The various field buses that have been integrated into most applications over the past years ago have not really changed the situation. The Switch Boxes are still typically connected via wires, in a star topology, to bus concentrators.
Wireless monitoring of valves can revolutionize industrial processing and help industries meet the demands of increasing competitiveness. Intelligent wireless valve monitoring in industrial environments enables real-time data sharing throughout a facility and this, by definition, increases industrial safety, efficiency, and productivity. Wireless valve monitoring technology offers reliable, autonomous, and improved process control enhancing safety, ameliorating product quality, increasing yield, and reducing costs.
Lower Costs. The costs associated with installing, maintaining, troubleshooting, and upgrading wiring have escalated while costs of wireless technology maintenance continue to drop – particularly in the areas of installation and maintenance. A market study by the Venture Development Corporation found that users of wireless technology cite lower cost as a major reason for adoption.
Installation. Wireless valves monitoring systems could ultimately eliminate tens of thousands of feet of wiring in the average industrial site. Deploying such wiring can cost $50 to $200 per foot . Specialized wiring for harsh environments can cost as much as $2,000 per foot.
Maintenance. As wires age, they can crack and fail. Inspecting, testing, troubleshooting, repairing, and replacing wires requires time, labor, and materials. If wiring faults cause a production stoppage, costs escalate rapidly. Wireless valve monitoring systems obviate any costs associated with running new wires and eliminate associated downtime.
Improved Flexibility. Without the constraint of wires, plant managers can better track materials and more easily reconfigure assembly lines to meet changing customer demands. Freedom from wires also allows greater flexibility in valves placement – particularly in the case of mobile equipment (e.g., cranes and ladles).
Rapid Commissioning. Simple wireless valve monitoring systems can be rapidly and easily organized and configured into an effective communications network. Self-calibration and verification open the door to the deployment of ad hoc wireless valve monitoring systems and offer a broad range of production scenarios.
Existing Wireless Standards
The ISA has established the standards committee on wireless systems for automation (ISA-100) and recently released the first draft (ISA-S100.11a) of the Wireless Network Optimized for Industrial Monitoring. The Wireless Hart protocol was recently released, and related products have started to appear on the market. The ZigBee protocol, which is very close to the ISA100 and Wireless Hart standards, has been available for some time and is supported by many chip and solution vendors and has the added advantage of being very cost-effective. The ZigBee technology is broadly utilized in building automation and energy control devices which are also used in the process industry.
All three protocols are based on IEEE 802.15.4 standard and have a lot of common.
Exploding Need for Wireless Monitoring of Valves
The worldwide value of the industrial valve market reached US$60 billion in 2006. This corresponds to the annual sale of about 350 million industrial ball valves of various sizes. Most of the valves sold (80 percent) are manual, without any remote monitoring capabilities. About 40 percent of the actuated industrial valves sold have no monitoring capabilities. All the valve monitoring systems sold today are wired.
Industrial users (pharmaceutical, petroleum, water, etc.) have expressed the need for more monitoring capabilities on the manual and actuated industrial valves they operate in their process lines. This will increase line safety, ensure compliance to regulations, improve yield, decrease operating line costs, provide better compliance to environmental requirements, etc. The option of installing a wired monitoring device on the manual or actuated valve is not practical due to the cost of wiring installation (US$50 to US$200 per foot) which can exceed US$5,000 per value, and a process plant can have thousands of industrial valves. A wireless valve monitoring solution can cost a fraction of this (10 percent). The cost of a wired valve monitoring system with 5,000 valves can reach the prohibitive amount of US$25,000,000 while setting up a wireless system will run at about US$2,500,000.
Wireless technology comes with its own set of challenges – propagation, interference, security, regulations, and other issues. Some control applications can afford the cost of adding a high-end wireless communication system such as cellular phones, WiFi, WiMax and so on. Nevertheless, the required wireless application will benefit if the technology is relatively low cost, is reliable, and robust, and it is standards compliance in order to drive interoperability among manufacturers and provide direct benefit to the end users.
