Is Ethernet the key to IIoT?

Applications demand a sensible migration path, a robust network.


An example of an industrial automation network. Security architectures are evolving as networks become more flexible. Courtesy: Microsemi CorporationIt is expected there will be 34 billion devices connected to the Internet of Things (IoT) by 2020, with businesses and government accounting for over 55% of those connections. With the IoT's promise for increased efficiencies (such as lower operating costs and greater productivity), embedded machine-to-machine (M2M) communications among "smart objects" are increasingly common within commercial, industrial and government entities.

Unlike consumer IoT, the requirements for data integrity, reliability, and security are far more exacting for the Industrial IoT (IIoT). The threat of disruption poses tremendous security risks for the entire digital network, yet the prospects of unprecedented transparency and efficiencies of an IIoT remain compelling.

Real-time visibility and control of connected IIoT objects demand high-performance, low-latency networks with remote management capabilities. Enter Ethernet, which has been the technology of choice for Enterprise, data center and many service provider networks because of its advantages including standardization, versatility, high performance and low cost.

Today's IIoT networks, however, largely use specialized network protocols and diverse installed bases of legacy equipment. This makes modernization onto an all IP Ethernet infrastructure more complex. Upgrade strategies for these heterogeneous networks must balance the imperatives of industrial settings—system reliability, determinism and security—with migration to the standardized and low-cost networking solution delivered by Ethernet.

Three of the top challenges facing IIoT system designers are security, determinism, and network migration. Meeting these challenges requires using a combination of technologies ranging from Ethernet switching solutions, programmable devices, high-precision timing, Power over Ethernet (PoE) and application-optimized software.

Industrial network security

Security in today's industrial networks is typically premised on isolation from a corporate network by firewall and from the Internet. Broader attempts to secure industrial networks often entail network downtime, costly network topology changes or both, jeopardizing plant productivity, revenue and sometimes safety. But assuming that a given industrial network is protected simply because we believe it isolated from the Internet is a misconception.

As recent cyber attacks have illustrated, the reality is that isolating a modern industrial network from the Internet can actually make it less secure, since it's harder to manage and diagnose issues. Isolated networks are also difficult to scale and reconfigure as companies update supply chains, adopt new technologies or evolve in response to new competitive threats and opportunities.

IIoT network security must take a multi-layered approach to protect the data plane, management (network and element) and control (protocol) planes. All three require protection, particularly for M2M communications. A typical approach relies on encryption of data, management and control traffic, addressing authentication, authorization and accounting (AAA), and data integrity.

Networkwide encryption is another layer that guarantees security of all network traffic. In Ethernet networks, MACsec (IEEE 802.1AE) and Keysec (now part of IEEE 802.1X) are the L2 encryption and key management protocols to secure Ethernet physical ports and VLANs. Further enhancing confidentiality, IEEE 802.1AEbn includes strong 256-bit encryption now required by certain government agencies.

While encryption alone is insufficient to secure a network, using a strong 256-bit encryption like MACsec in networking equipment and end points can provide a means for authentication, data integrity and user confidentiality needed in Ethernet-based IIoT networks. In addition, leveraging FPGAs with built-in security capabilities can be used to provide a root of trust in a system. Often these devices are used to securely boot an external processor, adding yet another security layer to combat against tampering with network elements to find keys.

As IIoT becomes more widespread, companies will increasingly look to acquire data at the network edge, using big data analytics and cloud computing to scale processing and make practical use of all this data. An Internet connection is essential. This is where a centralized security orchestration approach that works closely with distributed networking hardware can provide an effective way to secure the IIoT network.

Ultimately, a multi-layer approach to security is imperative for industrial networks, ensuring the network's reliability and uptime while not restricting operations.


When considering deterministic performance and network reliability in Ethernet networks, the expectation is that specific functions occur within a precise timeframe. This is possible when each network element is time-aware and can recognize whether it delivered Ethernet packets "on time."

But this is only one part of the solution. A mechanism to synchronize and to distribute precise "time" in Ethernet exists today using IEEE 1588v2; however, the latest Time Sensitive Networking (TSN) standards bring system developers a very time-oriented style of traffic scheduling.

Developed by the IEEE 802 group, TSN standards broaden Ethernet capabilities to make it a true industrial-grade, real-time communications protocol. Elements include clock synchronization, time-based message handling, frame preemption and seamless redundancy.

TSN (AVB Gen2) is a suite of standards providing the following features:

  • Timing and synchronization for time-sensitive applications (IEEE 802.1ASbt)
  • Enhancements for scheduled traffic (IEEE 802.1Qbv)
  • Frame preemption (IEEE 802.1Qbu)
  • Path control and reservation for redundant networks (IEEE 802.1Qca)
  • Stream reservation protocol (SRP) enhancements to support Qbu/Qbv/Qca/CB (IEEE 802.1Qcc)
  • Seamless redundancy (IEEE 802.1CB).

In addition to improved usability and performance, for example, IEEE 802.1ASbt adds one-step time stamp support. This reduces the number of packets needed to convey network timing information versus a two-step process used in the prior generation standard. The reduction in packet traffic and computing power is beneficial in broad, daisy-chained, time-aware networks. IEEE 802.1ASbt also enhances timing information availability by providing multiple levels of synchronization to attain accurate timing at individual network nodes.

The new TSN features will give Ethernet networks the real-time determinism and low latency needed for communications in IIoT applications. This should remove the last barrier that might prevent an IIoT network using Ethernet as its main backbone, driving convergence of critical and noncritical control and data traffic onto a single network.

While Ethernet with TSN will finally become a plausible deterministic backbone for industrial network deployments, proprietary interfaces will remain in place, at least for the foreseeable future. FPGAs/SoCs that have the capability to translate between Ethernet, IEEE 1588, TSN and specialized industrial protocols while keeping deterministic behavior will be critical.

