Breaking with tradition: the classic automation pyramid

Breaking with tradition: the classic automation pyramid

23. November 2021

Bridge in one direction: Safety and security premises between domains – from core process automation to monitoring and optimisation (M+O)

Brownfield plants in the process industry follow the principle of the automation pyramid to ensure long-term stable and reliable operation. The automation pyramid has a closed structure. This means the data flow remains hierarchical from one level to the next. Sensors or actuators on the field level communicate exclusively with the higher-level controller. The machine control exchanges its data with production planning and this in turn with the company ERP. These system transitions represent barriers because they usually filter data.

The heart of Industry 4.0 (I4.0) involves making sensor data and information from different sources globally available in real time and linking them in a meaningful way. Within the classic automation pyramid, the above system transitions represent barriers. This makes access to information and data virtually impossible.

NAMUR Open Architecture Concept (NOA) – I4.0 in process automation

The NOA concept aims to make production data simply ‘safe’ and ‘secure’ for plant and asset monitoring and optimisation. Traditional automation structure still forms the basis here. An extra second channel completes this. This forms the monitoring and optimisation (M+O) domain. This interface is defined on the basis of use cases from Industry 4.0 and digitalisation. In other words: The clear focus of NOA is to enable use cases within the M+O domain by providing process automation data for M+O purposes in parallel to the existing automation structures. The required data transmission remains non-reactive there. Non-reactive with regard to the previous core process automation because this is completely ruled out by cybersecurity measures. This makes NOA especially attractive for existing plants – brownfield – undergoing a transformation into the smart manufacturing era.

Thanks to advancements in automation such as Advanced Physical Layer (APL) or Modular Type Package (MTP), NOA is also future-proof for new installations – greenfield. (Source: Namur)

NOA modules – the NEs

The NOA concept typically includes the following modules: NE 175 (“NAMUR Open Architecture – NOA Concept”), NE 176 (“NAMUR Open Architecture – NOA Information Model”) and NE 177 (“NAMUR Open Architecture – NOA Security Zones and NOA Security Gateway”). These three have already been published – two more are in the pipeline: NOA Verification of Request component (NE 178) and NOA Aggregating Server concept (NE 179).

NE 177 “NAMUR Open Architecture – NOA Security Zones and NOA Security Gateway” (Source: Namur)

In the smart manufacturing era, the cybersecurity component is just as vital as functional safety in order to ensure the long-term stable and reliable operation of process plants. In accordance with IEC 62443, NE 177 defines security zones and then specifies these with the necessary security protection profiles. What is significant here is that data and information from the core automation can flow into the monitoring and optimisation area. At the same time, the core automation area remains free of any risk. This bridge is provided by the NOA Security Gateway. In particular, it ensures a unidirectional data flow without any repercussions. The same applies to the mechanisms for data retrieval and provision.

NOA security Gateway – ‘Bridge in one direction’

The NOA Security Gateway acts as a bridge that applies exclusively from the core process control (CPC) domain to the M+O domain. This typically keeps the transmission of vitality data from process sensors to the M+O domain cybersecurity safe. For smart data transfer, the proprietary protocols and data formats must be translated into a uniform, global communication standard such as OPC Unified Architecture (OPC UA).

NOA Security Gateway – ‘Bridge postulate’

  • Traffic on the bridge is in one direction only. From the CPC domain to the M+O domain.
  • There is no direct communication from the M+O domain to the CPC domain.
  • Interactions in the M+O domain have no feedback path on the bridge to the CPC domain.
  • Assets in the CPC domain must never be configured or parameterised from the M+O domain.
  • Once the rules of passage for the bridge have been formulated, they must not be changed during operation.
  • If the passage rules need to be amended, they must be released beforehand via the control functions of the CPC domain.

NOA Security Gateway – ‘Bridge construction’

The NOA Security Gateway comprises three modules.

  • Module 1: A read/list module on the CPC side
  • Module 3: A data provision module on the M+O side that provides a standard IT protocol
  • Module 2: A pure listener module that acts as a one-way interface between module 1 (CPC side) and module 3 (M+O side)

Maturity models in digital transformation – an interview with Dr. Violett Zeller

Good data – good money?

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.

Your data will be safe!Your e-mail address will not be published. Also other data will not be shared with third person.