Creating Synergistic Solutions Through Innovation.

Eternity Sales, Inc.    
     
Home Manufacturers Products Services About ESI Contact ESI Synergy Store
 
     

Engineered Synergistic Interoperability

Traffic Solution: Reliable Network = Hardware + Software

= +
+
Synergy     Ethernet Switch   OPC Server Software

One of the challenges in today's transportation industry is in creating a reliable and robust Ethernet network. Westermo's products have provided connectivity for traffic related applications including, Closed Circuit Television (CCTV), Emergency IP Telephone System and Traffic Management Systems. Westermo's breadth of product and robust design enable the company to offer comprehensive solutions without being complex or difficult. When adding Kepware's OPC Server to the equation, you incorporate an additional level of functionality and security at the software level. Kepware's OPC Server has been used in many challenging applications with consistently successful results.

This synergy page focuses on traffic related application requirements. As with our other Synergy articles, there will be similarities, such as the need for a robust product being deployed in a challenging environment and the need for reliability. The combination of products we are presenting, meet those requirements.

Emergency IP Phone System Traffic Management CCTV

Reliability and robustness of your network should be a primary concern. Your network is the connection that brings your operation together. Through it, the very heart beat of your operation is transmitted. The requirements of an industrial network are more demanding than that of your typical IT network. And even more demanding for a network that is housed within transportation.

  • The environment can be harsh. (Standard requirements are more demanding)

  • Operating voltages are more demanding.

What does it take to make an industrial network reliable and robust?

Network Hardware

An application where many devices are being used, resulting in a comprehensive capabilities and as a result, raw data is being generated requires reliability. Many devices are connected for a reason. That reason is to satisfy the requirements of the application. Whether that connection is onboard or track side, the reliability of the network is of utmost importance. Whether it is to enhance the customer experience, operator efficiency or safety a network is only as good as the backbone that connects it together.

Connection of those devices via a physical connection is required. In order to bring multiple devices together, they would need to be connected to an Ethernet switch or router, depending on the functionality required. The switch / router is the pulse of the network. It is where the information of the device gets transmitted to its next destination, whether it is another switch / router or its final destination, whether on board or track side. Having a reliable and robust physical network connection is extremely important to the efficient and continuous operation of your application. An unreliable network connection could mean:

  • Disruptions in communications resulting in loss of data and functionality

What should you be looking for in the hardware that will be the pulse of your network? Whether you are looking for a layer 2 switch or layer 3 router, consider this to be the minimum:

  • Fast Recovery of Network Topology (FRNT)

Westermo's unique FRNT (Fast Recovery of Network Topology) technology is the fastest network recovery protocol on the market. FRNT is able to reconfigure a redundant ring network consisting of up to 200 switches within 20 ms of the initial failure, regardless of network load. FRNT is a protocol supported by other Westermo switches like the Lynx, Wolverine and Viper series meaning that different types of Westermo switch can be configured in the ring.

IGMP Snooping is a method that actually 'snoops' or inspects IGMP traffic. The protocol will only enable multicast streams to switch ports that have requested to 'join' the feed. In this way switches can control multicast data on networks. When using IGMP snooping in conjunction with redundancy protocols, problems can occur when a network reconfigures. The network topology change by definition means that the IGMP data paths changes. It is for this reason that Westermo has closely integrated their IGMP solution with FRNT to ensure that these delays do not occur.

RedFox and Lynx+ features comprehensive VLAN support. This technique allows a large physical switched network to be divided into smaller more manageable logical networks or VLANs. This has a number of benefits including increased security, increased network bandwidth and improved manageability.

Redfox and Lynx+ allows VLANs to be allocated to particular switch ports meaning that access to certain network services can be restricted. This can be beneficial for security purposes but also it allows certain high bandwidth protocols to be isolated from the rest of the network.

By subdividing the physical network into VLANs broadcast traffic can be controlled within separate networks thus preventing broadcast storms affecting the whole network.

As VLANs can be centrally configured it is possible for a network manager to reconfigure a badly performing network centrally rather than having to physically plug and unplug cables out in the field.

