Living on the edge – The role of the edge device in evolving industrial control architectures

Industrial organisations are generating data faster and in greater volume than ever before. As a result plant information infrastructures must evolve, what we are seeing is industry gravitating towards an architecture that consists of a multitude of edge devices that operate in concert with cloud services.

This differs from the previously established structure of a plant network which conforms to the Purdue model; assigning control functions to a series of network layers. Evolving standards like Industry 4.0 and the Open Process Automation initiative (opengroup.org/open-process-automation) reconcile this model into just two layers; edge and cloud.

It is worth at this point offering our definition of ‘the edge’ and ‘edge devices’. The edge we define as the physical location that allows computing closer to the source of data. Edge devices are industrial hardware able to securely collect, filter, and relay data close to industrial processes. They can also be capable of controlling connected assets like a PLC, but with the key differences that they are augmented with ethernet connectivity, built-in cybersecurity, and the processing power needed to handle big data analysis.

The essential characteristics of this new architecture are the smaller modularity of the edge devices and the flatter networks. A major benefit we see coming from this is it facilitates deployments that are ‘plug & play’ in nature, secure, scalable, reliable, continuously available, easily serviceable, easily programmable and have high agility.

The framework is also not confined to any one industry; it is applicable across many different vertical markets including process manufacturing, transportation, smart cities, smart buildings, etc. Though the exact setup may vary for different verticals, the essence is consistent; the resources and services of computation, communication, control, and storage are distributed across available edge devices, and clouds to achieve the desired function while meeting all application requirements1.

All the more exciting is how this new architecture is emerging as being standards-based, open, and interoperable. As a consequence, it will no longer be the case that a single vendor can dominate the supply of all elements of a solution. High supplier diversity provides the fertile ground needed for high-quality solutions and fast innovation, all delivered at lower costs driven down by healthy competition.

Properties of the new architecture

Edge devices are conceptually no different to existing control devices like PLC’s and DCS controllers in that they are designed to consume data from sensors in the field and to process that data in some meaningful way. However, there are several important differences; the primary difference being the use of open standards and interoperable solutions. The applications for edge devices are broader than conventional Level 1 control devices, and these new use cases require scalable, secure solutions.

Security

Security has to be a fundamental consideration for any deployment; it is reported that manufacturers have a 32% chance of experiencing a cyber attack in any given year2. Security comes from the proper design, operation and maintenance of secure architectures and infrastructures which provide up to date protection. Performing data processing and analytics on edge devices is intrinsically more secure than transporting data to the cloud to perform these operations. Edge devices can be hardened using endpoint security measures, and data access can be secured by unidirectional networks using data diodes.

Scalability

The architecture lends its self to solutions that are usable in modest sized deployments but can then grow and scale to accommodate the largest with relative ease. Because edge devices can run independently just as easily as working as a part of a cooperative network, it means a flexible ‘plug and play’ design can be achieved.

Storage and analytics services should also be able to scale with the infrastructure. The scalability then allows for a pay-as-you-grow model.

Openness

Proprietary, single vendor solutions have been the norm in the DCS market, and a move to open solutions will lower costs and promote innovation. Openness will be an essential pillar of the evolving architecture. Open standards will be built on existing standards which may be adapted and extended to suit the evolving needs. We can also expect to see some crossover of open source solutions that are commonly employed in the IT domain. Interopability of equipment and solutions is a further consequence of open, agreed standards.

Some existing Open Automation Standards

IEC 61131-3 IEC 61131-3 is currently the only global standard for industrial control programming and defines the basic programming elements and rules for the most commonly used process automation programming languages. The standard includes Sequential Function Chart (SFC) language, used to structure the internal organisation of a program, and four interoperable programming languages: Instruction List (IL), Ladder Diagram (LD), Function Block Diagram (FBD) and Structured Text (ST).
PLCopen XML Defines an open interface for information transfer between different kinds of automation tools, such as configuration environments, network tools, debug tools, simulators, documentation tools, etc.
OPC UA OPC Unified Architecture (OPC UA) is an open source communication protocol for interoperability. OPC-UA is fully integrated with IEC 61131-3 through the PLCopen OPC UA Standard. It includes data models and function blocks for data integration between applications and between applications and Information Systems. UA Security consists of authentication and authorization, encryption and data integrity via signatures.
Fieldbus Fieldbus is the name of a family of industrial computer network protocols used for real-time distributed control, standardised as IEC 61158. There are currently a wide variety of competing Fieldbus standards including Profibus, FOUNDATION Fieldbus, Modbus, etc.
MQTT MQTT is an ISO standard communication protocol that is commonly used for IoT connectivity. It is designed as an extremely lightweight publish-subscribe messaging protocol. The publish-subscribe messaging pattern requires a message broker. The broker is responsible for distributing messages to interested clients based on the topic of a message.

Programmability

Edge devices are typically designed for a continuous cyclic operation which means that the program is repeatedly executed as long as the controlled system is running, this scan time may be a few milliseconds. Programs are designed to run without intervention, so they need to be robust and fault tolerant. Industrial control languages like those defined by IEC 61131-3 are designed for these applications; they are also high-level languages designed for ease of use. The broad adoption of this standard means that there are already many experienced developers and a range of available integrated development environments. However, these standards will need to evolve to meet the needs of the new applications.

Reliability, Availability, and Serviceability

A reliable deployment will continue to deliver designed functionality under normal as well as adverse operating conditions. Reliability includes maintaining system uptime, safeguarding the availability of data and ensuring the integrity of the connected plant. This means that edge devices and gateways need enhanced hardware, software and network designs to improve performance. Redundant architectures can be employed to provide enhanced availability.

If you have any comments on this article or are interested in finding out more, we would love to talk with you. You can reach the lead author of this article directly at patrick.thorpe@spirocontrol.com.

References

  1. OpenFog Architecture Overview White Paper 2016 – OpenFog Consortium

Online at: https://www.openfogconsortium.org/wp-content/uploads/OpenFog-Architecture-Overview-WP-2-2016.pdf

  1. The State of Security in Control Systems Today: A SANS Survey – Derek Harp and Bengt Gregory-Brown, page 1, June 2015

Online at: https://www.sans.org/reading-room/whitepapers/analyst/state-security-control-systems-today-36042