Industrial Communication

Ethernet Modbus TCP/IP

1
Ethernet Is a Network

● History
● Developed by Xerox Palo Alto Research Centre (PARC) (1973 - 1975)
● First standard to be published in 1980 (IEEE 802.3)

● Network
● System resources shared
across the entire platform.
AL GORE
● Sharing Information
● Monitor
● Control
● Reporting

2
Ethernet Everywhere

• From enterprise & IT level,

through control level, to end
devices…

• Ethernet is our “DNA”…

Ethernet drives

3
Ethernet: The backbone of PlantStruxure
Enterprise

Ethernet
Plant
Standard
Open
Process

Flexible
Efficient
PAC PAC
Transparent
Field
Sustainable
Robust
Reliable

4
The TCP/IP Suite
What is it?
OSI Model
7 Application

6 Presentation
TCP/IP Model

5 Session 4 Application

4 Transport 3 Transport

3 Network 2 Network

2 Data Link 1 Data Link / Physical

1 Physical

9
The TCP/IP Suite
What is it?

BOOTP
Application Modbus HTTP OPC CIP SNMP DHCP

Transport TCP UDP

OSPF IGMP
ICMP
IGRP
Network
IP

Data Link
QoS IEEE 802.3 Ethernet RSTP
Physical

10
Modbus TCP/IP
Defined in terms of OSI model?

BOOTP
Application Modbus HTTP OPC CIP SNMP DHCP

Transport TCP UDP

OSPF IGMP
ICMP
IGRP
Network
IP

Data Link
QoS IEEE 802.3 Ethernet RSTP
Physical

11
Ethernet Modbus TCP/IP

● OSI Reference Model - Modbus frames embedded within Ethernet.

13
Servers and Clients

Server - computer that is able to share a resource.

Client - computer requests information from a Server.
Examples of Client/Server models:
• Email Server / Email Program

• Web Server / Browser

• FTP Server / FTP Client

• Modbus Slave / Modbus Master

14
Networking in Windows

Four elements must be configured in order to allow

devices to talk to each other.

● Adaptor
● Protocol
● Client
● Service

15
Adaptors

Windows operating systems have inbuilt functionality

Note: Screen capture from Window XP OS

16
Protocol

● Think of Protocol like a language..

● Set of rules or standards vendors follow to allow
computers of different types to talk to each other.

17
 TCP (Transport Control Protocol)
● Port and socket concept
● PORT - Modbus port 502, HTTP Web port 80, SNMP port 161, BootP etc…
●Server devices may be running multiple services
●These services listen on different TCP ports for a specific request
● SOCKET - Client device sends an IP message which includes the source
port number and destination port number to establish a connection between
two devices.

Ports Client Server

Source Port number x Ports number
Destination Port 502 23 Telnet
80
161 50 SMTP
Destination Port 80 67 DHCP
Source Port number y 80 HTTP
502
172.16.4.2 161 SNMP
502 Modbus
HTTP 172.16.4.1
referred to as a Socket connection
SNMP
Modbus TCP

18
 TCP (Cont.)
● Socket management can involve multiple connections
● A Client can have multiple connections to the same Server service
● A Server can have multiple Clients connected to the same service

Client x

Client has a 2
Socket Source port Dest port
connections to 1 3000 502 Server
the same server. 2 3001 80
Server has 2 clients
172.16.4.1 connected to the
same service (502).
Client y
Socket Source port Dest port 172.16.4.3
1 3003 502

172.16.4.2

19
TCP Connections
● Point to point messaging protocol
● Uses a handshake process to establish a connection
● Accounts for each byte of sent and received to guarantee delivery
● Connection is managed by setting bits in the TCP message to request
(SYN), acknowledge (ACK), terminate or abort the connection (FIN)

Client O
P Server
E
N

C
L
O
S
E

20
IP (Internet Protocol)
● IP: Messaging Protocol Operating at OSI Layer 3 (Network layer)

● IP is responsible for:
● Transmitting the message to the destination IP address to either the local
network or to a remote network.
● Fragmenting a packet that is larger than the maximum transmission size
unit (MTU) to send as multiple packets and de-fragment the packet at the
destination level.
Makes no guarantee that the message will reach its destination!
Remember…….The reliability is done by the Transport layer

21
What is an IP address?

●IP Address is made up of Four sets of eight bits separated

by a decimal place holder

. .
11000000 10101000 00000000 11010100 .
When binary bits are translated into decimal they
become the numbers from 0 to 255
192.168. 0.212
Four sets of three decimal
numbers (or octets)

22
IP Address

Each devices on the network can have a unique address

regardless of vendor or OS.

