Wireless Networks for Industrial Automation 3rd Edition by Dick Caro Notice The information presented in this publication is for the general education of the reader. Because neither the author nor the publisher has any control over the use of the information by the reader, both the author and the publisher disclaim any and all liability of any kind arising out of such use. The reader is expected to exercise sound professional judgment in using any of the information presented in a particular application. Additionally, neither the author nor the publisher have investigated or considered the effect of any patents on the ability of the reader to use any of the information in a particular application. The reader is responsible for reviewing any possible patents that may affect any particular use of the information presented. Any references to commercial products in the work are cited as examples only. Neither the author nor the publisher endorses any referenced commercial product. Any trademarks or tradenames referenced belong to the respective owner of the mark or name. Neither the author nor the publisher makes any representation regarding the availability of any referenced commercial product at any time. The manufacturer's instructions on use of any commercial product must be followed at all times, even if in conflict with the information in this publication. Copyright © 2008 ISA–The Instrumentation, Systems and Automation Society 67 Alexander Drive P.O. Box 12277 Research Triangle Park, NC 27709 All rights reserved. No part of this work may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the publisher. Preface One of the most costly items in the instrumentation and control of any manufacturing process is the installation of connecting wires. Indeed, much of the effort devoted to sensor networks and fieldbuses has been justified by the reduction in cost they provide both in terms of the initial installation of wiring and, even more, for its long-term maintenance. Many of the faults in wired industrial networks can be traced back to faults in wiring and connectors. For that reason, there is a very strong interest in wireless technology because it reduces the cost of installation and maintenance. Moreover, wireless also solves another problem encountered only in some chemical and petroleum plants – ensuring intrinsic safety. In many applications, wireless technology has already begun to displace wired equivalents. In the first year of the twentyfirst century, cordless telephones first began to outsell wired telephones. By early 2004, small office and residential networks had become a booming market thanks entirely to the economic and reliability advantages of wireless LANs based on Wi-Fi technology. We are also beginning to see wireless telephones— otherwise known as cell phones or mobile phones—displace landline telephones. This trend has been accelerated by recent decisions of the U.S. Federal Communications Commission (FCC) permitting users to retain their telephone numbers when changing wireless telephone carriers and to transfer their landline telephone numbers to cell phones. The expectation is that the manufacturing industries will soon adopt wireless technology. This is not the case! Industry expects more than does the small or home office. It demands much more. Just as there can be a two- to threefold difference in selling price between home Wi-Fi access points and those used for business, so too wireless on the factory floor will cost much more to provide the reliability and performance all industrial processes demand. xiii xiv Preface Flux is a wonderful scientific word that refers to the flow or lines of force of an electric or magnetic field. Applied to wireless technology flux connotes the essence of change. Any investment in wireless technology today will be obsolete in three years. Yet, the compelling benefits of wireless are causing homeowners and businesses to spend millions on this obsoletethe-moment-you-buy-it technology. Wireless technology is now in a period of high flux. Wireless product life cycles have half-lives of a few months, and suppliers must introduce new products every month to stay competitive. Supposedly rocksolid truths are rapidly being destroyed by new technology and new discoveries – almost daily. Not all of the changes in the wireless market are due to technology. Many changes stem from the decisions of standards committees, such as the approval of a new standard. Other sources of change are government laws, the rules of regulating commissions, and court decisions. However, the most significant sources of change are the pricing decisions made by suppliers. When the selling price of a particular technology hits a commodity point, that technology becomes popular, driving selling prices even lower. For example, the approval of IEEE 802.11g, often called Wireless-G, changed the Wi-Fi marketplace in less than two months because it led to pricing points only 20 to 50 percent higher than 802.11b, the incumbent market standard before the approval. This is expected to happen all over again when the IEEE 802.11 committee finally approves versions “n” and “s”. Why do pricing and other decisions of the commercial marketplace affect the product technology of the industrial market? There are two factors: volume-related cost and reliability. When the consumer and commercial markets heat up and sales volumes approach the millions of units, the cost for all versions of that technology decrease for all markets. Manufacturing a unit for the industrial market always costs more than manufacturing it for either the consumer or commercial market, but the product cost for an industrial version will still come down when overall sales volume goes up. This is particularly true when the bulk of a product’s functionality resides in its semi- Preface xv conductor components, since the cost of producing an industrial chip is, if anything, less than 20 percent more than that of the corresponding commercial-grade chip. In today’s wireless communications market, practically all product features are implemented in VLSI (very large scale integrated) circuits, which enable suppliers to add value in software, packaging, and power supplies. The reliability of almost all wireless devices at the consumer, commercial, and industrial levels has been so good that it is difficult to find any real differences between them except in the area of environmental protection. Industrial products usually need protection from high or low temperatures, high vibration, and sometimes from chemical corrosive attack. The high reliability of consumer wireless products results from the fact that the most critical circuitry is located in the VLSI components, where manufacturers have gained considerable experience producing product in high volumes. The combination of high reliability and low purchase price has made it possible for even consumer-grade wireless components to find application in both commercial and industrial applications. However, the presence of high electro-magnetic fields (EMF) in many industrial applications may often make wireless less reliable than in the home or office. Likewise, the presence of so much heavy steel equipment and building structures in a typical process both blocks signals and causes reflections that interfere with wireless signal propagation. This book is designed to enable you to keep up with the wireless market so you can make better decisions for your products, services, and applications. My e-mail address is provided below to encourage you to suggest additional topics for later editions and to correct the inevitable errors and omissions. (Problem solving and product planning is what I do for a living, so please don’t use this e-mail address to request solutions for your problems or that I design/specify your products.) To suggest new topics or technologies for future editions, to report errors and omissions, or to make any other contact related to this book, please e-mail me at rcaro@member.isa.org. Table of Contents Foreword. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii Unit 1: Wireless Network Technology . . . . . . . . . . . . . . . . . . 1 1.1 1.2 1.3 1.4 1.5 Unit 2: 2.1 2.2 2.3 2.4 2.5 Unit 3: 3.1 3.2 3.3 3.4 3.5 Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1.1 Wi-Fi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1.2 Bluetooth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Proprietary or Non-Standard Wireless Networks . . . . . . . . . . . . . 7 Wireless versus Wired Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 1.3.1 Signal Loss/Fading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 1.3.2 Multipath Distortion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 1.3.3 Shared Airwaves . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Antenna Technology. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 1.4.1 Antenna Size. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 1.4.2 Omnidirectional. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 1.4.3 High-Gain Directional . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 1.4.4 Planar. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 1.4.5 Phased Array . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 Wireless Network Topologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 1.5.1 Star . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 1.5.2 Tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 1.5.3 Mesh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 Wireless Network Standards . . . . . . . . . . . . . . . . . . 27 Wireless Local Area Networks (WLAN) . . . . . . . . . . . . . . . . . . . . 28 2.1.1 Wi-Fi a/b/g . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 Wireless Personal Area Networks (WPAN) . . . . . . . . . . . . . . . . . 31 2.2.1 Bluetooth. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 2.2.2 ZigBee . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 2.2.3 WiMedia (IEEE 802.15.3) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 WMAN, WiMAX (IEEE 802.16a) . . . . . . . . . . . . . . . . . . . . . . . . . . 48 Wireless Telephony. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 Convergence of Voice and Data Networks . . . . . . . . . . . . . . . . . . 52 Industrial Automation Requirements . . . . . . . . . . . 55 Environmental . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Privacy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Reliability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Power . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 56 56 57 58 viii Table of Contents Unit 4: 4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 Unit 5: 5.1 5.2 5.3 5.4 Unit 6: 6.1 6.2 6.3 Application of Wireless Networks to Industrial Automation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59 Politics of Wireless . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59 Wi-Fi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 Bluetooth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 ZigBee . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 ISA100 Standard for Wireless Industrial Networks. . . . . . . . . . . 65 4.5.1 ISA100.11a Technology. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 WirelessHART . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 4.6.1 WirelessHART Technology . . . . . . . . . . . . . . . . . . . . . . . . . . 69 Comparison: WirelessHART vs. ISA100.11a. . . . . . . . . . . . . . . . . 71 3G/4G for Automation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74 On the Bleeding Edge . . . . . . . . . . . . . . . . . . . . . . . . .77 WiMAX (Worldwide Interoperability for Microwave Access) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77 UWB (UltraWideBand). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 5.2.1 WiMedia . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 5.2.2 DS-UWB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81 Wireless Sensor Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 Network Device Power . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83 5.4.1 Optical . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84 5.4.2 Pneumatic Power. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84 5.4.3 Magnetic Induction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 5.4.4 Microwave Power Transmission. . . . . . . . . . . . . . . . . . . . . . 85 5.4.5 Conversion of Waste Energy . . . . . . . . . . . . . . . . . . . . . . . . . 86 Significant News for Wireless Networking . . . . . .87 Energy-harvesting Component Runs Wireless Nets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 Honeywell Introduces OneWireless Networks . . . . . . . . . . . . . . 87 Accutech Wireless Instrumentation . . . . . . . . . . . . . . . . . . . . . . . . 89 Unit 7: Recommendations for Wireless Networking . . . . .91 Unit 8: Radio Frequency Tagging . . . . . . . . . . . . . . . . . . . . .93 8.1 8.2 8.3 Types of Tags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93 8.1.1 RFID Passive Tags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94 8.1.2 RFID Active Tags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96 8.1.3 RFID Programmable Tags . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 8.1.4 RF Data Tags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 8.1.5 Location Tags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98 Tag Encoding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 8.2.1 EPC Global Gen2 tags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 Alternative RFID Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 Table of Contents 8.4 8.5 ix RF Database Tag . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 RF Tag Recommendations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104 About the Author . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107 Unit 1: Wireless Network Technology The changes in wireless technology for data networks over the past five years have been more dramatic than the changes in radio itself in the century since Guglielmo Marconi sent the first telegraph signal across the Atlantic from Cornwall in the U.K. to St. Johns, Newfoundland, on December 12, 1901. The progress in commercial radio transmission from telegraphy to voice to television was measured in decades. Commercial digital wireless transmission began in the mid-1990s when cellular digital telephony—known as PCS for Personal Communications Service—replaced advanced mobile phone service (AMPS), the then dominant analog voice transmission protocol. Digital wireless telephony technology was then split into two competing technologies: time division multiple access (TDMA) and code division multiple access (CDMA). TDMA is still used by AT&T but is being phased out in favor of global system mobile (GSM), a standard version of TDMA used by most European and Asian carriers as well as by T-Mobile and AT&T. CDMA is used by some Japanese carriers as well as by Sprint and Verizon. TDMA, GSM, and CDMA are not interoperable. The wireless local area network (LAN) began to emerge in the late 1990s, when it became obvious that there was a need for wireless data networking. Wireless LANs required faster data transmission than was possible with cellular PCS (of any technology), and eventually industry settled upon using digital spread spectrum as defined by the IEEE 802.11 standards. Spread spectrum was originally developed for the U.S. military so wireless transmissions could be made in the presence of strong jamming signals. This work by the military was based on the spread spectrum patent US 2,292,387, which had origi- 1 2 Unit 1: Wireless Network Technology nally been granted to Hollywood actress Hedy Lamarr and her partner George Antheil. Frequency hopping spread spectrum (FHSS) and direct sequence spread spectrum (DSSS), both operating up to 2.0 Mbps, were the first two IEEE 802.11 technologies. Neither is commercially available today. These initial technologies were improved upon until, in rapid succession, IEEE 802.11b (operating at up to 11 Mbps) and 802.11a and 802.11g (both operating up to 54 Mbps) emerged. All of these are called Wi-Fi (wireless fidelity) after the name of the supporting industry association, the Wi-Fi Alliance, but 802.11b has become a commercially successful technology with a large installed base. Both 802.11a and 802.11g are rapidly penetrating the market, essentially displacing 802.11b. For the sake of simplicity, I will continue using 802.11a, 802.11b, and 802.11g to designate each of the IEEE 802 standards, but the marketplace calls these technologies Wireless-A, Wireless-B, and Wireless-G, respectively. 1.1 Standards The dynamic nature of wireless digital data communications stems from the standards committees of the Institute of Electrical and Electronic Engineers (IEEE), which develops most of these protocols. No illusion currently exists in the IEEE 802 committee that is responsible for personal area network (PAN), LAN (local area network), MAN (metropolitan area network), and WAN (wide area network) that it will be possible to create a single network protocol useful over all of these four domains. Therefore, each application that has a special interest that is not accommodated by an existing protocol can form a new subcommittee to create a new protocol. IEEE ensures only that these committees deliberate fairly, do not exclude a genuine interest, and that all proposed standards are publicly reviewed. All IEEE 802 standards are automatically submitted to the ISO/IEC (International Organization for Standardization and International Electrotechnical Commission) for consideration as international standards. Several of the IEEE 802 standards have failed in the commercial marketplace, while others have succeeded. Unit 1: Wireless Network Technology 3 Another source of wireless communications protocols is the International Telecommunications Union (ITU), the standards body for telephone networks. With the conversion of telephony from a purely wired circuit-switched analog service— also known as POTS (plain old telephone service) – to 3G (third-generation) wireless, a technology convergence is underway in data networks. 3G is a wireless packet-switched digital service based on CDMA, and is an ITU standard now being commercialized in several countries with worldwide adoption was scheduled by 2005, but continued popularity of GSM has delayed implementation in most countries. In fact, many have predicted that home and mobile computing will soon use broadband wireless packet switching rather than either telephone DSL (digital subscriber loop) or CATV (community antenna television) cable modem services. Even though there are excellent reasons to keep 3G wireless in mind for in-plant voice networks and some mobile data applications, it is not presently being considered for industrial use. However, given the eventual availability of low-cost and low-power-consumption 3G, and the likely successor, 4G, it cannot be ignored. A word of caution is in order about the standards documents for data communications. These very large documents are not intended to be read by users. They are written for the implementer of networks and networking devices. If you really want to see some examples of such standards, however, most IEEE 802 network documents more than six months old are available for download on the IEEE standards web site: http://standards.ieee.org/getieee802/ (look for the click here link in the last paragraph of the text). The IEEE and others often publish books about the standards, making them easier to understand. 1.1.1 Wi-Fi One factor causing rapid technological change in wireless communications is the ever-increasing capacity of commercial semiconductor processes such as CMOS (complementary metal oxide semiconductor) to handle higher frequencies. This factor alone is responsible for the recent rise in interest in 4 Unit 1: Wireless Network Technology 802.11a, which previously required more expensive GaAs (gallium arsenide) processes or higher-power bipolar semiconductors. When 802.11a parts are built in CMOS, they are as economical as the slower 802.11b parts. With the ratification of 802.11g and the subsequent flood of new products on the market, we are now witnessing another dramatic change in the Wi-Fi market. It seems certain that by mid-2004 802.11g, which is backwards-compatible with 802.11b, has completely displaced 802.11b in the new wireless products marketplace. Since 802.11a and 802.11g share a common modulation technology—namely, orthogonal frequency division multiplexing (OFDM)—products that offer both standards are not only possible but also economical. As the Wi-Fi band at 2.4 GHz becomes saturated, the benefits of 802.11a become compelling since the 5.0 GHz band currently used for 802.11a offers eleven non-overlapping channels, versus three for 802.11b and 802.11g. A recent FCC regulation makes thirteen additional channels available for 802.11a, for a total of twenty-four non-overlapping channels. Chips that offer 802.11a/b/g are already on the market, and soon all new Wi-Fi LANs will offer all three technologies at little to no price premium. Figure 1 illustrates a roadmap for this transition in the Wi-Fi market. IEEE 802.11n is nearing completion as a standard; however, the specification in draft form has long been available. Many suppliers have now released “pre-n” products promising to upgrade them when the final standard is finally approved. The most appealing technology embedded into 802.11n is called MIMO (Multiple Inputs, Multiple Outputs) most easily recognized by several antennas on 802.11n products. The “n” standard calls for all signals to be simultaneously transmitted on each of the antennas. Due to the spatial diversity of these antennas (they are a few centimeters apart,) signals transmitted by all antennas will be received by the multiple antennas of the receiver slightly out of phase with each other. MIMO technology provides a way for the receiver to align the phases of the received signals such that the resulting resolved signal is now stronger and more reliable than any single signal. Note also Unit 1: Wireless Network Technology 5 Roadmap for Wi-Fi 802.11n Market Size 802.11b/g 802.11g 802.11b 2000 2001 2002 2003 802.11a 2004 2005 2006 2007 2008 2009 2010 CMC Associates Estimate, 2007 Figure 1. Roadmap for Wi-Fi that reflected signals, often called multipath signals, are also out of phase with the original. MIMO offers a technical solution to the multipath “problem” often associated with networks built in the “canyons of steel” that often describe large plant units in the process and metals industries. Additionally, IEEE 802.11n also bonds channels in both the 2.4 and 5 GHz ISM bands that were formerly assigned to 802.11g and 802.11a. This means that currently, an IEEE 802.11n device requires two radios, one for each band. In the future, a single software-defined radio may be able to solve this same problem. Many inexpensive “pre-n” devices may not be able to implement the dual radio part of IEEE 802.11n simply because they do not have a 5 GHz radio. Channel bonding in 802.11n may be used to achieve a higher data rate. While a single channel for either a or g can achieve a theoretical 54 Mbps, bonding two channels can achieve a theo- 6 Unit 1: Wireless Network Technology retical 108 Mbps. 802.11n can achieve data rates as high as 480 Mbps by bonding nine channels. The Wi-Fi market is supported by The Wi-Fi Alliance, which in its own words is “is a nonprofit international association formed in 1999 to certify interoperability of wireless Local Area Network products based on IEEE 802.11 specification. Currently the Wi-Fi Alliance has over 200 member companies