Hands-On Industrial Internet of Things
上QQ阅读APP看书,第一时间看更新

Weaknesses of the fieldbus setup

The weaknesses of fieldbus setup are as follows:

  • There is strong coupling with the controllers. The direct connection with the controllers forces the edge to implement and maintain a connector for each fieldbus protocol. This means it is susceptible to the previously discussed disadvantages.
  • There is no a single PLC or DCS that controls the whole industrial plant. A PLC concentrator, like a DCS, controls just a single area of the plant. The related control networks are not linked with each other by design as they are deterministic networks. This would also make them vulnerable to security breaches. As we saw in the previous chapters, their information is joined and merged at a higher level by the SCADA and Historian systems. Because of this, an edge device must be deployed for each control network of the industrial plant from which the data is to be gathered. The scattering of the control networks forces us to install more edge devices, leading to more complicated deployment and maintenance.
  • In this setup, the edge device is connected at the same time to both the internet and the control network. According to the ICS standards, we should not connect a device that is connected to the internet directly to the control network; it should instead be placed in a demilitarized zone (DMZ). This means that the edge device should be separated by two firewalls, the first of which controls the interface toward the internet and the second of which controls the interface toward the control network. The isolation of the control network through firewalls is not easy. Special firewalls, called operational firewalls, are required, which have packet-inspection capabilities for the specific fieldbus protocol used. Even with these firewalls in place, it is common that customer policies and standards do not allow this type of connection.