Today's competitive and global manufacturing climate is driving the deployment of new technologies at an accelerated rate. Growth-oriented businesses recognize that retaining a competitive advantage means understanding and wisely selecting these new technologies, and then deploying them with maximum effect.

Many industrial manufacturing firms are finding compelling reasons to take a hard look at wireless solutions. Wireless technology changes the way that business is conducted and how it's connected to management, employees, the sales channel, vendors and, most importantly, to its customers. But while the application of wireless technology brings such advantages as lower installation and maintenance costs, faster up time, more system flexibility, and easier scalability, it also presents new challenges to the would-be user, including issues related to secure and reliable communications of corporate and operational data.

Wireless changes everything
For more than 20 years, industrial applications have found value in wireless solutions. Supervisory control and data acquisition (SCADA) systems, such as those used in water and wastewater treatment, as well as oil and gas pipeline applications where the transfer of data can be over many miles, have benefited from wireless technology.

Although wireless is not new to industrial applications, it still carries a certain mystique. Sending corporate data through free-air seems inherently loose to the industrial plant or manufacturing engineer. Rather, seeing point "A" physically connect to point "B" retains a certain comfort level, suggesting a more secure and reliable communications medium.

Wireless does work, and advances in the technology make it robust and inherently more secure for current industrial applications.

Ethernet technology has become the local area network (LAN) protocol of choice for industrial use on the plant floor. The sheer simplicity of wired Ethernet allows easy, reliable and inexpensive deployment. And Ethernet provides a perfect platform for wireless technology. Through the use of an access point - a device that connects wireless communication devices together to form a wireless network - wireless extends the power of a wired Ethernet. Wireless access points present a new paradigm for industrial engineers, allowing them to access operational data when needed, with quick installation times and under more mobile conditions. Adding human machine interface visibility anywhere along the operation no longer requires hard wiring, electricians or system downtime, a very attractive thought to the plant manager on a never-ending quest for productivity gains.

The most common wireless access point uses the 802.11 protocol. However, due to its commercial origins, the developers of 802.11 gave little thought to security, standards or network management.

As wireless access points became more pervasive, would-be users recognized the inherent weakness in Wired Equivalent Privacy (WEP) encrypted 802.11 wireless installs - part of the IEEE 802.11 wireless networking standard. This concern for security is rooted in a fundamental question for industrial use: How secure is a wireless link compared to running wire?

Assessing your wireless security needs
In industrial applications, it is imperative to clearly understand how the system will behave when transferring data throughout the factory or plant. Imagine if a competitor could easily gain access to your plant data. They could model your plant, determine your cost of product, understand unused capacity, recognize the state of your equipment and potentially predict some of your future maintenance needs. Therefore, engineers thinking of applying wireless solutions must understand how to protect the system against hackers, competitors and other perpetrators; how to handle jamming or unwanted messages from getting into the process; and how to protect the application/network from malicious damage (e.g. disgruntled employees).

Determining how secure is secure, defining a hierarchy of access which aligns access privileges with functional uses for each work area, and selecting wireless products to best protect against unauthorized access to system operation, can be daunting.

The fact is, no single wireless solution fits all applications. Application requirements (e.g. distance, data speed, topography, network function) all help to select the correct wireless technology. The balance between the risk and the cost of security must be considered in any protection scheme. Wireless deployment for a small manufacturing firm might only require a minimum level of security, while mission-critical information on a process inside Procter & Gamble demands the highest security available to prevent competitive espionage.

Security options
Defining wireless security requires attention to both network and data messaging. SP100 is an emerging standard in industrial automation for wireless devices. It has defined networking security protection against deliberate attack or human error, and data messaging communications against deliberate attacks and eavesdropping. Wireless products that conform to this standard can provide a good base to your wireless security scheme.

Many suppliers of wireless solutions rely on spread spectrum as the only protection. Spread spectrum was developed by the military to inhibit unwanted intrusions by using a frequency-hopping mode of data transmission. Basically, data continually hops across a wide range of frequencies that constantly change in a random sequence. This protection method is a good start, but not good enough. To listen to data, an intruder must know the hopping sequence. It simply forces the perpetrator to use the same model wireless products that they are hacking into, which is not a big hurdle.