23
IP Address

IP Address identifies two things:

● The Identity of the Network
● The Identity of the Host
− Computer
− Printer
− PLCs, HMI, I/O Device etc…

24
IP Address Assignment
● Default IP Address
● Derived from the factory and unique MAC address
Quantum/Momentum/Advantys/M340

MAC @ 00 - 00 - 54 - 12 - 0C - AF
IP @ = 84 . 18 . 12 . 175

- Hex to Decimal conversion of last 4 bytes

● Unique IP Addresses for Each Device

The default IP address format is 84.x.x.x:
84: a fixed value
x: The last three fields in the default IP address are composed of the decimal
equivalents of the last three hexadecimal bytes in the MAC address.

25
IP Address Assignment

For example: Device MAC address 0000531201C4

You are concerned only with the last three bytes 12-01-C4
●Convert these bytes from hexadecimal to decimal.
Hexadecimal 12 01 c4
Decimal 18 01 196

●The hexadecimal values 12, 01, and C4 correspond to

decimal values of 18, 1, and 196, respectively.
●These values are combined with the default IP address
format (84.x.x.x) to yield a default IP address of 84.18.1.196
26
IP Assignment

● IP Assignment - By default a device IP address uses the MAC

address assignment.

There are two ways to assign a unique IP address:

● Static: IP address is keyed directly into the device using software or

web interface. In a case of a computer, the IP address is set using the
operating system (Control Panel inside Windows for example)

● Dynamic: A server assigns automatically the IP address to the device.

27
Classful IP Address
● There are 4 main address classes
● Class A - Used for larger networks
●IP Address Range : 1.0.0.0 to 127.255.255.254
●Default subnet mask : 255.0.0.0 – 16,777,216 hosts number

● Class B - Used for Medium networks (ex. Schneider Electric)

●IP Address range : 128.0.0.0 to 191.255.255.254
●Default subnet mask : 255.255.0.0 – 65,534 hosts number

● Class C - Used for smaller network and individual users

●IP Address range : 192.0.0.0 to 223.255.255.254
●Default subnet mask : 255.255.255.0 - 254 hosts number

● Class D - Used for Multicast groups

●IP Address range : 224.0.0.0 to 239.255.255.255
●Devices cannot be assigned IP addresses in the multicast range

● The Class E is reserved for the future : 240.0.0.0 to 255.255.255.255

28
Special IP Addresses

● Loopback
● IP address = 127.0.0.1
● Reserved for loopback (host connecting to itself)
●Ex. A web browser connecting to a web server running on the same PC

● Broadcast
● IP address = 255.255.255.255
● Used by the network management or diagnostics is addressed to all devices
on the network.

29
 Subnet Mask

● Used to determine if the remote device is on a local or remote network

● The mask separates the network portion of the IP address from the host
portion of the IP address
● The sending device uses its configured subnet mask to perform a Boolean
AND operation with both its local IP address and the IP address of the
remote device to connect to

IP Address 172.16.5.20 10101100.00010000.00000101.00010100

Local device
Subnet Mask 255.255.255.0 AND 11111111.11111111.11111111.00000000
Result 10101100.00010000.00000101.00000000

IP Address 172.16.4.20 10101100.00010000.00000100.00010100

Remote device
Subnet Mask 255.255.255.0 AND 11111111.11111111.11111111.00000000
Result 10101100.00010000.00000100.00000000

30
Troubleshoot TCP/IP

● In Windows Network > Properties

● Monitoring Free Tool: WireShark

http://www.wireshark.org/

Wireshark is a free and open-source packet analyzer. It is used

for network troubleshooting, analysis, software and communications protocol
development, and education.

