COTS takes a back seat as DeltaV locks out intruders

Dec. 22, 2008
New Proprietary Technology to Supplant Existing COTS Devices

After advancing the thesis that it is their almost total reliance on commercial off-the- shelf (COTS) technology that sets today’s DCSs such as DeltaV apart from previous generations, it was almost inevitable that the next major announcement relating to DeltaV would be of new proprietary technology to supplant existing COTS devices. It was an irony which did not escape product mMarketing vice president Duncan Schleiss as he explained that the decision to offer an alternative to the standard Hirschmann and Cisco Ethernet switches currently used to connect controllers and workstations in DeltaV control networks was based on customer feedback. “Our customers tell us they want the ease of use of an unmanaged switch, but they must have the security and monitoring capabilities of a managed switch,” he said. “The DeltaV ‘smart’ switches give the customers exactly what they’re asking for – easy and secure.”

The new switches come completely pre-configured to work within the DeltaV network. That relieves the user of the need to set up the switching function that is a possible source of errors that might have serious implications, including loss of control. “They make our system even easier to use and more reliable,” claimed Schleiss. “We have learned from experience that people make mistakes, and a mistake in a switch configuration can shut down a plant.”

Auto-lockdown

Configuration is not however the only issue addressed by this reversion to proprietary technology. The new “smart” switches also incorporate patent-pending “auto-lockdown” software to enable the user automatically to lock and unlock the port access of all the switches on the network. Ports accidentally left open have long been recognized as one of the principal sources of control system security vulnerabilities, particularly when, as is so often the case in the process industries, switches need to be located in insecure locations out in the plant and accessible to anyone or everyone. Locking down switch ports prevents accidental access and virtually eliminates the possibility of an unauthorized device being deliberately connected to a switch. “The recommended security practice disables unused connections on network devices,” according to DeltaV security product manager Bob Huba. “This is usually done using third-party IT software which creates risk of simply not doing it at all or accidentally disabling a used port … auto-lockdown … makes managing network security much easier. Even a maintenance person can use the utility as part of their troubleshooting work practices.”

In operation auto-lockdown scans the network to find the DeltaV switches and gives the user the option to unlock or lock them. Unlocked switches are then automatically relocked after 60 minutes if the user has not already performed a manual relock. “Our customers tell us that they do not have time to handle these security details,” said Schleiss. “The . . . ‘smart’ switch delivers the security out-of-the box experience they are seeking.”

The new switches come in a variety of DIN-rail and rack-mount versions offering megabit and gigabit speeds over wired and fiber links. Users will continue to have the option to choose the existing range of COTS switches, although they will, of course, have to forego some of the capabilities of the new switches. Emerson will also continue to support switches used in existing systems.

Marshalling gets smart

Meanwhile, turning the clock back seems to becoming something of a habit. Despite current interest in fieldbus and wireless, one of the major forthcoming innovations from the DeltaV stable addresses the somewhat mundane, indeed to some outmoded, issue of marshalling. The new Smart Marshalling solution is designed to reduce substantially the complexity involved in terminating field wiring, hence reducing cabinet real estate and, most significantly, labor requirements. Producing a dummy of the custom chip on which the intelligent marshalling solution depends, Schleiss emphasized its potential in both new and existing installations and in further simplifying the migration of legacy third party systems.

Arguably the most radical departure in the forthcoming DeltaV 10.3 release due later this month is a new look and feel for the system engineering tools suite. Control Studio, Expression Editor and Recipe Studio all use the new interface that emulates the interface used by Microsoft in Office 2007. Replacing the existing ‘static’ toolbars and palettes is a new ribbon-based approach with buttons grouped by task. A single click provides access to the buttons on the currently selected tab and a single click to select different tabs. Tabs and buttons are context-sensitive, and users can define their own Quick Access Tool bar incorporating their most frequently used tools.

Other enhancements in DeltaV 10.3, which is being released both on Windows XP and Vista, include the new MX controller with two-and-a-half times the computing power of its predecessor and twice the memory; a new Profibus DP redundant master; enhanced Foundation fieldbus capabilities which reduce the need for human interaction during commissioning; and bi-directional data synchronization with Intergraph design tools.