Lynx+ RedFox RFR Managed Backbone Switch Viper Wolverine
Layer 2 & 3 Managed Industrial Ethernet Layer 3 Managed Industrial Ethernet Layer 3 Managed Industrial Ethernet Layer 2 & 3 IP65 Industrial Ethernet SHDSL Industrial Ethernet Extender

Transmission Distances Exceed the Standard

Ethernet over copper is limited to a transmission distance of 100 meters (328 feet). Westermo's range of products, go well beyond the standard.

Westermo utilizes Small Form Pluggable (SFP) transceiver slots for the RedFox and Lynx that allows for the addition of single mode, multimode and bi-directional transceivers. Distances of up to 120km can be achieved, expanding the reach of your typical Ethernet specification. The Red Fox can have up to 12 SFPs (depending on the model) and the Lynx can have up to 2 SFPs.

SFPs are also provided in the SDW unmanaged Ethernet switches and the MCW Ethernet to Fiber Converters, thus adding to your connectivity tool box. The SDW and MCW products offer Fiber distances of up to 40km.

The Wolverine DDW225 and DDW226 SHDSL Ethernet Extenders incorporate a 4 port Ethernet switch with connectivity between units via SHDSL. This Ethernet extender can transmit up to 15km with data rates up to 5.7 Mbit/s at shorter distances.

The Wolverine series can communicate up to 15km over existing or older communication networks using copper cables (no special connections required). Savings in the form of labor and materials can be substantial, simply by utilizing existing cables. Link Fault Forward (LFF) enables the DDW-120 to function in large redundant networks to determine if there has been a media failure.

Microlok® II gateway - Resilient network solutions for rail networks

The Westermo Microlok® II gateway is available in our Lynx Ethernet device server switches and Wolverine Ethernet extenders. This functionality delivered by WeOS allows rail operators and system integrators to implement cost savings on interlocking and signalling projects as well as helping provide additional resilience to networks.

L105-S1 L106-S2 L106-F2G L108-F2G-S2 DDW142 DDW226
L205-S1 L206-S2 L206-F2G L208-F2G-S2  

Microlok® II is a protocol developed by Ansaldo STS specifically used within rail interlocking solutions. The Westermo gateway converts data from the native serial format to a UDP (user datagram protocol) packet that can then be transmitted alongside other data on a trackside Ethernet network. Westermo Lynx and Wolverine also provide the networking infrastructure capability allowing the use of gigabit fiber optic inter-connections and also the ability to use existing twisted pair or telecoms cables as the data path.

Functionality is provided to allow up to 64 Microlok® address translations to be made and monitored. Legacy key-on/key-off support is provided as well as a unique hot/standby configuration to provide a resilient channel for hot standby controllers.

For the kinds of installation where Microlok® is used product reliability is critical to ensure maintenance costs are minimised and trains are not delayed. To provide the best solutions Westermo design all these products to have MTBF figures in excess of 500,000 hours (MIL-HDBK-217F (Gb) 25°C).

Operation at the trackside can be tough on Ethernet switches, but the Lynx and Wolverine are designed for that environment. The products will cold start at –40°C and operate over a long life time at 70°C without the need for cooling holes or fans. EMC levels trackside can be harsh and hence these products are tested and certified to meet the EN50121-4 and IEC 62236-4 standards.

Resilient layer 2 and layer 3 protocols like RSTP, FRNT, LACP and OSPF allow highly reliable backbone networks to be created, bringing layer 3 routing protocols to the edge of the network. Built in firewall functionality also allows security to be implemented down to individual port level to ensure both accidental and deliberate security breaches are prevented.

   
Application Article - Traffic Application Article - Traffic
Note: To our non-North American Customers, Westermo offers various 3G wireless products that can further enhance your connectivity. ESI is currently evaluating 3G wireless solutions that are North America approved for operations.

Approvals

The RedFox Ethernet products offer many approvals relating to environmental conditions, Ethernet technologies, resiliance, IP routing, firewall, manageability, and SNMP / MIB support. A level 3 Ethernet product for the Industrial world. In addition to all these features, Red Fox also includes 256 bit encription.