31
Troubleshoot TCP/IP

● Ping Command
● Used to check a connection

● Launched from the DOS CMD window (under XP)

32
Exercises

Lab 1 Set Laptop IP Address

– Find your IP address (record it for future use)
– Change the IP address into 192.168.1.1X (X=Group Number)

Troubleshoot TCP/IP
– Use PING command to ping first your own laptop then PING
other Laptops connected to the RSTP ring.

33
Dynamic Assignment

● IP Assignment Given By Servers

Request for IP @
Switch
Server

Switch

Your IP @
Client

34
BootP Server

● Server Has a Populated List of Devices

● Devices identified with their MAC address

Device #1 My MAC address is 00.80.F4.FF.00.D5, Master (Server)

Can I get an IP Address?
00.80.F4.FF.00.D5 192.168.0.23
Sure! You are listed in my address table. 00.80.F4.FF.44.21 192.168.0.81
Take this address: 192.168.0.23
00.80.F4.FF.F2.15 192.168.0.40

My MAC address is 45.80.F4.FF.33.12,

Device #2 Can I get an IP Address?

Sorry, you are not listed into my address

table. Use your default IP address

35
BootP Server (Cont.)

● Example in Unity Pro

● Limitation: Device Cannot Be Changed without Reconfiguration

● As each device has a unique MAC address, replacing a failed device needs
a reconfiguration of the BootP Address Server table.

36
DHCP Server

● Same As BootP but Based on Role Name

● User configurable names used instead of MAC Addresses

Device #1 My name is STBNIP2212_023, Master (Server)

Can I get an IP Address?
STBNIP2212_023 192.168.0.23
Sure! You are listed in my address table. TesysT_046 192.168.0.87
Take this address: 192.168.0.23
ATV71_555 192.168.0.21

My name is TesysT_072,
Device #2 Can I get an IP Address?

Sorry, you are not listed into my address

table. Use your default IP address

37
DHCP: How To Create Role Names

● Depends on The Device

● Using embedded HMI (ex: ATV71)
● Using web based applications (ex: Advantys STB)
● Using dedicated applications (ex: Unity Pro)
● Using hardware switches (ex: Tesys T, Advantys STB)

● Hardware Switches Example:

● Base name + Custom number derived from Switches

STBNIP2212_123

38
DHCP Server

● Example with Unity Pro

● Advantage: Easiness of Replacement

● Compared to the BootP method, replacing a failed device with DHCP
doesn’t need to reconfigure the PLC application.

39
FDR Server
● Additional Feature of Fast Device Recovery Server.
● Send the stored configuration inside a replaced device
Device #1 Master (Server)
My name is TesysT_072, TesysT_072 192.168.0.87
Save my settings now!
Saved Config. of TesysT_072

Device #1

My name is TesysT_072,
Can I get an IP Address?
Master (Server)
New Device Sure! You are listed in my table. TesysT_072 192.168.0.87
Take this address: 192.168.0.87

Moreover, I found a configuration

corresponding to your role name.
Here is your new configuration. Saved Config. of TesysT_072

40
ARP

● Address Resolution Protocol

● Request to obtain IP address
● Duplicate Address Check
●Device issues ARP for the IP address it intends to take
●If no response, the device assumes the IP address
●If there is a response, the device should not assume the IP (duplicate
address)

● Once the IP has been determined to be available

● Device issues a Gratuitous ARP (Includes Source IP and MAC address
information)
●Used to populate device list in the other devices and routers
● Advertises to others its availability on the network
●Allows devices to communicate with it now that it’s available

41
UDP (User Datagram Protocol)

● Transport protocol like TCP but without Acknowledgement

● Provides an unreliable mechanism to transport data
● Messages can be lost (not acknowledgment of the packet)
● Retries and data integrity can be provided by the application layer

● Requires less processing overhead that TCP

● Without ordering messages and managing connections. it is faster than TCP
● The network interface does not have as much work to do as with TCP

● Allows the Broadcast message, unlike TCP that requires a dedicated socket
between the end device. Applications example using UDP :
● Simple Network Management Protocol (SNMP)
● Network Time Protocol (NTP)
● BootP and DHCP
● Global Data (Real Time Publish Subscribe)
● Streaming video i.e. YouTube

42
Network Design: Media

● Media
● Copper media
● Twisted pairs wires
● Easy to install : low cost installation

● Fiber optic
● Adapt different types of media
● Using over long distances or harsh industrial environment

44
Network Design: Copper Media

● Rated by category
● Categories established by ANSI/EIA/TIA Committee
● Industrial applications recommend Shielded media for additional protection
from external sources of interference
● Uses Standard 8 pin RJ-45 Connector
● Cat 5 : Minimum required for 100Mbs Ethernet (unshielded cable)
● Cat 5e : Enhanced for 100Mbs Full Duplex operation (shielded cable)
● Cat 6 : New standard for 1 Gbs operation

The maximum length of one segment

is 100 meters at 10, 100, 1000 Mbit/s.

