Physical Infrastructure for the Converged Plantwide Ethernet Architecture

CPwE Physical Layer Overview

---

This chapter includes the following major topics:

• CPwE Overview
• CPwE Resilient IACS Architectures Overview
• CPwE Physical Layer Solution Use Cases

The prevailing trend in Industrial Automation and Control System (IACS) networking is the convergence of technology, specifically IACS operational technology (OT) with information technology (IT). Converged Plantwide Ethernet (CPwE) helps to enable IACS network and security technology convergence, including OT-IT persona convergence, by using standard Ethernet, Internet Protocol (IP), network services, security services, and EtherNet/IP. A reliable and secure converged OEM, plant-wide or site-wide IACS architecture helps to enable the Industrial Internet of Things (IIoT).

CPwE Overview

CPwE is the underlying architecture that provides standard network and security services for control and information disciplines, devices, and equipment found in modern IACS applications. The CPwE architectures (Figure 1-1) were architected, tested, and validated to provide design and implementation guidance, test results, and documented configuration settings. This can help to achieve the real-time communication, reliability, scalability, security, and resiliency requirements of modern IACS applications. The content and key tenets of CPwE are relevant to both OT and IT disciplines. CPwE key tenets include:

• Smart IIoT devices—Controllers, I/O, drives, instrumentation, actuators, analytics, and a single IIoT network technology (EtherNet/IP), facilitating both technology coexistence and IACS device interoperability, which helps to enable the choice of best-in-class IACS devices.
• Zoning (segmentation)—Smaller connected LANs, functional areas, and security groups.
• Managed infrastructure—Managed Allen-Bradley Stratix industrial Ethernet switches (IES), Cisco Catalyst ^® distribution/core switches, FactoryTalk ^® Network Manager ^™ software, and Stratix industrial firewalls.
• Resiliency—Robust physical layer and resilient or redundant topologies with resiliency protocols.
• Time-critical data—Data prioritization and time synchronization via CIP Sync and IEEE-1588 Precision Time Protocol (PTP).
• Wireless—Unified wireless LAN (WLAN) to enable mobility for personnel and equipment.
• Holistic defense-in-depth security—Multiple layers of diverse technologies for threat detection and prevention, implemented by different persona (for example, OT and IT) and applied at different levels of the plant-wide or site-wide IACS architecture.
• Convergence-ready—Seamless plant-wide or site-wide integration by trusted partner applications.

Figure 1-1 CPwE Architectures

CPwE Resilient IACS Architectures Overview

An IACS is deployed in a wide variety of industries such as automotive, pharmaceuticals, consumer packaged goods, pulp and paper, oil and gas, mining, and energy. IACS applications are composed of multiple control and information disciplines such as continuous process, batch, discrete, and hybrid combinations. One of the challenges facing industrial operations is the industrial hardening of standard Ethernet and IP-converged IACS networking technologies to take advantage of the business benefits associated with IIoT. A resilient LAN architecture can help to increase the overall equipment effectiveness (OEE) of the IACS by helping to reduce the impact of a failure and speed recovery from an outage, which lowers Mean-Time-to-Repair (MTTR).

Protecting availability for IACS assets requires a scalable defense-in-depth approach where different solutions are needed to address various network resiliency requirements for OEM, plant-wide or site-wide architectures. This section summarizes the Cisco, Panduit and Rockwell Automation CPwE validated designs that address different aspects of availability for IIoT IACS applications.

• Deploying Device Level Ring within a Converged Plantwide Ethernet Architecture Design and Implementation Guide outlines several use cases for designing and deploying DLR technology with IACS device-level, switch-level, and mixed device/switch-level single and multiple ring topologies across OEM and plant-wide or site-wide resilient LAN IACS applications.

– Rockwell Automation site:
https://literature.rockwellautomation.com/idc/groups/literature/documents/td/enet-td015_-en-p.pdf

– Cisco site:
https://www.cisco.com/c/en/us/solutions/enterprise/design-zone-manufacturing/landing_ettf.html

• Deploying Parallel Redundancy Protocol within a Converged Plantwide Ethernet Architecture Design and Implementation Guide outlines several use cases for designing and deploying Parallel Redundancy Protocol (PRP) technology with redundant LANs across plant-wide or site-wide IACS applications.

– Rockwell Automation site:
https://literature.rockwellautomation.com/idc/groups/literature/documents/td/enet-td021_-en-p.pdf

– Cisco site:
https://www.cisco.com/c/en/us/solutions/enterprise/design-zone-manufacturing/landing_ettf.html

• Deploying A Resilient Converged Plantwide Ethernet Architecture Design and Implementation Guide outlines several use cases for designing and deploying resilient plant-wide or site-wide architectures for IACS applications, utilizing a robust physical layer and resilient LAN topologies with resiliency protocols.

– Rockwell Automation site:
https://literature.rockwellautomation.com/idc/groups/literature/documents/td/enet-td010_-en-p.pdf

– Cisco site:
http://www.cisco.com/c/en/us/solutions/enterprise/design-zone-manufacturing/landing_ettf.html

• Deploying a Fiber Optic Physical Infrastructure within a Converged Plantwide Ethernet Architecture Application Guide helps designers and installers select and deploy fiber-optic media in plant/site environments. It details fiber optic network infrastructure solutions that provide high-performance connectivity options that help increase the integrity and availability of a CPwE architecture at each level of the OEM, plant-wide or site-wide network.

– Rockwell Automation site:
https://literature.rockwellautomation.com/idc/groups/literature/documents/td/enet-td003_-en-p.pdf

– Cisco site:
http://www.cisco.com/c/en/us/solutions/enterprise/design-zone-manufacturing/landing_ettf.html

CPwE Physical Layer Solution Use Cases

Successful deployment of CPwE logical architectures depends on a robust physical infrastructure network design that addresses environmental and performance challenges with best practices from Operational Technology (OT) and Information Technology (IT). Cisco, Panduit, and Rockwell Automation have collaborated to reference Panduit’s building block approach for physical infrastructure (Figure 1-2) deployment. This approach helps customers address the physical deployment associated with converged OEM, plant-wide or site-wide EtherNet/IP architectures. As a result, users can achieve resilient, scalable networks that can support proven and flexible CPwE logical architectures designed to help optimize OEM, plant-wide or site-wide IACS network performance.

The following use cases were documented by Panduit:

• Robust physical infrastructure design considerations and best practices
• Control Panel:

– Electromagnetic interference (EMI) noise mitigation through bonding, shielding, and grounding

– Industrial Ethernet Switch (IES) deployment within the Cell/Area Zone

• Physical Network Zone System:

– IES and Access Point (AP) deployment within the Cell/Area Zone

• Cable distribution across the Industrial Zone
• Industrial Distribution Frame (IDF):

– Industrial aggregation/distribution switch deployment within the Industrial Zone

• Industrial Data Center (IDC):

– Physical design and deployment of the Level 3 Site Operations

Figure 1-2 Panduit Robust Physical Infrastructure for the CPwE Architecture