Is it time to virtualize your manufacturing unit flooring?

Co-authored by Roland Wagner, CODESYS.

Virtualization is nicely accepted in enterprise IT. Creating digital variations of computing sources corresponding to servers and storage, permits the consolidation of a number of bodily sources right into a single digital surroundings. This enables for extra environment friendly utilization of {hardware} and higher useful resource administration.  The worth derived consists of lowered capital expenditures, decrease upkeep prices, improve flexibility and improved cybersecurity.

Nevertheless, virtualization will not be so prevalent in industrial environments. Industrial Automation and Management Programs (IACS) {hardware} sources in these environments, corresponding to Programmable Logic Controllers (PLC), Industrial PCs (IPC), and Human Machine Interfaces (HMI), have existed as discrete sources. With digitization, the variety of such {hardware} sources has risen quickly and so has the time and expense of monitoring, updating, and troubleshooting, which may require prolonged downtimes and productiveness losses. A further consideration is Business 4.0 that will increase the quantity of compute sources in manufacturing programs with information assortment and evaluation.

IACS compute property might be virtualized to reap its advantages, nevertheless it requires particular issues. Manufacturing processes are considerably extra delicate than IT processes to community points like delay, latency, jitter, and packet loss.” Since virtualization removes direct or shut connectivity of compute property with the managed machines, the community should step up and cling to stricter efficiency necessities.

Why virtualization on the manufacturing unit flooring?

Virtualization can carry a number of advantages in industrial sectors. Producers can consolidate PLCs, IPCs, HMIs, Gateways, and different bodily compute sources at the moment on their manufacturing unit flooring onto native digital machines which run on a hyperconverged compute and storage infrastructure. Current PCs and workstations (IPCs and HMIs) might be changed by skinny shoppers with a smaller footprint related to the corresponding digital desktop. Digital PLCs (vPLC) operating within the hyperconverged infrastructure would interface with the sensors, actuators, and machines they management through the converged community. This association has many benefits:

• Scalable and agile operations: Virtualization permits producers to simply scale their operations by including or eradicating digital machines as required. It additionally facilitates the deployment of recent purposes or updates with out disrupting manufacturing processes. Adapting to altering situations, product redesigns, and so on., is simpler by updating working parameters in software program IACS.
• Elevated safety: Eradicating discrete {hardware} from the manufacturing unit flooring minimizes the potential avenues that an attacker can exploit to achieve unauthorized entry to manufacturing property and processes. Virtualization can enhance the safety of IACS by isolating crucial management programs. By separating networks and implementing safety measures on the virtualization layer, producers can reduce the chance of unauthorized entry or malware propagation.
• Improved catastrophe restoration: Virtualization permits for environment friendly backup, replication, and restoration of digital machines, making catastrophe restoration planning and execution extra streamlined. It permits producers to get well from system failures or disasters, lowering downtime and minimizing any affect extra shortly on manufacturing.
• Higher sustainability: Consolidation of compute and storage sources right into a set of central companies helps cut back the full vitality necessities. As well as, simpler entry to extra processing information can assist improve efficiencies, cut back waste, and decrease vitality consumption.
• Testing and improvement: Virtualization supplies a perfect surroundings for testing and improvement actions. Producers can create digital replicas of their manufacturing programs for testing new software program, configurations, or system updates, making certain they don’t affect the precise manufacturing surroundings.

In abstract, as Dr. Henning Loeser from Audi (see interview hyperlink under) states, producers can transfer from a mannequin the place they purchase a brand new “field” to get extra options within the plant to at least one the place they purchase new software program to get extra options.

Determine 1. From direct wired to virtualized management programs powered by CODESYS

What are the networking necessities for IACS virtualization?

IACS virtualization requires particular networking necessities to make sure the dependable and safe operation of virtualized programs. Some key networking issues for IACS virtualization embody:

• Help for tunneling Layer 2 protocols: Virtualization of IACS strikes PLCs with direct or a easy Layer 2 connection to managed tools, to an information middle, which necessitates traversal by routers, requiring Layer 3 communication. Nevertheless, since a number of fashionable management protocols function at Layer 2, these protocols have to be tunneled as payload in Layer 3 packets to keep away from giant, cumbersome, and fragile VLAN deployments.
• Enhancements in redundancy: A resilient community helps protect manufacturing continuity by sustaining excessive availability, eliminating packet loss, and making certain steady communications even throughout failure of particular person parts.
• Excessive bandwidth: The community tools and infrastructure have to be able to supporting a better bandwidth and corresponding throughput to deal with the quantity of visitors that may be anticipated to extend as soon as virtualization locations extra packets on the community.
• Determinism: QoS mechanisms ought to be applied to prioritize and make sure that crucial management system visitors is given greater precedence over non-critical visitors. This helps stop delays or interruptions in real-time management communications in a deterministic method and supply constant networking expertise for the IACS purposes.
• Visibility, safety, and entry: The manufacturing community ought to help sturdy in-depth safety measures to guard the virtualized IACS surroundings. This may embody built-in safety sensors designed to watch and analyze IACS visitors, sturdy entry controls, and efficient segmentation to keep up zones of belief and reduce malware propagation. Community safety ought to be thought-about at each the virtualization layer and the bodily community layer. Furthermore, the community ought to present zero-trust community entry (ZTNA) for workers and different personnel to securely log into manufacturing property for normal monitoring and upkeep.
• Scalability and adaptability: The community infrastructure ought to be scalable to accommodate the rising calls for on virtualized programs. This consists of contemplating components corresponding to community capability, scalability of switches and routers, and the flexibility so as to add, take away, and reconfigure digital machines as wanted.
• Community monitoring: Steady monitoring of the community infrastructure is necessary to detect and reply to any anomalies or safety incidents promptly. Community monitoring instruments and strategies can assist determine efficiency points, community bottlenecks, or potential safety breaches.

Cisco and CODESYS collectively allow IACS virtualization

Cisco industrial networking incorporates superior improvements that may assist virtualize IACS property. Cisco merchandise and options in networking, administration, computing, and safety present the premise of this virtualization.

Determine 2: Architectural schematic for management programs virtualization

Catalyst Industrial Ethernet switches present high-capacity packet switching and lossless resiliency required for uninterrupted connectivity of IACS tools. Coupled with their help for industrial protocols, resiliency options, edge-compute capabilities, safety sensing and making use of or imposing segmentation by entry management, make them the economic switches of alternative.

Cisco Catalyst Heart, the community administration platform, directs all features of the community from onboarding gadgets, configurations, efficiency monitoring, proactive troubleshooting, entry insurance policies, and so on., and ensures that the community is all the time prepared.

Cisco Identification Providers Engine (ISE) is a complete safety coverage administration platform that’s used to make sure safe community entry and implement safety insurance policies. It permits organizations the management over who can entry their community and what sources they will entry.

Cisco Cyber Imaginative and prescient operating inside Cisco industrial networking tools supplies visibility to determine related property, community visitors, and safety vulnerabilities. Utilizing this degree of visibility, you’ll be able to outline zones and conduits as per ISA/IEC 62443 and use ISE, Catalyst Heart, and Cisco industrial switches to implement segmentation.

Cisco Unified Computing System (UCS) brings collectively compute, networking, and storage in a single system to energy your purposes, together with virtualization. As in comparison with conventional servers which are monolithic, advanced to deploy, and much more advanced to adapt to workload calls for, UCS is a unified system on which you’ll be able to provision and steadiness sources to satisfy virtualization workloads simply.

The CODESYS Growth System is an built-in improvement system (IDE) in accordance with IEC 61131-3 for programming the management logic and comprises varied textual and graphical editors. Further features might be configured within the CODESYS Growth System, e.g., person interfaces/HMI screens, fieldbus and I/O configuration, safety-relevant logic features, information alternate with varied different contributors within the community, in addition to coordinated movement management programs or robotic kinematics.

Time to get began is now

Admittedly, virtualization of IACS will not be mainstream, and it might not be in your radar fairly but. However with all the advantages it will possibly provide, it’s simple to see how will probably be a gamechanger quickly. In truth, Audi, the German producer of technologically superior luxurious vehicles has embraced virtualization and is remodeling its manufacturing traces. Watch Dr. Henning Löser, head of Manufacturing Labs, Audi, explains why Audi turned to Cisco industrial IoT options to create its next-generation good factories. It’s not too early to start out laying the networking basis for the way forward for manufacturing.

In case you are visiting SPS IPC Drives 2023, that runs from November 14-16 in Nuremberg, Germany, don’t miss the joint Cisco and CODESYS demonstration of digital controllers in manufacturing environments within the CODESYS sales space (#677 in corridor 7).

For extra info on this or another subject associated to manufacturing automation, please schedule a free, no-obligation, dialog with one in every of our specialists.

Share: