Is it time to virtualize your manufacturing unit ground?

Co-authored by Roland Wagner, CODESYS.

Virtualization is properly accepted in enterprise IT. Creating digital variations of computing assets akin to servers and storage, allows the consolidation of a number of bodily assets right into a single digital atmosphere. This permits for extra environment friendly utilization of {hardware} and higher useful resource administration.  The worth derived contains decreased capital expenditures, decrease upkeep prices, improve flexibility and improved cybersecurity.

Nevertheless, virtualization will not be so prevalent in industrial environments. Industrial Automation and Management Techniques (IACS) {hardware} assets in these environments, akin to Programmable Logic Controllers (PLC), Industrial PCs (IPC), and Human Machine Interfaces (HMI), have existed as discrete assets. With digitization, the variety of such {hardware} assets has risen quickly and so has the time and expense of monitoring, updating, and troubleshooting, which might require prolonged downtimes and productiveness losses. A further consideration is Business 4.0 that will increase the quantity of compute assets in manufacturing techniques with knowledge assortment and evaluation.

IACS compute belongings might be virtualized to reap its advantages, however it requires particular concerns. Manufacturing processes are considerably extra delicate than IT processes to community points like delay, latency, jitter, and packet loss.” Since virtualization removes direct or shut connectivity of compute belongings with the managed machines, the community should step up and cling to stricter efficiency necessities.

Why virtualization on the manufacturing unit ground?

Virtualization can carry a number of advantages in industrial sectors. Producers can consolidate PLCs, IPCs, HMIs, Gateways, and different bodily compute assets at the moment on their manufacturing unit flooring onto native digital machines which run on a hyperconverged compute and storage infrastructure. Current PCs and workstations (IPCs and HMIs) might be changed by skinny shoppers with a smaller footprint related to the corresponding digital desktop. Digital PLCs (vPLC) operating within the hyperconverged infrastructure would interface with the sensors, actuators, and machines they management by way of the converged community. This association has many benefits:

• Scalable and agile operations: Virtualization allows producers to simply scale their operations by including or eradicating digital machines as required. It additionally facilitates the deployment of recent functions or updates with out disrupting manufacturing processes. Adapting to altering circumstances, product redesigns, and so forth., is less complicated by updating working parameters in software program IACS.
• Elevated safety: Eradicating discrete {hardware} from the manufacturing unit ground minimizes the potential avenues that an attacker can exploit to realize unauthorized entry to manufacturing belongings and processes. Virtualization can enhance the safety of IACS by isolating crucial management techniques. By separating networks and implementing safety measures on the virtualization layer, producers can decrease the chance of unauthorized entry or malware propagation.
• Improved catastrophe restoration: Virtualization permits for environment friendly backup, replication, and restoration of digital machines, making catastrophe restoration planning and execution extra streamlined. It allows producers to get better from system failures or disasters, decreasing downtime and minimizing any impression extra rapidly on manufacturing.
• Higher sustainability: Consolidation of compute and storage assets right into a set of central providers helps scale back the whole vitality necessities. As well as, simpler entry to extra processing knowledge will help improve efficiencies, scale back waste, and decrease vitality consumption.
• Testing and improvement: Virtualization supplies a really perfect atmosphere for testing and improvement actions. Producers can create digital replicas of their manufacturing techniques for testing new software program, configurations, or system updates, guaranteeing they don’t impression the precise manufacturing atmosphere.

In abstract, as Dr. Henning Loeser from Audi (see interview hyperlink under) states, producers can transfer from a mannequin the place they purchase a brand new “field” to get extra options within the plant to 1 the place they purchase new software program to get extra options.

Determine 1. From direct wired to virtualized management techniques powered by CODESYS

What are the networking necessities for IACS virtualization?

IACS virtualization requires particular networking necessities to make sure the dependable and safe operation of virtualized techniques. Some key networking concerns for IACS virtualization embody:

• Help for tunneling Layer 2 protocols: Virtualization of IACS strikes PLCs with direct or a easy Layer 2 connection to managed gear, to an information middle, which necessitates traversal by way of routers, requiring Layer 3 communication. Nevertheless, since a number of in style management protocols function at Layer 2, these protocols should be tunneled as payload in Layer 3 packets to keep away from massive, cumbersome, and fragile VLAN deployments.
• Enhancements in redundancy: A resilient community helps protect manufacturing continuity by sustaining excessive availability, eliminating packet loss, and guaranteeing steady communications even throughout failure of particular person elements.
• Excessive bandwidth: The community gear and infrastructure have to be able to supporting the next bandwidth and corresponding throughput to deal with the quantity of site visitors that may be anticipated to extend as soon as virtualization locations extra packets on the community.
• Determinism: QoS mechanisms needs to be applied to prioritize and be certain that crucial management system site visitors is given increased precedence over non-critical site visitors. This helps stop delays or interruptions in real-time management communications in a deterministic method and supply constant networking expertise for the IACS functions.
• Visibility, safety, and entry: The manufacturing community ought to assist sturdy in-depth safety measures to guard the virtualized IACS atmosphere. This may embody built-in safety sensors designed to observe and analyze IACS site visitors, sturdy entry controls, and efficient segmentation to keep up zones of belief and decrease malware propagation. Community safety needs to be thought of at each the virtualization layer and the bodily community layer. Furthermore, the community ought to present zero-trust community entry (ZTNA) for workers and different personnel to securely log into manufacturing belongings for normal monitoring and upkeep.
• Scalability and suppleness: The community infrastructure needs to be scalable to accommodate the rising calls for on virtualized techniques. This contains contemplating elements akin to community capability, scalability of switches and routers, and the flexibility so as to add, take away, and reconfigure digital machines as wanted.
• Community monitoring: Steady monitoring of the community infrastructure is vital to detect and reply to any anomalies or safety incidents promptly. Community monitoring instruments and strategies will help determine efficiency points, community bottlenecks, or potential safety breaches.

Cisco and CODESYS collectively allow IACS virtualization

Cisco industrial networking incorporates superior improvements that may assist virtualize IACS belongings. Cisco merchandise and options in networking, administration, computing, and safety present the premise of this virtualization.

Determine 2: Architectural schematic for management techniques virtualization

Catalyst Industrial Ethernet switches present high-capacity packet switching and lossless resiliency required for uninterrupted connectivity of IACS gear. Coupled with their assist for industrial protocols, resiliency options, edge-compute capabilities, safety sensing and making use of or imposing segmentation by way of entry management, make them the economic switches of selection.

Cisco Catalyst Heart, the community administration platform, directs all capabilities of the community from onboarding units, configurations, efficiency monitoring, proactive troubleshooting, entry insurance policies, and so forth., and ensures that the community is at all times prepared.

Cisco Id Providers Engine (ISE) is a complete safety coverage administration platform that’s used to make sure safe community entry and implement safety insurance policies. It permits organizations the management over who can entry their community and what assets they will entry.

Cisco Cyber Imaginative and prescient operating inside Cisco industrial networking gear supplies visibility to determine related belongings, community site visitors, and safety vulnerabilities. Utilizing this degree of visibility, you’ll be able to outline zones and conduits as per ISA/IEC 62443 and use ISE, Catalyst Heart, and Cisco industrial switches to implement segmentation.

Cisco Unified Computing System (UCS) brings collectively compute, networking, and storage in a single system to energy your functions, together with virtualization. As in comparison with conventional servers which might be monolithic, advanced to deploy, and much more advanced to adapt to workload calls for, UCS is a unified system on which you’ll be able to provision and steadiness assets to fulfill virtualization workloads simply.

The CODESYS Improvement System is an built-in improvement system (IDE) in accordance with IEC 61131-3 for programming the management logic and comprises varied textual and graphical editors. Further capabilities might be configured within the CODESYS Improvement System, e.g., consumer interfaces/HMI screens, fieldbus and I/O configuration, safety-relevant logic capabilities, knowledge alternate with varied different members within the community, in addition to coordinated movement management techniques or robotic kinematics.

Time to get began is now

Admittedly, virtualization of IACS will not be mainstream, and it is probably not in your radar fairly but. However with all the advantages it will probably provide, it’s simple to see how will probably be a gamechanger quickly. In truth, Audi, the German producer of technologically superior luxurious automobiles has embraced virtualization and is reworking its manufacturing strains. Watch Dr. Henning Löser, head of Manufacturing Labs, Audi, explains why Audi turned to Cisco industrial IoT options to create its next-generation good factories. It’s not too early to begin laying the networking basis for the way forward for manufacturing.

If you’re visiting SPS IPC Drives 2023, that runs from November 14-16 in Nuremberg, Germany, don’t miss the joint Cisco and CODESYS demonstration of digital controllers in manufacturing environments within the CODESYS sales space (#677 in corridor 7).

For extra data on this or some other matter associated to manufacturing automation, please schedule a free, no-obligation, dialog with considered one of our consultants.

Share: