Introduction to Communications Protocols
RS232
Form of serial data communication.
Was most used form of data transmission.
DB9 Cable
Transmits signals:
Positive Voltage: Binary 0
Negative Voltage: Binary 1
PLC Usage: Talk to other modules/PLCs (e.g. HMIs, Computers, Motor Controllers or vision systems)
2 types
DTE - Data Terminal Equipment (e.g. computer)
DCE - Data Communications Equipment (e.g. modem)
2 DTE/DCE devices cannot talk to each other without reverse null modem cable.
PLC will typically be DTE and devices DCE.
Common Example:
Computer connected to old printer.
Commands issued via voltage signal.
Drawbacks:
Speed: 20kb/s (slow)
Length: 50 ft
Resistance and Voltage Loops an issue with cables longer than this.
Electrical noise can cause interference.
USB and Ethernet have phased out this standard.
Adapters can convert Serial to Digital.
RS485
Form of serial communication
Younger, faster brother of RS232
Advantages over RS-232:
Transmit via communications bus
Speed: 10 mbits/s
Distance: 1200m/4000 feet
Up to 32 devices compared to 1.
Less susceptible to noise issues. Shielded cables.
No standard connector, uses DB9 also. Terminal strips were also used in some cases.
Common use:
Remote control of Variable Frequency Drives (VFDs) aka Motor Derives.
Remotely monitor and control via RS-484 network.
Modbus
Open Protocol - Specifications are published and may be used freely or through license.
Advantages:
Support by multiple manufacturers and installers.
Active community groups for support.
Ability to stay current and add capabilities
Modbus one most popular examples.
Oldest and by far most popular automation and SCADA protocol.
Communication protocol published by Modicon in 1979. Now owned by Schneider Electirc
Common language for device communications.
Development and updates managed by Modbus Organization
Several versions exist for serial and ethernet
Most popular:
Modbus TCP
Modbus ASCII
Modbus RTU
Modbus Plus
Master-Slave Architecture
Client Server for Ethernet
1 device initiates transactions (queries)
Other devices respond or take action
Slave: Any peripheral device (e.g I/O transducer, valve etc.)
Masters can address individual slaves or all via a broadcast message.
Slaves respond individually to all message queries but not broadcasts.
Slaves only respond to master messages (queries).
Format of a Master Request:
Slave Response:
If error occurs (CRC fail or slave cannot take action), slave returns exception message to master.
Communication via Send (Request) and Read (Response) messages.
Modbus communicates via Serial (RS-232, RS-485, RS-422) and Ethernet
Initial implementations used RS-232 but most later used RS-485
Modbus RS-232 and RS-485 are sent in plain form and the network is dedicated to Modbus.
TCP/IP over Ethernet - Multiple heterogenous devices, embedded within a packet.
Modbus can operate on peer-to-peer and multidrop networks.
Message Structure:
Slave Address: Used to define which slave device should respond to a message. All others ignore the message if no match.
Function Code
Data
CRC Error Check
Modbus functions perform, read and write instructions to slave internal memory registers to control, monitor and configure the slaves inputs and outputs
Modbus devices include register maps to determine where configuration, input and output data can be written and read from. Refer to slave register map to understand operation.
Data Model:
Discrete Inputs
Coils Outputs
Input Registers (Input Data)
Holding Registers (Output Data)
Service Request Area of Modbus Messages
Protocol Data Unit (PDU)
Function Code and Data Unit
Function Code: Specifies which register data groups it reads/writes to/from.
Re-Watch: How does Modbus Communication Protocol Work?
Communications can be simulated via software.
Wireless Communications Technologies
Difference Between Wi-Fi and Industrial Wireless
Differences:
Amount of data sent/received
Battery life of devices
Reliability of the data
Data Sent/Received:
Wi-Fi built for large data packages (e.g. images, video)
Industrial Wireless for small amounts of data (e.g. gas pressure sensor - tag name and process variable). Lots of small packets.
Battery Life:
Smartphones etc. require charging with little battery life.
Wireless sensors and actuators consume little battery over long period of time. Years before battery charge. Designed to have long battery life as installed in areas that are not easily accessible.
Reliability:
Loss of connection acceptable in consumer networks.
In industrial wireless, not acceptable as reliability and accuracy are critical. Sensors must report updates regularly, based on input, controller will send data to output device (e.g. valve). If data is interrupted, controller not provided with required input to send correct output.