In addition to the Red Fox approvals, Westermo's products have received various Agency approvals covering various industries.

Galvanic Isolation

You will notice a term frequently used with all Westermo products...galvanic isolation. What does this mean?

Galvanic isolation is the principle of isolating functional sections of electric systems so that charge-carrying particles cannot move from one section to another, i.e. there is no electric current flowing directly from one section to the next. Energy and/or information can still be exchanged between the sections by other means, however, such as by capacitance, induction, electromagnetic waves, optical, acoustic, or mechanical means.

Galvanic isolation is used in situations where two or more electric circuits must communicate, but their grounds may be at different potentials. It is an effective method of breaking ground loops by preventing unwanted current from travelling between two units sharing a ground conductor. Galvanic isolation is also used for safety considerations, preventing accidental current from reaching the ground (the building floor) through a person's body. (Source = Wikipedia)

A lightening strike to your Ethernet switch can cause enormous damage.

Without Galvanic Isolation, all ports on your Ethernet device would be destroyed , including the devices themself.

The answer to this question ultimately answers the next question, why would I need galvanic isolation. It would be similar to having anti-lock brakes on your vehicle. You may never use them, but when you need them, they are there. This is the same with galvanic isolation. You may never use it, but it is there if you ever need it.

Redundant Power

These units are designed to accept two independent power sources, ultimately providing a redundant power source. Ideal for mission critical applications where down time as a result of loss of power is not acceptable.

ESI also offers cord sets and PMA conduit for your rail applications. When one considers their cord set requirements, you need only look at that automobile as a guide. The only piece of the vehicle that touches the ground are the tires, likewise, the only component connecting your network are the cord sets. Allow us to work with you on providing your cord sets for your network. Conduit protects your infrastructure of connectivity.

Whether they are M12 connectors or standard Ethernet cables, ESI can offer a solution.

Network Software

Hardware is one aspect of creating a reliable and robust network. The software that connects and manages your network should be given intense consideration as well. If the hardware is the pulse, the software is the heart that maintains the pulse. The following needs to be taken into account when making your selection:

  • Device connectivity - What protocols are required?
  • Device management - How do we manage our devices?
  • Device monitoring - Is there a way to monitor our devices separately from our client application?
  • Redundency - Is there a way to protect our network and set up?
  • Client connection(s)

One software package can address all of the above requirements: KEPServerEX

  1. Device Connectivity: KEPServerEX offers over 70 different Driver Suites that comprise over 250 device drivers. View the listing of available Driver Suites through this link.
  2. KEPServerEX isn't only about drivers, but also deals with other aspects, such as device management. KEPServerEX offers an SNMP suite whereby incorporating MIB tags from your Ethernet hardware (Westermo) enables you to monitor your devices through your Ethernet network. Functionality reserved for your IT department is now available to manufacturing and process:
    • Import MIB files from manageable devices and easily map network device MIB addresses to SNMP tag names.
    • Network Analyst gathers raw SNMP data from network devices and continually performs calculations to generate data that can be used, such as bandwidth utilization and network error rate statistics.
    • Save time by using the Auto-Discovery tool to search your Ethernet network for managed network devices.
    • The SNMP OPC Server provides convenient "Specialty tags" to help users know more than the current value of a single polled OID. The tags include: History tags, Events tags, Table Offsets, and ScanFloor tags.
    • Historical values are generated by the SNMP OPC Server (not the remote Agent/device) when an OID has valid historical modifiers appended to it.
    • The Ping Device Driver is provided for monitoring your network devices via the ICMP protocol (Ping). The Ping driver was designed specifically for use with 32 bit OPC Server products. The Ping driver provides the ability to monitor the Status of a network device, and the time that it takes for the ICMP message to reach its destination and return a response, the RoundTripTime.
    • MIB Support for managed switches and Ping for unmanaged switches.
  3. KEPServerEX offers an OPC suite called System Monitor. The System Monitor Device Driver uses the Microsoft Performance Data Helper application interface to provide access to performance information on Processes, Threads and other system components on the user's system. Install KEPServerEX and the System Monitor driver on each System/PC to begin monitoring the performance of your PC from your OPC Client applications, including HMI, SCADA, Historian, MES, ERP, and countless custom applications.
  4. RedundancyMaster increases the reliability and availability of OPC data by allowing multiple OPC Servers to be configured into redundant pairs. Each redundant pair seamlessly appears as a single OPC Server to any OPC Client application. RedundancyMaster can be added to an existing server/client application without any reconfiguration of the application, keeping your processes going with out any down time.
  5. In addition to client ready software packages, typically SCADA, Kepware also offers product suites enabling connectivity to other client type applications - Databases, Oracle MES, Oracle MOC, Microsoft SQL, etc...
  6. Tools available for creating additional drivers that are specific to the devices for your industry.

