Background Image
Previous Page  61 / 80 Next Page
Information
Show Menu
Previous Page 61 / 80 Next Page
Page Background

4

this may break the daisy chain and prevent power from reaching the

second power supply), there is no protection if the actual supply fails.

Rather, both power inputs should be connected to two completely

separate supplies, so that in the event of one supply failure the second

will take over powering the device.

In terms of communications equipment we can also look at rout-

er redundancy. If a router joining two important network segments

fails, communication between those segments could be lost. In

some networks this could mean losing communication to a single or

multiple substations, or alternatively disconnecting a branch from the

main control centre. In some cases this may not be a critical problem,

and time could be taken to solve the issue. In other applications this

loss of communications could lead to the loss of time, income and

production. Generally one should try prevent routing mission critical

data (due to the additional delays imposed by routing), and in some

cases (notably GOOSE (Generic Object Oriented Substation Events))

certain data cannot be routed at all. Once again, this comes down to a

weigh-up between how much an additional router would cost versus

the potential losses if the routing fails. Routers provide non-critical

services such as remote access control. In these cases a lost router

may mean a technician has to travel to site rather than sorting a

problem out remotely; this could be deemed an inconvenience rather

than a critical issue.

In cases where failure of a router could mean critical communi-

cations losses, the option to use VRRP (Virtual Router Redundancy

Protocol) can be considered. This protocol works by effectively creating

a single virtual router from two or more physical routers. End devices’

routing needs will be serviced by the virtual router, without them

being aware of which router was physically handling the routing. In

the event of failure of the primary router, the secondary will take over

with minimum downtime (a few seconds for most basic networks),

and in a manner that is transparent to the end devices. Without this

protocol, failover between two routers would either need to be done

manually (by changing the configuration of the end devices) or would

require multiple gateway configurations in end devices (and end

devices, especially PLCs, IEDs and RTUs, will not allow for multiple

gateway configurations).

Switch redundancy

Actual switch redundancy is a lot harder to cater for, as a switch

provides an end device point to which it connects to the network. If a

switch fails completely, any interfaces connected to that switch will

obviously lose connection to the larger network. Whilst we can look at

options such as redundant power supplies, the only way to allow for

an actual switch failure is if the end devices support multiple Ethernet

connections. For instance, a PC that has two network interfaces and

the correct software could be physically connected to the network

via two separate switches. In the event one switch fails, the second

connection could be used to transmit data to the network. Obviously

in this case the two connections would be required to be on different

physical switches or at least on different modules in the switch.

Monitoring redundancy

Many different redundancy options are available for communications

networks and they all have in common: Redundancy is next to useless

if not monitored! If we have cable redundancy on the network, and

our redundant cables all break but no-one is actually monitoring the

situation, we are left in a position where the network is no longer

redundant, and none of the broken cables is being addressed. This

means that if another cable breaks we will experience communication

interruptions on the network. Not monitoring redundancy is simply

delaying the inevitable, we may cater for the first cable break (or first

few breaks) but beyond that the network is no longer redundant. If

the situation is being correctly monitored, the redundancy in place will

recover from the failure and communication will not be lost while the

issue is being dealt with.

Monitoring of a network can be done in a variety of ways, how-

ever, the easiest, most automated and most reliable is to install and

commission an NMS (Network Management System). An NMS uses

a protocol called SNMP (Simple Network Management Protocol) to

collect information from devices on the network. Note:

This is most

commonly used for monitoring the communications network itself (for

example, switches and routers rather than end devices), but it can be

used to collect basic information from end devices if required.

SNMP

is another open protocol that is supported by most, if not all, industrial

grade networking hardware manufacturers.

It provides a way to share information about a device (such as

uptime, alarm status, model number, temperature of CPU etc) using

a standardised format.

59

ENERGY EFFICIENCY MADE SIMPLE 2015

1 56 57 58 59 60 61 62 63 64 65 66 67 80  FlippingBook