Protocols
ISA 100 Wireless - Maintained by ISA. Protocol designed to work with all wireless devices from various manufactures. Not tied into single vendor solution.
How Does Industrial Wireless Communication Work?
Advantage of wireless networks:
Ability to easily deploy to locations without difficult cabling infrastructure.
Real-time communications for SCADA and RTU.
High-Bandwidth.
Lower total cost of ownership.
Electromagnetism - Creation of magnetic field from movement of electrically charged particles.
Radio waves sent via Antennas to produce and re-produce waveforms via vibrating electrons. Travel at speed of light.
Frequency: Changes based on output devices. Used for different purposes. Spectrum split into bands.
NEED TO REVIEW THIS VIDEO
Modulation
Alters the shape of a carried wave to encode the information (speech, sound data) to be transported by hopping on a normal signal wave.
Frequency: Measured in Oscelations per second.
Wavelength: Measured in units of lengths.
Amplitude (Power): measured in dB or meters.
Longer wavelength = Lower Frequency and vice versa.
Modulation Types:
Amplitude (AM) Modulation: Changed in proportion to data signal.
Frequency (FM) Modulation: Frequency determines how carried signal modulated.
Phase Modulation
Radio wave Propagation
Transmitter radiates signal with specific power based on size/power of antenna
Signal attenuates as it goes (path loss)
Radio waves not aware of exact path to receiver.
Receiver only receives certain part of signal
Objects
Buildings
Attenuation Factors
Distance
Wavelength
Transmitter Power: Reduces as signal propagates
Higher Frequency Waves = Higher attenuation
Great Distance = Less Power Received
Wavelength: Attenuation greater for shorter wavelength
Power Loss: Weakening of signal regardless of power transmitted.
RF Line of Sight Tool - SCADA Core (Considers Antena Height and Topographical Patterns)
Security: Becomes a concern
ISA100 Wireless
Risks of physical cabling: Electromagnetic interference, water infiltration, physical damage, corrosion
Better Way: Wireless
Transmitters on network may only exchange 2mb data per month.
Designed for IIoT applications
IIoT - Replace wired devices with wireless ones.
Developed by experts from 250 companies.
Supports Mesh network: Nearby devices act as repeaters. More devices that exist then more pathways exist. Adds redundancy and robustness.
Designed from bottom up for reliability, operability and security.
ISA100 vendors must undergo certification by the Compliance Institute to ensure seamless integration.
4 stage process:
Vendor Joins the ISA100 WCI
Purchases a Device Test Kit (DTK)
DTK used to preform internal ceritification tests
Formal ISA100 WCI Certification Testing once internal test successful
Does not imply EMC/RFI/ESD testing has been approved. All other testing is still required e.g. CE UL, TUV SUD
Can be used anywhere that wired devices are used (process monitoring, control, gas detectors etc.)
Used in many industries (e.g. O&G, Chemical, Pulp and Paper).
Diverse range of devices available from vendors.
IPSec VPN Connectivity
IPv6 Addressing
Enhance Routing
Fieldbus
Group of protocols used in industry (ControlNet, Modbus, ProfiBus, HART, EtherCAT, SIP and more)
Standardised as IEC 61158
Works on networks that permit various topologies (e.g. Ring, Branch, Star, Daisy Chain)
Prior to fieldbus, connected via RS-232 - Only 2 devices communicating
Fieldbus closer to traditional ethernet but not a connection type.
Fieldbus devices such as sensors, motors, lamps, switches, are connected to an βI/O data blockβ, which is then connected to a βfield distribution deviceβ, which is connected to a Fieldbus power supply, then finally connected back to the Programmable Logic controller.
ControlNet - Cannot be used on Siemens controllers.
Ethernet
Communications standard to network computers and devices in local environment (LAN).
Wired System - Coax, Twisted Pair, Fibre Optic
IEEE 802.3 Standard - Defines Physical Layer and Data Link Layer of Ethernet (first 2 layers of OSI)
Physical Layer
Cabling
CAT 5-5e, CAT 6, CAT 6a, CAT 7
RJ-45 8 pin connectors - Half or Full Duplex
Half Duplex - a direction at a time
Full Duplex - Both directions.
