Innovation Days Industrial Communication Industrial Remote og trådløs kommunikation siemens.com/industrial-security
I dag Page 2
Omkring 2020 Ca. 26 milliarder ting vil være forbundet til Internettet Page 3
På vej mod den 4. industrielle revolution Vigtige konsekvenser Behovet for kommunikation vil stige eksponentielt Cybersecurity bliver ekstremt kitik kritisk Source:http://www.siemens.com/innovation/en/home/pictures-of-the-future/industry-and-automation/digtial-factory-trends-industry-4-0.html Page 4
Bilen Et ret godt eksempel Source:https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/ Page 5
Switch en NFC (Near Field Communication) Page 6
Selv strømforsyningen! Page 7
Og de unge mennesker kommunikerer Selv Maslows behovspyramide har ændret sig Page 8
Industrial Remote og trådløs kommunikation Telekontrol og Teleservice samt D tre De t hovedtemaer h dt Industrial Wireless LAN Page 9
Industrial Remote og trådløs kommunikation Telekontrol og Teleservice samt D ttre h De hovedtemaer dt Industrial Wireless LAN Page 10
https://youtu.be/6etyf_taqgq?list=plw7llwxw4h533ru0xoyuihshym47denee Page 11
Industrial wireless LAN SCALANCE W Hvad er det? Til alle områder I tavler, indendørs og udendørs applikationer + High reliability Industrielt feature set, industrielt design + Powerful Op til 2 x 450 Mbits Hurtig idriftsættelse Integrerede værktøjer + Fleksibelt HW og funktionalitet er skalerbart PROFINET og Ethernet-IP + + Page 12
En innovativ anvendelse af teknologier hos CP-Kelco Mange forskellige Improving productivity teknologier Stort behov for parametreændringer Stort tidsforbrug Mange ubenyttede interface Cutting costs Page 13
En innovativ anvendelse af teknologier hos CP-Kelco IWLAN + QR-koder + Web-interface => Omkostninger og Produktivitet Indkapsling af mange forskellige teknologier Super simple betjening Altid forbindelse til den rigtige device Ekstremt skalerbart Page 14
En innovativ anvendelse af teknologier hos CP-Kelco IWLAN + QR-koder + Web-interface => Omkostninger og Produktivitet Reducer omkostninger til interface med ca. 80.000 DKK pr. procesområde Markant forøget robusthed og flexibilitet Page 15
En innovativ anvendelse af teknologier hos CP-Kelco IWLAN + QR-koder + Web-interface => Omkostninger og Produktivitet Dramatisk reduktion af Engineering Effektiv fejlsøgning giver øget tilgængelighed Page 16
En innovativ anvendelse af teknologier hos CP-Kelco En Controller baseret IWLAN løsning En redundant løsning Central management Security-koncept baseret på RADIUS Page 17
Industrial wireless LAN SCALANCE W Hvad er det? enkelt g Er det at designe? Er det enkelt og tager det kort tid at idriftsætte? Hvordan tjekker man hvor god en forbindelse er? Page 18
Industrial wireless LAN SCALANCE W Hvad kan det? En typisk applikation, point-to-point forbindelsen Hvad skal der egentligt til? ANT793-8 DJ Det er enkelt at designe ANT793-8 DJ W786-2 RJ-45 / SFP W786-2 RJ-45 / SFP Page 19
Industrial wireless LAN SCALANCE W Hvad kan det? Skalerbar funktionalitet med KEYPLUG Realtidsfunktionalitet PROFINET IO PROFIsafe Rapid p roaming g with ipcf ipcf-mc Backup and restore Page 20
Industrial wireless LAN SCALANCE W Hvordan virker det? koordinering af datastrømme DCF ( Distributed Coordination Function ) ipcf ( industrial Point Coordination Function ) Page 21
Industrial wireless LAN SCALANCE W Hvad kan det? ipcf Transmission af PROFINET DCF IO og Safety signaler R i Roaming i realtime ipcf ipcf ipcf PROFINET IO og Safety Page 22
Industrial wireless LAN SCALANCE W Hvad kan det? Specialantenner Rcoax Page 23