Determinism is one of the key advantages of using FPGAs versus MCUs. For example, a networked motor control application that uses EtherCAT will benefit from the deterministic nature of an FPGA fabric. The FPGA can implement the protocol conversion and the motor control algorithms all with the lowest possible latency. The FPGAs, as opposed to MCUs, are capable of transmitting data in a deterministic fashion and performing deterministic motor control in synchronization with remote nodes.

Network migration

The eventual migration of IIoT networks to IP/Ethernet is a given, but it's important to recognize two major factors unique to this transition:

  • Ethernet standards, components and systems designed for Local Area Networks (LANs) are not a natural fit for IIoT networks.
  • IIoT network migration requires a balancing act to support existing "nonstandard" protocols and prepare the network to leverage early stage innovations.

So, when faced with the typical industrial network-comprised of a heterogeneous installed base of legacy equipment that uses multiple specialized network protocols-there are several key elements that system designers should look for to simplify their network migration to Ethernet:

  • Multi-protocol support of Ethernet and fieldbus interfaces to ensure interoperability and scalability in large scale heterogeneous networks
  • Optimized Ethernet switch software stacks for easy deployment and management
  • Unified hardware and software to reliably deliver the real-time determinism and low latency required for industrial communications
  • Flexibility of port configuration and synchronization options while meeting IIoT's environmental and operational requirements
  • Power over Ethernet (PoE) options up to 95 W to safely power remote devices, simplifying deployments

All of the above are possible with a pragmatic combination of hardware and software that combines:

  • Low-power and secure FPGA solutions
  • Ethernet-switching silicon optimized for industrial deployments
  • Software stacks that not only provide manageability and monitoring capabilities but also an ecosystem of security orchestration software
  • Ruggedized PoE solutions designed for industrial settings.

It is important to note that there will be no "one-size-fits-all" approach for IIoT systems. Options to support PoE, synchronization needs and data encryption can help deliver a seamless upgrade to the baseline hardware and software solution. Other scenarios may have computing needs that may be made possible either with an integrated CPU in the switch or the FPGA or a stand-alone CPU.

Designing for IIoT applications demands a sensible migration path leveraging new technology for deterministic networks while acknowledging that industrial networks exist in a system environment that prioritizes maximum network uptime over the latest network upgrades. In a world where network disruption is simply not feasible, the industry must move past old technologies and protocols and first-generation industrial Ethernet networks.

Uday Mudoi is vice president of marketing at Microsemi Corporation.

Top Plant
The Top Plant program honors outstanding manufacturing facilities in North America.
Product of the Year
The Product of the Year program recognizes products newly released in the manufacturing industries.
System Integrator of the Year
Each year, a panel of Control Engineering and Plant Engineering editors and industry expert judges select the System Integrator of the Year Award winners in three categories.
October 2018
Tools vs. sensors, functional safety, compressor rental, an operational network of maintenance and safety
September 2018
2018 Engineering Leaders under 40, Women in Engineering, Six ways to reduce waste in manufacturing, and Four robot implementation challenges.
GAMS preview, 2018 Mid-Year Report, EAM and Safety
October 2018
2018 Product of the Year; Subsurface data methodologies; Digital twins; Well lifecycle data
August 2018
SCADA standardization, capital expenditures, data-driven drilling and execution
June 2018
Machine learning, produced water benefits, programming cavity pumps
Spring 2018
Burners for heat-treating furnaces, CHP, dryers, gas humidification, and more
October 2018
Complex upgrades for system integrators; Process control safety and compliance
September 2018
Effective process analytics; Four reasons why LTE networks are not IIoT ready

Annual Salary Survey

After two years of economic concerns, manufacturing leaders once again have homed in on the single biggest issue facing their operations:

It's the workers—or more specifically, the lack of workers.

The 2017 Plant Engineering Salary Survey looks at not just what plant managers make, but what they think. As they look across their plants today, plant managers say they don’t have the operational depth to take on the new technologies and new challenges of global manufacturing.

Read more: 2017 Salary Survey

The Maintenance and Reliability Coach's blog
Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
One Voice for Manufacturing
The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
The Maintenance and Reliability Professionals Blog
The Society for Maintenance and Reliability Professionals an organization devoted...
Machine Safety
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
Research Analyst Blog
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
Marshall on Maintenance
Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
Lachance on CMMS
The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.
Material Handling
This digital report explains how everything from conveyors and robots to automatic picking systems and digital orders have evolved to keep pace with the speed of change in the supply chain.
Electrical Safety Update
This digital report explains how plant engineers need to take greater care when it comes to electrical safety incidents on the plant floor.
IIoT: Machines, Equipment, & Asset Management
Articles in this digital report highlight technologies that enable Industrial Internet of Things, IIoT-related products and strategies.
Randy Steele
Maintenance Manager; California Oils Corp.
Matthew J. Woo, PE, RCDD, LEED AP BD+C
Associate, Electrical Engineering; Wood Harbinger
Randy Oliver
Control Systems Engineer; Robert Bosch Corp.
Data Centers: Impacts of Climate and Cooling Technology
This course focuses on climate analysis, appropriateness of cooling system selection, and combining cooling systems.
Safety First: Arc Flash 101
This course will help identify and reveal electrical hazards and identify the solutions to implementing and maintaining a safe work environment.
Critical Power: Hospital Electrical Systems
This course explains how maintaining power and communication systems through emergency power-generation systems is critical.
Design of Safe and Reliable Hydraulic Systems for Subsea Applications
This eGuide explains how the operation of hydraulic systems for subsea applications requires the user to consider additional aspects because of the unique conditions that apply to the setting
click me