The ZigBee Technology
The ZigBee technology is widely available and can be found in very cost-attractive industrial monitoring and control solutions. Many end users are considering using the ZigBee technology in their process line for simple monitoring applications and for energy management and automated infrastructures. The ZigBee wireless network is robust and reliable, low-cost, with a very low power consumption. It allows utilizing a valve monitoring solution powered by two small ½ AA Lithium batteries which last for more than 5 years assuming a 30-minute update rate, and with less than 100 ms latency.
The relatively low data rate (0.25 Mbps) achieved with a ZigBee network is adequate for valve monitoring requirements. The ultra low power consumption and the low cost features of ZigBee make this technology the best choice for valve monitoring applications. To achieve the goal of low total product cost as well as long battery life, the ZigBee / 802.15.4 protocol provides reasonable trade-offs in several performance metrics. To control the administrative costs of both the implementer and the user, ZigBee devices employ unlicensed radio bands. The ZigBee device is designed to be relatively short range without infrastructure. When increased range is necessary, the ZigBee infrastructure utilizes Mesh network topology.
To allow interoperability between ISA100 wireless solutions and ZigBee-based products, the ISA100 standard committee has established a Working Group which has been commissioned to provide a solution to allow seamless integration of ZigBee devices and ISA100-based networks. The ISA100 ZigBee Working Group mission is to provide guidance to end users, suppliers, and regulators to integrate ZigBee devices with an ISA100-based wireless network. The ISA100 ZigBee Working Group will focus on:
• Evaluating the feasibility of such integration and the potential impact on security, reliability, manageability, and performance
• Evaluating various methods using the ISA100 standards to integrate ZigBee devices.
• Coordinating with the ZigBee Alliance using the IP policy of ISA.
The result of this work will be an informative document (technical report) describing the methods and issues associated with this integration.
This ISA100 ZigBee Working Group is expected to release its documents in mid-2010.
A Solution Example, Technology and Products
A good example of the successful implementation of a wireless valve monitoring solution is the system delivered by ELTAV Wireless Monitoring Ltd. from Israel. ELTAV currently utilizes ZigBee wireless communication and plans to modify the communication methodology to the ISA100 standard when it has been released and is fully deployable. Both ZigBee and ISA100 based wireless valve monitoring systems will be available. The following pictures depict an ELTAV valve monitoring device assembled on a manual valve and on an actuator.
The wireless valve monitoring device can be installed on valve actuators (NAMUR interface) or on manual valves (ISO 5211 Interface). The small battery powered valve device (VD) can be installed on existing or new valve actuators or manual valves. The VD can operate for at least 5 years on one battery, which is field replaceable. A network of routers are spread around the plant and use mesh technology in order to transfer the received VD messages to the System’s TCP/IP-based Gateways. The Gateway transmits the valve data to the plant management system, using an OPC protocol, or any other standard communication protocol.
The valve data can be pushed to process line PLCs to allow incorporating valve data into the process operation.
The VD provides information about open or closed states of the valve, and also measures the valve’s angle position in degrees, at ±0.500 accuracy with 0.100 resolution. It also provides its temperature, battery status and other house-keeping information. The VD has inputs to collect data from the field (analog and digital) and outputs to deliver commands to field devices (planned enhancement). It collects the dynamics-of-state change of an actuated valve and transmits it as a data packet, thus providing preventive data on the health of the actuator/valve set. The operation of the VD can be commissioned and programmed from the system server as well as from a handheld operator device, which allows short-range, low frequency communication with the VD.
The current product utilizes a Zigbee chip set from Ember. However, once the ISA100 standard is released and a stack is commercially available, the product will be upgraded to the new ISA-S100 standard. Eltav plans to carry both ZigBee and ISA100 based products.
The system is designed to maximize the probability of message transfer from the Valve Device to the Management System. In preliminary pilot tests, a 100% data transfer has been demonstrated (460,000 messages with no losses and with less than 0.1% retries or rejoins). The measured average latency was less than 100 ms.
Eltav was awarded the 2009 ISA Silver award for innovation for this product.