Industrial wireless LAN SCALANCE W Hvad kan det? ipcf-mc En dererministisk løsning baseret på ipcf ipcf-mc Designet til bevægelige klienter i et dynamisk miljø Transmission af PROFINET IO og Safety signaler Super optimeret Roaming i realtime ipcf-mc PROFINET IO og Safety Page 24
Industrial wireless LAN SCALANCE W Hvordan tjekker man, hvor god en forbindelse er? Den integrerede Signal Recorder den er cool Med eksport til Excel (via CSV fil) Page 25
Industrial wireless LAN SCALANCE W Hvad skal der til? Er det enkelt at konfigurere SCALANCE W produkter? Hvor god er forbindelsen? Page 26
Industrial wireless LAN SCALANCE W Men der er jo udfordringer? Kan man anvende Industrial wireless LAN i et miljø hvor man ved der er forstyrrelser? afsløre Hvordan man forstyrrelser? redundans Er løsningen? Page 27
Industrial wireless LAN SCALANCE W Hvordan tjekker man om der er noget der forstyrre? Den integrerede Sectrum Analyzer den er cool Med eksport til Excel (via CSV fil) Page 28
Industrial wireless LAN SCALANCE W Innovative redundansteknologier Frekvens redundans Baseret på standarder -RSTP 2,4 GHz IO-Controller 5 GHz IO-Device Page 29
Industrial wireless LAN SCALANCE W Innovative redundansteknologier Frekvens redundans Network A Hardware redundans RSTP Switch RSTP Switch Baseret på standarder -RSTP Network B Page 30
Industrial wireless LAN SCALANCE W Redundans baseret på SCALANCE X200 RNA Switches PRP redundans (Parallel Redundancy Protocol) Bumpless Det er ingen convergenstid Det er en standard IEC 62439-3 Page 31
Industrial wireless LAN SCALANCE W Frekvens, HW og Bumpless redundans baseret på PRP RNA Switch IO-Controller IO-Device VLAN A VLAN B Network A Network B RNA Switch Page 32
Industrial wireless LAN SCALANCE W Frekvens, HW og Bumpless redundans baseret på PRP + Roaming! RNA Switch VLAN Switch VLAN Switch VLAN Switch IO-Controller IO-Device VLAN A VLAN B Network A Network B RNA Switch Page 33
Industrial Remote og trådløs kommunikation Telekontrol og Teleservice samt D tre De t hovedtemaer h dt Industrial Wireless LAN Page 34
Industrial Remote og trådløs kommunikation Telekontrol og Teleservice samt D ttre h De hovedtemaer dt Industrial Wireless LAN Page 35
Teleservice Udfordringer Mange forskellige teknologier besværligt Det er og ufleksibelt Ingen systemløsning Forskellige Securitymekanismer Page 36
https://youtu.be/nxdoewb6yno Page 37
Teleservice SINEMA Remote Connect Løsningen Central administration af brugere og VPN forbindelser Krypterede forbindelser baseret på OpenVPN Enkel integration af SCALANCE routere med autokonfiguration Speciale IT viden er ikke nødvendigt Page 38
Teleservice SINEMA Remote Connect Remote access til identiske maskiner Generer devices med routing / NAT informationer i SINEMA RC Udvælg af device via super enkel telefonbogsfunktion i SINEMA RC Client med et museklik transparency and security IOS og Android SINEMA RC example of a configuration: Remote service for series machine builders Page 39
Teleservice SINEMA Remote Connect Brugeradministration og adgangskontrol Central management af maskiner og mennesker Management af user og access rights Logging af access Lokal access management via DI eller SMS Anvendelse af Windows, IOS og Android klienter SINEMA RC example of a configuration: Remote service for special machine building Page 40
Teleservice SINEMA Remote Connect Hvad skal der egentligt til? Hardware Software IP-Routere Licens SINEMA RC SINEMA RC Client En komplet Linux installation Til Windows 3G, 4G eller Ethernet Key-Plug med RC Evt. licenser IOS og Android er SCALANCE M eller S licens og backup (ved > 4 forbindelser) også muligt Page 41
SINEMA Remote Connect Findes der egentligt et Starter Kit? Page 42
Telekontrol Udfordringer Mange forskellige teknologier Gamle kabler eller ingen kabler Ingen adgang til forsyning Security Ingen Securitymekanismer Page 43