Fundamentally, transferring data in a secure wireless manner is divided into two parts - authentication and encryption. Authentication schemes, similar to passwords, verify the user's identity, ensuring that the identity of a wireless client to an access point is who it says it is and vice versa. This is typically accomplished by passing "keys" and other pre-programmed information known only to the client device and its host back and forth. Encryption involves enabling a certain bit capability established in many wireless devices. Encryption defines the management of these keys that feed into an algorithm to encode or decode the data running over the network. These measures are used to prevent unauthorized "data sniffing."

Wireless local area networks (WLAN) are common in short-distance data communications within a factory or small plant where normal security precautions are in effect. These devices typically operate in the 2.4 GHz frequency range. Initially, 2.4 GHz 802.11 used media access control (MAC) for authentication and WEP for encryption. However, obvious weakness in the WEP encryption scheme and the openness of the encryption information made this approach an easy target for hackers. The Institute of Electrical and Electronic Engineers task force worked to correct this inherent security flaw and amended the standard, which was adopted in June 2004. Called 802.11i, the standard includes the basic security algorithm defined in the United States government's official cipher, the Advanced Encryption Standard (AES), also known as Rijndael, and adds stronger encryption, authentication and key management strategies that go a long way toward guaranteeing data and system security.

Are AES and MAC enough? Because no security method is perfect, many wireless manufacturers find value in proprietary security methods or add features that fatigue the intruder such as multiple levels of security. For example, cracking any encryption method requires a large number of encrypted data samples to be collected and processed by the intruder. Wireless products that make the data transmission random, makes this collection process harder. Devices that use exception-reporting protocols elongate this time. The longer it takes, the less likely the intruder will expend the necessary time.

Wireless products using multiple levels of security provide added flexibility. Anyone wanting to steal or inject a wireless message has to overcome various levels of protection. To be successful, the perpetrator has to figure out how all levels work to obtain your wireless data. These security levels cannot be bypassed by using an identical manufacturer's wireless product.

Multiple levels of protection should include modulation techniques; unique data format structure with added security encryption; network and address validation; the transmission of messages intermittently; and password protection.

For longer distance transmission of wireless data, or to protect the network when outside access is required, the use of a wireless gateway with full firewall protection is necessary. There is little point in securing the wireless data if messages can be fed via an interface device such as a gateway (or wireless access point) unless some form of firewall protection is in effect. Firewalls are core components of network security implementation. They can be standalone hardware solutions or built into the software scheme. Firewall to level protection 7 - the applications layer of the ISO/OSI network model that provides network services to end-users - should be the minimal acceptable for use in industrial applications.

Any worthwhile security scheme should also include protection against jamming techniques. Most frequency hopping is synchronized, so a jamming signal covering a couple of consecutive channels is enough to interrupt the hopping sequence on every hopping cycle, which effectively stops the system from working. Wireless solutions that use non-synchronized frequency-hopping data transmission give a much better performance against this type of attack.

You can't relax
Security is vital for proper use of wireless technology. As the benefits of wireless become more obvious, greater vigilance must be paid to security. You can't let your guard down just because you have implemented a security program. Many suppliers of wireless products provide cutting-edge security methods, but one certainty remains: as security technology progresses, hackers and other malicious efforts will continue to evolve in an attempt to crack the code. Choosing an experienced wireless partner and maintaining company-wide security awareness may be the most effective way to confidently gain advantage from wireless technology.

Frank Williams is the vice-president for Elpro Technologies, an industrial wireless solutions provider. Williams earned a BSEE from San Diego State University and has considerable experience in the instrumentation business.

Today's wireless technologies can save a manufacturer big bucks if carefully managed, but there are several constraints that have to be addressed if wireless networks are to be successfully implemented in a manufacturing environment. For one, the technology has to work properly, which is not as straightforward as it might seem. Given that the network and devices communicate with each other over the air at the advertised speed and distance, they also have to work with any number of different vendors' wireless devices; they have to be reasonably manageable for deployment, modification or configuration; and they must be secure from intrusion and spoofing. They should be tolerant of changes in the radio frequency (RF) environment, including incidental interference and other environmental changes ranging from weather to a passing freight train traversing a line-of-sight communications path.

Another constraint is the fact that there are many wireless standards. The application requirements for distance, bandwidth and power consumption dictate that different standards will be required, but finding what is right for your application is a formidable task. In addition, the technology is rapidly changing. Thus, manufacturers are asking themselves if standards can keep up, and if the rapidly changing technology will make their investment obsolete in two years.

