The best Ethernet may be coming
Advances in security, data transmission reliability, and environmental packaging have readied wireless Ethernet for demanding industrial applications
By Patrick McCurdy, Ira Sharp, and Nicholas Sheble
As Ethernet and Internet Protocol (IP) connectivity quickly become the “serial port” of the future, it is clear wireless technology trends will closely follow, providing ever-greater network and data access.
Wireless Ethernet capabilities via technology based on public standard IEEE 802.11 has gained commercial success. A quick look at available wireless networks from your laptop in virtually any public place or even your residential neighborhood is sure to find few.
However, just because a technology is approaching critical mass in the commercial world, does that mean it is ready for use in industrial applications?
While industry asked this question and answered regarding wired Ethernet (yes), it still remains a viable query regarding wireless applications. In addition to providing a broad comparison of different spread spectrum wireless technologies currently deployed in industrial automation applications, this article will explore the industrial use of public standard IEEE 802.11 technology.
Three modulation techniques
Wireless is a shared medium; therefore, different techniques are necessary to assure multiple signals can coexist in the same frequency range. The allocation of frequency for different uses is typically the role of government agencies.
In the U.S., this agency is the Federal Communication Commission (FCC). Typically, government agencies set aside some spectrum for public use. Different users and applications must share this public use; therefore for unlicensed applications, there is typically a limit set for the power that can be transmitted, and additionally some type of spectrum spreading technique is necessary. The allocation of frequencies requires sharing of frequencies when at all possible.
The requirement for spread spectrum in unlicensed applications is a good thing in terms of robustness and reliability for industrial applications. Spreading the communication over a wider frequency range means the signal transmission more readily overcomes EMI or RFI emitted from industrial equipment, from licensed users, or from unlicensed radios.
Let’s look at three spreading or modulation techniques: Frequency Hopping Spread Spectrum (FHSS), Direct Sequence Spread Spectrum (DSSS), and Orthogonal Frequency Division Multiplexing (OFDM).
FHSS radios take a piece of information that is about to transmit and divides it up into small packets. The packets then flow across the band by selecting pseudo-random frequencies within the band.
The bit of information transmits at one frequency and does so with a lot of power, giving it the ability to overcome many sources of noise that may arise. Packets transmit as signals on different frequencies, and upon receipt, the technology provides for checking the signals for errors.
The complex transmission of data packets effectively addresses interference. Although interfering signals can knock a packet out of a FHSS signal’s hop pattern, the rest of the updates generally reach the receiver, no matter how powerful the interference.
We, therefore, say FHSS technology “tolerates” interference. In addition, transmitting small targets that constantly and randomly jump frequencies makes it almost impossible for someone to tap into the signal. The robustness of the data transmission makes technology based on FHSS very attractive for the high EMI/RFI world of industrial applications.
DSSS radios continuously spread data across a wide portion of the frequency band and rely on processing to address interference. The information also segments into individual packets but now grouped together with a bit sequence, which we call the chipping code.
This effectively takes the packets of information and divides them into several segments, essentially making one piece of information become several pieces of information. These pieces of information then transmit at the same time across a series of frequencies called a channel.
This is possible because the series of information can ship at a much lower power then the FHSS technique. With DSSS, multiple packets of information transmit at the same time, so faster transmission speeds are possible.
If one or more bits suffer damage due to interference during transmission, the system restores the data, but this will likely decrease the transmission speed or overall performance.
Providing limited protection against interference, DSSS radios can lose data if excessive noise or other equipment on the same bandwidth interferes with the signal. DSSS moves many bits per second and is typically used for IEEE 802.11b high-speed radio applications.
Lastly, OFDM relies, once again, on dividing information into packets. Next, those packets are again broken up into smaller packets and transmitted across a series of frequencies similar to DSSS but now in smaller chunks.
These smaller chunks of data transmit simultaneously, allowing for much greater speeds then FHSS or DSSS.
ISM frequency bands
In the U.S., there are three frequency bands set aside for public use without a FCC license. These are the Industrial, Scientific, and Medical (ISM) bands: 902MHz – 928MHz, 2.4GHz – 2.4835GHz, and 5.15GHz – 5.850GHz.
It is important to note there is global acceptance that the 2.4 GHz band is an unlicensed band with limited transmit power. This power limitation typically equates to 100mW on IEEE 802.11 products.
However, in the U.S., the power allowed is greater, which generally means in unlicensed applications output power ratings up to 1 Watt. Industrial IEEE 802.11 solutions are available in the U.S. with higher power rating then the universally accepted 100mW.
In general, all three bands have their place in industrial applications, and each has its potential strengths and weaknesses.
