Global Perspective: Hyper-Secured PLC…and other curious combinations

To make life easier for automation engineers, and less costly for OEMs and end-user companies to build control systems, clever companies are converging previously separate products, observes Control Engineering Europe.


Festo Bionic TrunkAutomation and controls technologies continue to converge in creative combinations, and those using automation are the beneficiaries. Security and control are sharing the same space; CPUs and I/O are mounting the same substrate; and pneumatics and electronics are enjoying a life together. These were among findings at the November 2010 SPS/IPC/Drives show; the report below was adapted from a Control Engineering Europe Feb. 8 posting.

Industrial security firms, thanks in a large part to Stuxnet, are enjoying a bonanza of publicity. Now that the proof-of-concept for software-guided missiles aimed directly at industrial targets has been widely recognized, the need for insurance against them becomes an easier sell.

“Stuxnet is a gift to our industry,” said Dr. Lutz Jänicke, chief technical officer of Berlin-based Innominate Security Technologies. “We’ve been warning people about this for years, and now here it is for them to see. Industrial PCs and PLCs can be hacked, people want to hack them, and now there is a means to do it.”

HyperSecured PLC

The timing of the 2010 SPS/IPC/Drives show—a few months after the Stuxnet scare—was great for the security companies. It was the best time for Innominate to launch its HyperSecured PLC, with its sister Phoenix Contact company, KW-Software.

Most IT security companies monitor communications traffic, looking to block software that contains malware signatures. This is why their databases must be constantly updated with the latest malware information, trying to keep ahead of the hackers. Innominate’s approach to security, however, is to constantly monitor the software in an industrial PC to note if there are any changes, sudden or otherwise, in the basic configuration. This is the kind of thing worms do when they get inside a system—add little bits of software here and there, small enough and innocent enough to be hopefully unnoticed. But no matter how subtle the change, Innominate’s software will detect it within milliseconds, perform an assessment of the risk, and advise the user on what to do. At the end of the day, says Dr. Jänicke, the best solution is to simply wipe the system clean and reinstall a fresh software pack.

This approach, however, requires a separate piece of hardware to monitor the PC or PLC. So, why not combine the two into one unit? Working with KW-Software such a project was realized, thanks to virtualization.

Innominate calls it the HyperSecured PLC. In reality, it is an industrial PC built on an Intel Atom Z530 processor platform. Wind River’s Hypervisor is the foundation software of the two virtual machines. The security application, the virtual mGuard, runs under Linux and monitors communication with the network. KW-Software’s soft PLC runs under VxWorks and communicates with the outside world (with Profinet) only through mGuard. An auxiliary PC, such as a desktop or laptop PC, is used for IEC 61131 programming and Profinet configuration. The mGuard itself is configured via the web interface in the browser.

“Until now, such control solutions could only be configured with dedicated hardware for the PLC and for the security appliance,” said Dr. Jänicke. “With the trend to virtualization, more cost-effective solutions, integrated on a CPU, can be created. The prerequisites for this are hardware-independent software components and an industrially usable Hypervisor for different processor architectures.”

Combined CPU, FPGA I/O 

Six years ago, National Instruments launched a new controller called the Compact RIO or cRIO, which combined a processor and a reconfigurable FPGA. The unit could be programmed with NI’s LabVIEW software, which made the hardware configuration immediately accessible to engineers. The concept of combining a CPU with a field programmable gate array (FPGA) has gained traction, largely due to the fact that use of FPGAs has become more widespread and the engineering cost of programming them has come down.

Kontron MSMST

At SPS/IPC/Drives 2010, Kontron announced that it had put the two together on a single board computer, resulting in the Kontron PCIe/104 Microspace MSMST. It is said to be the world’s first embedded single board computer to pair an Intel Atom E600 series processor with an Altera Field Programmable Gate Array (FPGA) in one package. The SBC is designed to operate in industrial temperature ranges from -40 °C to +85 °C.

The Intel processor should be enough to get you by, with speeds of up to 1.3GHz and up to 2GB of onboard DRAM system memory. The FPGA has more than 60,000 logic elements. The processor and the FPGA both contain integrated PCIe (Peripheral Component Interconnect Express) bus elements for rapid communication with each other.

Kontron’s strategy will be to provide fully validated and verified embedded FPGA solutions including processor, FPGA, operating systems, Board Support Packages (BSPs) and drivers. The company says it will also provide IP Cores with dedicated I/O for various vertical markets.

Ability to configure industrial I/O in silicon has big advantages, and the ability to reconfigure the I/O for a different application makes the platform of great use for machine OEMs. Of course, even though it has the name “field-programmable,” it is important to remember that FPGA programming is still a specialist activity, and it will likely be done for a few hundred or a few thousand boards at a time, rather than in the field.