ZigBee is using Direct Sequence Spread Spectrum (DSSS). This technique increases the bandwidth of the transmitted signal. The wideband technique provides improved communication qualities but usually sacrifice spectrum utilization. DSSS can be modeled by applying a prearranged pseudo-random digital sequence to directly phase-modulate the already data modulated carrier, at a rate in excess of the data rate. The resulting DSSS signal occupies a much greater bandwidth, albeit with a lower spectral power density. The signal is recovered by demodulating the received signal with a replica of the same modulating pseudo-random digital sequence. The DSSS signal process spreads the original signal into a wider bandwidth for transmission over the channel, and then dispreads the signal at the receiver to recover the original signal and the information it contained.
ZigBee uses the 2.4 GHz ISM band which is universally approved for short range unlicensed communication.
The low-power wireless sensor and control networks are extending the capabilities of factory automation systems to physical spaces and functions never before possible. Recently released studies by research firms like Harbor Research (www.harborresearch.com), On World (www.onworld.com) and ABI Research (www.abiresearch.com) predict a rapid acceleration in the adoption of this technology over the next 12 to 36 months.
A major catalyst for this adoption is an upcoming wave of new ZigBee products. Over the past few years, more than a quarter billion dollars of investment has been put into development of the underlying technology for these wireless networks, including low-power, low-cost silicon; ZigBee-compliant network stacks; and development tools. This investment has allowed major OEMs to standardize on ZigBee, and soon they will begin pushing these products to market. The availability of these products will provide companies with the hardware components necessary to move forward with ZigBee deployment projects on the factory floor.
Other key factors that will accelerate the deployment of ZigBee applications are corporate initiatives focused on energy management and stringent operational standards, which are supported by the capabilities of ZigBee.
Putting ZigBee to work
The expected applications of ZigBee include energy management, advanced process control, safety enhancement, machine monitoring and maintenance, as well as temperature and vibration monitoring. But how do you get these wireless applications to work in production operations?
It is important to begin discussing this issue now because there are some critical hurdles and challenges that organizations will run up against when they move forward with their deployments. To help with the transition from wired to wireless, there are a number of questions that manufacturers need to ask themselves.
Key questions - DEPLOYMENT
Before deploying and commissioning ZigBee networks, manufacturers must first consider:
• How do I plan for the quantity and placement of the wireless devices in the venue, particularly when the existing staff has little experience deploying wireless RF devices?
• How do I create a ZigBee application that can be installed by an electrician or other professional who is typically in charge of wired installations?
• How do I create a system whose installation begins on-site by an electrician and is completed by a specialist remotely?
• How do I embed enough automatic capability in ZigBee devices so that they can operate effectively, securely and easily at the time of the device's commissioning?
• How does the installation team establish a simple way of binding each wireless device to the location where it is installed, so that both the device and the application understand the device's functional placement and role?
One common thread that runs through each of these questions is the issue of how to successfully deploy a wireless application using the same team that is responsible for the traditional wired sensors and actuators. Very few of the teams that currently oversee wired sensor networks in industrial settings have extensive experience working with RF devices, and most companies will not have the luxury of an RF-trained engineer to support every step of a ZigBee application deployment. This presents a significant obstacle to ZigBee deployments, which is different than the installation process for wired sensors. Wireless enables freedom of choice, and that will lead to a larger volume of wireless devices. In turn, this means that most of the wireless devices will have to have a level of automated intelligence embedded in them to enable easy commissioning and flexible use. Addressing these challenges will require advanced planning to automate deployment issues faced by the people who will actually have responsibility for installing the ZigBee application.
Key questions - BUILDING APPLICATIONS
When building ZigBee applications, organizations must ask themselves:
• How can I get all the disparate components of a ZigBee network to operate as a unified system?
• How can I accelerate integration of the ZigBee application with other systems within the facility so that it becomes a fully integrated extension of the company's technology infrastructure?
• How do I build the network with automated functionality and network intelligence that addresses the lack of a human interface on most of the devices within a ZigBee network?
One of the most compelling and powerful characteristics of ZigBee applications is that they connect device capability in ways that have previously been impossible to accomplish or even to imagine. That strength of the technology also causes new operational challenges because these applications bring together devices and technologies that have previously not worked together. The process of making these disparate components talk to one another and operate as a unified system is daunting and often requires expertise in atypical areas of technology. Planning ahead to select devices and components that minimize these interoperability issues is very important. Likewise, it will be valuable to have processes and technologies that will help automate the process of building out the application and overcoming interoperability snags that occur along the way.