Given all of these constraints, why would anyone be jumping into wireless right now? The primary motivation is the potential savings.

Cost savings
The cost of running wires in an industrial environment is very high, ranging from hundreds to a thousand dollars, or more, per foot. So the cost of incremental measurements for fewer dollars is a big motivator. For example, a chemical company needed to profile the temperature of a steam pipe that ran 2,000 metres across the plant to assure no condensation was developing. The layout of the plant would have required that wires for new temperature transmitters be run underground, which required trenching. This is an old plant and EPA requirements mandate that new construction that requires ground breaking examine the soil for contamination. If contamination is found, remediation is required. Having a wireless transmitter not only reduced the cost of attachment, but avoided any requirement to put a shovel into the ground.

Even bigger savings are available with new applications that could not have been considered in a wired world, including asset performance management and condition monitoring. Most maintenance in a continuous industry follows a break-fix model - wait for something to break and then fix it. This approach is much less expensive than preventive maintenance, because you are not tossing out working parts simply because the instructions call for maintenance at a particular time. The holy grail of maintenance is model-based predictive maintenance. Based on sensors, typically temperature and vibration, a normal profile can be established. As the profile changes or degrades, maintenance can be scheduled for a time that is convenient for the process and maintenance staff. Dramatic savings are being realized with this technology, but it's only viable with a wireless sensor. If you had to run the wires for all those sensors, the cost would far outweigh the gains.

Wireless management
Wireless networks require significantly more time and attention than wired networks. The key to success is in the management of wireless networks. Today, most wireless networks are allowed to grow in an ad hoc fashion. A good corporate citizen seizes an opportunity, brings in a vendor, and solves a real problem by purchasing a wireless solution. Another point solution is addressed with another vendor, and a third and a fourth, and so on. Each of these solutions has its own technology, its own access point. Each vendor has its own software for security management, and for network and system management. Imagine a half dozen managers coming into work with routers under their arms, setting up subnet groups for their departments. The management information systems and IT folks would be looking on this less than favourably. It simply would not be allowed.

A model needs to be established that, regardless of the state of standards, heterogeneous wireless technologies can be normalized at the access point level (entry into the wired systems). This normalization needs to include a security model that the corporation is comfortable with, and a systems and network management approach that can be managed by plant personnel.

Invensys has adopted an architecture that meets these requirements. The architecture supports a single server in the system as a single point of trust for the security model, and the focal point for common wireless systems and security management. Whenever you are dealing with security architecture, there needs to be a single point of responsibility for policy management, otherwise you are likely to either get contention or non-deterministic behaviour when trying to resolve conflicts in how to handle exceptions. The security server addresses critical functions that must be met for all wireless activities. These security and management functions seem to grow exponentially with the increasing numbers of various devices, networks, communication models and vendors. It's only by having a common management of the wireless infrastructure that the situation becomes containable. Security and network management functions must include dynamic network management; fault and escalation policy management; configuration management; accounting/usage management; performance management; security management; device commissioning; and a policy service broker.

The policies and standard operating procedures (SOPs) in place for wireless networks must define all methods using, sharing and securing the available bandwidth. This has implications for planning, implementation, operation, maintenance and expansion. For these reasons, wireless networks require a very thoughtful level of construction.

Policy management and validation also ties into the end-user's existing IT requirements. The system must be designed to comply with corporate requirements for activities like reporting errors, and observing network behaviours and performance based on that information. It must cover every aspect of the operations, from initial configuration to ongoing optimization.

Commissioning and qualification of the wireless network is comparable to commissioning and qualification of any network, but with added emphasis on security and interference. Interference would be addressed first during an RF site survey, which uses scientific tests to measure RF in the plant and in the local area surrounding the plant. Additional security and RF interference testing must also be built into routine maintenance procedures to account for changing internal and external conditions.

Performance, availability and utilization are also reporting criteria within systems management, and must be considered as part of an ongoing management program. Policies, such as alarm/alert handling, are part of the system's management function.

Policies and SOPs that meet regulatory requirements must also be in place for handling problems. Once the system detects interference, for example, what does it do? Will it reroute traffic, change frequencies or reconfigure antennas to be active or inactive? Some of the options depend on the capabilities of the technology, but within that framework, policy is necessary to guide choices.

