simultaneously transmitted in both directions around the ring. In the
event of a cable break on one side of the ring, the data will already
be traveling along the redundant path, and thus no recovery time is
needed. Recovery is bumpless.
Figure 3: Parallel Redundancy Protocol.
PRP (see Figure 3) utilises two completely separate physical networks
rather than just two paths around a single topology. Each of the A and
B networks can have internal redundancy running, such as RSTP or
another redundancy protocol. Devices on the outside of the A and B
networks can communicate with any other device, whether inside one
of the A or B networks, or outside. Devices within each network can
communicate to any device within their network or a device outside
both networks, but a device in network A cannot communicate with
a device in network B. Any data received from an external device is
duplicated across both networks, and thus a failure of one network
will not delay data travelling between end devices, as this data will
already be in transit across the working network.
Bumpless technologies are recent and are more expensive than most
existing ‘recovery time’ redundancy protocols out there, due to the
specialized hardware required. However for applications requiring the
highest level of redundancy and zero-recovery time these protocols
can be perfect, and as more vendors start adopting the protocols the
cost of hardware should decrease.
Security on a mission critical network
In recent years the number of directed attacks on this type of network
has increased drastically, along with the creation of viruses specifi-
cally targeted at this type of site. Another consideration is the fact that
these networks are growing in size (physically and geographically).
At first communication was generally isolated to a single small site
(when serial was the communications method of choice). With the
introduction of Ethernet as the technology of choice, the networks
started to expand, first by bringing the control of individual sites to a
central control room, and then even linking multiple control rooms,
or bringing multiple country-wide sites’ communication to a central
location. Together this has greatly increased the need for not only
physical security (access control etc) but for logical security as well.
One of the main aspects of security that needs to be looked at
when designing a network is the firewall. Firewalls are devices (hard-
ware or software based) that are used to inspect the data travelling
across the network, and make decisions on what to do with that data
based on rules configured by the server administrators. Placing fire-
walls in the correct location logically is essential to properly protect
the network, without slowing down communications to a level below
that required for the application.
Firewalls will generally be placed at any point that two separate
networks meet. The most common example of this is any point that
a network connects to the internet, although other cases could in-
clude linking a production network to a corporate network, or linking
multiple mines controlled by a single group. There are two ways to
configure the rules of a firewall:
o Disallow all traffic by default then implement specific rules to
allow only wanted data through
o Allow all traffic by default and then disallow the specific traffic
you wish to stop.
When using a firewall for security reasons, the former option is recom-
mended, as forgetting a rule will not be a security flaw, rather it will
simply block required communications (in this event the administrator
simply creates a relevant ‘allow’ rule and the problem is solved. The
latter option is not recommended for security, as any traffic types that
are not blocked will be allowed through by default and thus security
is easily overcome by using a non-commonly used TCP port for ex-
ample. The latter option may be used in cases where the firewall is
specifically used for traffic control (blocking certain traffic) or other
functionalities such as NAT (Network Address Translation), but is
never recommended for a security application.
Another form of security that should be investigated is an access
management system. This is a software solution that logs and con-
trols access to all devices on the network, whether an end device or
a networking hardware piece. This allows for centralised password
control and access management or logging, as well as for more
individualised control, as each user will generally log onto a device
using their own personal username and password, rather than the
device’s details. The access management system then authenticates
users and checks whether they are allowed access to the device, as
well as their level of access (guest, operator, administrator etc). If
they are authorised users, the system will then log them in. If not
CONTROL SYSTEMS + AUTOMATION
Every network should be application specific, and should
be designed independently with that application, and its
requirements, in mind.
Electricity+Control
July ‘14
6