from around the world, and over 1000 products have received Wi-Fi® certification since certification began in March of 2000. The goal of the Wi-Fi Alliance's members is to enhance the user experience through product interoperability.” The Wi-Fi Alliance website is http:// www.weca.net/OpenSection/index.asp. 1.1.2 Bluetooth Bluetooth has already been applied in many commercial products but at a much slower pace than its developers ever dreamed. Originally defined to replace wire/cable technology for cellular telephony, such as for connecting headsets, it had just enough networking capability to interest a wide variety of companies to extend its use beyond its original scope. In fact, Bluetooth is far more than a communications protocol; it is a full communications application stack. The lower two communications layers of Bluetooth (PHY and MAC) have been published as the IEEE standard 802.15.1. For the original task of device connection, Bluetooth offers a rich suite of functionalities, including enabling walk-up linking without user interaction and establishing voice connection. Bluetooth networking is intentionally limited to a maximum of eight Bluetooth nodes, which together form a piconet. When a node is included in more than one piconet, that node then assumes the routing task of forwarding messages to/from the other piconet, adding a form of mesh networking to the complexity of Bluetooth. The most attractive feature of Bluetooth for industrial automation purposes is its use of forward error correction (FEC) for delivering messages without error and without requiring retransmission. The drawback of FEC is loss of efficiency: a 1 Mbps communications channel can deliver only 721 Kbps. Unit 1: Wireless Network Technology 7 A multivendor consortium defined Bluetooth, not a standards organization. With consent of the Bluetooth Alliance, the lower two layers of Bluetooth were reformatted and have now become the IEEE 802.15.1 standard. Just like 802.11b and 802.11g, it operates in the unlicensed 2.4 GHz frequency band, but uses frequency-hopping spread-spectrum technology that hops faster than the original FHSS of 802.11. As a result, the presence of Bluetooth in close proximity to Wi-Fi nodes causes the signal for the WLAN to degrade, sometimes spelling disaster for Wi-Fi transmissions. Bluetooth 1.2 and later protocols help such nodes avoid signal degradation by listening for signals on the radio channels before transmitting. Many early suppliers of nodes with both Bluetooth and Wi-Fi have been able to synchronize transmissions to avoid degradation. Suppliers of 802.11a, which operates in the 5 GHz unlicensed band, are quick to point out that they avoid signal degradation from Bluetooth completely. Nevertheless, 802.11g suffers the same potential problems as 802.11b in the presence of Bluetooth. If you want to know more about Bluetooth, a rich source of information can be found on the official Bluetooth SIG website: http://www.bluetooth.com/help/. If you want to develop Bluetooth products, the Bluetooth developers’ website offers lots of reference material and discussion groups: https:// www.bluetooth.org/. 1.2 Proprietary or Non-Standard Wireless Networks Standards take a long time to be developed, much slower than the pace of technology. Commercial suppliers often cannot wait for the approval of a standard, or may have a product concept that adequately fulfills the network requirements more than any proposed standard. These companies will often introduce their network products hoping to establish a market in the absence of standardized networks. The experience gained by these suppliers can often be highly useful to the designers of network standards. Sometimes, this network can become a standard. 8 Unit 1: Wireless Network Technology Currently, two suppliers, Honeywell and Adaptive Instruments, both offer their own wireless networks for process control field instrumentation. Both networks use frequency hopping spread spectrum operating in the 915 MHz ISM (Industrial, Scientific, and Medical) band. These networks are capable of passing data at rates that vary from 4.8 to 76.8 Kbps over distances that vary from 780m to 175m respectively. Their devices are battery powered and have battery life estimated to be several years. Both of these networks are configured with a wired base-station located close to the field instruments, and form direct links to each instrument from the base station. Additionally, Dust Networks is another supplier using frequency hopping in the 915 MHz ISM band, but with integral mesh networking technology. Dust sells OEM modules to be used by other manufacturers to build wireless transmitters. Emerson Process Management is using Dust Networks technology for its first generation wireless instrumentation. 1.3 Wireless versus Wired Networks Wi-Fi has generally been considered to be Wireless Ethernet, but it is far more than that. Wired networks, such as Ethernet, are designed for communications between fixed locations. Wireless networks, such as Wi-Fi, are designed for communications between devices. The distinction is lost for fixed-location devices, but device mobility is a primary benefit of wireless. Mobile applications are often found in discrete parts manufacturing and assembly and in all types of warehouse applications. However, the primary applications for wireless in industrial automation are expected to be between fixed locations. The air is free, but to operate, wireless networks will often need a wired connection to a computer or to the wired network, a source of power, and radios. Estimating the cost of a wired network is easy. It is the sum of the cost of the network cable, junctions, and connecting wires; the cable and junction installation; the network interfaces; and the long-term maintenance of the installed wiring plant. Wireless networks are more difficult to Unit 1: Wireless Network Technology 9 estimate. They include the cost of wiring to access points, access point equipment, wireless interfaces, and long-term wireless troubleshooting and maintenance. While there are fewer items to install and maintain, experience with installation and maintenance of wireless equipment is much more limited than wired. The other notable problem of wireless devices is that they still need a power source. Wired network nodes can draw power from the local AC receptacle, but mobile wireless devices depend on batteries or some alternative power source. Of course, you can always plug the wireless device into a local power source, but then you lose the mobility advantage and incur the cost of installing power connections at the device. To some extent, the recent PoE (Power over Ethernet) standard, IEEE 802.3af was created to help resolve part of this problem by supplying electrical power on the wired Ethernet network so it can be used by wireless access points. This standard seems to be well accepted for business or commercial access points. However, PoE still does not address the issue of powering the wireless end-device itself. 1.3.1 Signal Loss/Fading In the early twenty-first century, wireless networks still suffer from mysterious dead spots – an area in which there is no reception. We say mysterious because even very careful planning cannot remove all dead spots, and sometimes live spots just move or, in the language of radio, fade. The spontaneous loss of communications for no apparent reason is probably one of the most irritating aspects of wireless. Often, the signal mysteriously returns even before the cause of its loss can be investigated. This occurs with cellular telephones, with Wi-Fi devices, and with all other wireless LAN technologies. Signal loss can be caused by interference from other radio signals present in the same part of the spectrum as well as by moving equipment. Sometimes, a live spot exists only as a result of a multipath effect when the signal is reflected from some stationary object; sometimes the multipath signal inter- 10 Unit 1: Wireless Network Technology feres with and cancels the primary signal causing a dead spot. Wi-Fi seems to fade in areas in which microwave kitchen appliances are in use or in which a cordless telephone is operating at 2.4 GHz. Actually, the signal loss is due to interference that is difficult to tell from fading. Dead spots may occur within buildings depending on their materials of construction. In the line of sight between the access point and the wireless device, each time the radio wave passes through a solid the signal is attenuated. Denser materials attenuate more than less dense materials. Metals, particularly steel, used in building construction may absorb or attenuate most of a radio signal, creating a dead spot in its radio “shadow.” Moving the access point or the device by a small amount, perhaps only a few millimeters, may eliminate the dead spot. Finally, there are sunspots! The sun emits a broad spectrum of electromagnetic waves at all frequencies, which generally constitutes noise. Once in a while, the surface of the sun experiences flares or dark spots that emit very strong electromagnetic waves that are known to interfere with radio transmissions, and occasionally with wired communications as well. 1.3.2 Multipath Distortion Radio waves move from an omnidirectional antenna in all directions. When these radio waves strike a very dense object such as metal or stone they are reflected, much as light is reflected from a mirror or other shiny surface. Even when there is a clear path between the transmitting and receiving antennas, some of the signal reflected from other paths will arrive at the receiving antenna. This phenomenon is called multipath and can distort the received signal since the longer path will cause the signal to be received out of phase with the signal from the direct path. The effect of multipath distortion can range from nothing to the cancellation of the signal, depending on the paths and the resulting delays. In some cases, the multipath effect can even boost the received signal. This occurs when both paths are received in phase, such as when multiple transmitting antennas are used. In fact, this phenomenon is Unit 1: Wireless Network Technology 11 used by IEEE 802.11n. The technology for using the multipath signal to enhance performance is called MIMO (Multiple Input, Multiple Output.) MIMO uses multiple antennas on both the transmitter and the receiver to achieve multiple transmissions, and to receive the signals. 