Implementation
Implementing a management infrastructure requires several months of cross-company planning. Implementation of the technology itself can usually be done in a few weeks. Few companies have the resources to maintain staff necessary for initial implementation, especially because demand for specialists with relevant skills is very high. Outsourcing to one of the emerging specialist firms is currently the most cost-effective strategy for companies that want to enjoy the benefits of wireless networking immediately with little risk.

The following checklist can be used to assess your wireless needs and design a system that is consistent with your wireless strategy, policies and quality requirements:

• Survey the entire company to determine where wireless technologies can best support your business strategy;
• Create an enterprise-wide policy to control wireless deployment;
• Design an architecture that will achieve these goals effectively;
• Conduct an RF site survey to identify potential sources of RF interference and locate wireless communications devices, both internally and external to the plant;
• Select and purchase hardware and software that is cost-effective, proven and scalable;
• Develop a prototype in an area with high ROI potential for immediate payback;
• Integrate to the existing business and operations systems;
• Measure and evaluate ROI effectiveness of application;
• Collect lessons learned, measure cost effectiveness of improvements, reassess the strategy, and plan next steps, including additional sites and plants, and global solutions for a rollout; and
• Conduct ongoing monitoring, maintenance, support and optimization services, and incorporate relevant technologies as they emerge.

Wireless is here to stay. The technology is capable of enabling many valuable applications across the enterprise. The key to a safe, secure and robust implementation of wireless networks is enterprise-wide planning, co-ordination and management.

Hesh Kagan is the director of technology in the Applications, Services and Solutions division of Invensys Process Systems. He is currently co-ordinating the wireless strategy and product development for the Invensys group. Kagan is a founding member and the current president of the Wireless Industrial Networking Alliance (WINA), an organization focused on increasing the adoption of wireless technologies in industry.

If you bought a cell phone in 1996, chances are it was big, bulky and approximately the size of a shoe. It didn't do much–just let you make and receive phone calls. It probably cost a pretty penny, too, with rates running upwards of a dollar a minute.

Now imagine you still had that phone today. For the past 10 years, you used the perfectly functional, if slightly outdated, phone, and it served you well. But let's say you decided to upgrade your phone. Today's cell phones are razor-thin and incorporate full-colour graphics, text messaging capabilities, video games, MP3 players, and can even provide access to television and the Internet.

That's a lot of new technology that you missed out on in 10 years. And it can be an intimidating task to update to a newer technology when you've grown accustomed to using the older one.

Hastech Manufacturing faced a similar challenge. The Guelph, Ont.-based subsidiary of auto parts giant Linamar builds transmissions for some of the world's biggest automakers. But automakers don't often redesign transmissions, so Hastech had not changed its manufacturing process in years.

"The design [of a transmission] will stay unchanged for 10, 12 or 15 years," says Jason Balzer, program manager for Hastech. "Some transmissions run for 20 or 30 years without changing. Many of the products we have here have been around for more than 10 years."

Recently, one of the company's clients designed a new transmission, which meant Hastech had to design a new line to make it. Since Hastech had not launched a new product in a number of years, it had not needed to make use of the latest automation technology available. Like the fictional cell phone user, the company needed to adjust to some big changes in technology.

Small space = big challenge
Hastech was faced with some very tight constraints, the biggest of which was also the smallest: The company had to find a way to get 110 machines and 32 gauges spanning four separate product numbers to fit in an area totalling slightly more than 14,000 sq. ft. Hastech also needed to control all four lines independently and deal with the large amounts of inputs and outputs needed to communicate with the machines, gauges and robots–all while still maintaining acceptable uptime numbers for its customer.

So the company turned to Andor Robotic Solutions, an automation solutions provider, also based in Guelph. Together with Andor, Hastech created a new, technologically advanced manufacturing line that met all of its requirements and more.

Meeting of the minds
Hastech was originally looking for a quote on automating a number of smaller, individual cells. "When we realized the scope of the job, we asked them if we should look at the whole line overall and a total automation solution," says Steve Spanjers, Andorís vice-president. "That's where it started."

Andor's team realized the job would not be easy. With so much to cram into such a tight space, they had to find a solution that was different from anything they'd ever done before.

"When they told us the floor space requirements, we almost laughed at them," says Mike Kazmaier, a sales manager at Andor. "That really drove the direction."

Hastech and Andor then sat down to start working on a layout. "We probably had 40 iterations of this layout on our server," says Kazmaier. "There were a couple of places where they were actually combining the two lines to share a machine and then breaking them off again later on. Putting that layout together was, I think, one of the toughest parts of the job.

