Many manufacturing facilities are executing
asset digitization projects to incorporate
Industrial Internet of Things (IIoT)
connectivity between devices. In many instances,
plant-wide and machine-to-machine communication
using an Ethernet-based protocol is the norm.
Machines are utilizing Ethernet for internal
communication between components as well. With
more and more manufacturers depending on internet-
connected machinery, the plant engineer now
needs to follow the policies of the IT department
in addition to usual operational technology (OT)
requirements. Using an IP router can resolve network
conflicts between the IT department and OT,
allowing machines to be more easily integrated into
an IIoT environment.
Modern machines are comprised of various complex
subsystems that communicate via the Internet
Protocol (IP)—the backbone of the Internet.
The machine builder pre-defines each subsystem
IP address and the range of addresses devoted to
each machine. This addressing convention may
conflict with the customer’s addressing policies,
which increases the installation time and introduces
unnecessary complications. An IP router can
quickly and effectively integrate these machines to
the customer’s existing IP infrastructure, benefiting both customer and machine builder alike.
The various IP components of the machine are
assigned IP addresses and the application controlling
these various subsystems is programmed to communicate
to these subsystem devices using their IP
addresses. A machine builder then ships this tested
machine to his customer, but the IP addresses used
at the customer’s site are probably different than
what was tested at the machine builder’s factory.
Changing the IP addresses on the machine and
modifying the control program to communicate
with revised IP addresses to comply with the customer’s
IP address requirements adds significant
time to the commissioning process and hinders the
ability to bring the machine on-line quickly.
The use of an IP router allows the machine’s IP
addresses to remain unchanged. The IP router consists
of two networks, one internal network called
LAN and one external network called WAN. The
machine is connected to the internal network and
the external network is connected to the plant
which can be easily changed to comply with the
plant’s IP requirements. The various machine subsystems
are presented as one device to the plant
network but can be easily accessed individually by
using various features of the IP router like port forwarding,
port range forwarding and NAT (network
address translation).
For example, consider a machine builder tasked
with the installation and network configuration of
automated guided vehicles (AGVs). The project
requires a method that simplifies the Ethernet network
within the AGV system and allows technicians
to have dependable external access to the devices
without IP address conflicts.
In this case, the AGV system consists of a
programmable logic controller (PLC), a human
machine interface (HMI), and a barcode reader
that form an internal network with a built-in 4-port
switch connected to the LAN side of a ContemporaryControls EIGR IP router. Using the port
forwarding feature of the IP router, the different
IP ports from the external WAN IP address are
mapped to different internal LAN devices in the
AGV. This setup is then easily uploaded to multiple
routers for use in different AGVs allowing for the
same configuration across all the devices. The time
is takes to test the AGV while it is being built at
the factory is reduced, and installation at the site
is simplified by requiring just the WAN IP address
to be configured either via static IP or DHCP. No
other IP settings for the devices or the applications
need to be modified at the install site.
Using this set-up, there is direct access to the
PLC through the IP router, allowing the customer to
easily monitor and program the PLC. The HMI and
the bar code reader can also be accessed through the
router. The multicast traffic is kept within the AGV
network and doesn’t impact the customer’s IT network.
The IP router’s built-in firewall prevents direct
unauthorized access to the LAN side devices from
the WAN side, making the AGV system a secure
and effective addition to the IIoT facility.
