC devices on the BOTsink solution making it indistinguishable from production SCADA devices. This provides real-time detection of BOTs and advanced persistent threats (APTs) that are conducting reconnaissance to mount their attacks on critical facility and energy networks. Additionally, BOTsink forensics capture information including new device connections, issued commands and connection termination, enabling administrators to study the attacker’s tools, techniques, and information on infected devices that need remediation.
The Attivo SCADA solution is provided through a custom software image that runs on its BOTsink appliance or virtual machine. SCADA BOTsink deployment and management are provided through the Attivo Central Manager, which provides global central device management and threat intelligence dashboards and reporting.
“To a significant degree, the growing security problems impacting industrial control systems have originated from the fact that ICSs are increasingly less and less isolated from outside networks and systems, and ICSs are now more susceptible and vulnerable to attacks,” comments Ruggero Contu, Research Director at Gartner in his Market Trends: Industrial Control System Security, 2015 report. “At the heart of this change is the demand to integrate enterprise IT systems to operational technology, and for remote connectivity.”
Check out this whiter paper. Dynamic Deception for Industrial Automation and Control Systems
by Gary Mintchell | Dec 5, 2015 | Automation, Internet of Things, Networking, Operations Management, Standards
Katherine Voss, president and executive director of ODVA
ODVA announced several enhancements to its EtherNet/IP and CIP specifications during the SPS IPC Drives Trade Fair in Nuremberg. The first relates to cybersecurity. The second involves time-sensitive networking.
ODVA announced that it has achieved a milestone with the pending publication of a new volume in its specifications specifically dedicated to cybersecurity. This body of work will be released under the name of CIP Security and will join the family of distinctive CIP services which includes CIP Safety, CIP Energy, CIP Sync, and CIP Motion. CIP Security will be initially applicable to EtherNet/IP.
Because EtherNet/IP relies on commercial-off-the-shelf (COTS) technologies for Ethernet and the Internet, users have been able to deploy traditional defense-in-depth techniques in EtherNet/IP systems for some time, explained by ODVA as early as 2011 in its publication “Securing EtherNet/IP Networks.” CIP Security will help users take additional steps to protect their industrial control systems with industry-proven techniques for securing transport of messages between EtherNet/IP devices and systems and thus reduce their exposure to cybersecurity threats.
The initial release of CIP Security includes mechanisms to address spoofing of identity, tampering with data and disclosing of information. Mechanisms supported in the initial release of CIP Security include device authorization, integrity of message transport and confidentiality of messages. To support these mechanisms, ODVA has adapted encryption standards from the Internet Engineering Task Force (IETF) for encryption based on Transport Layer Security (TLS), Data Transport Layer Security (DTLS) and authentication based on the X.509v3 standard for certificate handling. Details of ODVA’s initial implementation of CIP Security and outlook for the future were presented in a technical paper at ODVA’s 2015 Industry Conference and 17th Annual Meeting of Members.
“The publication of the volume dedicated to cybersecurity in The EtherNet/IP Specification is the next step in providing users with methods to help them manage threats and vulnerabilities in EtherNet/IP systems,” said Katherine Voss, ODVA president and executive director. “Following this publication will be the realization of the mechanisms provided by CIP Security in ODVA CONFORMANT EtherNet/IP products.”
ODVA’s focus on cybersecurity is not only a function of increased emphasis on cybersecurity for industrial control systems but also because of the widespread adoption of EtherNet/IP in broad range of applications from manufacturing to critical infrastructure. As a result of the breadth of applications, the next edition of The EtherNet/IP Specification will expand support for IEC 62439-3 “Industrial communication networks – high availability automation networks – part 3” to include High Availability Seamless Redundancy (HSR) in addition to Parallel Redundancy Protocol (PRP). HSR is commonly used in electrical substation automation as specified in IEC-61850. Other high reliability techniques supported in The EtherNet/IP Specification include Rapid Spanning Tree (RSTP) and Device Level Ring (DLR).
Other ODVA Industrial Networking News
One area of focus will be the adaptation of certain emerging standards for Time-Sensitive Networking (TSN) to EtherNet/IP. In particular, ODVA will create enhancements to The EtherNet/IP Specification for frame preemption and stream reservation based on the standards being defined in the IEEE-802.1 projects. ODVA’s adaptation of TSN technologies is a straightforward evolution of the EtherNet/IP technology, which relies on commercial-off-the-shelf (COTS) technologies for Ethernet and the Internet to solve demanding applications in industrial automation. Users of EtherNet/IP will be able to realize performance improvements in systems using EtherNet/IP by as much as two orders of magnitude by combining TSN with existing standards already included in The EtherNet/IP Specification, such as Quality of Service, Gigabit Ethernet and CIP Sync — ODVA’s adaptation of IEEE-1588.
