Industrial Automtion News

Its been a minute since my last post but I wanted to get something technical in, and as “something” of an insider in IA space I thought I’d bleet about this. The above picture is a PLC control system, a DIN rail mounted “rack” containing an Allen-Bradley (Rockwell Automation) logic controller and some ancillary stuff for communicating with various “things”, usually machines that make products. A production line does things, and the PLC controls that process. They’re vital to industrial processes all over the globe and control everything from baby bottle manufacture to petrolium processing and and the production of nuclear weapons.

There are many manufacturers but the big players are Rockwell Automation, Siemens, & Schnieder Electric, with runners up in Sony, Sanyo, and a host of other shops making specialized controllers, cheaper ones, etc.

The thing about the IA industry, like many, we all know, is it condsiders itself a club. A big, geeky, old boy club. And the price of admission to that club is a distributorship. If you’re an Encompass Partner with Rockwell, for example, you’re riding first class, more or less, on the SS Rockwell, a huge, lumbering, coal-fired, PLC powered steamer for warm waters. Coal-fired? Well, allegory for the way business is done, get it? Its a slow, but huge and powerful ship

Its not always possible to turn that ship on a dime. Why? So when ethernet hit the masses in the 80’s Rockwell et al had already invested their life’s blood in the existing communication infrastructure, which was serial based. That’s right. All digital controllers and their little worker gnome comm devices that were connected to things like vats making rocket fuel and heart medicine were all talking to each other using very simple serial protocols, and they liked it. They liked it just fine. 9600 baud is enough for anyone. It was enough becuase PLCs up to that point used data in very disrete amounts, bits (coils) and words (16 bit). And in real time, if you have a plant going off its hinges and you need to hit that stop button it has to happen lickity split! Right then.

Serial is capable of deterministic states; when a state in a machine changes that state is reported immediately to another machine right away, even at 9600 baud. Of course there are limitations, an RS-232 link can only be so long… plus you have cables all over the goddurn shop floor, or in overhead rails, or wherever you can stuff them. Ethernet had the “problem” of being non-determnistic, the idea behind ethernet is you send off a packet and pay no mind after that; it’ll get there when it gets there and by any means, depending on network load and the disposition of the routers along the way it could get to its destination by 1 of 100 routes, depending on net work topology. That’s no good for a real time system.

But advances where made; real time ethernet systems have been developed, and that argument doesn’t really wash anymore. Plus ethernet has a host of other benefits; built-in redundancy, easily added to and expanded, can travel a much further distance than a serial packet, and it can connect to the internet.

Woah, hold on, connect to the internet, you say? Yep. you can take your process’ data and spit it on to a database, another part of your process in China, all that stuff. Pretty valuable. This transition is still happening, slowly. It was going on when I was still involved in the industry less than a year ago. Its kind of a dark secret that the industry is still using machines and protocols developed when lionel trains were hitting their stride, back in, say, the 50’s? But its understandable; these systems are difficult to manage, and once in place, as long as they’re working, plant managers have no incentive to change them. Upgrades are a hard fight, I would hate to be a IA sales executive. Slow to adopt technology, slow to change. The above picture is an example; this is an Allen Bradley 1756 PLC rack with assorted modules to the right. One of the modules is an ethernet adapter with a gold BNU connector sticking out of the bottom. I got this off of Allen-Bradley’s own website, and its their current, top of the line family. Does ANYONE still use 10-Base-T?

But the internet has changed all that, and its obvious that the industry has to change. One of the effects of being able to deliver real time data to the outside world (a good thing) is that the outside world can get in (a bad thing). If you’re generating electrical power, say, well, what could happen if criminal elements hacked into your infrastructure? PLC’s have minimal security support. They have minimal everything, they’re designed to do what they do and that’s it. But that picture slowly changing. The big players are putting more security in to their products. But then come back to the lowly plant manager. Its often the case that ONE GUY will be the plc guy for that plant. Hopefully that engineer gave the manager the keys to the palace, ’cause if he dies, the plant is screwed. Hopefully there’s a whole army of staffers of one kind of another who store that kind of data carefully and redundantly. Of course, redundantly means its been copied. More people with THE passwords. More vectors of compromise. But still, that’s how we need to go there. I don’t know how many times I’ve been on site to do a commissioning (install the PLC program) and the client wasn’t ready with the keys to the cabinet, or the ip address of the router we needed to assign the PLC, or Jimbo wasn’t there to give us access to the cream hopper the PLC needed to control to make delicious ice cream.

So configurations are left alone as much as possible. Before Jimbo retired he showed Bucky how to turn on the line ‘puter to start production, and that’s all Bucky knows. Don’t start asking him about IP addresses and passcodes and routers. Bucky just knows to pull out the Stop Button. Lack of security is a creeping feature, see?

Point of all this is, why is RuggedCom putting a back door in its controllers? Could be a “feature” to keep the previous scenario from happening. Could be. Could be they’re a Chinese-connected outfit ready to whole-sale harvest a bunch of technology (again) from the US. We did invent this stuff. Process automation is big business and the US is a leader. But not for long if people keep pulling this crap.

UPDATE: RuggedCom has decided to fix their back door issue. Read about the backstory to all this here.