The ‘IT’ Factor

Feb. 26, 2009
Process Manufacturing Wireless Networks May Encroach on Your IT Department’s Standards Space. Here’s How to Make Sure It All Works Together

In the past, process automation and office automation networks had little in common. As a result, process operations often functioned independently of information technology (IT) departments, and IT policies didn’t encroach on the plant floor.

All that changed as process automation began to use more technologies that originated in the IT world–from Ethernet to Microsoft Windows–and as process networks were linked to IT-controlled business networks and even the Internet.

Introducing wireless technology for process applications can raise concerns in your IT department. They may simply be unfamiliar with how it will work in the plant environment or have specific concerns about technology, security and support. On the other hand, IT may also have valuable experience and resources to help you plan a wireless network, get it up and running, and keep it that way.

Although wireless networks are becoming more common in office environments, your IT group may not be as familiar with them as with wired networks–especially when it comes to wireless technologies designed for industrial applications.

They’re also likely to be concerned about anything that may represent a risk to the security of assets they have been charged with protecting, including both information and infrastructure.

And they may be concerned about how a wireless-networking project will affect their workload–especially when it comes to ongoing maintenance and support.

IT is from Mars, automation from Venus

Key IT concerns likely revolve around technology, security and support–and how to deal with them. Your IT group may have concerns about technology risk (whether the wireless solution will work, and keep working) and compatibility (how it will work with other technologies and existing IT infrastructure).

You can relieve those concerns by sticking to solutions based on appropriate standards-based technologies–and making sure IT understands that’s what you’re doing.

Start by clarifying which wireless technology you’re planning to use. For example, the primary technology for in-plant applications may be a self-organizing network based on the IEEE 802.15.4 physical standard. (Field networks based on the wirelessHART standard use this physical standard.) Your IT group may be less familiar with this technology than the 802.11 Wi-Fi networks used in offices, but the fact that it is based on an IEEE standard should reduce their concerns about risk and compatibility.

Wi-Fi may be a component of some solutions–for example, to provide a wireless link between a gateway (which collects data from several wireless devices) and the control room, or to provide mobile workers access to the plant control network. If so, you may be able to take advantage of existing IT experience with this technology.

Compatibility concerns may focus on the gateway itself, since it is the point where self-organizing networks integrate with other plant networks. You can overcome IT objections by selecting a gateway that will “play by the rules”–for example, by supporting standard network scanning, discovery, and vulnerability tools.

Security, support are common concerns

It’s a common misconception that wireless devices are not as secure as wired networks. In fact, wired and wireless networks can both be vulnerable – and a well designed, properly implemented wireless network can actually be more secure than a typical wired one.

Show your IT group that most of today’s wireless solutions for industrial applications–unlike some older office and automation networks–are designed with security in mind. Encryption, authentication and verification, key management, and anti-jamming measures all help prevent unauthorized access to network data. In fact, such security capabilities often are absent in older wired networks that rely solely on physical isolation to provide a cursory level of security. You can work with IT and your wireless supplier to identify the techniques that make the most sense in your application.

Adding a wireless component to your existing plant environment may also prompt a more comprehensive review of plant information security in general – from firewalls and virtual private networks (VPNs) to passwords and anti-virus software. That’s a good thing! In fact, system audits and reviews of security procedures and policies should be done on a periodic basis, regardless of specific networking decisions.

Just like the other parts of your plant, your wireless system may need periodic maintenance, upgrades and other support. Your IT group can be a great resource for best practices on handling patches and upgrades, as well as network troubleshooting if needed. They may even be willing to do it for you. Regardless of who does it, the work will be easier–and your IT department will be less concerned–if your supplier has a record of making reliable products and an efficient system for managing patches and upgrades.

Do you really need their help?

Possibly not. If you are connecting a self-organizing wireless network to an existing process automation network, especially through a wired gateway device, you may not need to involve IT. The process and equipment information collected from wireless instruments is the same as that from wired devices, and it will be used in the same way—all within the process control domain.

If you include IT in your planning, however, you may benefit from their networking expertise, tools and resources. For example, if you’re using Wi-Fi for a plant-level wireless application, much of what they’ve learned about applying this technology in office environments will also be relevant in process related applications. Their experience evaluating network suppliers and conducting IT-security audits can be useful as you do the same for your wireless network. They can be invaluable in determining the best way to make the data available to other plant and business systems.

Finally, if you expect your IT group to provide ongoing maintenance for your network, it’s a very good idea to get them in the loop early and make sure it’s implemented in a way they will support.