45
Network Design: Fiber Optic
● Glass or plastic fiber designed to guide light along its length by total internal
reflection.
● Permits digital data transmission over longer distances and at higher data
rates than other forms of wired and wireless communications (up to 20km)

ST connector SC connector

Keyed square connector

Bayonet style connector
May be coupled together

LC connector
MTRJ connector

Newer keyed Fiber connector

Smaller form factor : higher density Small form factor, keyed connector

46
Network Design: Components

● Hubs or switches
● Hubs are not recommended for industrial application
Connexium Switch

● Transceivers
● Adapt different types of media
Ex. 499NTR10100 : converter electrical signal to optic signal
499NTR10100

● Routers
● Used to route information between networks

● Firewalls
● Cybersecurity restricted access Security Appliance SA

TCSEFEA23F3F20
47
Network Design: Hubs

● Half Duplex (Collisions)

● Each and every ‘frame’ is repeated out all ports by hub
● All ‘nodes’ listen to see if they are the receiver of the frame
● As more nodes are added and collisions increase, performance decreases
● If two devices transmit simultaneously, a collision occurs

Hub

Collision

Transmitter 1 Receiver Transmitter 2

48
Network Design: Switch

● Full Duplex (Collisions)

● Learns the IP addresses of the devices attached to each port
● Passes only messages to targeted devices that are currently active
● Full duplex ports can simultaneously transmit and receive a message

Switch
full The Switches are strongly recommended
duplex for the Industrial application.

Transmitter 1 Receiver Transmitter 2

49
 Network Design: Routers

● Routing data between different sub networks

● Act as a Gateway (IP address to be defined)
● A router has an interface for each different networks. A table of those
interfaces tells the router on which interface to send the packet

PLC

Router

172.16.4.254 172.16.5.254
172.16.5.1
172.16.4.1

172.16.4.2 Each router interface is the default Remote Subnet

Local Subnet
gateway for that subnet

Nota : If there is not a router on the local network, the default gateway can be left blank or 0.0.0.0

50
Network Design: Firewalls
● Only authorized devices and message traffic can communicate through
the firewall to devices in a secure zone
● The user selects devices and message traffic that have access to
devices in the secure zone

Unprotected Zone Secure Zone

Firewall
All Communication Traffic
Authorized Switch
Traffic OK

External Port Control Device

Connection Internal Port
Host Device
Connection

Unauthorized
Traffic Rejected
51
Network Design: Topologies
Tree / Star topology
Bus topology

Switches in series, end devices

connected to switches Switches in a star or tee-like
arrangement
Ring topology
Daisy Chain topology

Switches form a ring or circle No switches needed

52
Network Design: Point to Point Cables

● Straight Cable
● Connect end devices to hubs or switches

End Device
Switch or Hub

● Crossed Cables
● Connect hubs or switches together

Switch or Hub
Switch or Hub

53
Ethernet Module Utilities
● IP Configuration
● Messaging
● Access rights from other devices.
● SNMP (Simple Network Management Protocol)
● Used by software monitor and manage devices on an IP network. (ConnexView)
● SMTP (Simple Mail Transfer Protocol)
● Parameters for sending and receiving e-mail.
● IO Scanning
● Global Data
● Address Server
● configures the DHCP and BOOTP services included in the module.
● NTP (network time protocol)
● Define the time synchronisation server
● Common Words (Premium Only)
● used to configure words shared on EthWay
● Bandwith
● estimation of the Bandwith taken by the different services.

57
BEFORE GOING TO LAB 2

LET’S FIRST LEARN MORE ABOUT

CONNEXIUM NETWORK MANAGER

AFTER A SHORT BREAK…

59