"It's like pieces of a puzzle," he adds. "The problem is that when the puzzle has to combine in certain places, you can only assemble it in a certain way. We had to come up with something that was going to work and was also going to fit in the space they wanted it to."

So how did Andor and Hastech finally solve this puzzle? The team developed and implemented a full wireless control system.

"We started looking at placing individual panels out on the line and we kept coming up with really big numbers, like we would need 100 HMI (human-machine interface) panels," Spanjers says. "Then we started talking about different wires and pendants that we could plug in around the line, but even just the cost of running drops all over the place would have been quite high. That's when we came on this wireless solution that we developed with some help from Rockwell. As far as we know, this is the first time a system like this has been used in production."

The line was carefully engineered to use 32 ceiling-mounted gantry robots, four floor-mounted robots and several custom-designed pick-and-place units. All of the control is done from one AB Controllogix CPU connected to an Ethernet network.

Andor's team installed an RSView SE server and programmed it to meet Hastech's specifications. They connected the server to a floor-mounted switch via a fibre optic cable and connected wireless access points to this switch, along with the PLC. The control devices are simply rugged tablet PCs, with standard 802.11b wireless Ethernet cards.

Not only did the wireless solution allow Hastech to fit everything into the small space, it also saved money. "The big savings is not running wire," says Spanjers. "We don't have to run wire. We don't have to make panels all over the place. To pull all that extra wire at the front-end of the project would have cost more time. In this case, we ran one Ethernet cord from the access point."

And because it is so customized, the new solution also gives Hastech the flexibility it needs. "The lines were installed to run completely automated, but we wanted the flexibility to be able to turn them manually," Balzer says. "It does complicate the whole integration, because certain things you want to do when running a machine or a section manually, you don't want to do when you run it with automation. But with these HMIs, they can provide us the functionality to turn off certain pieces of automation."

Up and running
The fact that the solution was wireless posed a challenge at first, Spanjers explains. "When we called Rockwell for technical support, when we told them what we were doing, the tech support guys were always a little nervous because they'd never heard of it being done before.

"It was a bit stressful at the start to get it set up," he adds, "not knowing for sure because it hadn't been done before."

Hastech is ramping up production on the line before its client launches the new transmission into wide release, and it's looking good.

While the team has yet to calculate hard numbers in terms of savings or return on investment, they all agree the savings are there. "We did run some preliminary numbers," says Spanjers. "For us, it looked like at least a cost wash and a time saver. When you look at it that way, it makes a lot of sense."

"There is some direct cost-savings, too," adds Balzer. The gauges Hastech is using on the floor "didn't come with a cycle start button on them," he says. "Rather than having electricians install a physical button, we could actually, on the tablet PC, add a virtual start button."

The wireless aspect also makes Hastech's IT requirements easier. "It's just a tablet PC," Spanjers says. "All Linamar's IT staff know how to handle it. The access point is just a regular 802.11. IT knows how to support it already."

Finally, the solution allows Hastech to tweak the line before the product goes into wide release. The robots are easily reprogrammed and re-tasked, Spanjers says. "We make a quick programming change and we're back up and running."

The future
For Hastech, though, the real key is how well the line can change and evolve to meet future requirements. "I don't even think at this point we've even really used it up to its full advantage," Balzer says. "We will start to realize over time how much more useful it really is."

Spanjers agrees. "From the control architecture point of view, Hastech is actually looking at more of an advanced data collection system they want to build on top of it. Because the architecture is so scalable, it's not going to be a huge leap for them to jump in and throw in another server to do some data collection so they can calculate everything automatically and gauge and control the line better."

The strict quality control process in the automotive manufacturing industry is always a challenge for companies like Hastech, and the new solution could help improve that as well. It can allow the engineers to communicate with the shop floor instantly when production requirements change.

"When you start talking about just-in-time and tight deadlines, being able to communicate with the guys on the floor, and communicate changes down through e-mail and update the process specs, quality assurance and production requirements–it brings the shop floor guys closer to these guys up here so they can communicate better," Spanjers says.

And how does Hastech appreciate the new line? "We've never worked on another program that's been nearly as big," Balzer says. "We had to use the old-fashioned HMIs to know how good we've got it right now."


Alison Dunn is a Burlington, Ont.-based freelance writer, and former editor of Manufacturing AUTOMATION.