1.3.3 Shared Airwaves One of the problems of radio is that the spectrum is limited, and new uses are constantly being found for it. The attempt to allocate certain frequency bands for specific uses is the responsibility of governmental agencies – the FCC in the United States. The frequency assignment process is highly political and is based loosely on technology. Furthermore, frequency assignment is highly dynamic and sensitive to economic conditions and the appearance of new technology solutions. For example, the FCC originally assigned eighty-two 6 MHz frequency channels exclusively for broadcast television – an enormous segment of the spectrum for a single purpose. In most areas of the United States, only a tiny fraction of that spectrum is actually being used in any one location, since commercial television was reluctant to use the higher UHF frequencies because of their limited distance reception range. Television channels are also reused based on geography – when stations are far enough apart to not interfere with each other. Some of the unused UHF television channels have already been reclaimed for other uses, and more are scheduled to be reclaimed in the future. Needless to say, television stations are highly reluctant to change frequency channels once they are in use. The U.S. military is one of the most demanding users of radio frequencies and is very reluctant to give up any frequency previously assigned to it. This same attitude is reflected in the military establishments in most other countries as well, even when the service using that frequency has been abandoned. Another demanding public sector is amateur radio, which has allocated to it small frequency bands scattered throughout the spectrum. Amateur radio broadcasters are also reluctant to abandon any frequency band. 12 Unit 1: Wireless Network Technology Nevertheless, the United States and most other governments have ordered that all allocated users share the radio spectrum unless the service cannot function when shared. By definition, the military frequency bands cannot be shared. Public radio, television, and global positioning satellite (GPS) frequencies also cannot be shared. Certain public safety and many business uses are licensed and are not shared. The remainder can be shared, and they are divided into both licensed and unlicensed frequency bands. Generally, licensed bands allow users to broadcast at higher power ratings in order to reach longer distances, while unlicensed bands are forced to limit radiated power to minimize interference between users. Users of shared radio frequencies demand some type of access controls so they can avoid interference. Fortunately, as the demands on radio bands have increased, so has the ability to economically use higher frequencies. Expansion to higher frequencies has enabled higher rates of information exchange. But this often results in messages of shorter length, and usually requires sacrificing range or distance between sender and receiver. Higher frequencies are usually limited to line of sight between transmitter and receiver. Most of the new methods for sharing radio frequencies have depended upon packet radio technology that is suitable only for digital data transmissions. In one such packet radio technology, wireless LAN, many users may share the same frequency through the use of spread spectrum technology. GSM is a wireless telephony standard that is used in most of the world. In the United States it shares a pair of frequency bands with both time division and frequency division multiplexing. Advocates of CDMA claim it to be the wireless telephone technology of the future, and it depends upon packet-switching technology to share the bandwidth. Loss of Privacy Once a radio broadcast enters the air, or ether, as it is sometimes called, anyone may receive the signal. Wired communications require a physical electrical connection, or at least an inductive coupling that is very close to the wire so as to intercept the signal. Governments have declared that intercepting a Unit 1: Wireless Network Technology 13 wired communication signal is illegal and may only be permitted with a court order. No such limitations exist for most types of radio signals. If you broadcast, anyone can receive. However, the law in the U.S. has made listening to some radio broadcasts illegal, even though that is difficult to enforce. Solutions exist for making radio signals more private. Though no way exists to provide exactly the same level of privacy of an ordinary wired communication, many methods are available for making radio transmissions difficult to interpret, even if we cannot make them impossible to receive. One of the most common ways to achieve privacy is to use highly directional radio antennas in which interception would only be possible if one had exact knowledge of and access to the line of sight between sending and receiving antennas. Locating these line-of-sight antennas on towers and rooftops physically limits the potential for interception. Using encryption can make even an intercepted signal difficult or impossible to interpret, hopefully to the equivalent degree as wired communications. Encryption is the science of scrambling the data using a method and a key. Decryption is the method of using a key to unscramble the data to restore it to its original form. The interceptor would need the encryption key to unlock the data and decrypt it, provided that the encryption method is known. Simple encryption is sufficient to protect non-critical or non-vital data, but more complex encryption is required for data exchanges that may involve personal or financial data. Transmissions of data necessary to operate a manufacturing production facility are considered to require high immunity from interference or interception. There are two types of encryption: secret or private key and public/private key. Secret key encryption uses a key or cipher consisting of several characters to process the original message using a known method so as to create an encrypted message. The same key is used to decrypt the message after it is received. Many methods called processes or algorithms are used for secret key encryption. The best-known algorithm is the Data Encryption Standard (DES). It was developed by the National Institute of Science and Technology (NIST), and is 14 Unit 1: Wireless Network Technology widely published. DES uses a 56-bit secret key. To make it more secure, Triple-DES is sometimes used in which the same key is processed three times, though the key length is the same. Advanced Encryption Standard (AES) is the latest NIST development for assuring maximum security of the secret key method. It uses 128-, 192- and 256-bit keys. One of the most secure methods for data transmission privacy is the public/private key encryption method, which is used to verify signatures. A user is given a public key that may be published. When the sender “signs” a document, the digital signature is encrypted with the sender’s private key. The encrypted signature and the sender’s public key are both sent to the recipient, who then uses the sender’s public key to verify the signature of the original user. Document privacy is obtained by encrypting the whole document using the recipient’s public key. When received, the targeted recipient, and only that recipient, may decrypt the document using his or her own private key. While complicated, no method provides greater assurance of privacy than public/private key encryption. For public/private key systems to work effectively there must be an open repository for public keys, such as http://www.keyserver.net/ en/ or http://pgp.dtype.org/, both of which only support PGP (“Pretty Good Privacy”) encryption keys. Clearly, there should be only a single key server, but this has not yet happened. There are two dominant public/private key encryption methods: RSA (Rivest-Shamir-Adleman), and PGP (Pretty Good Privacy). RSA is a product of RSA Security, a company that specializes in security issues. PGP is an open algorithm supported by software from PGP Corporation. Both methods can be used, but PGP is more often used to encrypt an entire message. Secure socket layer (SSL) is the leading security protocol on the Internet and uses RSA encryption. When an SSL session is started, the server sends its public key to the browser. The browser then uses the public key to send a randomly generated secret key back to the server in order to have a secret key exchange for that session. The problem is that the public key infrastructure (PKI) requires too much computational logic to Unit 1: Wireless Network Technology 15 be implemented easily on today’s very simple or battery operated devices. The use of encryption is usually limited to verifying digital signatures and to financial transactions such as a credit card or bank account number. Network Membership Membership in a wired network is achieved by establishing a physical connection to the wiring or to a network element such as a wiring hub or switch. Wireless units are neither connected nor disconnected from a network. In order to communicate, they must first seek to join the wireless network. As part of the protocol for joining the network, a network address is assigned. Network membership is actually a function of the routing capability, which is embedded into all IEEE 802-based networks by using an IEEE 802.1d protocol implemented by network switches (wired) or access points (wireless.) The algorithm is called a spanning tree bridge. In it, the network switch or access point learns the address of each connected station when a message is sent from that station, since the from address is located in the message header. In this way, messages not intended for the network members for that switch or access point do not clutter the network. For a station to join the switch’s local membership list, it must only send a message. Roaming is an essential property of wireless networks, although the need for roaming exists anytime a portable computer is used on different network segments. Any wireless device may physically be moved so as to be in the range of different wireless networks. The ability to roam means that applications may continue to perform their network communications as the device is moved from one wireless network (domain) to another. Networks that support roaming transfer membership transparently from one domain to another. For a wireless telephony network, roaming is transparent as cell phones move from the range of one cell tower to the next. It’s not that simple for mobile computers on a wireless LAN, 16 Unit 1: Wireless Network Technology however. Usually, all of the wireless LAN access points are connected to ports on a single network switch, which performs the routing function. However, this results in a clutter of messages being sent to all access points in hopes of finding the targeted station, if it is not on the local membership list of the network switch. The newest solution for roaming wireless LAN stations is the so-called wireless switch. This is an access point that has the ability to perform advanced 802.1d spanning tree bridging logic. Just like a wired switch, it learns that a station is within its range when the station transmits a message. The problem is that the station may have previously been in the range of a different access point. Recent advances to the IEEE 802.1d standard provide the network management capability to rapidly move the registration of a station from one switch to another. The wireless switch uses this capability to move the registration of a station from one access point/wireless switch to another. By using wireless switches, the broadcast network clutter is reduced. 1.4 Antenna Technology Though the antenna is usually a passive (no electronics) element of the wireless network, it is critically important. The antenna(s) on the transmitter couple the signal to the antenna(s) on the receiver just as surely as wire connects wired networks. Furthermore, just as wired network capacity tends to relate to wire size; wireless network throughput depends strongly on antenna gain. One very important characteristic of antennas for wireless is that they tend to polarize the transmitted signal. A vertical transmitting antenna will cause a vertical polarization, while a horizontal antenna will cause a horizontal polarization. AM radio is vertically polarized, which is why automobile antennas are vertical. FM broadcast radio is actually horizontally polarized much like VHF and UHF television. Using the same vertical antenna used for AM radio to receive FM radio is a suboptimal method. However, it still works because polariza- Unit 1: Wireless Network Technology 17 tion is never purely horizontal or vertical, and the antennas are also usually not exactly vertical either. 