BRKIOT-2204.Pdf

Total Page:16

File Type:pdf, Size:1020Kb

BRKIOT-2204.Pdf BRKIOT-2204 Leveraging industrial device visibility and operational intent to inform security policies and controls Sunil Maryala – Technical Marketing Engineer IoT Daniel Behrens – Technical Marketing Engineer IoT Cisco Webex Teams Questions? Use Cisco Webex Teams (formerly Cisco Spark) to chat with the speaker after the session How 1 Find this session in the Cisco Events Mobile App 2 Click “Join the Discussion” 3 Install Webex Teams or go directly to the team space 4 Enter messages/questions in the team space cs.co/ciscolivebot#BRKIOT-2204 BRKIOT-2204 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 3 IT needs to be involved BRKIOT-2204 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 4 Common Security Discussions Secure Connectivity • What can connect • What can talk to what Threat Control • What is vulnerable • Protect the vulnerable Safe Environment • Network protection • Device protections Secure Remote Access • What are the controls for access • How to secure access BRKIOT-2204 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 5 Cisco IoT Threat Defense Segmentation Visibility & Analysis Remote Access Services Extensible, scalable Detect anomalies, block Secure third-party access with Reduce risk, design, deploy, segmentation to protect IoT threats, identify compromised control and visibility and respond to incidents while devices hosts protecting the business Identity Services Umbrella AnyConnect Design Engine/TrustSec Stealthwatch Assess risk Next-Generation FW ISE/TrustSec Incident response Cognitive Threat Analytics Advanced Malware Protection BRKIOT-2204 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 6 Converged Industrial Architectures IT Network Industrial DMZ Enterprise • ACLs, IPS and IDS Zone • VPN Services IT Core • Portal and Remote Desktop Services 100 -240 V~, 4.85A MAX , 50/60Hz T M • G Application and Data Mirrors M 7 5 3 1 E R M E L E R T IV O W A O T O L O C N D S P A B A VP H N 6 4 2 0 O C SPD LNK LNK SPD LNK SPD LNK SPD LNK SPD Remote Access Gateway Remote Desktop Gateway Industrial Manufacturing Zone ( Plantwide ) Application Mirror DMZ AV and Patch Management Cisco NGFW and • AAA Identify Services IPS Solutions • Network Management • Anomaly Detection Network AAA Identity Anomaly • Plantwide Services Management Services Detection DNS, DHCP, AD Services • Traffic Enforcement ( Plant to IDMZ, North/South ) Remote Access Services Application Services ( FT MFG Core Manufacturing Services ) Stealth Zone IND ISE W atch Area Zone • Traffic Enforcement ( Cell to Cell, East/West ) • QoS Prioritization ` 1 4 5 10/100/1000 PoE+ 8 9 12 100 -240 V ~, 50 -60 Hz, 2A 100 -240 V~, 50 -60 Hz, 2 A IN IN ~ ~ L N L N MODE + Hi - + Hi - OUT OUT 1 1 1 2 2 2 2 2 2 T T T S S S S S S E E E B B B D D D D D D D D D X X X N N N E E E L L L o o o Y Y Y P P P U U U S S S S S S E E E C C C C C U U U C ! 100 -250 V , 2 A 100 -250 V , 2 A P P P P P P GPS ANT. DIG. TIMECODE ANA. TIMECODE S S S TOD E E • E U U U G G G E E E O O O N N N D D D U U U P P P Y Y SXP Y E E E M M M 3 3 3 4 4 4 1 1 1 I I I S S S D D D S S S R R R T T T PSU1 PSU2 ALARMS PSU EXPRESS SETUP ! + Lo - + Lo - 13 16 17 100/1000 SFP 20 21 24 25 1000/10G SFP+ 28 24 -60 V , 10 A 24 -60 V , 10 A CONSOLE ALARM • Netflow IE-4k, 5K Area MGMT T T T + A A A E E E - - - N N N C C Industrial C E E E D D RESET D T T T M M M G G G - M M CON M A A A 8 8 8 5 5 5 4 4 4 6 6 6 - - - . 2 2 2 0 0 SYS 0 - - - 1 1 1 5 5 5 . + + + 2 2 2 Zone 1 E E E L L L + B B B O O O - - - S S S C C C N N N D D D O O O C C Distribution C 2 - E E E L L L ISA3000 IN1 IN2 OUT O O O S S S N N ! N 1 2 O O O ISA3000 ALARM C C C 3 4 D D 3 D R R R COM A A A C C C IN2 D D D S S ISA3000 ( Inter-Cell ) 4 S REF IN1 • Industrial DPI GE -1 SYS 1 5 9 13 EXP SET UP 2 6 10 14 3 7 11 15 GE -1 • PO E Hardware Bypass ( Logically Open, Electrically Closed ) 4 8 12 16 GE -2 2 3 1 4 8 5 GE -2 7 6 1. MD I0+ 5. MD I3+ 2. MD I0- 6. MD I3- 3. MD I1+ 7. MD I2- 4. MD I1- 8. MD I2+ AL AR M • 1 2 Stateful Firewall and IPS 5 AL ARM 4 3 1 2 1. NO 2. NC 3. UNCONNECTED 4. UNCONNECTED 5. COMMO N 4 3 CONSO LE 1. RD+ 3. RD- 1 2 2. TD + 4. TD - MD I-X 5 4 3 1. RT S 4. RXD 2. CTS 5. GND 3. TXD PO WER DC _A 4 2 DC _B 3 1 1.DC_B+ 3.DC_A- 2.DC_A+ 4.DC_B- ! 