Industrial network restructuring increases availability and flexibility
- Everything for flexible and powerful networks from a single source
- High system availability with redundant network structures
- Individual consulting for customized IT security solutions
Customer profile
As one of the leading European manufacturers, Bode Chemie in Hamburg-Stellingen produces more than 400 products for disinfection, cleaning, nursing, and skin antiseptics. Approximately 18,000 tons of bulk goods are manufactured each year. The comprehensive range is used around the world.
Application
Bode Chemie's company network is divided into an office network and an industrial network. Data exchange between the two networks is regulated via a firewall. For historical reasons, the industrial network was designed with a flat, redundant ring structure. Therefore, all devices, such as PCs, HMI devices, controllers, and distributed I/Os, communicated via a shared Ethernet network.
However, this approach comes with the risk of mutual interference. Data packets which are sent to all devices as broadcasts, for example, tie up resources which cannot then be used for targeted, time-critical process data communication. An Ethernet network with a flat structure can also be a target for viruses and other malware. The existing network structure also limited Bode Chemie with regard to free IP addresses and system maintenance.
Network structure at Bode Chemie
Layer 3 switches in the computer center form the industrial backbone
Solution
Staff have therefore worked together with Phoenix Contact to create a concept that segments the industrial network into different subnets. These are established via physical ring structures with Smart Managed Switches, thereby increasing the availability.
Due to the large distances to be bridged, the rings are laid between the production facilities using Gigabit and fiber optic technology. The Media Redundancy Protocol (MRP) is used to resolve the physical ring structures in logical line concepts. The Ethernet devices are connected in the lower-level production systems via Fast Ethernet copper connections.
The industrial areas and the higher-level business processes exchange data redundantly via the copper connections. Two Layer 3 switches handle the connection. They form the industrial backbone and each provides a virtual router interface for the various subnets and the office network. The industrial backbone is installed at a central location in the company's computer center. The modular structure of the Layer 3 switches used in the industrial backbone opens up additional scope for future system extensions.
The Managed Switches support different user interfaces for access to the configuration and diagnostic data. All the necessary settings can be controlled via each device's own web server or SNMP (Simple Network Management Protocol). The same applies to querying the diagnostic data. In the subnets in which PROFINET is used for the transmission of process data, the switches function as PROFINET devices. In this operating mode, Engineering directly assigns their IP address and their PROFINET names to them. SNMP traps provide rapid diagnostics. Important events, such as the loss of the redundant power supply for the switches in the ring, are transmitted to the centrally installed FL VIEW diagnostics software via SNMP.
Project managers Martin Petzold, Markus Schmidt, and Dirk Schlüter
Summary
The restructuring has increased the stability and availability of the entire industrial network. The industrial backbone ensures clear responsibility and short response times. Combined with the diagnostics software, the relevant functions of the switches and the routed network structure also enable rapid and comprehensive diagnostics.
The modular approach and degree of structuring allow for flexible extension or restructuring of the system. This also applies to the planned system protection by means of distributed firewalls, which involves no further configuration effort.