Control-room instrumentation has come a long way from the days of drag pens on paper chart recorders and manually tuning temperature loops with trim pots. Most of these instruments were large and heavy steel-cased units that performed adequately for that time. Actually, some of these instruments may still be in use in some facilities if they have been well taken care of.
As time marched on, instrumentation became smaller and lighter, constructed of impact-resistant plastic cases and high-density semiconductors. Archiving data was less and less a pen-and-paper activity and more an exercise in manipulating Excel spreadsheets and encrypted data files. Controllers could tune themselves and began implementing basic artificial-intelligence algorithms. With all this new innovation, what is next in the field of instrumentation? I hope to give you an insight into what the future holds for the instrumentation that you are currently familiar with, at least from a Yokogawa perspective.
Wireless technology is not something that is typically thought of in heat treating, but as more and more manufacturers are adding wireless solutions and wireless options to their products, this will be something that you will be confronted with soon. The flexibility of wireless solutions enables less investment in infrastructure while receiving greater insight into the facility’s operations, where the measurements were previously too difficult or uneconomical to implement.
Wireless allows process sensors to transmit data to instrumentation without the need for wires. Your processes and facilities will determine what type of wireless technology you can use. ISA100 technology is a scalable, reliable and secure platform designed for facility operations with the ability to handle one to 500 devices. For example, Yokogawa’s YTMX is a battery-operated, eight-channel ISA100 wireless temperature transmitter designed to measure and transmit temperature points to data-collection and control devices. The unit has a rugged exterior that is explosion proof and can be easily field-mounted on a pipe without the need for a panel. The data is sent to an ISA100 wireless gateway somewhere in the facility – within 600 meters –
which, in turn, makes the data available to a network where control and recording devices can collect it.
The advantage to this type of technology is obvious. There are no wires to run. The reduction of noise due to the wires not being run in a cable tray is a major deal, and the signals are all digital and are not susceptible to noise. Isolation is also a major advantage because there is no physical connection between the instrument and the process. With the long-life lithium thionyl chloride batteries, a year or two can go by without having to replace them, depending on the data rate. Typical applications for this type of device include monitoring the temperature uniformity in a large furnace and sending data to a data recorder or reading temperatures in a multi-zone tunnel kiln and sending the temperature data to a PLC for control.
Many changes in instrumentation are being driven by the consumer market. Consumer electronics (specifically smart phones), tablets and point-of-sale retail terminals are dictating what types of HMI displays are being produced. Manufacturers of these types of displays are focusing their production mainly on products for the consumer market. You can’t go anywhere and not see someone buried in their smart phone, swiping and pinching the screen to access the information that they want. For many, this is their primary method of interfacing with these devices, and they are quite adept at it.
For instrument manufacturers to produce products that will be relevant to users such as these, they will have to develop products they are familiar with. Also, to produce products that have any longevity and future serviceability, they will have to select displays that are commercially available. These displays are the newer touch screens that give the look and feel of a tablet such as an iPad®.
Yokogawa’s Smart DAQ+ is one such device that offers many new features, including a smart touch screen. Yokogawa’s new resistive touch-screen technology can sense swipe, click and drag and allows two-point pinch for zooming in on critical data. Users can quickly enter furnace batch information and text messages with the on-screen keyboard. Batch runs can also be signed or noted by the operator with a stylus pen, just as if they were writing on a paper chart. One of the major advantages to this type of technology is the intuitive use of the product, which reduces the learning curve of using this type of instrument and the adoption by staff in using the product. Many people have experience using touch screens on their cell phones and tablets, and instruments like the Smart DAQ+ become an extension of that.
The ability to communicate to the instrumentation installed on the shop floor is not just a luxury anymore. The need to monitor, control and record process data automatically is now a requirement for you and for customers who are demanding it. But with the convenience of networking your instruments comes the threat of cyber attacks, thus the need for security. In 2010, we in the industrial and process automation fields saw how dangerous the Stuxnet worm was. This malware was designed to spread itself through networked Windows PCs and affect certain PLC manufactures’ hardware and SCADA by reprogramming them with malicious code. This was a wakeup call for many of us. No longer are computer viruses and other malicious programs something we can just leave to the IT department. These viruses now have the ability to access our unprotected control networks and disrupt the equipment controlling our processes.