Wi-Fi, WLAN, wi-Ethernet
IEEE 802.11a/b/g actually describes three variants of the wireless Ethernet standard currently implemented in commercial and increasingly industrial applications. These three variants platform on the same physical layer of the OSI model and in part define what band the wireless network will use along with the modulation technique.
Additional jargon used to describe devices based on IEEE 802.11 standards includes “Wi-Fi,” “W-LAN,” and “Wireless Ethernet.” A brief overview of the differences between 802.11a, b, and g follows:
802.11a: This standard describes operation in the 5 GHz band and uses OFDM, thereby enabling raw transmission rates up to 54 Mbps. Some countries have other uses (air traffic control and military) defined for this band, so it is therefore not globally accepted to be used in ISM applications. In some cases, it works inside buildings with limited power. In the U.S., the 5GHz band operates as the other 900MHz and 2.4 GHz ISM bands. One advantage of IEEE 802.11a is it operates with the same data rates (54 Mbps) as IEEE 802.11g but escapes the sometimes-crowded 2.4GHz channels. Less interference in the 5GHz band means the potential for more reliable transmission.
802.11b: This standard, adopted in 1999, uses the 2.4GHz band with DSSS modulation. The raw transmission rate is limited to 11 Mbps.
802.11g: This standard adopted the OFDM technology of 802.11a in the globally accepted 2.4 GHz band. Using the OFDM technique over the air, data rates can be increased to 54 Mbps. It is important to note 802.11g is backwards compatible with 802.11b and given its increased over the air data rate capability will likely replace 802.11b as price points are expected to lower in the future.
As to which one is the best for a given application? That depends on common application issues as speed requirements, 2.4 GHz traffic, interoperability with other equipment, and sometimes distance.
Security and encryption
With wired communication, a physical electrical connection is the transmission medium, which means a physical connection, or at least physically close inductive coupling, is required to intercept the signal. Because wireless communication uses an open and shared medium (the air), anyone can technically receive a signal or message after it transmits.
The sometimes ease of reception of wireless signals is therefore the technical reason security concerns are often a barrier to wireless adoption in industrial applications. When public standard technology such as that based on IEEE 802.11 standards is used, this concern is sometimes greater since the standard is technology using public information.
Wireless technology has been the target for many different types of attacks for years. These attacks are diverse in scale and reasoning from trying to collect personal information to causing harm in an infrastructure resulting in network downtime. These attacks may cost companies hundreds of thousands of dollars in lost productivity.
Because of this, the need to protect the wireless network and the information that broadcasts on it is essential. In the public 802.11 standard, there are several different levels of security or encryption that have evolved over time.
When the 802.11a/b subsets first came out, the IEEE struggled with what level of encryption should be required to comply with the standard. Wired Equivalency Privacy (WEP) was the choice. WEP provided the same level of security to the wireless network that a wired Ethernet network provided. This level of encryption did not serve as a good level of security in the wireless standard because inherently wireless systems are less secure then wired systems.
Wireless attackers preyed on this variability of security. Today this level of encryption is so susceptible to wireless attacks that even a novice computer user can find the tools online that will allow access to any WEP encrypted network.
Therefore, a higher level of security needed to be developed. Wi-Fi Protected Access (WPA) entered to meet this need. WPA is based on the same type of encryption used in WEP, although advancements where made providing for more secure communications. Two major advancements WPA provides over WEP are authentication and dynamic keys.
The authentication process helps restrict rogue client (wireless end devices) access. There are two levels of this authentication Pre-Shared Key, which is generally at work in Small Office Home Office networks where only a low level of security is required.
The higher level of authentication security is 802.1x, a standard by the IEEE to provide secure communication between the client device and authentication server such as a Remote Authentication Dial in User Service. This server is responsible for verifying client devices and allowing access to the network. This level of authentication is generally in enterprise networks.
Dynamic keys are also a large factor in the security of a wireless network. Keys are the component of a wireless system that encrypts the outgoing information. To communicate on a wireless network, the client device must know the key. A wireless network is breached or hacked when an undesired client device gains access to the network, which means someone has found or cracked the key.
One way to keep the network secure is to change the key used continuously. This is possible by using Temporal Key Integrity Protocol, which creates dynamic keys or keys that are constantly changing. Overall WPA is a good form of security. It provides a high level of protection from many different types of wireless attacks. However, WPA security is still vulnerable to more sophisticated wireless attackers because the encryption comes from the previous WEP standard. Because of this, if a completely secure network is required, WPA and WEP are not the suitable security standards.
The IEEE committees recognized this problem and developed a new security standard IEEE 802.11i, also known as WPA2. The WPA2 uses a completely new form of encryption called Advanced Encryption Standard (AES). The government previously used AES as a replacement for the Data Encryption Standard to protect all of the government’s wirelessly transmitted information. This new high level of encryption is “unhackable” according to many security experts today. We define “unhackable” as keeping unauthorized users off the network, eliminating their ability to cause harm to the infrastructure and retrieve sensitive information that the wireless system may be communicating.
The WPA2 security also maintains a high level of authentication by employing 802.1x to communicate to an authentication server providing the most secure form of wireless communication. WPA2 offers more then just the highest level of security and allows for pre authentication.
Pre-authentication allows a client device the ability to connect with one access point while becoming authenticated with another. This allows the client to roam from access point to access point seamlessly without losing a wireless connection.
An example of this would be a laptop monitoring network status wirelessly. As the laptop moves around the factory away from one access point towards another, it detects the signal from the one access point is becoming weaker and the signal from another access point is becoming greater. Rather than the laptop continuing to lose signal strength and slow speed, it switches access points to maintain the best wireless connection. Older security standards like WEP and WPA will allow the wireless signal to become weaker and speed to slow until the network is unusable. Then after losing a connection, the laptop will search and reconnect to the network using another access point. This will cause a loss of a network connection and a delay in getting information.
Overall, WPA2 is currently the best security available to protect wirelessly transmitted information combining an “unhackable” encryption with the security from 802.1x authentication and a seamless wireless connection with pre-authentication.
Conventional thinking has it that limitations on data throughput, performance, and RF behavior mean wireless Ethernet based on IEEE 802.11 technology is not yet capable of the determinism required for critical process control applications.
However, the ability to increase data access via WLANs, provide Ethernet TCP/IP access to remote installations, and bridge networks enable some exciting application possibilities within the industrial space.
However, as is often the case, industrial applications require special hardware and software considerations. On the hardware side of things, environmental concerns are typically the most important. Products packaged for use in control cabinets or that have IP 67 ratings so they can be mounted as stand-alone in the tough environment of the factory floor are often necessary.
Additionally, increased operation reliability means greater emphasis on filtering of the RF signal and immunity to EMI, RFI, and even influences of lightning then what might be required of an office environment equivalent.
The RF environment in an industrial application also must contend with a phenomenon called multi-path. This is the effect when radio waves strike a very dense object such as metal or stone, and they reflect off much as a mirror reflects light. Some of the reflected waves reach the receiving antenna at different times then the intended signal and therefore out of phase. This effect can seriously degrade, and in some cases, completely cancel the received signal.
Since the industrial landscape is typically crowded with large metal structures, multi-path interference is especially problematic. The solution to multi-path problems found on industrial solutions is “antenna diversity.” Two antenna ports are on the receiving unit, and an internal circuit selects the antenna that receives the stronger signal.
Another issue regarding industrial use of the IEEE 802.11 is the suitability of the physical and software interface to the industrial application. Solutions need to meet application and interface requirements of both the controls engineer as well as the most involved IT department.
As an example, new products on the market allow a control engineer to use an Ethernet radio to address remote I/O via add-on modules that can accept addresses via XML or MODBUS TCP/IP. Since many serial devices still exist in industrial applications, it is helpful to have serial gateway functionality as an example to convert MODBUS RTU data (serial port) to MODBUS TCP/IP over the air for network access.
Support of Power over Ethernet can also be a valuable feature when remote access points exist. This allows power to reach the Ethernet radio via the network cabling.
Finally, since many industrial installations have greater physical area to cover then common commercial applications, its possible to get industrial solutions with higher power, (up to 400mW) and high gain antennas have also proved to be very effective in extending distance.
Many industrial plants and facilities have increased their productivity, security, and network communications capabilities via Industrial Wi-Fi (IEEE 802.11) technology. Listed below are just a few examples of these applications.
Mobile Computing (Industrial “Hot Spot”): What is becoming a common application for mobile computing is to support workforce-management data applications. Basically, a “hot-spot” arises by using an industrial IEEE 802.11 product as an access point. Mobile clients, in this example the laptop or pocket PC of a utility or water/wastewater maintenance personnel, can then roam into a covered zone and access their work orders and service orders from their trucks saving valuable time and scarce office resources. With proper firewalls and using a high-level security encryption, this application can also provide remote access to SCADA applications.
Video surveillance: With ever-increasing concern and attention about plant security, perimeter monitoring and video surveillance have become very important subjects. Recent technological advances in camera technology mean IP access is straightforward. The IP camera typically includes embedded set up and control software making access possible from any PC. However, you still have to run expensive data cabling, sometimes to remote areas of your facility. Wireless Ethernet based on IEEE 802.11 technology can provide more then enough bandwidth to stream video. This many times allows fast and easy installations with relatively minimal cost. In addition, when combined with an industrial Ethernet radio that has addressable I/O, an application such as gate monitoring and access control can happen with very little design and installation effort.
Network Bridging/Remote Access: It is often required to bridge two Ethernet networks, as an example, when connecting the networks of two buildings located physically apart from each other.
In the case of many industrial applications, it is important to gain network access to remotely located devices via a wireless bridge. An example of this might be an electric generation facility or wastewater treatment facility with remotely located pumps. These pumps are often controlled by Ethernet accessible variable frequency drives. Great operational benefit is possible by talking to the pumps from the control room network. Trenching and running cable for this could easily approach tens of thousands of dollars making the project cost prohibitive.
Industrial Ethernet radio devices set up as a bridge can easily connect the remotely located asset to the rest of the plant network, providing greater monitoring and control capabilities.
Although Wi-Fi technology has a certain connotation of commercial technology, with appropriate security features, industrial hardware, and industrial interface, products based on IEEE 802.11 technology are viable solutions for many industrial communication and networking applications.
ABOUT THE AUTHORS
Pat McCurdy (firstname.lastname@example.org) has an electrical engineering degree and an MBA. He is a member of ISA, IEEE, and the National Electrical Manufacturers Association. He is a manager at Phoenix Contact and works with the company’s INTERFACE communications technologies. Ira Sharp (email@example.com) also has an EE degree. He is a member of ISA and IEEE. He works at Phoenix Contact with the company’s wireless products. Nicholas Sheble (firstname.lastname@example.org) is senior technical editor of InTech .
Ethernet aids in global arena
Ethernet is helping manufacturers succeed in the global workplace, according to an InTech magazine survey.
When asked if Ethernet enabled their company to compete more on a global basis, 68% of respondents said yes.
InTech conducted an e-mail Zoomerang survey among readers seeking a snapshot of what automation professionals in the industry are thinking about Ethernet. While this survey is not statistically rigorous, it does give an anecdotal view of what is on readers’ minds.
One of the questions clearly points out that Ethernet is a ubiquitous element throughout the automation industry. When asked if their manufacturing facility uses Ethernet, 95% of respondents said yes.
The top two protocols mentioned in the survey are EtherNet/IP with 48%, followed by Modbus TCP/IP at 30%. ProfiNet came in third at 7%.
When asked if their company uses an analog DCS, fieldbus, or fast Ethernet, 44% of respondents said they used a combination of the three. But when you looked at the singular form of the three, Ethernet came in at 33% saying they used it, DCS came in at 15%, and fieldbus at 6%.
Whatever technology manufacturers are using, they seem to be happy with it, as 80% said they were satisfied with their present plant floor network and or fieldbus.
In what may be abundantly obvious, Ethernet also sees use throughout the enterprise as 33% said they use Ethernet for control, while 28% said they use it across the enterprise, 24% said they use it for I/O, and 15% use it at the device/sensor level.
Ethernet also has multiple uses as respondents said SCADA was their top choice for an application, with 23% giving it a nod. Maintenance and continuous processing came in second at 19% each. Batch, discrete, and machine control all came in third with 11% each. Motion and/or robotics came in fourth at 6%, and not wanting to use Ethernet at all had 1%.
No matter what, Ethernet is vital to the plant floor, with 81% saying it is important that Ethernet operates at the plant floor level.
For those adding Ethernet to their plant, 48% plan on using in-house expertise, while 31% will use system integrators and 8% said they will use a vendor.
In terms of expanding their capabilities over the next year, 78% they were moving in that direction. Forty-one percent said they are planning on adding an Ethernet function to their plant this year, while 19% said they will add it in the first half of 2009, 13% said they second half of 2009, and 11% said in 2010.
Perceptions of some types of Ethernet was interesting, as 89% of readers had a positive perception of EtherNet/IP, and 6% had a negative perception, while 5% were unaware. Modbus TCP/IP came in second with 80% having a positive feeling about the protocol, and 10% apiece responded to having a negative feeling or were not aware.
ProfiNet came in with 54% saying they had positive perceptions, while 12% had negative feelings and 33% were not aware. Similarly, 30% had a positive perception of Fieldbus Foundation’s FF/HSE, while 63% were not aware and 7% had a negative perception.
Whenever anyone talks about Ethernet, one of the first issues that comes up is whether the solution is secure. With that in mind, 74% of respondents said they have a cyber security plan in place. On the other hand, just over one quarter (26%) said they did not. Also, 66% said they were satisfied with the level of security for their Ethernet system, while 34% said there was room to grow.
IEEE 802.11: The 802.11 family includes over-the-air modulation techniques that use the same basic protocol. The most popular are those defined by the 802.11b and 802.11g protocols and are amendments to the original standard. 802.11a was the first wireless networking standard, but 802.11b was the first widely accepted one, followed by 802.11g and 802.11n.
EMI is electromagnetic interference, a form of electrical interference caused by emissions from external devices like transformers or electrical motors that can disrupt network transmissions over an electrical medium.