Fibre Optic Cable - Light pulses through Glass/Plastic Optical Fibre
Further distance at higher speed
Several connectors (e.g. Small Form Pluggable and Subscriber Connector)
In order to use fibre, need to use Ethernet to fibre convertor.
Devices
Have a internal/external NIC
Switches/Routers connect multiple computers/networks together
Gateways and Bridges used to connect multiple networks together.
Gateways: 2 dissimilar networks together
Bridgers: 2 Similar networks as one.
Data Link Layer
Logical Link Control (LLC): Establishes paths for data on Ethernet to transmit between devices
MAC - Uses media addresses to identify devices for source/destination of transmission
CSMA/CD - Carrier Sense Multiple Access with Collision Detection algorithm to send/receive data.
Ethernet Benefits:
Speed
Cost
Acceptance
Support for Network Protocols
Ease of Installation
ControlNet
Open network protcol managed by the OVDA
Token-passing bus control network
Utilises the CIP for upper layers of OSI Model (Session, Presentation and Application)
Adapted CIP layers of Transport, Network Data Link and Physical to fit needs of ControlNet
Designed to provide reliable, high-speed control via programming using logic for specific timing over network. Provides critical messaging not relying on timing without interfering with I/O data.
Talks to PLCs, I/O Chassis, HMI, Drives and Robots
Used to redundant applications and/or applications that work best with scheduled communicates
5 Mbps data transfer rate
Physical Media
RG-6 Co-Ax with BNC Connectors (Twist on, locking, screw)
Cables
Flexible, Direct Burial, Plenum and Optical Fibre
Max Distance: 1000m unless repeater used (max of 5, 10 for redundent networks)
Max Nodes: 99 (repeaters do not use node count)
Topology:
Trunk-line Dropline, Star or Tree
Tap: Connect nodes to trunk via drop-cable. Several types T-Tap and Y-Tap and Straight and Right Angle
Terminating Resistor: 75 ohms required at the end of each end of trunk cable.
Segments: Collections of trunk cables and taps that have terminating resistors at each end.
Repeaters: Used to lengthen network between segments.
Bridge: used to connect between networks, only forward packets, not I/O.
Token Ring via CoAx cable.
Nodes assigned a MAC ID address from 1 to 99
Each node knows address of pre-decessor and successor
Each node has scheduled time which is determined by a token
While node has possession of token, it transmits data frames until end of transfer or token reaches time limit.
New token created and passed on to successor.
if no data, then token just passed on.
Repeated until all nodes have been cycled, then begins again.
Only 1 nodes transmits at a time to prevent collisions
If node stops transmitting and does not pass token, the protocol have provision to regenerate token and send to next logical successor.
Data Link Layer
Timing: Via a Network Update Time (NUT) duration between 2-100ms. Scheduled, unscheduled and guardband.
Transport and Network
Unconnected: used for establishing connections or low priority messages that don't happen frequently.
Connected: Uses settings in each node such as real-time I/O data.
Advantages of ControlNet
High-Speed
Strictly Scheduled
Deterministic Data Transfer
Redundant Cables Support
Stable and Reliable
Disadvantages
Cost of hardware
Difficult to troubleshoot
OSI Model
Layer 7 - Application: Chrome, Office, Teams, Outlook. Provide services to send/receive data at presentation layer.
Layer 6 - Presentation: Syntax processing, translates data from top layer to network format and vice versa (e.g. encrypted data)
Layer 5 - Session Layer: Construction, direction and conclusion of connections between devices. Supports multiple type of devices. Responsible for authentication and re-connection.
Layer 4 - Transport: Responsible for transmission of data across networks. Where it goes, how fast etc. May use TCP or UDP.
Layer 3 - Network: Handles routing of data. IP used as the network layer. Mapping between logical (IP addresses) and physical addresses (MAC) via Address Resolution Protocol (ARP).
Layer 2 - Data Link: Most complex, checks for errors packages into frames then sub-layers:
MAC - 802.11, Ethernet
Logical Link Control
Layer 1 - Physical: Electrical or physical layer, encompasses network cables, wireless RFs, connectors, transceivers, voltages, power supplies. Transmits logical data bits via network communications media.
Moxa
Needs of manufacturing have outgrown ethernet.
REVIEW THIS LESSON - VERY VENDOR HEAVY
Last updated