1.4.1 Antenna Size As the frequency of the radio band has increased, antennas have become shorter. At the common 2.4 GHz band used for wireless LANs, a full wavelength antenna is only about 12.5 cm (5 inches). At these sizes, it becomes possible to integrate antennas entirely inside the product such as an instrument or a notebook computer. The length of the antenna is optimal when it is exactly one wavelength long. When citizens band radio at 27 MHz was popular, optimal antennas were over 11m in length. Even automobile antennas at ¼ wavelength were almost 3m (9 feet) long. The formula for calculating full-wavelength antenna length is the following: wavelength(m) = 299,792,458 ÷ frequency(Hz) 1.4.2 Omnidirectional Most antennas for wireless networks are omnidirectional – they radiate the signal in all directions at the same time. Omnidirectional antennas are the base-case and are considered to have zero gain measured in dB. Omnidirectional antennas are usually polarized vertically for convenience. Since the transmitted energy from an omnidirectional antenna radiates equally in all directions, it effectively loses power proportionally to the square of the distance traveled. Additionally, as radio waves pass through any matter they become attenuated in proportion to the density of that matter. In particular, conductive metals such as copper, aluminum, iron, and steel tend to conduct radio energy toward a grounding point, if one exists. Finally, radio waves are received at the targeted radio’s antenna, where that same antenna will also receive radio energy from other transmitters and even the original signal reflected from an obstruction in the direct path. 18 1.4.3 Unit 1: Wireless Network Technology High-Gain Directional To overcome the signal losses caused by omnidirectional antennas, directional transmitting antennas concentrate the radiated energy into a narrow beam. Directional receiving antennas capture signals in the near vicinity of the primary receiving antenna and reflect that energy to the primary antenna, thus effectively increasing the gain of the receiving antenna. Several methods are available for concentrating the radio energy, all of which involve reflecting energy emitted in the wrong direction and redirecting it to the target direction. Directional antennas are intended to be aimed manually so the receiving antenna is receiving in the direction of the transmitting antenna. If either the transmitter or receiver is in motion, the antennas must be continuously repositioned to align. Directional antennas also tend to eliminate noise, other stray signals on the same frequency, and reflections, all of which improves the signal-to-noise ratio, thus improving reception. Directional antennas used for ultra-high-frequency (UHF) and microwave radio are illustrated in Figures 2 and 3. Note that it is not necessary to use a high-gain antenna for both transmit and receive, nor is it necessary to use the same type of highgain antenna for both transmit and receive. Obviously, to realize the benefits of high-gain antennas in bidirectional service, such as a WLAN, high-gain antennas should be used on both ends to improve service. The stacked YAGI antenna shown in Figure 2 illustrates a vertically polarized series of antennas. Each element tends to radiate in all horizontal directions, but not vertically. The longer vertical elements behind those in the front are designed to reflect the radiation that is toward the rear, back toward the front. On reception, the rear elements tend to reflect received signals toward the active front antenna elements. This design is generally thought to increase the gain by 3 to 13 dB, depending upon the number of vertical elements. A parabolic dish, shown in Figure 3, is much more expensive than an omnidirectional or stacked YAGI antenna, but it provides far more gain. The parabolic dish reflects the radiated Unit 1: Wireless Network Technology 19 Figure 2. Stacked YAGI Antenna wave into a narrow beam, and likewise focuses the received energy from a wider area into the receiving antenna. In addition to the higher cost of the antenna and its vulnerability to wind and snow, the parabolic dish suffers from another drawback: the narrow beam width when it is used as a transmitting antenna. The narrow beam width makes the task of aiming the receiving antenna much more difficult, especially when used with a parabolic receiving antenna. A parabolic dish is generally considered to have a gain of 20 to 24 dB over an omnidirectional antenna. 1.4.4 Planar The planar antenna design evolved from use in mobile telephones and has become available for commercial use. Planar antennas are small and lightweight, and at wireless LAN frequencies can be embedded into the equipment. Antenna gain can be obtained by building more than one planar antenna into a device. Generally, the planar antenna is omnidirectional. 20 Unit 1: Wireless Network Technology Figure 3. Parabolic Dish Antenna 1.4.5 Phased Array A phased-array antenna is a two-dimensional organization of planar antennas. Military radar systems were the first to use phased-array antennas. While they will certainly be used in commercial and industrial applications, currently their high cost makes them unattractive. The appeal of the phased-array antenna is that it can exhibit the high gain of a directional antenna and can be aimed electronically without moving the base antenna. Therefore, phased-array antennas enjoy a true advantage when connecting wireless radios in mobile equipment as they move beyond the range of omnidirectional antennas. Unit 1: Wireless Network Technology 21 Phased-array antennas form a beam electronically rather than by using the reflective properties of metals. Each component planar antenna must be separately driven, with the same signal modified in phase to form this beam. Military phased-array antennas use hundreds of elements, but when this technology becomes commercial, many fewer elements will be necessary to achieve a formed beam that is sufficient for industrial distances. Beam formation can usually be directed to an included angle of about 75 degrees. 1.5 Wireless Network Topologies Wired networks have a layout or topology that is determined by the location of the nodes and network components. Wireless networks are not so easily described. The topology of a wireless network is determined by the logical capabilities of the network components. Often the user must determine how the wireless network’s topology is to be configured after installation, or perhaps after some usage determinations. 1.5.1 Star The most typical or default arrangement for a wireless network is a star cluster in which the wireless access point is at the center, as illustrated in Figure 4. Each wireless device then communicates only with the common access point, which is usually connected via wires to a network switch. This arrangement then places all of the wireless devices into the same collision domain, presuming that this is an Ethernet-based network. Usually, this arrangement presents no problem since the access point itself will be unable to receive more than one message at a time and will ignore whichever began second. Unfortunately, the second device will not be notified that its message was not completed since the message rejection occurred at layer 1 of the network and no defined network protocol exists for layer 1 message rejection as there is for Ethernet at layer 2. Since many messages are sent using TCP/IP protocol at layers 3 and 4 of the network, the second device will receive notification from TCP that the message was not acknowledged and then will be retried. If the message is sent 22 Unit 1: Wireless Network Technology ) ) ) ) ) using user datagram protocol (UDP), no such acknowledgement is provided. Rather, it must then be provided by the application or the application layer protocol. ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) STAR Figure 4. Wireless Star Topology Wireless access point switches are now appearing for commercial networks. Their function is similar to that of an unswitched access point, except that they carry a full layer 2 switching function using the spanning tree bridge protocol, IEEE 802.1d and IEEE 802.1w, and rapid reconfiguration protocol needed for wireless roaming. Spanning tree bridge protocol allows a network switch to learn the address of its connected devices by listening to messages they send. It then routes any messages received at the switch to the device, and to no other. The roaming extension allows a network-connected station to retain network sign-in while moving from the radio zone of one wireless network switch to another. Under 802.1d, when a mobile station moved out of the range of one switch/access point, a timeout period would be necessary before that station could log into another switch/access point. With 802.1w, the station may log into the network at any switch/access point by just sending Unit 1: Wireless Network Technology 23 a message, which will cause it to be logged out of the previous switch/access point without needing the timeout period. The significance of rapid reconfiguration for industrial automation is obvious in the case of mobile devices such as automated guided vehicles. However, rapid reconfiguration can also be used to increase the reliability of star networks through redundancy to configure the highly reliable networks needed for the manufacturing environment. When applied to stationary equipment, a wireless network connection is normally highly reliable. Due to interference in the radio spectrum, however, it is possible that messages will not reach the desired destination. In that case, a second switch/access point can provide the redundancy needed for the alternate path required for a highly reliable network. However, in the case of wireless networks, full 100 percent redundancy is not required. Only a viable alternate path that can serve many primary paths can serve as a backup path. 1.5.2 Tree As in wired networks, wireless networks can be organized into a tree topology. Each field unit is configured to a network that is connected to a specific switch/access point. That access point is then hierarchically connected to another access point closer to the wired network. The topology appears as illustrated in Figure 5. 1.5.3 Mesh The newest and most revolutionary form of network is called a mesh. In a mesh network each station is both an end device and a network forwarding element. Mesh networks are naturally self-healing and redundant – exactly the properties needed for industrial automation networks. In a mesh network, each station is responsible for forwarding a network transmission not intended for itself to other stations within its radio range. Those stations, in turn, send the transmission to at least one other station within its radio range, as 24 Unit 1: Wireless Network Technology ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) TREE Figure 5. Wireless Tree Topology illustrated in Figure 6. Therefore, the network becomes very redundant, fault-tolerant, and extended in range. The drawback is that each station must remove redundant messages. In effect, each mesh network station becomes a network router. Additionally, since multiple paths are involved, each receiving station must reject duplicate messages received from divergent paths. Standardized mesh network protocols also include the capability to build and maintain routing tables so as to provide clues for forwarding messages. This prevents messages from looping in directions other than toward their intended destination, which results in greater network efficiency. Routing tables are dynamically constructed as messages pass through each routing node of the mesh network. Since mesh networks that are intended for industrial automation tend to have 256 or fewer nodes, routing tables can be small and the routing simple. Routing tables need to be updated when new nodes appear in Unit 1: Wireless Network Technology 25 ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) MESH Figure 6. Wireless Mesh Network the mesh or for any reason fail to respond to forwarded messages. Mesh networks are not new. The Internet itself is a very large wired mesh network with very complex routing algorithms. Since IP addresses do not imply anything