48-54Vd c 0.3-3.3A PoE 1 2 3 4 Cell P P P P X X X X R R R R E E E E D D D D E E E E P P P P L L L L / / / / C C C C E E E E P P P 1 P R R R R E E E E N N N N E E E E U U U U S S S S P P P P o o o o Y Y Y Y S S S D D D D P P P P S S S S H H H H S DISPLAY IE-2k, 3K, 4K MODE Cell Zone 2 CONSOLE 1 Zone - DUAL 2 3 DC-A MEDIA 3 + EXPRESS 4 SETUP 4 ! + 12-54V 3.4-3.0A USB D D D D EXP - R R R Industrial R A A A A DC-B SYS C C C • C POE / POE+ + 9 D D D IN1 D S S S S M M M M R R R 5 10 R IN2 A A A A L L L L A A A A 11 OUT 12 6 E E E E 5 6 o o o X o PoE P P P P Access COM OUT IN PWR CON 7 13 14 IN2 • 15 REF L2NAT 8 IN1 16 • 802.1X, MAB • QoS Marking • *Netflow (IE4K Only) • *TrustSec Tagging (IE4K Only) • *Edge Compute (IE4K Only) • What are the differences in Industrial Networks? Agenda • Implications to discovery • How do we get started? • Comparison of Active and Passive solutions • Identifying assets via industrial protocols via IND • Leveraging ISE for centralized security policies in Industrial Environments • Gaining visibility into device communication patterns with Stealthwatch • Industrial Security and Firewalls • Nature of Industrial protocols and Security • Cisco Firepower for Industrial Security BRKIOT-2204 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 8 Differences in Industrial Environments Industrial Traffic - Ethernet/IP IDMZ Engineering Laptop Manufacturing Zone Network CIP Implicit - Producers & Consumer Management >80% local Cyclical I/O traffic, UDP unicast and multicast <500 Bytes, Frequent 0.5 to 10’s of ms, typically 20 ms IE2K / IE4K HMI IE2K / IE4K IE2K / IE4K HMI CIP Explicit - Informational control and Controller administration IE2K / IE4K Intra- and inter-cell/area zone traffic flow IE2K / IE4K IE2K / IE4K IE2K / IE4K Non-critical administrative or data traffic using Drive Cell/Area Zone Cell/Area Zone TCP ~1500 Bytes, infrequent Above 500 ms BRKIOT-2204 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 10 Industrial Traffic - Profinet PROFINET CBA PROFINET IO • Component Based Automation • Connection between distributed IO Devices and Controllers. • Built on DCOM (Distributed Component Object Model) and RPC (Remote Procedure Call) • Defines three communication channels technologies • PROFINET NRT – Non-Real-Time • Object oriented approach to communications • PROFINET RT – Real-Time between distributed islands of automation • PROFINET IRT – Isochronous Real-Time • Provides a scalable architecture for dealing with • IP application protocols for configuration and complex distributed automation and control systems maintenance functions: DHCP, DCP, DNS, HTTP/S, etc Standard (IT) Communications Factory Automation Motion Control Response <100ms Response <10ms Response <1ms HMI/SCADA, PROFINET CBA PROFINET CBA/RT PROFINET IRT IT Applications PROFINET IO Motion Control TCP/UDP/IP Ethernet UDP / Ethernet Time-Sync Ethernet Non Real-time Real-time Isochronous Real-time 100ms cycle 10ms cycle <1ms cycle BRKIOT-2204 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 11 Some common ethernet protocols in industrial environments Manufacturing Utilities Others • CIP - Ethernet/IP • GOOSE • BACnet • Profinet – S7 • DNP3 • MTConnect • ModbusTCP • ModbusTCP • OPC ( DA, UA ) • IEC 61850 ( Goose ) • CC Link • FINS BRKIOT-2204 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 12 Industrial Network Topologies Star/Bus Linear Rings Redundant Star IE5K (Distribution IE5K (Distribution IE5K (Distribution Switch) Switch) Switch) Cell/Area Zone Cell/Area Zone Cell/Area Zone IE2K / IE4K IE2K / IE4K Cisco IE2KCatalyst / IE4K 2955 IE2K / IE4K HMI HMI Controllers Controller HMI IE2K / IE4K IE2K / IE4K Controllers IE2K / IE4K HMI Controllers, Drives, and Distributed I/O Controllers, Drives, and Distributed I/O Controllers, Drives,Cell/Area and Distributed Zone I/O Linear Ring Redundant Star Cabling Requirements Ease of Configuration Implementation Costs Bandwidth Redundancy and Convergence Disruption During Network Upgrade Readiness for Network Convergence Overall in Network TCO and Performance Worst OK Best BRKIOT-2204 © 2019 Cisco and/or its affiliates.