Key questions - MANAGING THE NETWORK
To manage a wireless network's health and performance, manufacturers have to think about:
• How can I proactively manage the network to ensure reliability and performance?
• How do I dynamically monitor and manage radio consumption to conserve battery power in wireless devices?
• How do I run diagnostics when there is a network performance issue?
• How do I manage network load between different channels or subnets?
• If I have redundancy in the network, in order to maximize reliability, how do I manage the network in real time to deal with issues such as interference and switching channels to improve performance?
One of the things that will catch many organizations by surprise is the difference between wired and wireless networks when it comes to management and maintenance. The diagnostic process, for example, is different for a wired network than for a wireless one. Whereas troubleshooting a failure in a wired device is limited to examination of elements within sub-sections of a wired circuit, performance issues with a wireless device have multiple potential causes and the deductive process of identifying the true cause is complex. More importantly, the network itself must be imbued with the automated intelligence to handle these monitoring and management chores. This will create unforeseen changes for technical teams who are experts in wired systems, but new to wireless networks.
Key questions - ENSURING SECURITY
Security is an important consideration for wireless networks. To ensure the network is secure, organizations must ask themselves:
• How do I ensure that a wireless device is appropriately secured for the application and the function? And how do I begin that device's life in a secure fashion?
• How do I put a system in place that allows that security scheme to be flexible and secure?
• How do I build easy-to-design-and-manage capabilities into the network that establish a hierarchy of access that aligns access privileges with the functional uses of an application?
The question is not whether wireless can be secure; ZigBee networks can and do meet the stringent security requirements at the network level in industrial settings. The question instead is how to make them secure in the application context that not only achieves a user's security objectives, but also provides a flexible platform that supports different purposes of the device and the needs of the organization over time. Advanced work is critical for achieving these twin objectives of security and flexibility.
The questions outlined here are by no means exhaustive. They are meant to provide a starting point for the process that an organization will embark on as it begins planning its wireless deployment. The operational challenges that companies face in building, deploying and managing wireless technologies are real. Advanced planning will help overcome these challenges. Companies need to maximize the level of automated intelligence built into these devices, to minimize the complexity of living with these applications day-to-day once they are operational in production settings.
Recent studies indicate that the industrial Ethernet market will grow at a compounded annual rate in the range of 30 percent per annum over the next three years. It is no surprise then that Ethernet technologies connected both physically and wirelessly are becoming more common in modern digital control systems. With the adoption of open technologies such as Ethernet, both the control system and office environment share many of the same security risks that information technology faces. Wireless systems introduce another variable into the system because the components are not physically joined, causing concern that this is another potential entry point into computer networks.
Today, wired and fibre Ethernet are not very common at the field level. There are a number of field devices starting to come to market that incorporate Ethernet communications capability, though these applications are typically data-intensive operations.
Copper media are the most commonly used means of transmitting data in a plant; however, wireless has been used in SCADA for many decades. By considering changing the Ethernet media from physical (copper and fibre) to wireless, a whole new range of opportunities present themselves, including WirelessHART, OneWireless, ISA-100 and ZigBee, as well as complete SCADA systems using licensed radio.
SCADA systems use a variety of technologies to connect the widely distributed field signals and controllers to the centralized control system. In the past, SCADA tended to use a combination of proprietary communication protocols and, when using wireless, licensed radio bands were the norm. A licensed radio band presented much less risk of interference, typically worked at greater distances and lowered the exposure of competition from other radio signals in the same frequency. However, getting a license for the plant or factory appeared difficult. Today, with advances in wireless technology, license-free solutions are being deployed at an accelerated rate. License-free radios do not carry the stigma of having to get and maintain a license from the government. Many users find this attractive and, therefore, are more willing to deploy a wireless solution.
The most commonly used wireless protocol is 802.11 (Wi-Fi). These commercial standards were developed by the IEEE and contained an inherent form of security protection called WEP (Wired Equivalent Privacy). Very quickly, WEP was shown to be a weak form of protection and has since been upgraded. In June 2004, the new 802.11i standard was released that includes the U.S. government's basic security algorithm, Rijndael Advance Encryption Standard, with stronger encryption, authentication and key management strategies.
