One of the best ways to understand and begin to employ virtualization is by learning how existing developers are using it in their process controls. For instance, Codesys is manufacturer-independent, IEC 61131-3 software with an independent development environment (IDE), runtime system and other tools, which have been used to program controllers and machines for many years. However, increasingly digitalized functions and operations have fueled demand for more hardware-based controls, maintenance and other resources, so Codesys recently partnered with Cisco to use its switches and other devices to virtualize many of its control capabilities.
This strategy lets users consolidate plant-floor PLCs, industrial PCs, HMIs, network gateways and other physical-compute resources onto virtual machines (VM), which can run on a hyperconverged compute and storage infrastructure (HCI). Codesys and Cisco report that virtualization can make operations more agile and scalable, improve cybersecurity, aid disaster recovery, accelerate application development, reduce costs, enable sustainability, and extend equipment lifecycles.
While the overall network is key to migrating controllers and virtualizing control systems, it’s just as crucial to automate switch reconfiguration and other network maintenance tasks, so they don’t also become too time-consuming. This can be accomplished by using a software-defined network (SDN) and centralized, intelligent SDN controller, which can reconfigure routers to handle communications traffic flows, and update all the devices on a network, instead of requiring users to manually updating each one separately.
Get your subscription to Control's tri-weekly newsletter.
Because virtualizing PLCs requires dealing with real-time determinism, specialized hardware, legacy code and safety issues, Codesys and Cisco add it’s more complicated to virtualize them. Consequently, Cisco built and tested a software-defined network architecture that can support the newly virtualized controllers. This architecture includes Cisco’s:
- Catalyst industrial Ethernet switches with high-capacity packet switching and lossless resiliency required for uninterrupted connectivity.
- Catalyst Center that directs all network functions from onboarding devices to performing initial and ongoing configurations. It handles performance monitoring and proactive troubleshooting, defines networking and security policies, and everything else needed to maintain network performance and security.
- SDN that helps automate, scale and optimize networking. Its main parts include the Catalyst Center as the SDN controller and Catalyst switches.
- Cyber Vision visibility and threat-detection software for industrial control systems. It maintains a dynamic inventory of all industrial devices and detects threats and abnormal behaviors in real-time.
- Identity Services Engine (ISE) facilitates creation of access policies, and enforces them vis Cisco’s network switches, creating segmented operations that keeps assets in separate, unrelated parts of the operation.
- Secure Equipment Access (SEA) is a zero-trust network access (ZTNA) hybrid-cloud service embedded in Cisco’s devices that lets users maintain and troubleshoot remote assets. It providing granular access controls to secure industrial operations, eliminating the need for specific hardware or extensive VPN infrastructure or jump servers.
These tools are enabled by Codesys’s virtualized controller automation software, which includes its Development System IDE with IEC 61131-3-compliant textual and graphical editors for programming control logic in HMIs, fieldbuses, I/O, and safety and data exchange functions. The application code created is translated into binary code with its own compilers for the respective target hardware.