Recommended publications
  • PROFINET for Network Geeks
    PROFINET for Network Geeks (and those who want to be) Introduction PROFINET is an open Industrial Ethernet standard. It is a communication protocol that exchanges data between automation controllers and devices. With over 25 million installed nodes (as of 2018), PROFINET is one of the most widely used Industrial Ethernet standards worldwide. But even though millions of users are familiar with PROFINET, not all users understand how it works. This white paper starts with a brief overview of Ethernet and the 7-layer ISO-OSI model. Then, it describes how PROFINET’s 3 communication channels fit in the model: TCP/IP and UDP/IP, Real-Time (RT), and Isochronous Real-Time (IRT). 1 Ethernet The transition from using 4-20 mA analog signals for I/O communication to digital fieldbuses provided the benefits of reduced wiring, access to network data, and robust diagnostics. The later transition from digital fieldbuses to Ethernet was also similarly a shift to a more modern technology. Ethernet incorporated and improved upon the benefits of fieldbuses. Ethernet is ubiquitous and PROFINET uses standard Ethernet. Ethernet gives PROFINET the ability to provide faster updates, more bandwidth, larger messages, an unlimited address space, and even more diagnostic capabilities. Also, as commercial Ethernet evolves, PROFINET can take advantage of these physical layer improvements. Figure 1 ISO-OSI Model The ISO-OSI Model Ethernet-based communications can be represented by a seven-layer model: the ISO/OSI Reference Model. The model generically describes the means and methods used to transmit data. Each layer has a specific name and function, as shown in Figure 1.
    [Show full text]
  • Communication Method for Manufacturing Services in a Cyber–Physical Manufacturing Cloud
    International Journal of Computer Integrated Manufacturing ISSN: 0951-192X (Print) 1362-3052 (Online) Journal homepage: https://www.tandfonline.com/loi/tcim20 Communication method for manufacturing services in a cyber–physical manufacturing cloud S. M. Nahian Al Sunny, Xiaoqing F. Liu & Md Rakib Shahriar To cite this article: S. M. Nahian Al Sunny, Xiaoqing F. Liu & Md Rakib Shahriar (2018) Communication method for manufacturing services in a cyber–physical manufacturing cloud, International Journal of Computer Integrated Manufacturing, 31:7, 636-652, DOI: 10.1080/0951192X.2017.1407446 To link to this article: https://doi.org/10.1080/0951192X.2017.1407446 Published online: 24 Nov 2017. Submit your article to this journal Article views: 214 View Crossmark data Citing articles: 2 View citing articles Full Terms & Conditions of access and use can be found at https://www.tandfonline.com/action/journalInformation?journalCode=tcim20 INTERNATIONAL JOURNAL OF COMPUTER INTEGRATED MANUFACTURING 2018, VOL. 31, NO. 7, 636–652 https://doi.org/10.1080/0951192X.2017.1407446 ARTICLE Communication method for manufacturing services in a cyber–physical manufacturing cloud S. M. Nahian Al Sunny, Xiaoqing F. Liu and Md Rakib Shahriar Department of Computer Science and Computer Engineering, University of Arkansas, Fayetteville, AR, USA ABSTRACT ARTICLE HISTORY The integration of cyber–physical systems and cloud manufacturing has potential to change manufac- Received 1 November 2016 turing processes for better manufacturing accessibility, agility, and efficiency. To achieve this, it is Accepted 13 November necessary to establish a communication method of manufacturing services over the Internet in order 2017 to access and manage manufacturing resources from the cloud.
