Interested in linking to "ISA100.11a Security"?
You may use the Headline, Deck, Byline and URL of this article on your Web site. To link to this article, select and copy the HTML code below and paste it on your own Web site.
ISA100.11a needs further refinement in that security and issues such as redundancy are not defined adequately.
I am presently a participant on IEEE P2030 TF3 for the Smart Grid. ISA100.11a and systems of this type are going to have problems for use in power applications. I have spent some time with IEEE members who are quite a smart group, but they need input from end users with real-world experience in industrial plants, so they can appreciate the criticality of use.
I am currently reviewing proposed use cases, in which it becomes apparent that the developers of them lack enough information to be able to understand their criticality. I have asked the simple question, "What happens to the process when the devices fails?" There is generally a gasp when members come to the realization that there is a $500-million plant that may rely on the data flowing through this device, and there is no redundant path should the device fail.
I also have asked the questions, "What if the security mechanism should fail? How does the operator know? Is he to guess that the process is working or not?"
In a void, the operator would begin the process of shutdown of operations if he could. When he can't and has to send someone to manually shut down equipment, the situation only gets worse. I could go on and on about the massive problems this would bring. Selling wireless products that are not fault-tolerant or that don't offer an instantaneous transfer of traffic to an alternate route means that even the delay to do so could be a problem.
The Fieldbus Foundation is looking for an answer that can provide such fault tolerance and rapid response in the use of wireless systems. This can be addressed, but it will mean evaluating the media access time so that changes can be seen, and the traffic may have to be changed. However, if cross-spectrum bridging is provided, which means an alternate data path would exist, then this would be less of a problem.
The coexistence issue is also problematic for wireless systems. It makes them vulnerable to other devices that may occupy the spectrum. This has been a concern for use of 802.15.4 radio technologies and the coexistence of ISA100.11a and WirelessHART. They both use the 2.4 GHz spectrum, and no other spectrum has been considered at this point.
The FCC has been asked to allocate spectrum even in licensed bands for utility use. This is a great idea and does help the situation by providing a clear channel that is reserved for use by the licensee. However, the ability to have an alternate path using multiple spectra can also have the benefit of jamming avoidance—another concern about the use of an open medium, such as wireless.
There is a range of issues that have to be addressed, and the gaps that exist in current technologies must be resolved. This is a process that will take time, but with the current Smart Grid effort, which will affect all process industries, the change to address criticality of use must begin. This involves standards organizations, including NIST, IEEE and the government.
One of the central issues that has been identified is the need to adopt IEEE 1588, a precision time synchronization protocol. It has already been adopted in the manufacturing sector for control in robotic applications. However, there is a strong need to adopt its use for time synchronization of everything from Broadband over Power Line (BPL) and wireless devices such as 802.15.4. This is a critical concern as standards are evolving to provide faster data rates.
I have not seen a time line to begin a discussion to go back and remove the fat from .11a, and to put in what is needed to ensure that interoperability and even interchangeability can be achieved. This was an objective of ISA100.11a from the beginning.