Jan 22 2016

Mapping Out a Ruggedized Network

Ruggedized SCADA networks require substantial planning, but the benefits are well worth the investment.

Within the energy industry, networked equipment can help enterprises make more informed business decisions, reduce environmental impacts, provide better customer service and improve safety.

But supervisory control and data acquisition (SCADA) networks are not off-the-shelf solutions. A ruggedized SCADA network is complex enough that IT staff often requires the help of solution architects who specialize in networking.

These third-party professionals help ensure that companies take the time to analyze their needs and map out the most appropriate solutions can help prevent problems later. By contrast, organizations that skip this step or skimp on important planning may find that parts of their network are not compatible with one another, that they lack sufficient bandwidth, or that their chosen storage or security solutions do not fully meet their needs.

Common elements of a ruggedized SCADA network include:

Data acquisition and control systems: These are the components that collect data from equipment and allow enterprises to control that equipment remotely. Connected sensors collect a wide range of data, including metrics such as pressure, temperature and input and output volumes. In addition to reporting data points, sensors can trip an alarm if, for instance, the pressure in a pipeline rises past a certain threshold or if the temperature in a data center nears the point where it could cause damage to the equipment.

Employees can then use controls to manage equipment from afar, often using data from the connected sensors as a guide. For example, an employee at a company’s headquarters might decide to remotely slow an input rate to lower the pressure in a pipeline or decide to remotely decrease the temperature of a data center to prevent damage to servers. (In fact, many of these control functions can be programmed to be automatically regulated by a SCADA system.)

Switches: Switches are building blocks of business networks. They take packets of data from endpoint devices such as computers (or, in the case of ruggedized networks, from SCADA equipment) and analyze them to determine the destination device. The switches then “switch” the data out toward the appropriate device. Switches can either be built into other networking components or be stand-alone elements of a network.

Routers/gateways: Gateways (typically routers or Layer 3 switches) examine addressing and determine where the data needs to be sent next. For example, certain data coming into a router from a rig on the Gulf of Mexico may be routed to a central data center in Ohio, while other data is sent to a server in California. Because gateways separate the SCADA network from external networks with a firewall, they provide a rudimentary layer of security.

Endpoints: Connecting industrial equipment via a ruggedized network does not completely eliminate the need to send employees to the equipment location. Workers will still need to go onsite to perform maintenance. For the most part, employees use endpoints such as notebook computers, tablets and other mobile devices to record information onsite. Connecting these devices to the SCADA network gives workers real-time access to vital data, but it also creates a number of potential security vulnerabilities that must be addressed.

Wireless access points: Most endpoint devices are used wirelessly on the job site, so Wi-Fi connectivity is an important element to many networks. In a warehouse environment, for example, workers may use their mobile devices to scan barcodes. This data will then be sent to wireless access points, which in turn send the information along to a router.

Backhaul: Ruggedized networks require intermediate, or “backhaul,” links to connect smaller subnetworks to the core network.

Storage: A single sensor may generate a small amount of data. But if an enterprise adds 1,000 new sensors, all of which transmit data at regular intervals, the volume of data grows exponentially. As enterprises generate more information from an ever-expanding network that includes many diverse sources of data, their storage demands will increase accordingly. Many companies opt for cloud-based or on-premises dynamic storage options that allow them to quickly scale up to meet new demands. Additionally, extra bandwidth will likely be necessary to accommodate the influx of new data.

As they amass vast stores of data, companies must also consider how they need to access this information. Vital data that is used often and must be accessed quickly should be stored in a system that can meet a company’s requirements for speed, such as flash storage. However, such storage solutions can be costly, and lower-value data may be moved to slower media, such as spinning discs or tape drives.

Security hardware: In addition to protecting the enormous amount of new data being generated by networked equipment, companies must also be concerned with the equipment itself. Vulnerability in the network could expose a company’s industrial equipment as well as its IT infrastructure. In order to provide comprehensive protection, enterprises must invest in a range of security measures, including firewalls, intrusion detection and protection solutions, access controls and centralized security management.

For more information on ruggedized networks, read the white paper “Delivering the Power of the Network.”

Ingram Publishing/ThinkStock