about location, messages routed on the Internet “hop” from one node to another that is (hopefully) closer to the desired destination. Internet routing algorithms are typically efficient enough that few messages need more than fifteen hops to reach their desired destination. Wireless mesh networks pose a problem that is not encountered with wired mesh networks such as the Internet. With wireless mesh networks, there is no way, other than by using a highly directional antenna, to prevent a message transmitted by one node of a wireless mesh network from being received by other nodes. This leads to multipath routing, or message duplication. Typically, the message identification field of the IP frame is used to identify duplicate messages, which may be discarded. Multipath routing may also improve network reli- 26 Unit 1: Wireless Network Technology ability by providing redundant message paths. Both possibilities must be considered for industrial wireless networks. Another problem is the increased latency caused by routing. Some messages must be delivered to their destination while the data is still “fresh.” Routing may introduce random delays that can make data stale. Network configuration must then be adjusted to avoid routing delays. Unit 2: Wireless Network Standards The IEEE 802 standards committee has been charged with developing both wired and wireless data communications network standards. While its work automatically becomes standards in the United States through the American National Standards Institute (ANSI), it is also submitted to the International Organization for Standardization (ISO) for adoption as international standards. After a delay of a few months or years these standards become the series of ISO/IEC 8802 standards, which have numbers similar to the ANSI standards. In the definitions or scope of the IEEE 802 committee, the wireless networks are defined by the nominal network transmission distances as described in Table 1. Table 1. Scope of IEEE 802 Wireless Subcommittees Subcommittee Maximum Distances WMAN (wireless metropolitan area network) IEEE 802.16 Kilometers WiMAX® WLAN (wireless local area network) IEEE 802.11 Hundreds of meters Wi-Fi® WPAN (wireless personal area network) IEEE 802.15 Tens of meters ZigBee® Bluetooth™ WiMedia™ Name Technology Consortia 27 28 2.1 Unit 2: Wireless Network Standards Wireless Local Area Networks (WLAN) Wireless LANs are used to connect computing devices within a relatively small area. The responsibility for the standardization of LANs has traditionally been given to the IEEE 802 subcommittees. The standardization of wireless LANs has been assigned to the IEEE 802.11 subcommittee, and of personal area networks (PANs) to the 802.15 subcommittee. Initially, IEEE 802.11 approved a standard that used three different and incompatible technologies: FHSS (frequency hopping spread spectrum), DSSS (direct sequence spread spectrum), and infrared signaling. Both FHSS and DSSS were limited to a maximum data rate of 2.0 Mbps. Though implemented by a few suppliers, they were generally unsuccessful in the market. The 802.11 infrared standard was quite different from the widely implemented Infrared Data Association (IrDA) infrared standard and was not commercially implemented at all. 2.1.1 Wi-Fi a/b/g One of the most successful wireless applications has been the WLAN, which is enabled by the approval of the IEEE WLAN standards: 802.11a, b, and g. The extremely large and competitive markets for WLAN in homes and offices has led to high volumes, with cost reductions leading to selling price reductions. This has turned Wi-Fi into a commodity market. The IEEE 802.11a and g standards introduced a new spread spectrum technology called OFDM (orthogonal frequency division multiplexing) that divides the 802.11 frequency band into many individual sub-channel carrier frequencies, each of which transmits part of the data. Table 2 describes each of these network standards. Unit 2: Wireless Network Standards 29 Table 2. WLAN Comparison Standard Designation Operational Frequency Technology Maximum Data Rate Maximum Distance IEEE 802.11b 2.4 GHz DSSS 11 Mbps 100m IEEE 802.11g 2.4 GHz OFDM 54 Mbps 100m IEEE 802.11a 5.4 GHz OFDM 54 Mbps 100m IEEE 802.11n 2.4 GHz and 5.4 GHz OFDM 54 to 400 Mbps 100 to 200m The low cost of WLANs has made them enormously popular, especially for the home and small office market where the high cost of cables and inconvenience of hiding them makes a wireless solution highly desirable. In the larger office, however, wired LANs still remain more popular because they offer a higher degree of security and it is easy to install wiring through raised ceilings and open office partitions. Conventional office wiring for both telephone and LAN is typically installed simultaneously at very reasonable cost. Conventional LAN wisdom is already being challenged by new telephone technologies that place both the LAN connection and the voice connection on the same Ethernet network using VoIP (Voice over Internet Protocol) technology. With VoIP, the voice is converted directly at the telephone, or via a converter for an analog voice network, into an IP data stream and routed over the IP network. New office installations are already evaluating and often selecting complete wireless connections for both voice and data. The release of IEEE 802.11b, which offered a top speed of 11 Mbps, met with sudden and widespread acceptance. With volume purchases of Wi-Fi equipment, prices soon dropped to commodity levels, and rogue units began to appear in offices. Very soon afterward, IEEE 802.11a-compatible interfaces also began to appear, but their incompatibility with 802.11b has inhibited the market for this higher-speed technology. 30 Unit 2: Wireless Network Standards Once IEEE 802.11g was approved, there was an immediate flood of products available to achieve the greater connection speeds this technology promised. Since Wireless-G operates at the same frequency as Wireless-B and all of the chips implementing “G” also implement the “B” protocol, this technology’s adoption has been rapid and painless. By early 2005, Wireless-G had replaced Wireless-B in the consumer marketplace. Users have become aware that the 2.4 GHz ISM (industrial, scientific, and medical) band may become saturated as a result of the broad use of Wireless-B and G. This has prompted renewed interest in Wireless-A, even though its operation in the 5.4 GHz band makes it incompatible with both B and G. The most likely scenario is that most silicon implementing Wi-Fi will actually support both DSSS used for Wireless-B and OFDM as used for Wireless-A, -G and -N. These will use dual-band radios capable of both 2.4 and 5.4 GHz operation with very little incremental cost. Currently, network equipment for Wireless-A, B, and G is commercially available at the old introductory prices of previous WLAN equipment, and Wireless-N in its pre-standard form is available at slightly premium prices. It is unlikely that WLAN technology will stop at 54 Mbps. There are proprietary extensions to both G and A that at least double the data rate, as well as further standardization activity in the IEEE 802.11 task group n, to produce a standard in the 100-400 Mbps range. Recent actions by the FCC have tripled the number of channels available to Wireless-A and N in the 5 GHz frequency band. The market will tend to favor technologies that have higher data rates as long as the price premium is small. As the manufacturing technology for this market matures, these higher-data-rate technologies will advance the natural evolution of these emerging technologies, which has been enabled by the ever-shrinking size of silicon chips. Eventually, there will be purchase price parity between wired and wireless network connections, and wired networks will suffer because of the high cost of physical cabling. The future is wireless. Unit 2: Wireless Network Standards 2.2 31 Wireless Personal Area Networks (WPAN) The IEEE 802.15 subcommittee has been charged with standardizing the emerging technologies of wireless personal area networks (WPAN). These include Bluetooth, ZigBee, and WiMedia (IEEE 802.15.3). 2.2.1 Bluetooth The Bluetooth Special Interest Group originally created Bluetooth; initially as a wireless interconnect method for eliminating wires for use with cellular telephones. While the first intended application was to replace wiring connecting earphones and microphones, Bluetooth was also intended to allow cellular telephones to be connected wirelessly to computers when using a cell phone network to connect to the Internet. The IEEE 802.15.1 subcommittee has adopted the physical and data link layers of Bluetooth, and organized these layers into suitable standards format. The upper layers of Bluetooth, however, remain the domain of the Bluetooth-SIG. In these upper layers lie the primary applications for Bluetooth, including voice and spontaneous networks. Bluetooth calls its implementation of a limited mesh network a scatternet. In contrast, a piconet consists of a single master and up to seven active slaves. However, a slave in one piconet may also be a master of a different piconet. A scatternet is a mesh of piconets. The basic protocol for Bluetooth/802.15.1 is FHSS using a basic frequency-hopping rate of 1600 hops per second. The number of frequency channels depends on the country’s frequency allocation in the 2.4 GHz ISM band—seventy-nine channels in most of the world, but only twenty-three channels in France, Japan, and Spain. Bluetooth is defined for three different power ranges in order to meet requirements for different topologies and distances. For use as a simple wire replacement in telephony, Power Class 3 is defined with a maximum power output of 1.0 mW, covering a distance up to 3 meters. Power Class 2 is for distances up to 100 meters necessary to cover a conference room, 32 Unit 2: Wireless Network Standards has a defined maximum power output of 2.5 mW. Longer distances that would be necessary for industrial automation are defined in Power Class 1, with a maximum power output of 100 mW, and requiring “Power Control.” Power Control is a protocol that requires transmitter and receiver to reduce power output consistent with the needs to optimize power consumption and overcome interference. Bluetooth voice applications are optimized to deliver full duplex time-synchronous voice packets using a time division multiplexing method. This provides dedicated time slots for voice packets to be transferred in each direction. Data can also be transferred in the remaining time after the dedicated time slots are used. The Bluetooth scatternet is designed to be spontaneous in nature. If a node is enabled to join a network, whenever it moves into radio range of another Bluetooth device it begins to negotiate to join into a local piconet. If there is already an active piconet, the new device may join as a slave. If no piconet exists, the new station and the other negotiate to become the master of a new piconet. If a piconet is already full (master plus seven slaves), the new station cannot join unless an existing slave makes a spot available by moving out of range or by becoming “parked,” which is an agreement to surrender the network spot temporarily if the user has not been active for some time period. Parked nodes no longer communicate with the master but remain synchronized (i.e., remain in the frequency-hopping schedule.) Nodes that are denied membership in an existing piconet may form a second piconet either as a master or as a slave by enlisting one of the existing nodes of the first piconet. The two piconets, together with any others, form a scatternet, which, as we have seen, is a form of mesh network. The piconets in a scatternet are not synchronized with each other. Messages or voice packets can be carried between stations on the same scatternet by being