INOC
 
Home

Vol 10 Issue 1
 News
 Contents
 Products
 Safety
 Datafiles

Next Feature
 

 

 

Reliability options in industrial networks

Paul Taylor, Technical Manager at Hirschmann Electronics (UK) talked to editor Geoff Lock about Hirschmann/s HIPER Ring and other techniques for making Ethernet resilient

The main difference between an office grade network and an industrial network is the robustness or the hardness of the componentry you use. Office networks are usually in an environmentally controlled space with little variation in temperature or humidity. But in the industrial arena things are different. As well as extremes of temperature and humidity there is often severe electrical interference. So in addition to being hardened, industrial networks need technology to be applied in a different way.

In office applications, hardware is often concentrated in a central wiring closet and a star topology is usually used to connect back from locations around the building. This makes practical sense, as it is cost effective and makes it easy for a small number of IT staff to monitor and maintain the switches, routers and hubs all located in one place. There is little electrical noise in an office and the central point of failure is usually overcome by duplication of equipment and laying on back-up power supplies. Disruption can be minimised but it will still take a few minutes for the recovery systems to come into operation.

For industrial networks and applications this kind of delay whilst a system recovers from failure is unacceptable. Most industries measure downtime in terms of the cost per minute of lost production in thousands of pounds and for this reason downtime avoidance is the single biggest driving force in the design of manufacturing systems. Single points of failure are designed out of the system from the start. It has long been standard practise in production environments for designers to use smaller PLCs for localised control of processes and applications rather than centrally wiring everything back to one large PLC that controls everything. This has the double advantage of making it possible to take just a small section of the plant down for maintenance rather than an entire plant. In the event of failure only one section need be affected.

However industrial networks are still being wired in star topologies that introduce single points of failure, exactly as in office environments. There are actually other topologies that could be used that will avoid this situation.

Distributed control

Taking a leaf from the industrial design book, most industrial networks are now designed using the principle of distributed control. A backbone of smaller Ethernet switches can be built up, using fibre optic, which is inherently immune to electrical noise. This then delivers the UTP connection almost directly to the PLC or end device that requires it, keeping UTP cable runs (which are susceptible to electrical noise) as short as possible. Single points of failure in the fibre links that connect the smaller switches together can be partly overcome by thinking about where they are placed.

Common practise is for there to be several cable trays running around the factory - one for data, one for low voltage power, one for medium voltage power and so on. Normally the fibre would be put in the data tray but usually this is the most packed and the one most often disturbed. An idea gaining more acceptance now is to place the fibre alongside the medium voltage power, as that cable tray is usually kept well out of harm's way and in addition has the kind of large radius bends preferred for fibre.

Although this might minimise the possibility of a link failure it does not remove the fact that there is a single point of failure. To get rid of that, we have to be a bit smarter.

There are several redundancy mechanisms in existence, some of which are practical for industrial applications, and some of which are more suited to office applications. Having looked at what was available, as a pioneer of industrial networks Hirschmann designed their own which is called HIPER ring. HIPER ring has since become a de facto standard in industrial networks, endorsed by major PLC and distributed control system manufacturers including Siemens, ABB, Emerson, Schneider and Rockwell. It has also been the inspiration for many competitors.

The HIPER ring works by wiring together all the smaller switches (normally anything up to about 80 switches) in a ring. Strictly speaking Ethernet is not supposed to be wired in a ring topology, as it can cause major problems including broadcast storms. What HIPER ring does is deactivate one of the links in the ring to data traffic, whilst still monitoring that the link is functioning. In the event that one of the links in the ring fails, the deactivated link is brought back 'on-line' within 200-300 milliseconds. This is fast enough for most industrial applications but not fast enough for all, so Hirschmann is working on reducing this time to about 50 milliseconds. All this is transparent to the user, though of course there is notification that a link has broken and needs attention.

Fast acting

HIPER ring is not the only ring redundancy method and there are others such as Moxa's Turbo Ring and On-Time Networks' ring redundancy, but these are very similar to HIPER Ring, which is about the fastest method of link redundancy available. The oldest and most common is called Spanning Tree Protocol, which was designed for use in IT environments. It is fine for IT but is limited to just seven switches and takes a minimum of 30 seconds to reconfigure itself when there is a failure. This amount of delay may not be a problem in the office, but in an industrial environment in this time you could have a lot of glass bottles fall from the end of your production line and smash on the floor, or even worse.

Spanning Tree has been developed into Rapid Spanning Tree Protocol (RSTP), which reconfigures in less than one second, but the limitation of seven switches remains, for compatibility with Spanning Tree. Recovery within one second is acceptable for industrial use, but RSTP was also designed with IT users in mind. A major limiting factor of RSTP is that although the system may be back up inside one second, the possibility of loops in the network still exists until it stabilises some few seconds later.

Another method is known as trunking, or link aggregation - the duplication of links so that if one of them breaks then there is another already wired up. And of course a lot of redundancy is simple common sense, for instance not running all cables along the same path. If you have to get from the N wall to the S wall, you might run one cable around the W wall and one cable round the E wall, rather than running both in the same cable tray.

So network redundancy is basically about downtime in production environments effectively being eliminated. If there is a break in one of its wiring links, the network will recover and notify you that the break has occurred. And recovery will be such that everything keeps working. The next stage up from there involves redundant network devices such as switches and then on up to redundant end-devices such as PLCs and HMIs. In the end it comes down to how much money you have to spend.

HIPER Ring in action

WHEN dresden airport decided to upgrade its handling capacity to meet increasing passenger volumes the new terminal was fully networked using Hirschmann components, and a networking topology based on the HIPER Ring principle was used to upgrade completely the Gigabit Ethernet backbone for all the airport buildings.

A new inter-building data network was designed that connects up to 1000 ports and is capable of supporting the computers and printers of at least 15 different businesses and organisations that need to work together to run a modern airport. This network us used to interconnect travel agents, restaurants, shops and car rental firms as well as public service and government organisations including the German Federal Border Police and the Meteorological Office. The network is run by the airport operating company's IT Service Center, a division of Flughafen Dresden GmbH.

There are five backbone nodes distributed across the new terminal and existing buildings and these contain in the region of 50 sub-distribution boards connected by Gigabit Ethernet to the backbone. Within an airport there is a need to have protection against failure as even a short interruption in service can cause severe problems. Rather than use a Spanning Tree mechanism to give this protection, it was decided instead to use Hirschmann's HIPER Ring and dual homing (which guarantees that there are a redundant paths back from every switch) to give fast redundancy switching within the backbone of less than half a second. There is Gigabit Ethernet throughout and floor switches all have redundant power supplies. The configuration of all switches has been integrated with HP Open View and there is fully automated error monitoring with HiVision being used for diagnosis.

There are five buildings connected together on a 280 Hectare airport site, and where necessary there are network structures on several floors. The main backbone network uses MACH3000-series Gigabit Ethernet switches, of which there are five, supplemented by approximately 65 GES24TP Plus switches acting as standalone units or stacks.

Hirschmann

Reply number u116

 

Home    Magazine    Directory    Show Reviews    Links    Media Guide

© Copyright 2004 Magpye Publishing Ltd.