    [Show full text]
  • Configuring PROFINET
    CHAPTER9 Configuring PROFINET This chapter describes how to configure the PROFINET feature on the Cisco IE 3000 switch. • Understanding PROFINET, page 9-1 • Configuring PROFINET, page 9-4 • Displaying the PROFINET Configuration, page 9-5 • Troubleshooting PROFINET, page 9-5 Understanding PROFINET PROFINET is the PROFIBUS International (PI) open Industrial Ethernet Standard that uses TCP/IP and IT standards for automation control. PROFINET is particularly useful for industrial automation systems and process control networks, in which motion control and precision control of instrumentation and test equipment are important. It emphasizes data exchange and defines communication paths to meet speed requirements. PROFINET communication is scalable on three levels: • Normal non-real-time communication uses TCP/IP and enables bus cycle times of approximately 100 ms. • Real-time communication enables cycle times of approximately 10 ms. • Isochronous real-time communication enables cycle times of approximately 1 ms. Note The switch does not support isochronous real-time communication channels. PROFINET IO is a modular communication framework for distributed automation applications. PROFINET IO uses cyclic data transfer to exchange data, alarms, and diagnostic information with programmable controllers, input/output (I/O) devices, and other automation controllers (for example, motion controllers). PROFINET IO recognizes three classes of devices: • IO devices • IO controllers • IO supervisors Cisco IE 3000 Switch Software Configuration Guide OL-27302-02
    [Show full text]
  • Ethernet in the Automation Industry Part 3: Modbus TCP and PROFINET
    TECHNICAL ARTICLE | Share on Twitter | Share on LinkedIn | Email Ethernet in the Automation Industry Part 3: Modbus TCP and PROFINET In the first part of this series, we examined Ethernet’s numerous advan- of EtherNet/IP, Modbus TCP, and some forms of PROFINET all allow for this tages over fieldbuses within industrial automation and control. Ethernet level of interaction through CPwE. Ethernet, IP, and TCP/UDP can be used solutions offer superior bandwidth and lower equipment costs, as well at layers 2, 3, and 4, respectively, for communications between network as the ability to be extended across the entire plant as single networks devices running standard protocols. linking the factory floor with enterprise IT. With that third characteristic in mind, we also began, in the second part, to delve into converged Modbus TCP and PROFINET for Interoperable and plant-wide Ethernet (CPwE), the reference architecture jointly developed Interconnected Networks by Rockwell Automation and Cisco to encourage the modernization of IAC Let’s look at the two Ethernet-based solutions—Modbus TCP and a few 1 systems through the use of standard Ethernet in tandem with the IP suite. versions of PROFINET—that can interact with EtherNet/IP and other protocols (for example, HTTP, FTP, Telnet, etc.) without requiring the CPwE Overview and Wrap-Up implementation of nonstandard network interface cards and/or switch- CPwE is, at its heart, an attempt to help manufacturers move past the ing infrastructure. Both of these standards are popular, with PROFINET complexity of disparate legacy serial networks and achieve the service accounting for 8% of all industrial networks as of January 2015, and integration, straightforward maintenance, and high availability that they Modbus TCP holds 3% of the same market.
