Manualshelf

Installation guide

ManualsBrandsEssence Technology ManualsComputer equipmentEIP 7012
11121314151617181920
Network Infrastructure for EtherNet/IP™
Industrial Ethernet… Not Just Another Fieldbus
1-4
1.2.2 Infrastructure for EtherNet/IP Applications
A communication network can be viewed as a utility for providing services that allow devices, or humans
operating these devices, to exchange information. A typical modern communication network is
functionally a mix of computer, telecommunication, and broadcast networks capable of supporting voice,
data, video, and image communication. Such a network normally consists of two basic components:
nodes and infrastructure (i.e., network = nodes + infrastructure). The same is true for industrial networks.
In the world of industrial networks, two types of infrastructures can be identified: passive and active.
Fieldbuses typically have a passive infrastructure, which is essentially a cable system. In contrast,
Ethernet networks, including those using EtherNet/IP, have an
active infrastructure. At its core is an
interconnection of Ethernet Layer 2 (OSI data link layer) and Layer 3 (OSI network layer) switches.
Layer 2 switches allow all protocols to pass, but Layer 3 switches behave like routers, allowing only
designated protocols to pass through to certain locations.
The following examples present approaches that could be used to design a network with active
infrastructure. For Ethernet to function in control applications, it has to satisfy end-to-end response time
requirements for each transaction. Because processing delays in the network infrastructure are usually
negligible in comparison with delays in end-devices (nodes), performance bottlenecks are still located in
end-devices. Some of these end-devices (e.g., controllers) have to support time-critical as well as non-
time-critical traffic and are frequently equipped with two separate Ethernet interfaces. But there is no
need to create two physical networks to separate devices with time-critical data from devices with non-
time-critical traffic. This can be achieved by applying switches that support
virtual LAN (VLAN)
functionality, thus making it possible to create separate virtual networks on the same wire. The
performance of many commercial and industrial switches manufactured today is sufficient to handle this
combined traffic.
When an EtherNet/IP network is integrated with a plant’s enterprise network, network designers must
consider a set of issues never previously considered by designers of industrial networks. For instance,
EtherNet/IP infrastructure devices must have features that, when enabled, will not allow propagation of
time-critical traffic onto the plant’s enterprise network. This would bog down the enterprise network.
Conversely, extraneous enterprise network traffic must not propagate onto the EtherNet/IP network.
1.2.3 Security Issues
The deployment of Ethernet networks for manufacturing applications brings all of the issues and
considerations for network security to the factory floor. The coexistence of multiple protocols and IP
addressing mean that network systems designers must take additional steps to ensure secure operation of
the manufacturing applications. Not only is it important that enterprise traffic be kept out of the plant-
floor network, but it is also important to keep viruses, Trojans, and worms from infecting manufacturing
computers. In addition, access to the plant-floor network controllers must be restricted to prevent
inappropriate changes in controller configurations and programs.
Fortunately, the active infrastructure needed for EtherNet/IP can help factory-floor applications be more
secure. Proper installation of managed (configurable) switches, routers, and firewalls provide mechanisms
for managing traffic to achieve a more secure network installation.