The Transparency of Wireless

23 April 2009

Wireless networking and device manufacturers have gone to great lengths to create products that are secure, easy to work with, and operationally indistinguishable from wired equivalents.

Picture an operator in the control room of a chemical plant. As his or her eyes scan the HMI screens, they pause briefly on the indication for a tank level measurement. Can the operator tell how that measurement got from the sensor to the control system? The answer is probably no, and the operator doesn't care anyway. As long as the information is correct and timely, how it got there is not a concern. It's transparent to the people running the plant.

That bit of level information could be sent via analogue wiring, digital wiring, fieldbus, or wireless. The choice of transmission technique should represent a balance of cost and reliability within the plant context. Wireless networking has entered into that equation in new ways over the last few years and changed the balance dramatically. All of which raises the question: Does integrating wireless into a larger existing plant control environment represent a new challenge to control architecture?

Fieldbus revisited?

When HART and fieldbus networking platforms emerged, they had much promise, but were not immediately attractive to operators since implementation required upgrades to both hardware and software. Wireless system providers took note of this lesson, and have done much to avoid reliving those difficulties.

"It has to be so simple that my mother can use it," says Bob Karschnia, VP of wireless business for Emerson Process Management (EPM). "The technology has to be invisible, so we've spent a higher amount of time making sure it's easy to use than we typically would. We wanted to make it so you can put it into your legacy systems because, without that, you run into the situation where you have to upgrade your whole DCS to use wireless.

"Otherwise you're no different than you were with Foundation Fieldbus, which meant that you had to make a radical change to your plant architecture and devices to make it work. We've tried to build this so that it migrates easily into existing systems."

Easy, yes, but users still have to deal with the mechanics of making it happen. While some wireless devices can form their own mesh networks, the communication doesn't reach the control room without a little help. Users have to find ways to integrate those data points into the control architecture.

Wireless devices communicate with gateways that serve as the interface to wired networks. "We're integrating the signals into the control system using Modbus, OPC, or HART," says Jeff Becker, global wireless business director for Honeywell Process Solutions (HPS). "Once it's in the control system, it looks like any other signal. There's not necessarily any difference to the operator or control system whether it's a wired or wireless device. The control system can't tell that it's a wireless device."

Dealing with security

One of the major elements of an integration strategy involves your view of wireless security. If you consider it safe, you're more likely to bring it directly into your control system. If you're more suspicious, you can place a firewall in the path and create protective barriers between the devices or network, and your control level operations.

"The biggest hurdles are security concerns," says Andrew Nolan, wireless consultant for HPS. "I'm not going to say security, because I don't think we've had any issue with overcoming it. But almost every customer we've talked to has had concerns about bringing in wireless, so the biggest thing we address is how to make it work within their security architecture and make their IT department satisfied that it is a secure system."

Figure 1
Figure 1

Security issues, both real and perceived, vary with the nature of your wireless application. The two examples discussed in the sidebars of this article reflect two major application areas in industrial contexts: wireless instrumentation and wireless Ethernet. They are vastly different in approach, and we should consider integration and security aspects separately.

Wireless instrumentation

Much of the current discussion has to do with wireless instrumentation, involving devices with integral transmitters. The two leading standards for this are WirelessHART and ISA SP-100. These protocols are similar in that they deal with individual instruments that communicate with a gateway and possibly each other. The devices themselves are in a sleep mode much of the time to conserve battery power and only wake up on a prescribed time cycle or when they have something to report.

The networks for these are very sophisticated and have a high level of security built in, using encryption and careful control of how devices gain admission to the network. Consequently, it is not very practical for a hacker to break in to a network via the instrumentation. However, someone who wanted to meddle with the control system could attempt to create a rogue node in the system, or try to insert a bogus measurement value as a real one.

"Adding a rogue point doesn't help you, because nothing in the control system is looking for the data," says Karschnia. "But can you spoof it, and pretend you're the real temperature point when you're not? To do that, I have to stop the real device from reporting, and inject my own reading in there. This is called a 'man in the middle.' It's a well-known attack technique, and we've built the defence against it into our system. With security, attacks are never impossible, but we can make them highly unlikely."