    [Show full text]
  • Inter-Device Connectivity and Foundations of Industrial Internet
    Inter-device Connectivity and Foundations of Industrial Internet Cyber-physical Automation William Sobel – MTConnect Chief Architect Me • Will Sobel • System Insights – Predictive Analytics 4 Mfg • Chief Strategy Officer • MTConnect Chief Architect and Chair of TSC • Done lots of stuff for many industries Agenda • Inter-device connectivity – Demonstration of Part 3.1 Interfaces • Industrial Internet – MTConnect as foundation of industrial internet Inter-device connectivity using read-only communication Observation Communication Pattern MTCONNECT INTERFACES Interfaces h1p://… h1p://… Agent Agent HTTP$Get$–$Read$Only Control Safety$ Control By$Design Executive Executive Connectivity Present - $$$$ MTConnect - $ Vendor Specific Vendor Robot CNC Application Application Controller Controller Software Software Custom Interface Custom Interface Robot Controller CNC Controller PLC PLC Cell Controler Adapter Executive Executive Adapter MTConnect Agent MTConnect Agent Custom Custom Interface Interface Application Specific Software Distributed Intelligence Present MTConnect Cell Controler Wires Haas Robot Ready Option - 2014 Communications Present MTConnect <<PartArchetypeComponentStream assetId component="X11255678="MaterialHandlerInterface" timestamp="2004-10-05T12:00:00Z" " States revisionIdname="material="7"> " componentId="ml2"> …<Events > <ProcessStep stepId="40”> <LinkState dataItemId="ls" timestamp="2015-04-23T18:15:50.129272Z" <Description>FINISH FWD</Description> …>ENABLED</LinkState> <Targets> Off On <<MaterialLoadTargetDevice subType>SL-75</="TargetDeviceREQUEST">>ACTIVE
    [Show full text]
  • AIT Presentation
    Distributed Sensors & Connectivity as the answer to future grid requirements Karl-Heinz Mayer Director Engineering Innovation & Program Management AIT Industry Day – September 11th, 2015 © 2015 Eaton Corporation. All rights reserved. Power business – status quo • Electricity is still the backbone and driver of mankind‘s productivity – this seems not to be changed soon 2 © 2015 Eaton Corporation. All rights reserved. 2 Power business – status quo • Electricity is still the backbone and driver of mankind‘s productivity – this seems not to be changed soon • Climate changes are requesting less CO2 emission despite the worldwide increase of power demand Green Energy; programs for ISO 50001, LEED,…certifications 3 © 2015 Eaton Corporation. All rights reserved. 3 Power business – status quo • Electricity is still the backbone and driver of mankind‘s productivity – this seems not to be changed soon • Climate changes are requesting less CO2 emission despite the worldwide increase of power demand Green Energy; programs for ISO 50001, LEED,…certifications • Consumer – Prosumer transformation requests new system approaches Virtual power plants 4 © 2015 Eaton Corporation. All rights reserved. 4 Technology trends are lowering the hurdles to develop and connect more intelligent devices • Semiconductor component costs continue to decline • Functionality and power management performance improving • Pervasiveness of communications increasing • Cloud services and development tools are being used more and more…and their costs are dropping dramatically with scale 5 © 2015 Eaton Corporation. All rights reserved. 5 Future challenges 1. Growing Electricity 2. Electricity Peak 3. Increasing Variable 4. Increasing Demand & Ageing Management Energy Generation Integration of Electric Infrastruture Vehicle World Energy Consumption by fuel type, 1990-2040 - Source : EIA (2013) 6 © 2015 Eaton Corporation.
    [Show full text]
  • Profibus and Modbus: a Comparison
    James Powell, P. Eng. Profibus and Modbus: a comparison We live in a multi-protocol In this article, we will provide an overview col that only Modicon could use. However, of both protocols and discuss their key it was later published royalty-free so that world – and this will likely strengths and applications. Comparing the anyone could use it. Finally, Modicon made not change anytime soon. two, we’ll see that both protocols have their it an open protocol. When it was published, own particular strengths. We’ll also discuss a number of companies started using it, Different protocols work which one works best in which applications creating different interpretations and modi- better in different applica- – although there is some overlap in what fi cations of the original specifi cation. As a each can do. What’s more, they can com- result, there are now quite a few variations tions. I have not come to plement each other in joint applications. in the fi eld. bury Modbus or Profibus, Introduction to Modbus The specifi cation document is fewer than nor to praise them, but 100 pages in length, which is a good indica- rather to add some per- Modbus is the “granddaddy” of industrial tion of the protocol’s low level of complex- communication protocols. It was originally ity. In comparison, Profi bus’ specifi cation spective and knowledge. designed in the mid-1970s by Modicon as document is thousands of pages long. a way to link intelligent devices with PLCs using a simple master/slave concept. The term “Modbus” typically refers to one of three related protocols: Modbus ASCII, “Simple” is a key descriptor for Modbus – Modbus RTU, or Modbus TCP/IP:1 and also its biggest strength.