Additional functionality is offered in KepserverEX through their plug-in options that can further enhance your industrial network:

When you put the right pieces together, you will end up with that robust and reliable industrial network that you require for uninterupted and dependable connectivity for gathering, maintaining and protecting a corporations most valuable intangible asset - INFORMATION.

In talking with a Kepware customer, the comment he made about their product was so profound because it was so simple. What did he say?

"IT JUST WORKS."

No elaborate explanation, just the plain and simple truth, based on his experience.

Regardless of the devices that are connected to your network, the key components that will ultimately make or break your network are your Ethernet connection and your OPC server.

ESI has the components you will need in order to make your Ethernet network reliable and robust for the most demanding of Rail applications.

Solutions
Problem: Access to secure data from untrusted network Solution: DMZ firewall configuration
   
In infrastructural applications there are often demands for high network security, and being able to control the data traffic on the network is a key issue when utility companies want to allow network management and monitoring over insecure networks. With any WeOS product, you can create a Demilitarized Zone (DMZ) which acts as a buffer between the trusted zone and un-trusted zones (usually the Internet). DMZ prevents direct communication between the un-trusted zone and the protected network. All communications from the un-trusted zone are terminated on an intermediate Server or Historian.

Also available in Red Fox, Viper and Wolverine products through WeOS operating system

   
Problem: Network security for critical control devices Solution: Firewalls between VLANs
   
Older plants are often built up of small isolated processes or automation islands. The present situation does however look different where high security and availability are key requirements. The cost of reprogramming the automation islands can be prohibitive.  Westermo’s Ethernet devices running WeOS can solve this issue relatively easily with a combination of VLANs and routing to integrate all the automation islands into one system without the need to re-configure all the IP addresses on the system.  The security issues associated with a plant-wide network can be addressed with the integrated Firewall built into every WeOS enable device.

Also available in Red Fox, Viper and Wolverine products through WeOS operating system

   
Problem: Repeated IP addresses across network Solution: NAT/port forwarding
   
In some applications, the same IP addresses are sometimes reused for each island of equipment. This is typical for Wind turbines or solar panels where the equipment is pre-configured and delivered to site as a stand alone unit.  In large installations, a SCADA system is used to manage the individual islands, but this is a problem as all the devices in each island have the same IP address. WeOS can overcome this issue using NAPT or NAT port forwarding rules.  Using the integrated firewall in WeOS, rules can be created to translate an IP address and port numbers on the SCADA network to an IP address and port number on the Wind turbine network.

Also available in Red Fox, Viper and Wolverine products through WeOS operating system

   
Problem: Sensitive data passing through untrusted networks Solution: Encrypted Ipsec VPN tunnel
   
Many applications within the utility sector extend over large geographical areas where the possibility of management and monitoring from a remote location can be crucial. All WeOS products are equipped with VPN functionality, which means that network resources can be provided in a secure manner over un-trusted networks like the Internet.
VPN can also be used to connect different remote networks with each other. Networks connected with VPN tunnels function exactly like one joined network, even though they can be physically located at any location. WeOS allows for up to 25 IPSec encrypted VPN tunnels to be created.