Wireless is also susceptible to jamming or other interference techniques. The wider the band, the harder it is to jam. Some suppliers suggest that frequency hopping provides adequate protection from jamming. This is not true because most frequency hopping is synchronized - master unit transmits a regular beat and the slave units hop to the beat. A jamming signal covering a couple of consecutive channels is enough to interrupt the hopping sequence on every hopping cycle, which effectively stops the system from working.
HART Technology is widely deployed in industry, but not all control systems are able to make use of the maintenance and diagnostic information available from these devices because the I/O does not directly support the HART communications superimposed on the underlying analogue communications signal.
The key features of the new HART 7, as compared to HART 5, include: 32 character tags; device status; peer-to-peer messages; enhanced data publishing; time-stamped data; time-triggered actions; process variable trends; command aggregation; and support for WirelessHART.
WirelessHART uses the same tools and practices as wired HART, making it compatible with any HART-enabled control or asset management system and the underlying EDDL technology. For security purposes, WirelessHART includes AES-128 Encryption and a standard 2.4-GHz IEEE802.15.4 frequency-hopping radio.
ISA formed the ISA-100 committee in 2005 to establish standards, recommend practices, publish technical reports and define technologies and procedures for implementing wireless systems in the automation and control environment. The work will support the complete life cycle of a wireless installation, including the design, implementation, on-going maintenance, scalability and management of the resulting control systems. The standards being developed by ISA-100 must also be compliant with ISA-99 (security) and ISA-84 (safety).
The committee's focus is to improve the confidence, integrity and availability of components or systems used for manufacturing or control, and provide criteria for procuring and implementing wireless technology in the control system environment. The result will be a robust, flexible and scalable architecture to meet a wide range of plant requirements and environments.
Ethernet is susceptible to such things as data storms, viruses and other forms of intentional and unintentional consequences. Compounding the problem is the fact that most control systems are not inherently protected from these forms of failures. Work done by CERN when selecting the PLCs to be used on the supercollider found that at least 25 percent of PLCs can be compromised with the most commonly used security test tools on the Internet.
The most important tool for a secure system is the creation of an effective security policy outlining such things as cryptography, firewalls, logins, physical and virtual security, back-ups and other decisions often similar for IT and process control networks (PCN). Much of the policy and resulting practices for the IT and PCN systems will be similar; however, the biggest difference will be the mindset of how each support group maintains their high levels of reliability. The IT community typically is interested in protecting the core or servers, and is willing to sacrifice an edge device such as your desktop computer to do so. Unfortunately for the PCN, it is these edge devices that are the most important because they are the ones directly connected to the process. It is important to have open and regular communication between these groups so that simple things such as management of IP addresses across a facility will not result in duplication of addresses in two locations.
Not only is security being regulated by industrial groups such as NERC (North American Electrical Reliability Corporation), but standards are being written by groups like ISA's ISA-99 committee. The regulations prepared by NERC are being considered for adoption in other parts of the world for the electrical industry in particular, while the work being done by ISA is being considered by the IEC.
The NERC documents are presently undergoing revision to more actively promote a "defence in depth" strategy similar to the one being developed by ISA-99. The U.S. government's National Institute of Standards and Technology also recently released a draft document of Special Publication 800-82 - Guide to Industrial Control Systems Security. Both groups are supportive of the "defence in depth" principle that implements several layers of protection between the potential methods of attack and the control system. Having multiple layers will not only provide more protection, but in the event that one of the layers is compromised, it will give you the opportunity to catch and stop attackers before they are able to get to the sensitive parts of your system.
A key component of "defence in depth" is the use of a DeMilitarized Zone (DMZ). The DMZ is installed and configured so that there is no direct connection between the office/corporate LAN and the PCN. All data requests from the LAN are through mirror historians in the DMZ, and if the data is not on those servers, they can request it from the PCN.