To complement the adoption of EtherNet/IP in a diverse range of industries and applications, ODVA is expanding CIP to include data models to facilitate the exchange of application information within EtherNet/IP systems and between EtherNet/IP systems and supervisory systems which may or may not use EtherNet/IP. One application area where specification enhancements are underway is the adaptation of the recommendations in NAMUR NE-107 “Self-monitoring and Diagnosis of Field Devices“ to the data format and access methods needed to retrieve such process data from EtherNet/IP field devices. Another application area where enhancements to the ODVA specifications are expected in 2016 is the inclusion of a machine data model and services for machine-to-supervisory communications. By instantiating standards for application data models for process field devices and machinery, EtherNet/IP will provide yet another way for users to decrease their reliance on proprietary implementations by using vendor-independent standards designed for multi-vendor interoperablity.
ODVA is now expanding The EtherNet/IP Specification to include standards for the integration of data between EtherNet/IP and HART and IO-Link. Joining the already-published integration of data between EtherNet/IP and Modbus-TCP, these standards will allow users to accelerate their progress towards a converged network architecture.
“Because EtherNet/IP is based on commercial-off-the-shelf technologies and uses widely accepted standards from the Ethernet and Internet, EtherNet/IP is now a major industry catalyst for the realization of the Industrial Internet of Things,” said Katherine Voss, ODVA president and executive director. “The enhancements to EtherNet/IP that are underway for 2016 are at the forefront of innovations that are driving the future of industrial automation toward the fourth industrial revolution.”
by Gary Mintchell | Dec 2, 2015 | Automation, Interoperability, News, Process Control, Standards, Technology
Here is an industrial automation announcement from the recent SPS IPC Drives trade fair held annually in Nuremberg, Germany. This one discusses a new open integration, some say interoperability, program based upon open standards.
This blog has now complete eight years—through three names and domains: Gary Mintchell’s Radio Weblog, Gary Mintchell’s Feed Forward, and now The Manufacturing Connection. Through these eight years one consistent theme is advocating for what I believe to be the user’s point of view—open integration.
Users have consistently (although unfortunately not always vocally) expressed the view that, while they love developing a strong partnership with preferred suppliers, they also want to be able to connect products from other suppliers as well as protect themselves by leaving an “out” in case of a problem with the current supplier.
The other position contains two points of view. Suppliers say that if they can control all the integration of parts, then they can provide a stronger and more consistent experience. Customers worry that locking themselves into one supplier will enable it to raise prices and that it will also leave them vulnerable to changes in the supplier’s business.
With that as an introduction, this announcement came my way via Endress+Hauser. That company is a strong measurement and instrumentation player as well as a valued partner of Rockwell Automation’s process business. The announcement concerns the “Open Integration Partner Program.”
I’m a little at a loss to describe exactly what this is—other than a “program.” It’s not an organization. Rather its appearance is that of a memorandum of cooperation.
The program promotes the cooperation between providers of industrial automation systems and fieldbus communication. To date, eight companies have joined the program:
AUMA Riester, HIMA Paul Hildebrandt, Honeywell Process Solutions, Mitsubishi Electric, Pepperl+Fuchs, Rockwell Automation, R. STAHL and Schneider Electric.
“By working closely with our partners, we want to make sure that a relevant selection of products can be easily combined and integrated for common target markets,” outlines Michael Ziesemer, Chief Operating Officer of Endress+Hauser. This is done by using open communication standards such as HART, PROFIBUS, FOUNDATION Fieldbus, EtherNet/IP or PROFINET and open integration standards such as FDT, EDD or FDI. Ziesemer continues: “We are open for more cooperation partners. Every market stakeholder who, like us, consistently relies on open standards is invited to join the Open Integration program.”
Reference topologies are the key
Cooperation starts with what are known as reference topologies, which are worked out jointly by the Open Integration partners. Each reference topology is tailored to the customers’ applications and the field communication technologies used in these applications. “To fill the program with life in terms of content, we are going to target specific customers who might be interested in joining us,” added Ziesemer.
Depending on industrial segment and market, the focus will be on typical requirements such as availability, redundancy or explosion protection, followed by the selection of system components and field instruments of practical relevance. This exact combination will then be tested and documented before it is published as a joint recommendation, giving customers concrete and successfully validated suggestions for automating their plant.
Ziesemer adds: “With this joint validation as part of the Open Integration, we go well beyond the established conformity and interoperability tests that we have carried out for many years with all relevant process control systems.”
