There are numerous advantages to using Ethernet on the plant floor and some critical issues to consider for a successful implementation.
The major automotive manufacturers are moving exclusively to Profinet. Why? For one reason, it allows an entire assembly line to be on one physical network, and enables the ability to plug in anywhere and access any node on the network. This is a huge step forward from days past, when companies had a collection of isolated fieldbus networks, one at each machine. With Ethernet they get a unified network that is far easier to manage.
From an architectural perspective, the design is simpler and cleaner, making troubleshooting easier and giving users the ability to log on from anywhere. Once connected, tools can be used to see if a node is responsive, and to harvest detailed data for better decision making. Bottom line: bringing Ethernet onto the plant floor opens the door to engineering capabilities that current fieldbus networks can’t handle, from the free flow of production data to simplified device monitoring and maintenance. There are a few issues, however, that engineers should keep in mind as they make the move.
Five Critical Issues to Consider
- It’s an evolution, not a revolution. As demands on the plant floor exceed the capabilities of legacy fieldbus networks, Ethernet is positioned as the successor. High bandwidth, single cable networks, and vertical integration are all key drivers in the evolution of plant floor technology. Ethernet builds on but does not necessarily have to replace fieldbus technology. One of the nice things about doing the Ethernet network is if there’s a legacy Fieldbus, you can make the move over to Ethernet in small blocks. It can be done at the Fieldbus level in stages, or it can be a higher-level integration to the corporate network or the server level of the network. Because this can be planned and done in small pieces, it makes it relatively easy to manage. You don’t have to rip everything out and start from scratch.
- Put a migration strategy in place. Installing Ethernet on the plant floor doesn’t require a complete overhaul. Due to devices such as proxies and gateways, it’s possible to design production lines and machines that integrate with existing equipment onto the network. Specific details of the migration can be addressed during budget and schedule analysis. The key is to have a strategy, not go at the project in a haphazard way. What will the end product look like? Everything you do should be based on that vision.
- Communicate and collaborate across functions. Working with IT early in the planning process lets companies clearly define roles and responsibilities for everyone involved. Web-based management tools and other technologies allow engineers to administer and maintain the plant floor network without IT tools or expertise. Especially with Siemens networking devices, all managed devices have Web-based management tools. Typically those implementing on the plant floor network are engineering personnel—they’re not IT. So it’s important to have IT involved in the planning process. If IT knows what production is planning on implementing on the plant floor, they can make suggestions on how to optimize the network from an IT perspective, improving security and manageability. Because engineers are on the frontline of implementation, the Web-based tools mean they don’t have to be IT experts. The collective vision, collaboratively arrived at, is key.
- Create a “DMZ” for security. One of the big issues on the manufacturing floor is separating the manufacturing network from the corporate or IT one. Creating a buffer, a “demilitarized zone” (DMZ) in the Ethernet infrastructure between the business and plant floor networks, helps ensure traffic from one doesn’t inadvertently flow to the other. This not only keeps unwanted traffic off the network, but also prevents unauthorized personnel from accessing areas that are off limits. The DMZ is created using security appliances that feature separate firewall rules for traffic moving between the plant floor, the DMZ, and the office network. Essentially it’s a separation point between IT and the engineering management areas.
- Use security devices designed for automation. When companies use tools designed with plant engineers in mind, the engineers can administer firewalls and secure VPN tunnels on their own. For example, you can deploy a dual firewall DMZ using a firewall on the office network and a firewall on the plant floor. Both IT and plant floor engineers would own the firewall on their side of the network. This allows domain experts to maintain their own firewalls and reduces the possibility of a common security gap in the DMZ.