Remote Terminal Units (RTU) Baseret på SIMATIC Page 44
RTU er til distribuerede løsninger baseret på SIMATIC Skalerbart, sikkert og ekstremt fleksibelt System perfo ormance Engineered with TIA Portal wired or wireless Modular RTU SIMATIC ET 200SP CPU Advanced RTU SIMATIC S7-1500 Engineered via Web - wireless Modular RTU SIMATIC S7-1200 TCSB Compact self-sufficient RTU SIMATIC RTU 3030C TCSB TCSB Application complexity Page 45
Communication processor CP 1542SP-1 Industrial Ethernet Interface for Distributed Controller SIMATIC ET 200SP Feature/ Function CP 1542SP-1 communication processor connects the Distributed Controller SIMATIC ET 200SP to additional Industrial Ethernet networks. The CP 1542SP-1 1 supports communication services for PG/OP and S7-communication as well as open user communication (T-COM). Access to the Web server of the Distributed Controller SIMATIC ET 200SP. Benefit Flexible expansion of ET 200SP system with CP 1542SP-11 by additional Industrial Ethernet Interface. Due to Network separation identical machines with same IP-addresses can be built. Reduced load on the Distributed Controller SIMATIC ET 200SP CPU, as communication is realized by the CP 1542SP-1. Identical user programs (T-COM) independently of the type of interface as CPU or CP interface. Easy diagnostics via Web server Delivery release: with TIA Portal V14 3Q. 2016 Page 46
Communication processor CP 1542SP-1 IRC Distributed Controller SIMATIC ET 200SP as RTU in telecontrol applications Feature/ Function The CP 1542SP-1 IRC allows the use of Distributed Controller SIMATIC ET 200SP as Remote Terminal Unit (RTU) in telecontrol applications with both standardized protocols DNP3 and IEC 60870-5-104 and TeleControl Basic protocol Benefit Connection of Distributed Controller SIMATIC ET 200SP to control center according DNP3 or IEC 60870-5-104. Connection of substations (RTUs) based on SIMATIC ET 200SP for simple remote control systems with TeleControl Server Basic. Data buffering and automated time stamping Gapless and comprehensible data recording. Email notification Automatic ti and fast provision i of information to service personnel. Data point configuration in STEP 7 Easy commissioning without programming. Delivery release: with TIA Portal V14 3Q. 2016 Page 47
TeleControl Basic løsningen Fra 8 til 5000 RTU er SCADA Server SCADA (WinCC) SIMATIC RTU Tele Control Server Basic SIMATIC RTU SIMATIC RTU SIMATIC RTU Page 48
TeleControl Basic løsningen Fra 8 til 5000 RTU er Integration i TIA-portal HW konfiguration Data point konfiguration Alarm SMS. + Modular RTU baseret på S7 + Flere CPU varianter Digital og Analog IOs Communication modules osv... Screenshot TIA Portal z.b. HW Projektierung S7-1200 RTU Industrielle routere SCALANCE M + Fleksible valg af remote netværk TeleControl Server Basic + OPC (UA)-Server og connection manager Telecontrol- og Teleservice Forbind op til 5.000 RTUs Krypteret datatransmission Page 49
Men hvad nu hvis der ikke er adgang til forsyning? Page 50
Telekontrol med SIMATIC RTU3030C Security mekanismer OpenVPN tunnel Encrypted e-mail Web Server for konfiguration og diagnose Integreret I/O s 8DI, 4DO og 4 AI Data logging på memory card Wake-up via SMS eller telefonopkald Remote kommunikation via cellular radio (2G / 3G) Kommunikation SMS eller e-mail Event- eller tidskontrolleret Telecontrol protokoller: TeleControl Basic, DNP3, IEC 60870-5-104 Tidssynkronisering via NTP Telecontrol protokoller Cellular network Page 51