Pneumatics and electronics

A few years ago, you could be forgiven for missing Festo at the SPS/IPC/Drives show. With the tag line for the exhibition being Electric Automation you might not expect to see a pneumatic company displaying its wares. However, Festo has been a regular exhibitor, though on a smaller scale compared to some others.

This year’s presence was different. While it wasn’t the Hannover Messe mega-stand, it was Festo Grande, complete with electronic and pneumatic components working together, topped off with the company’s latest icon, the elephant trunk robot arm.

Robotic innovation aside, the real star of Festo’s show was the CPX system, which the company boasts has broken the 10,000 mark in sales worldwide. The front-end controller runs CoDeSys software, so it’s in the same league as Beckhoff and Wago’s soft PLCs, with one big difference: there are numerous pneumatic modules such as valve coils that attach to the system. There are in fact dozens of I/O modules that can be attached, and you could connect up to 512 I/O modules per fieldbus node, for a length of 3 m of modules. As a result of this, says Festo, 128 valve coils and up to eight additional supply modules for pressure and power zones can be mounted.

There were several demonstrations in the stand showing how CPX can be entirely electrical, entirely pneumatic, or a combination of the two.

This is Festo’s strategy for CPX: marketing it as “integrated automation of the 21st century,” which includes pneumatic and electrical motion control, safety, diagnostics, and closed-loop control of pressure and temperature. The company was demonstrating its new modules for robot control and multi-axis motion control, and integrated HMI solutions.

- Control Engineering Europe,


Control Engineering Europe – Original Posting - The Hyper-Secured PLC…and other curious combinations





Mesago Messe Frankfurt

National Instruments

Phoenix Contact

Related Control Engineering Channels:

Control Engineering – Machine Control

Control Engineering – Safety

Top Plant
The Top Plant program honors outstanding manufacturing facilities in North America.
Product of the Year
The Product of the Year program recognizes products newly released in the manufacturing industries.
System Integrator of the Year
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
October 2018
Tools vs. sensors, functional safety, compressor rental, an operational network of maintenance and safety
September 2018
2018 Engineering Leaders under 40, Women in Engineering, Six ways to reduce waste in manufacturing, and Four robot implementation challenges.
GAMS preview, 2018 Mid-Year Report, EAM and Safety
October 2018
2018 Product of the Year; Subsurface data methodologies; Digital twins; Well lifecycle data
August 2018
SCADA standardization, capital expenditures, data-driven drilling and execution
June 2018
Machine learning, produced water benefits, programming cavity pumps
Spring 2018
Burners for heat-treating furnaces, CHP, dryers, gas humidification, and more
October 2018
Complex upgrades for system integrators; Process control safety and compliance
September 2018
Effective process analytics; Four reasons why LTE networks are not IIoT ready

Annual Salary Survey

After two years of economic concerns, manufacturing leaders once again have homed in on the single biggest issue facing their operations:

It's the workers—or more specifically, the lack of workers.

The 2017 Plant Engineering Salary Survey looks at not just what plant managers make, but what they think. As they look across their plants today, plant managers say they don’t have the operational depth to take on the new technologies and new challenges of global manufacturing.

Read more: 2017 Salary Survey

The Maintenance and Reliability Coach's blog
Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
One Voice for Manufacturing
The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
The Maintenance and Reliability Professionals Blog
The Society for Maintenance and Reliability Professionals an organization devoted...
Machine Safety
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
Research Analyst Blog
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
Marshall on Maintenance
Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
Lachance on CMMS
The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.
Material Handling
This digital report explains how everything from conveyors and robots to automatic picking systems and digital orders have evolved to keep pace with the speed of change in the supply chain.
Electrical Safety Update
This digital report explains how plant engineers need to take greater care when it comes to electrical safety incidents on the plant floor.
IIoT: Machines, Equipment, & Asset Management
Articles in this digital report highlight technologies that enable Industrial Internet of Things, IIoT-related products and strategies.
Randy Steele
Maintenance Manager; California Oils Corp.
Matthew J. Woo, PE, RCDD, LEED AP BD+C
Associate, Electrical Engineering; Wood Harbinger
Randy Oliver
Control Systems Engineer; Robert Bosch Corp.
Data Centers: Impacts of Climate and Cooling Technology
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
Safety First: Arc Flash 101
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
Critical Power: Hospital Electrical Systems
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
Design of Safe and Reliable Hydraulic Systems for Subsea Applications
This eGuide explains how the operation of hydraulic systems for subsea applications requires the user to consider additional aspects because of the unique conditions that apply to the setting
click me