    [Show full text]
  • Webaccess Driver List & Connectivity
    Advantech WebAccess® SCADA software ver 8.4 Driver List Manufacturer Models WebAccess Driver Type Advant Controller models: AC31, AC80, AC410, AC450. Modbus via MVI module. Modbus (Modicon) SERIAL 4600 Dissolved Oxygen Analyzer Modbus (Modicon) SERIAL Commander 1900 Controller Recorders. Modbus (Modicon) SERIAL ABB INSUM Modbus-LON Network Gateway Modbus (Modicon) SERIAL MODCELL, MOD 30ML and Commander 100, 150, 200, and 300 Loop Controllers. Modbus (Modicon) SERIAL Freelance 2000 Distributed Control System (DCS) via OPC OpcBw OPC Mod 300 DDE Server BwDDE DDE Adlink NuDAM 6000 I/O ADMIO SERIAL ADAM 2000 Modules ADAM2K SERIAL ADAM 4000 Modules ADAM4K/Modicon SERIAL ADAM 4000 I/O ADMIO SERIAL ADAM 5000 Series ADAM5KASC SERIAL ADAM 6000 Series AE6000 SERIAL BAS3000 series controller BAS3000 SERIAL BAS3000 BAS3000BC SERIAL WebOP HMI WebOP SERIAL & TCP/IP WISE-M501/M502 Modicon Modbus SERIAL & TCP/IP ADAM-6000 Ethernet ADAM6K/AE6000 TCP/IP ADAM-5000 Ethernet ADAM5KE TCP/IP Advantech Industrial Automation Platforms with DiagAnywhere AdvDAinfo TCP/IP APAX series controller APAX TCP/IP BAS3000 series controller BAS3000 TCP/IP BAS3000 BACnet Module BAS3000BC TCP/IP EKI Series BwSNMP TCP/IP Advantech ICOM Modbus gateway ModbusGW TCP/IP WISE-PaaS/RMM (Advantech SUSIAccess) SUSI_WA TCP/IP WebAccess SCADA (Super SCADA) WASCADA TCP/IP B+B Wzzard BnBWzzard TCP/IP WISE Module WAMQTT TCP/IP ADAM-3600 WAMQTT TCP/IP ECU-1152 WAMQTT TCP/IP General Purpose Interface Board Driver, Advantech PCI-1670 card BWGPIB API TPC 1X71H series I/O TPC1X71H Build-in WebAccess
    [Show full text]
  • Anybus® Communicator™ CAN PROFINET® IRT (2.32)
    Anybus® Communicator™ CAN PROFINET® IRT (2.32) USER MANUAL SCM-1202-035 1.3 en-US ENGLISH Important User Information Disclaimer The information in this document is for informational purposes only. Please inform HMS Industrial Networks of any inaccuracies or omissions found in this document. HMS Industrial Networks disclaims any responsibility or liability for any errors that may appear in this document. HMS Industrial Networks reserves the right to modify its products in line with its policy of continuous product development. The information in this document shall therefore not be construed as a commitment on the part of HMS Industrial Networks and is subject to change without notice. HMS Industrial Networks makes no commitment to update or keep current the information in this document. The data, examples and illustrations found in this document are included for illustrative purposes and are only intended to help improve understanding of the functionality and handling of the product. In view of the wide range of possible applications of the product, and because of the many variables and requirements associated with any particular implementation, HMS Industrial Networks cannot assume responsibility or liability for actual use based on the data, examples or illustrations included in this document nor for any damages incurred during installation of the product. Those responsible for the use of the product must acquire sufficient knowledge in order to ensure that the product is used correctly in their specific application and that the application meets all performance and safety requirements including any applicable laws, regulations, codes and standards. Further, HMS Industrial Networks will under no circumstances assume liability or responsibility for any problems that may arise as a result from the use of undocumented features or functional side effects found outside the documented scope of the product.
