Design and Secure Network Communications

Emerson's Craig McDanielAt the 2018 Ovation Users’ Group Conference, Emerson’s Craig McDaniel highlighted practices for effectively designing and securing communications between the Ovation distributed control system and field networks.

Craig opened describing the function of a router and net masks as part of the Internet Protocol. The mask identifies what is local to the network and what most go through the router to other connected networks. Multiple networks enable these separate networks to communicate with each other. Communications across these networks support monitoring, control and engineering functions.

Interconnections between networks involve, routers, firewalls, and/or layer 3 switches. Components in multi-networking include data servers to allow connections from other Ovation networks. They include redundancy for greater fault tolerance. An alarm collector connects to data servers on other Ovation networks and collect and serve alarm messages.

Ovation Multi-Network

Click to enlarge

Controllers make a subscription request to data servers on the desired Ovation network. As more networks are configured more memory and network bandwidth is used.

Human Machine Interfaces (HMIs) make subscription request to a data server of the desired Ovation network. Alarm data is received from the local alarm collector and control sheets are monitored via a control viewer.

Craig noted that Ovation Multi-Networking is enabled by setting up a local network that can be accessed remotely. From a security standpoint, cross network control is managed by a single domain controlled by the Ovation roles assigned to individual networks or multiple domains that could be controlled by shifted point groups with security setting overrides of the default networks.

Posted Tuesday, July 31st, 2018 under Data Management.