Telekontrol med SIMATIC RTU3030C Power Source Options Battery 2 Battery 1 Ren batteri drift med 1 eller 2 batterier eller Ren genopladelig batteri drift med solpaneler Accu Mixed batteri + genopladelig batteri drift eller Accu 12-24V DC Accu batteri opladet af solpaneler Standard DC forsyning Standard DC forsyning og batteri drift som backup 12-24V DC 12-24V DC eller Page 52
Telekontrol med SIMATIC RTU3030C Overvågning af målestationer Task Monitoring of measuring stations at remote locations without connection to the power grid. If specified threshold values are exceeded, d an alarm is to be sent. Solution The RTU3030C is operated without an external power supply and sends data to a control center via a telecontrol protocol. Should extraordinary events defined by the user occur (e.g., exceeding of threshold values), alarms / warnings / fault messages are sent with high priority to the control center or selected personnel by e-mail or SMS. Benefit Deployment location is not dependent on power grid availability. Reduction of the time and money required to monitor widely spread pants. Option of quickly responding to faults in the wide area network. Monitoring of Measuring Stations Page 53
Telekontrol med SIMATIC RTU3030C Sporatisk upload til Control Center Task Control center requires current data from remote measuring stations. No connection to the power grid available on-site. Solution The RTU3030C is operated without an external power supply. A service engineer in the control center sends a SMS to wake the RTU up. At the next specified time defined via parametering, the RTU establishes a connection to the control center and automatically transmits the data buffered in the RTU3030C via a secured connection. Benefit Deployment location is not dependent on power grid availability. Quick availability of current data without incurring travel expenditures. Retrieval of the latest status by the Control Center Page 54
Telekontrol med SIMATIC RTU3030C Data Logging Task Continuous logging of measured data is required. No connection to the power grid available on-site. Solution The RTU3030C logs the measured values transmitted by the sensors on an SD card. The data on the SD card in the RTU3030C can be remotely accessed via the Web-based based management. Benefit Deployment location is not dependent on power grid availability. No loss of data through non-volatile saving of measured values. Data Logging Page 55
Remote kontrol og monitorering En lille og enkelt løsning Page 56
Remote kontrol og monitorering via SMS med eller uden LOGO! Via LOGO! CMR2020 kommunikationsmodul Adgang til LOGO! 8 logikmodul via SMS Time-of-day synkronisering baseret på GPS, NTP-server eller mobiltelefon udbyder Digital it input og Digital it output Positionering ved hjælp af GPS Næste FW. Giver adgang til kommunikation med Telecontrol Server Basic LOGO! Modem Page 57
LOGO! CMR2020 kommunikationsmodul Applikationer Page 58
Kommunikation via eksisterende kabler Page 59
Router til kablet eller trådløst Security er inkluderet Flere forskellige teknologier kryptering End-2-end ADSL eller private kabler SHDSL (parsnoetvaselinekabler) SHDSL forbindelser på op til 20 km SCALANCE M Page 60
Fra PROFIBUS til PROFINET Via SCALANCE X og MM992-2VD media module SCALANCE X Page 61
SCALANCE M876-4 LTE (EU) Wireless mobile device (4 th generation - 4G) for high data transmission http://www.siemens.com/remote-networks Feature / Function High Data rate (100 Mbit/s downlink, 50 Mbit/s uplink) and antenna diversity Wide temperature range (-20 C to 60 C) Supported security: IPsec, OpenVPN, Firewall Integrated managed 4 Port Switch Redundant power supply M876-4 EU: GPRS/UMTS/LTE (4G) Benefit Transmission of high data rates and simultaneously a robust wireless connection Deployment in areas with different climate conditions Higher network security by means of known standards Up to 4 IP-addresses for several sub networks configurable Reliable operation even if one power supply fails Worldwide use since country specific standards are supported Supported by SINEMA Remote Comfortable and secured maintenance Connect of far distributed machines and plants, that via remote access Page 62
