Posted By
Stephen Malyszko President & CEO Malisko Engineering, Inc. St. Louis, MO

Is Your Plant Floor Capable of Connection?

PostedMonday, June 18,2018 at 8:30 AM

Is Your Plant Floor Capable of Connection?

The barrage of messaging to “connect the shop floor to the top floor and beyond for your own good” is not easing up. So many reliable, trusted and experienced sources continue to tout the many potential advantages of the Industrial Internet of Things (IIoT), Industry 4.0, cloud computing, analytics, mobility, data collaboration, and so forth and so on. Some manufacturers are taking steps to prepare for this “next revolution of manufacturing,” but many are not.

For those manufacturers embracing the concepts and preparing their plant floor network infrastructures for the coming communications onslaught, good for you. For those manufacturers not yet ready to make the leap, don’t despair, but you’d better start a plan to migrate from where you’re at now to where you need to be in order to capitalize on the shop floor communications and data explosion. Let’s cover the primary areas of focus to relieve some of your stress about where to start and what to focus on while traveling on your journey to effective plant floor connectivity.

Three primary areas manufacturers absolutely need to address to achieve robust and sustainable plant floor connectivity moving forward are security, physical infrastructure (the cabling/connectors/enclosures) and the logical topology/configuration. Recognize that all three are interwoven and tightly dependent on one another. A qualified integrator/supplier can assist you with specifying, designing, deploying and supporting all three.

The No. 1 factor to address is security if your intention is to connect your industrial automation and control system (IACS) to the outside world by any means, including allowing OEM technicians to connect their laptops directly to a piece of equipment. Security can be breached from many sources without proper safeguards. Deploying firewalls, demilitarized zones (DMZs) and a comprehensive set of industrial security policies are paramount to protecting the integrity and safety of plant floor systems, especially if your long-term goal is to use cloud-based services tied to your manufacturing operation and the data that goes along with it.

It might seem like a daunting task to put together a holistic security program for your plant’s smart connected systems, but don’t fear—there are reference architectures and validated designs by companies such as Cisco and Rockwell Automation that describe best practices and provide technical guidance on deploying secure plantwide networks. Validated designs such as the Rockwell/Cisco Converged Plantwide Ethernet (CPwE) describe steps to take to deploy a defense-in-depth approach following industrial security standards such as IEC-62443 (formerly ISA99) and NIST 800-82 industrial control system (ICS) security.

The second area of focus is overall network topology and configuration. At a high level, this is the switching and routing infrastructure on your plant floor network that all smart devices connect to via Ethernet. Too many times, we see plant floor network topologies that have grown organically (flat networks with multiple daisy-chained switches, for instance). In many of these cases, OEMs, panel builders and other service providers attempt to get by cheap by installing unmanaged or poorly managed switches with no regard to how these systems connect into the overall plant network topology. This type of approach has performance and reliability issues, but perhaps more importantly is not scalable as more devices are added to the network.

Segmenting the network and following the campus model—including core, distribution and access layers—provides a modular framework that you can grow with. Deploying these types of networks does take a more advanced skillset, and solution providers are having to adapt to sufficiently address these issues. In our case, we added network, security and information specialists to our team and have put emphasis on building our industrial IT practice to better serve our customers as plant technologies evolve.

Proper design, installation and certification of your manufacturing network’s physical infrastructure provides a data highway that’s smooth, fast and pothole-free.

The third area of focus is the physical infrastructure of your network within your manufacturing facility—the copper and fiber cabling along with their pathways, enclosures and endpoint connections. Proper design, installation and certification provides a data highway that’s smooth, fast and pothole-free. Responding to requests for quick access to actionable information also means solution providers need to speed up the deployment of the physical aspects of the network while not sacrificing performance.

The physical network layer has evolved in recent years and now fosters a modular building-block approach with purpose-built industrial versions of common IT components. The more data transmitted between smart devices, controllers, servers, thin clients and the cloud, the more reliable that highway needs to be. As we all move into the future, our reliance on actionable information will increase exponentially as time goes on, and planning for a robust physical network layer helps mitigate risk, ensuring that data is where it is needed when it is needed.

The IIoT continues to grow as manufacturers see the benefits, realize the ROI and visualize its positive contribution to their bottom line. Different companies are on different parts of their IIoT journey. Regardless of where you’re at on your plant floor connectivity initiatives, focus on your network’s security, physical and logical platforms. Create a migration plan for your current network. Recruit the services of a qualified system integrator to help make your plant floor ready to connect to the future.

 

Steve Malyszko, P.E., is president and CEO of Malisko Engineering Inc., a certified member of the Control System Integrators Association (CSIA). See Malisko Engineering’s profile on the Industrial Automation Exchange.

Filed Under Networking and Security Infrastructure Projects Information Management Cybersecurity Manufacturing IT, MES