Fortunately there are products and tools available to assist in managing a network. One of the tools to help determine the level and type of protection required is the "Zone and Conduit" concept proposed in the ISA-99 standards. This model is similar to what has been used for years in the safety system market - break the entire system into zones; for each zone determine a target Security Level SLT; compare it against the calculated Security Level SLC; and if the two are not the same, then some additional form of security protection is required. Similarly, if there is communication required between zones, suitable protection must be put in place to ensure that the message is of the same security level as it crosses the boundary.
Security must be continuously monitored to be sure that it has not been compromised. Tools used for measuring the level of security in a system include such items as firewalls and intrusion detection systems.
POWER OVER ETHERNET
This leaves one other significant roadblock to the adoption of Ethernet, and that is the issue of power in the field. The solution in this case is Power over Ethernet (PoE). One of the enablers to the wide adoption of PoE is the IEEE 802.3af standard. The IEEE 802.3af standard is based on a 30-volt signal and, therefore, is not suitable for Intrinsic Safe (IS) applications. Fortunately, a range of products that have been used in the mining industry for many years have now been approved for use in the hydrocarbon industry. The system is somewhat like traditional IS installations with an isolator as the boundary between the safe and hazardous areas, and then an IS power supply is required to go to each of the devices mounted in the classified area. As an alternate to running a separate DC power cable to each device, PoEx can supply up to 500 mA at 12 volts to each of the ports from the managed five-port switch.
Industrial Ethernet in its various forms provides significant opportunities to better control our processes, yet at the same time opens up potential new vulnerabilities, especially as it relates to security. Fortunately, the industry is working to resolve this conflict through the development of appropriate standards and products to ensure safe, reliable and secure control systems.
Ian Verhappen, P.Eng., is an ISA Fellow, Certified Automation Professional and director of industrial networks at MTL, a provider of industrial connectivity solutions. Frank Williams is president of Elpro Technologies, a division of MTL Instruments and a leader in wireless solutions.
For the first time, the Siemens Industry Automation Division has developed products for WirelessHart communication. The new product family comprises two transmitters, a gateway to Industrial Ethernet and software, as well as an adapter for process instruments in preparation.
Both the new Sitrans P280 transmitter for pressure measurement and the Sitrans TF280 transmitter for temperature feature a WirelessHart interface and a graphical display with backlight function. They are easy to operate via push buttons. An integrated battery supplies the transmitters with power for more than five years, with the exact number of remaining days being shown. All other Siemens process instruments without WirelessHart interfaces can be integrated into WirelessHart communication with the Sitrans AW200 adapter. The adapter has an integrated battery which can also power a connected process instrument. If an external power supply is used, up to four conventional process instruments can be connected to the WirelessHart adapter simultaneously.
The new IE/WSN-PA LINK gateway manages the WirelessHart network with all its nodes and establishes the connection to the Simatic-based automation and control systems via Industrial Ethernet. The gateway is easy to configure via the integrated Web interface. Transmitter and adapter are commissioned and serviced using the Simatic PDM (Process Device Manager) which provides a simple, graphical and interactive quick-setup. With the Sitrans MDS (Maintenance Diagnostic Station) software, diagnostics data can be displayed transparently in a maintenance station, for example the wireless process instrumens and the devices connected to the Sitrans AW200 adapter.
The new WirelessHart product family is the result of collaboration by Siemens with the HART Communication Foundation (HCF). WirelessHart standard developed by HCF with the participation of Siemens, is the first industrial standard for wireless communication at the field level for use in the process industry. As a HCF member, Siemens played an important role right from the start in defining WirelessHart, contributing its comprehensive know-how and wide-reaching experience in process automation and wireless communication.
The new WirelessHart components are an integral element of the entire Industrial Wireless Communication portfolio from Siemens, available for a wide variety of sectors and covering a diverse range of industrial requirements regarding bandwidths, power consumption, safety and security, availability, distances to be covered and speed.
The battery pack recharges in direct sunlight and continues to power the SureCross devices autonomously when sunlight is not available. The solar supply is well-suited for applications where wired power is not available or that require more power than a single-cell DX81 battery supply can provide. The FlexPower solar supply can be used in addition to the DX81P6 six-pack battery supply as a backup power source. If the solar panel is damaged, the DX81P6 battery supply will provide backup power for a few weeks or longer depending on the load.