Instrumentation manufacturers are just now beginning to take this threat seriously by implementing features and procedures for protecting instrumentation. These features may not completely look like the network security your IT department may implement because the goals for security are different. The primary goal of your IT department is to protect sensitive data and proprietary corporate information. The primary goal for a controls engineer is to protect the process and the equipment. To do this effectively, they consider the possibility of intrusion in these areas and take it seriously.
Control networks are full of easy access points – devices that can grant access to a potential threat via its network interface. Many PCs in plants run for extended periods of time with no security updates or anti-virus software. This is a must-do for any PC on a corporate network, but many times it is left undone on PCs in the production areas. Laptops that are brought into facilities and connected to the control network by vendors, service personnel or employees are another easy-access point. Thumb drives are one of the most dangerous items to your control network, as they can easily bypass existing security measures in the plant and simply be connected to a PC or instrument. Any virus on the data stick now has access to the network.
Network isolation is something that is not always considered by those designing control networks. Many networks are flat in their structure, allowing data to pass unrestricted from one unrelated system to another. If a problem occurs in a location of the plant, it can easily propagate to unrelated systems or remote locations. Firewalls and network switches can provide the isolation needed to keep the possibility of a threat from spreading too far. This type of network design should be something your IT department can implement for you.
Sabotage is another way a cyber attack can occur. Simple products such as paper chart recorders, single-loop controllers, indicators and the like hold very limited information about the networks (IP addresses, subnet masks, default gateways, domain names and DNS server addresses). The damages that can be incurred due to the leak of this type of information are minimal to moderate. This does not mean that this information should not be protected. With the right tools and access, a saboteur can reconfigure the instrument or adjust control variables.
Yokogawa has implemented security features in these types of instruments, such as the UTAdvanced temperature controller, to prevent unauthorized access. Key locks and access passwords are the first line of defense in keeping process and network information inaccessible. A menu lock function restricts access to sensitive network information and removes it from the menu structure so that those who may get past the key lock will not find the network information menu or any other menu information that may be hidden. On the networked side of the controller, write access to the controller can be disabled so no device can make changes to the process without physically going to the unit to do so. Write access can also be limited to certain devices on certain networks while rejecting all other inquiries. This is a controller feature called IP restriction, which is similar to MAC address filtering. A PLC can be given write access to the controller to change its setpoint as long as it has the correct IP address and the request is coming through the expected network gateway. Using these types of measures helps prevent cyber attacks as well as sabotage.
More complicated networked products such as paperless recorders, data-acquisition units and PLCs may have FTP client and SMTP features. The log-in information for the external FTP servers and SMTP servers may be easily available through the setup parameters. If a user is able to log in to these instruments, it is possible for them to obtain network information that could allow them unauthorized intrusion into relevant servers.
Along with the features found on simpler instruments, data recorders (e.g., Yokogawa’s DXAdvanced) employ technology like Active Directory. Active Directory is a service created by Microsoft and run on Windows servers that allows networked devices like PCs and data recorders to authenticate and authorize all users that can log in to the network. After logging in, a user’s access level is set. The convenient aspect to this is not only its security, but users can be managed by the network administrator and the log-in credentials can be the same as the user’s PC.
The most vulnerable security threat to any network is the people using it. As strange as it may sound, human error can pose a major security threat. The education of your staff members ensures that they have the knowledge and skills to identify possible security threats as well as carry out daily operations in accordance with security guidelines.
Technologies are always changing in electronic products, and instrumentation is no different. The main difference between consumer-grade products and industrial products is the life cycle. It is expected that the PC in your office will be replaced within five years, but the instruments on your plant floor may have an expected life of 20 years. When deciding on new instrumentation, it is critical that newer technologies are considered because they may become mainstream in the future. Selecting products based on price may serve you well for the short term, but when the new technology is commonplace, you may be scrambling to adapt or have to replace the instruments prematurely. IH
For more information: Contact: Clayton Wilson, Yokogawa Corporation of America, 2 Dart Rd., Newnan, GA 30265; tel: 678-423-2524; fax: 770-251-6427; e-mail: email@example.com; web: www.yokogawa.com