Also available in Red Fox, Viper and Wolverine products through WeOS operating system

   
Problem: Use IP to replace legacy enterprise network Solution: Layer 3 Dynamic Routing
 
In railway signalling, two different migrations take place at the same time. Apart from the migration from legacy IIP systems, Ethernet systems now also have the capability to replace large parts of existing SDH systems ( Synchronous Digital Hierarchy). In case of an increased density of trackside equipment, no additional SDH nodes are needed since Industrial Ethernet equipment is able to offer the needed availability, using either layer 2 redundancy and/or layer 3 static or dynamic routing. Whichever need you have, from simple 25 year-old FSK serial technology up to complex routing across different media, Westermo has it all to support you in offering a complete solution for complex and demanding environments.

Also available in Red Fox, Viper and Wolverine products through WeOS operating system

   
Problem: Breaks in multicast data streams during ring recovery Solution: IGMP Snooping
   
Long distance transmission of IP Video over existing backbone systems makes it possible to selectively monitor trackside cameras without draining the system’s bandwidth when cameras are not monitored. In the same way, it is possible to ‘broadcast’ a single stream over the network and make it available to an unlimited amount of users, using only the single stream to each network node. With the implementation of IGMP Snooping and redundancy protocols supported in WeOS, Westermo is able to offer a IP CCTV and IP Broadcasting solution based on any kind of media. Whether it is copper, fiber, or inter-station transmission over SDH (Synchronous Digital Hierarchy) backbones, WeOS offers all the protocols needed to build and manage the network solution.

Also available in Red Fox, Viper and Wolverine products through WeOS operating system

   
Problem: Managing networks securely Solution: SSH, HTTPS and SNMP V.3
   
As our networks grow, it becomes more important that they can be managed and monitored easily, but also with a high degree of security. Managing networks over  insecure un-encrypted links, even on the local LAN is no-longer acceptable.Products running WeOS can be configured through a secure user-friendly web interface or through an industry standard CLI interface. Regardless of how you configure your network devices, all management information will be SSL encrypted. The industry standard SNMP (v2c and v3) and Syslog protocols are supported within WeOS to provide status information on the health of the network.

Also available in Red Fox, Viper and Wolverine products through WeOS operating system

   
Problem: Resilient enterprise level network Solution: OSPF and VRRP
   
Features for increased availability and security through layer 3 routing are crucial for the next generation of industrial control networks. For this reason, we have implemented the most widely used routing protocols in industrial networks into our software platform. OSFP (Open Shortest Path First) in combination with VRRP (Virtual Router Redundancy Protocol) allow you to build redundant network topologies such as ring, star, mesh or any network type at any time. For control networks in the water and wastewater sector, this may be particularly important as these systems are often built to control and monitor critical processes. An improved network availability and security lessens any negative impact on the environment through enhanced management and asset visibility. The lifetime of assets can be extended due to better maintenance and management.  These are just some of the benefits that can be achieved.

Also available in Red Fox, Viper and Wolverine products through WeOS operating system

   
Problem: Prediction of possible network failure Solution: SNMP for alarms/traps and monitoring
   
With the WeOS enabled Wolverine, Lynx and RedFox, Westermo offers perfect solutions for migrating existing systems to IP and being able to make a flexible choice between copper and fibre runs. The additional benefits that IP networks offer is being able to do monitoring on various parameters. Alarms or SNMP traps can be sent before there is a network failure mode. This increases the availability of legacy systems.
   

Conclusion

The breadth and intelligence of the Ethernet products offered by Westermo and functionality provided through Kepware's KepserverEX products have been used in the most demanding of applications where any downtime or loss of information could be critical. You will likely find cheaper products that will do most of what you are looking to accomplish with your Industrial Ethernet network. However, are you willing to risk the consequences of network failure through less expensive products in order to save a few dollars?

Can you afford to be without your network?

 

 

Eternity Sales Accepts:

1

Home Manufacturers Products Services About ESI Contact ESI Site Map

Store

Copyright © 2016, Eternity Sales Inc.. All rights reserved.

ESI has received permission from the companies presented on this web site, to use information related to all product lines represented by ESI for the sole purpose of marketing their products.