Once instrumentation data gets to the gateway, it still has to reach the control system. Security conscious users may push the data via a wired Modbus connection or Ethernet. However using a wireless Ethernet backhaul is a very convenient way to extend wireless convenience, but at the same time it extends the possible attack surface for the system.

Wireless Ethernet

Some industrial wireless architecture uses 802.11 wireless Ethernet (Wi-Fi) as an extension of larger wired networks, or as a means to connect with gateways collecting data from wireless instruments. (So far, there are few individual industrial wireless instruments that communicate via Wi-Fi.)

Karschnia notes that customers generally accept the security of the device level communication, but that's not their only concern. He says, "What users worry about is the 802.11 Wi-Fi connections from the gateways through the wireless plant level networks, and that's where the security concern is. It's TCP/IP based, and they're very worried about that. There are lots of best practices for wireless backhaul available. Make sure you use those to prevent security problems."

Caution is appropriate, but that does not reduce its usefulness, even when protected properly. "It's pretty much become a de facto standard that you protect the front-end point where your wireless network comes in with a firewall," Nolan adds. "Bring it through the level-three network and then down into the control system. That's worked well for monitoring or SCADA applications, but the next big jump is that customers want to bring it natively integrated into the DCS and down to the control layer. But if they do that, having a separate firewall segment is probably not going to be the best network architecture."

Given that much of wireless development has been relatively recent, products and protocols have had cyber security elements built in from the outset. The practical question is: Do most IT departments understand this, or are your wireless policies designed around older and less secure equipment. "Virtually any vendor who is making a wireless product for the industrial marketplace today understands that security is simply a given," says Nolan. "It has to be there in the product and it has to be effective or their product will not be accepted. The growth of wireless deployments will drive those security policies, not so much to relax, but to take into account the current state of the technology and how secure it can be. That will allow more applications to go deep into the control system."

When it works well

One customer I interviewed for this article told a less successful story. His company tried wireless Ethernet in a rugged environment, but decided to save money buying consumer-grade hardware. It failed in the field, and by the time they were able to replace it with industrial grade equipment, the operators had returned to their cumbersome cables and were not interested in trying wireless again.

When deployed in appropriate applications with the right equipment, industrial wireless has shown that it can be integrated without difficulty and without presenting inordinate security risks. As Honeywell's Becker puts it, "Most customers treat a wireless device like it's just another transmitter. It's no big deal, because they select applications that are appropriate for wireless. It would be a different story if we were suggesting, 'install this on your cat cracker.' However, putting it on a tank farm, or installing for extra measurements is acceptable within the limitations of wireless.

"We wanted to make it as easy as possible to implement wireless field instrumentation and wireless systems. If it was that much different and harder to do, there would be a bigger barrier to implementation and acceptance. But the differences have been designed out of the product from very early on."

So, is wireless technology ready for your mom to use? "We spent an inordinate amount of time making sure we could integrate into any system," says Karschnia. "It allows us to do it in an easy fashion so customers can use it with any system they have, quickly and easily. It's the transparency of technology, and that's when things start to take off."

Nolan looks for a time when all these technologies melt together.

"Our system is going to blur the line between wired and wireless I/O. It's going to look like I/O to the control system, and that's getting closer to fulfilling the wireless promise—making the underlying infrastructure, whether wired or wireless, no longer the focus. It's simply bringing I/O in, and bringing it in a much more flexible and cost effective manner.

Figure 1: Standard wired 4-20 mA analog instruments send data continuously, so charting a changing process variable is essentially a smooth curve. Since wireless instruments report following a specific update rate, changes tend to show up more as steps. And operator may be able to discern this and realize that device is wireless; however, many types of wired devices can manifest the same behavior depending on the way the data is transferred and how often the control system updateds the HMI.

Peter Welander, Control Engineering - from Control Engineering, 4/1/2009

Contact Details and Archive...

Related Articles...

Print this page | E-mail this page