    [Show full text]
  • PROFINET Basics – Revision 1.0
    CoNeT Mobile Lab 3 PROFINET ON PHOENIX CONTACT PLATFORM - PROFINET basics – Revision 1.0 Co-operative Network Training University of Applied Sciences Duesseldorf Process Informatics Laboratory (Pi-LAB) http://www.pi-lab.de Contact: [email protected] CoNeT Mobile Box 3 – PROFINET on PC WORX 2 CoNeT Mobile Box 3 – PROFINET on PC WORX Contents PROFINET BASICS ................................................................................................................ 5 What is PROFINET? ............................................................................................................................................ 5 Function classes of PROFINET ........................................................................................................................... 5 COMMUNICATION AND SECURITY ................................................................................ 7 PROFINET Communication Concept ................................................................................................................ 7 PROFINET Security Concept .............................................................................................................................. 7 Questions ................................................................................................................................................................ 8 PROFINET VS. PROFIBUS ................................................................................................. 10 Advantages of PROFINET ................................................................................................................................
    [Show full text]
  • Profinet Vs Profibus
    Profinet vs Profibus Pouya Aminaie1 and Poorya Aminaie2 1Department of ECE, Shiraz University, Shiraz, Iran 2 Department of ECE, Shahid Beheshti University, Tehran, Iran E-mail: [email protected] Abstract We present a step by step definition of Profinet and Profibus. We introduced different types of each of the two communication protocols. We then described the topology and performance of each one individually. Finally, the properties of them have been compared to show that which one has better performance in the industry. Keywords: Profinet, Profibus, Industrial Ethernet and Communication Networks 1. Introduction 1.1. Profinet Profinet is the abbreviation for Process Field Net, which refers to technical standards for data communication through Ethernet in the industry. These types of standards are used for gathering data and controlling industrial equipment. As can be seen from Fig.1, Profinet satisfies all the needs of industrial technologies. Fig.1 Requirement of automation technology [1] 1 The need for Profinet is felt in production automation and processing automation sections, where its use can resolve many of these needs. Profinet can be divided into two main categories, as follows: • Profinet IO • Profinet CBA 1.2. Profibus The word Profibus is taken from the phrase Process Field Bus. The scope of this protocol covers from the field level to the control level. The advantages of Profibus are as follows: 1. Low noise acceptance due to twisted pair cable being the transmission interface. 2. Appropriate bandwidth due to the use of an appropriate transmission method such as RS485. 3. Secure and non-interfering data exchange for using the token pass access method.
    [Show full text]
  • A Cyber-Physical Machine Tools Platform Using OPC UA and Mtconnect
    A Cyber-Physical Machine Tools Platform using OPC UA and MTConnect Chao Liua, Hrishikesh Vengayila, Yuqian Lub, and Xun Xua* a Department of Mechanical Engineering, University of Auckland, Auckland 1010, New Zealand b FRAMECAD Ltd, Auckland 1072, New Zealand *Corresponding author: [email protected] ABSTRACT: Cyber-Physical Machine Tools (CPMT) represent a new generation of machine tools that are smarter, well connected, widely accessible, more adaptive and more autonomous. Development of CPMT requires standardized information modelling method and communication protocols for machine tools. This paper proposes a CPMT Platform based on OPC UA and MTConnect that enables standardized, interoperable and efficient data communication among machine tools and various types of software applications. First, a development method for OPC UA-based CPMT is proposed based on a generic OPC UA information model for CNC machine tools. Second, to address the issue of interoperability between OPC UA and MTConnect, an MTConnect to OPC UA interface is developed to transform MTConnect information model and data to their OPC UA counterparts. An OPC UA-based CPMT prototype is developed and further integrated with a previously developed MTConnect-based CPMT to establish a CPMT Platform. Third, different applications are developed to demonstrate the advantages of the proposed CPMT Platform, including an OPC UA Client, an advanced AR-assisted wearable Human-Machine Interface and a conceptual framework for CPMT powered cloud manufacturing environment. Experimental results have proven that the proposed CPMT Platform can significantly improve the overall production efficiency and effectiveness in the shop floor. Key words: Cyber-Physical Machine Tools; Machine Tool 4.0; digital twin; OPC UA; MTConnect 1.
    [Show full text]