Flexible protection of automation networks with SCALANCE S615 Feature / Function Benefit Firewall and VPN (IPsec and OpenVPN to SINEMA RC) Protection against unauthorized access from outside and data transfer Variable security zones via VLAN High degree of flexibility for firewall configuration http://www.siemens.com/scalance-s Digital input for controlled tunnel setup Communication via unsecured networks only if required Auto-configuration interface for SINEMA Remote Connect Time and cost savings No expert knowledge required Page 63
SCALANCE M Overview of wireless public portfolio SCALANCE M874-2 SCALANCE M874-3 SCALANCE M876-3 WAN interface 2G / EDGE 3G / HSPA+ 3G / HSPA+ IE number of ports DI/DO FW/VPN (IPsec)/ NAT OpenVPN * VRRP/HSR/MRP/RSTP * WBM TIA Portal / CLI * 2 1/1 yes yes yes yes Yes 2 1/1 yes yes yes yes yes EV-DO 4 1/1 yes yes yes yes yes Data rate Downlink Uplink up to 237 kbps up to 237 kbps up to 14.4 Mbps up to 5.76 Mbps up to 14.4 Mbps up to 5.76 Mbps Page 64 *In preparation
SCALANCE M Overview of wired portfolio SCALANCE M812-1 SCALANCE M816-1 SCALANCE M826-2 WAN interface IE number of ports DI/DO FW/VPN (IPsec)/ NAT *OpenVPN/PPTP/L2TP *VRRP/HSR/MRP/RSTP WBM *TIA Portal / CLI C-PLUG Data rate Downlink Uplink ADSL2+ 1 1/1 yes yes no yes yes No 25 Mbps 1.4 Mbps ADSL2+ 4 1/1 yes yes yes yes yes yes 25 Mbps 1.4 Mbps SHDSL 4 1/1 yes yes yes yes yes yes 15.3 Mbps 15.3 Mbps = public = private * 2nd delivery stage Page 65
SCALANCE M826-2 Transmission rate up to 15.3 Mbps; up to 20 km Distance [km] Bandwidth [Mbps] (copper pair of wires with a diameter of 0.6 mm 2 ) Bandwidth [Mbps] (copper pair of wires with a diameter of 1.4 mm 2 ) 0.1 15.3 15.3 0.2 13.3 14.0 0.5 11.8 13.2 1 9.24 11.6 2.5 4.47 7.92 5 1.33 4.18 7.5 0.40 2.21 10 0.124 1.20 15 0.032 0.325 20 0.031 0.090 Page 66 Note: The table does not contain guaranteed values, but guidelines for typical relationships of bandwidth to distance for two cables. The actual values that can be reached depend on the length, cross-sectional area, age and quality of the cable used.
SCALANCE M826-2 PN-IO cycle times as of 64 ms Bandwidth [Mbit/s] PN-IO cycle time* [ms] (per device) 15.3 12.8 64 0.768 0.384 128 0.192 256 0.128 512 < 0.128 n.a. *) Constraints With additional communications load (e.g. SNMP, S7 communication), the PN IO cycle time must be increased The PN IO cycle time must be calculated per device The measurement is based on a maximum of 48 bytes of user data per PN IO device Bridge mode must be activated (no routing) Page 67 Note: The table does not contain guaranteed values, but guidelines for the PN-IO cycle times. The actual values that can be reached depend on the length, cross-sectional area, age, quality of the cable and the respective PROFINET configuration used.
Industrial Remote og trådløs kommunikation Opsummering IWLAN Sikre tilgængeligheden via mange former for redundans, og så er det enkelt at idriftsætte SINEMA Remote giver sikker, nem og hurtig adgang til maskiner og processer Et kæmpe udvalg af RTU er er, kan løse enhver opgave Page 68
Mange tak for jeres opmærksomhed Kontakt info Navn Telefon email Morten Kromann +45 2037 3508 morten.kromann@siemens.com Per Krog Christiansen +45 4042 6239 per.christiansen@siemens.com Lars Peter Hansen +45 2129 9650 lars-peter.hansen@siemens.com Page 69