relayed by master stations on each piconet. This action allows only a single path for the data, in contrast to true mesh networks in which there can be multiple paths for each Unit 2: Wireless Network Standards 33 message. Routing algorithms in each master control routing within the scatternet. The Bluetooth specification contains profiles for several applications. The purpose of the profile is to define the application’s protocol. These application layer protocols are in turn supported by the lower-layer data link layer protocols. To understand Bluetooth, it is necessary to understand these applications, for which it was created. While the underlying body of the Bluetooth protocol may change, these well-conceived application layer protocols are unlikely to change dramatically for the intended applications. It is well within the objectives of the Bluetooth SIG to continue supporting these application profiles even if the underlying data communications changes since the Bluetooth networks are adapted to coexist with all of the other networks that share the same 2.4 GHz ISM frequencies. Table 3 describes the specified Bluetooth Application profiles. Each profile has its protocol specified in the Bluetooth specification. However they are not specified in the IEEE 802.15.1 standard, which only applies to the physical and data link layers. Generic Access Profile The Generic Access profile provides the procedures for two devices to discover and connect to each other when neither of the two devices has a link established. The profile also provides discovery and connection procedures when at least one device has established a link to a third device before starting the procedure. The Bluetooth user will be able to connect a Bluetooth device to any other Bluetooth device. Even if the two connected devices don’t share any common applications, it is possible for the user to use basic Bluetooth capabilities to determine this. When the two devices that share the same application are from different manufacturers, they can still connect them even if manufacturers call basic Bluetooth capabilities by different names on the user interface level or implement basic procedures to be executed in different orders. 34 Unit 2: Wireless Network Standards Table 3. Bluetooth Application Profiles Profile Description Generic Access Describes how two Bluetooth stations begin communicating Service Discovery A standardized procedure to locate and identify Bluetooth services Cordless Telephony Services for cordless telephones Intercom Services for intercom and paging or walkie-talkie usage Serial Port Services to emulate a serial port connection Headset Services to support headphones and a microphone for full duplex voice communications Dial-Up Networking Services to allow a computer to use a cellular phone or modem as a wireless modem for connecting to a dial-up Internet access server or for using other dial-up services, including receiving data calls Fax Services to allow devices to send or receive fax messages LAN Access Services to allow devices to become network nodes on a LAN Generic Object Exchange Services for transporting data Object Push Services for sending, pulling, and exchanging data File Transfer Services for browsing and transferring files Synchronization Services to support file update processes between devices Unit 2: Wireless Network Standards 35 The General Access profile states the requirements for the names, values, and coding schemes used for names of parameters and procedures on the user interface level. It defines modes of operation that are not service- or profile-specific, but are rather generic and can be used by other profiles referring to this one as well as by devices that are implementing multiple profiles. The General Access profile defines the general procedures that can be used for discovering the identities, names, and basic capabilities of other Bluetooth devices that are in a mode in which they can be discovered. Only procedures in which no channel or connection establishment is used are specified by the profile. This profile defines the general procedure for creating bonds (i.e., dedicated exchanges of link keys) between Bluetooth devices. It describes the general procedures that can be used to establish connections to other Bluetooth devices that are in a mode that allows them to accept connections and service requests. Service Discovery Profile The service discovery user application in a local device interfaces with the Bluetooth Service Discovery profile client to send service inquiries and to receive service inquiry responses from remote devices. Service discovery is tightly related to the process of discovering devices, and discovering devices is tightly related to performing inquiries and pages. Before any two Bluetooth-equipped devices can communicate with each other the following two conditions are necessary: • The devices need to be powered on and initialized. For initialization, a PIN may need to be provided to create a link key so the device can be authorized and the data encrypted. • A Bluetooth link has to be created. This may require that the other device's address be discovered and the other device be paged. It may seem natural to consider one device serving as a Bluetooth master and the other serving as Bluetooth slave, but no 36 Unit 2: Wireless Network Standards such requirement is imposed on devices participating in the Service Discovery profile. Service Discovery can be initiated by either a master or a slave device at any point for which these devices are members of the same piconet. In addition, a slave in a piconet can also initiate service discovery in a new piconet, provided that it notifies the master of the original piconet that it will be unavailable (possibly by entering the parked mode) for a given amount of time. The Service Discovery profile does not require the use of authentication and/or encryption. If any of the devices involved uses any of these procedures, service discovery will be performed only on the subset of devices that pass the authentication and encryption security that they may impose on each other. In other words, any security restrictions for service discovery transactions are dictated by the security restrictions already in place (if any) on the Bluetooth link. Cordless Telephony Profile The Cordless Telephony profile defines the protocols and procedures that are used by devices implementing a “3-in-1 phone.” The “3-in-1 phone” provides an extra mode of operation to cellular telephones, by using Bluetooth to access fixed network telephony services via a base station. However, the 3in-1-phone service can also be applied to wireless telephony in a residential or small office environment. This profile includes making calls via the base station, making direct intercom calls between two terminals, and accessing supplementary services provided by the external telephone network. The following scenarios are covered by the Cordless Telephony profile: 1. Connecting to the base station so incoming calls can be routed to the handset and outgoing calls can be originated. 2. Making a call from a handset to a user on the local telephone network. 3. Receiving a call from the local telephone network. Unit 2: Wireless Network Standards 37 4. Making calls between two handsets via the local telephony network. 5. Using supplementary telephony services provided by the external network. Intercom Profile The Intercom profile is similar to the Cordless Telephony profile, adding only the feature of allowing direct calls between two handsets that are not using the local telephony network. This is generally referred to as the “walkie-talkie” profile. Serial Port Profile The Serial Port profile defines the protocols and procedures that are employed by devices that are using Bluetooth for serial cable emulation. This profile encompasses the scenario in which legacy applications are using Bluetooth as a cable replacement, through a virtual serial port. For the purposes of mapping the Serial Port profile to the conventional serial port architecture, both devices can be either a data circuit endpoint (DCE) or a data terminal endpoint (DTE). The protocol is designed to be independent of DTE-DCE or DTE-DTE relationships. Any legacy application may be run on either device, by using the virtual serial port as if a real serial cable was connecting the two devices (with RS232 control signaling). Headset Profile The Headset profile defines the protocols and procedures that are used by devices that are implementing the usage model called “Ultimate Headset.” The most common examples of such devices are headsets, personal computers, and cellular telephones. The headset can be wirelessly connected so they act as the device’s audio input and output mechanism, providing full duplex audio. The headset increases the user’s mobility while maintaining call privacy. The Headset profile provides control over the volume settings of both the microphone and the speakers. The microphone is 38 Unit 2: Wireless Network Standards always monophonic, but the speakers may be either monophonic or stereo. Dial-Up Networking Profile The Dial-up Networking profile defines the protocols and procedures that are used by devices such as modems and cellular phones. A cellular telephone may be used by a computer as a wireless modem for connecting to a dial-up Internet access server or for using other dial-up services. A cellular telephone or modem may be used by a computer to receive data calls. Fax Profile The Fax profile allows a Bluetooth cellular telephone or modem to be used by a computer as a wireless fax modem to send or receive a fax message. For the purposes of mapping the Fax profile to the conventional modem system architecture, the wireless telephone or modem is considered a data circuit endpoint (DCE) and the computer is considered a data terminal endpoint (DTE). LAN Access Profile The LAN Access profile defines LAN access by using point-topoint protocol (PPP.) PPP is a widely deployed means of allowing access to networks, which provides authentication, encryption, data compression, and multiprotocol facilities. PPP has been chosen as a means of providing LAN access for Bluetooth devices because of the large installed base of devices equipped with PPP software. PPP is capable of supporting various networking protocols (e.g. IP, IPX, etc.). This profile does not mandate the use of any particular protocol. However, since IP is recognized as the most important protocol used in today’s networks, the profile provides additional IP-related information. This profile does not deal with conferencing, LAN emulation, ad hoc networking, or any other means of providing LAN access. This LAN Access profile defines how PPP networking is supported in the following situations. Unit 2: Wireless Network Standards 39 1. LAN access for a single Bluetooth device. 2. LAN access for multiple Bluetooth devices. 3. PC to PC (using PPP networking over serial cable emulation). Generic Object Exchange Profile The Generic Object Exchange profile defines the protocols and procedures that are used by the applications that need object exchange capabilities. These applications are, for example, synchronization, file transfer, or the object push model. The most common devices that use these applications are notebook PCs, PDAs, smart phones, and cellular telephones. Object Push Profile The Object Push profile defines the requirements for the protocols and procedures that are used by applications that provide the Object Push model. This profile makes use of the Generic Object Exchange profile to define the interoperability requirements for the protocols these applications need. The most common devices using this profile are notebook PCs, PDAs, and cellular telephones. The scenarios covered by this profile are the following: 1. Using a Bluetooth device, for example, a mobile phone, to push an object to the inbox of another Bluetooth device. The object can be, for example, a business card or an appointment. 2. Using a Bluetooth device, for example, a mobile phone, to pull a business card from another Bluetooth device. 3. Using a Bluetooth device, for example, a mobile phone, to exchange business cards with another Bluetooth device. Exchange is defined as a push of, say, a business card followed by a pull of a business card. 40 Unit 2: Wireless Network Standards File Transfer Profile The File Transfer Profile (FTP) defines the requirements for the protocols and procedures that are used by applications that require file transfers. This profile uses the Generic Object Exchange profile as a base profile to define the interoperability requirements for the protocols that are needed by the applications. The most common devices that use this profile are PCs and PDAs. The scenarios covered by this profile are the following: 1. Using a Bluetooth device (e.g., a notebook PC) to browse an object store (file system) of another Bluetooth device. Browsing involves viewing objects (files and folders) and navigating the folder hierarchy of another Bluetooth device, for example, one PC browsing the file system of another PC. 2. A second usage is to transfer objects (files and folders) between two Bluetooth devices, for example, copying files from one PC to another PC. 3. A third usage is for a Bluetooth device to manipulate objects (files and folders) on another Bluetooth device. This includes deleting objects and creating new folders. Synchronization Profile The Synchronization profile defines the requirements for the protocols and procedures that are used by applications that require that objects stored on both devices be synchronized. This profile makes use of the Generic Object Exchange profile to define the interoperability requirements for the protocols applications need. The most common devices that requiring synchronization include notebook PCs, PDAs, and cellular telephones. The scenarios covered by this profile are the following: 1. A computer using a mobile phone or PDA to exchange PIM (personal information management) data, including any necessary log information to ensure that Unit 2: Wireless Network Standards 41 the data contained within their respective Object Stores is made identical. The types of PIM data include, for example, phonebook and calendar items. 2. A mobile phone or PDA using a computer to initiate the previous scenario (Sync Command Feature). 3. A computer using a mobile phone or PDA to automatically start synchronization when a mobile phone or PDA enters the radio frequency proximity of the computer. 2.2.2 ZigBee ZigBee is the name of a network architecture given by the ZigBee Alliance, an industry consortium that is focusing on promoting the use of low-power networks for applications such as home automation, industrial automation, building automation, and toys. While the integrity of the network must not be compromised, the emphasis is more upon power conservation for battery or other power-sensitive applications. The ZigBee Alliance has supported the development of IEEE 802.15.4 for its purposes. Along the way, the former HomeRF Consortium has been dissolved and many of its former sponsors have moved to support ZigBee. As of mid-2007, there are several commercial implementations of ZigBee. Chipcom and Freescale announced their silicon supporting ZigBee. Both operate only in the 2.4 GHz band. Freescale uses their M68HC08 microcontroller family with their RF Packet Radio chip. The 802.15.4 and ZigBee protocol stacks are implemented in software. Several other foundries, including those of Intel, Texas Instruments, Atmel, and Phillips have also developed silicon. The primary difficulty has been achieving the low-power specifications necessary to support the battery and alternate power sources envisioned by the committee. Ember Corp. has announced that its EmberNet products are being produced with Chipcom silicon for wireless sensor networking. Ember’s previous products have used more proprietary radios that operate in the same 915 MHz and 2.4 GHz 42 Unit 2: Wireless Network Standards ISM bands as ZigBee. The release of its ZigBee products is a significant event. Millennial Net has announced sensor networking products that conform to the ZigBee specifications. Millennial also produces its I-Bean products, low power 915 MHz narrowband radio, as components to be used by product manufacturers. One of its recent products uses an “energy harvesting” technology from Ferro, in which ambient vibration is used to power the communications interface, entirely without the need for batteries. ZigBee’s low-power consumption makes this configuration possible. Mattel supported the early development work of IEEE 802.15.4 because of its relevance to Mattel’s radio-controlled toys, Leviton to support its wireless lighting controls, and Eaton/CutlerHammer for its relevance to Eaton’s industrial automation products. These applications have ensured that the requirements for very low power remain among the developers’ priorities. IEEE 802.15.4 defines a low-level direct sequence spread spectrum radio interface for a network that is capable of transporting data through areas of high electrical noise and metallic interference at nominal distances up to 100 meters. In addition to robust noise rejection, the standard stipulates the use of mesh networking to overcome direct line-of-sight obstructions and to provide alternative path routing in cases of temporary network outages. Mesh networking also provides a convenient way to expand the coverage distances for ZigBee networks, since the distance limit only applies to the most distant unit. The ZigBee protocol provides the necessary mechanism for removing redundant messages received from alternate paths in the mesh. IEEE 802.15.4 only defines the communications radio (physical layer) and protocol (data link layer) for both star (point-topoint) and peer-to-peer topologies. The ZigBee Alliance has defined the network layer that specifies star, tree-cluster, and mesh network topologies. Additionally, ZigBee is defining the application layer profiles for several applications. The initial Unit 2: Wireless Network Standards 43 application areas for which profiles will be developed are industrial automation, home control, and building automation. Additionally, a profile is being developed for Automated Meter Reading. IEEE 802.15.4 Technology The physical and data link layers for ZigBee are defined by the approved IEEE 802.15.4 standard. Figure 7 illustrates the scope of the IEEE 802.15.4 standard and ZigBee. 802.15.4 Architecture } Upper Layers IEEE 802.15.4 LLC IEEE 802.2 LLC, Type I IEEE 802.15.4 MAC IEEE 802.15.4 868/915 MHz PHY IEEE 802.15.4 2400 MHz PHY ZigBee } 802.15.4 Figure 7. ZigBee Architecture (Source: IEEE working papers) Two of the primary goals for 802.15.4 are low cost and low power, which lead to low complexity and simplicity. Negotiating for data rates increases a protocol’s complexity, so 802.15.4 uses just two different data rates: 250 Kbps for high speed and 20 Kbps for slow-speed, very-low-power applications. 44 Unit 2: Wireless Network Standards Networks of sensors and actuators used in process control tend to be scattered, while the sensors and actuators used for factory automation tend to align with the large machines used. Typically, a star network can be expensive in terms of wiring, but a star network is very simple and inexpensive for wireless networks for either factory automation or process control. However, when the distance for any one device exceeds the maximum, or when devices need to communicate with other local devices, peer-to-peer networking may be more efficient. The form of peer-to-peer networking that is included in the IEEE 802.15.4 data link layer is very simple and is provided so as to enable the formation of clusters for tree topology and for implementing mesh networking at the ZigBee network layer. ZigBee supports low latency devices. Some devices produce very little data, such as a pulse when an event occurs, but they produce it frequently. Photocells that count products and tachometers that produce speed data are some examples. 802.15.4 provides guaranteed time slots for these types of devices in which missing data or a single pulse cannot be recovered. The basic protocol of 802.15.4 is Carrier Sense Multiple Access with Collision Avoidance (CSMA-CA). On very simple networks the non-beacon mode can be used, which allows the occasional collision and retransmission. On critical networks, beacon mode is used. Here, the node, acting as a network coordinator, arbitrates network traffic to prevent collisions by assigning nodes to one of sixteen specific time slots. On larger tree cluster and mesh networks, some nodes are also assigned to be network routers, and these nodes assign time slots to prevent collisions. All nodes can then sleep (low-power mode) whenever they are not scheduled to send or receive during a slot time. Figure 8 illustrates the time slot mechanism for 802.15.4. Devices then sleep until they are ready to determine if there are any messages. They awake in time to examine their time slot and take any appropriate action if there is a message. If not, then they can return immediately to sleep. It has been estimated that most nodes in a beacon network will remain asleep Unit 2: Wireless Network Standards 45 GTS 3 GTS 2 GTS 1 15ms * 2 n where 0 ≥ n ≥ 14 Network beacon Transmitted by network coordinator. Contains network information, frame structure and notification of pending node messages. Beacon extension period Space reserved for beacon growth due to pending node messages Contention period Access by any no de using CSMA-CA Guaranteed Time Slot Reserved for nodes requiring guaranteed bandwidth [n = 0]. Figure 8. Frame Structure for IEEE 802.15.4 (Source: IEEE working papers) approximately 97.5 percent of the time. Sleep invokes the lowpower state so the microcontroller can save power, so the clutter in the frequency band can be reduced, and to avoid most sources of interference. Devices are usually addressed with a short (16-bit) address, which limits the number of nodes in any one subnet to 255. The subnet is defined by the stations that are managed by a beacon. In full addressing mode, the node may be directly addressed by its full 64-bit long address, such as during network setup. Each message sent to a node is acknowledged by using a highly efficient short frame. Acknowledgement guarantees delivery and is the form of confirmed services that is used in 802.15.4. Low power consumption is enabled by using a very simple protocol and by allowing all battery-powered remote nodes to sleep most of the time. The time-slotted services enable each node to sleep while it is waiting for its slot. 46 Unit 2: Wireless Network Standards The standard specifies that 802.15.4 technology should operate at three different frequency bands to accommodate some of the frequency assignments in the different countries in which the standard’s approval will be sought. There are sixteen channels in the 2.4 GHz ISM band that are applicable everywhere in the world, ten channels in the 915 MHz ISM band that are applicable only in North America, and one channel in the European 868 MHz band. Figure 9 illustrates the frequency allocation for IEEE 802.15.4. 868MHz/ 915MHz PHY 2.4 GHz PHY Channel 0 Channels 1-10 868.3 MHz 902 MHz Channels 11-26 2.4 GHz 2 MHz 928 MHz 5 MHz 2.4835 GHz Figure 9. Operating Frequency Bands (Source: IEEE working papers) The feature of the 802.15.4 protocol that contributes most to long battery life is the extremely low duty cycle. Each batterypowered network node is intended to sleep 97.5 percent of the time. The active router nodes that generate the beacons awaken on the beacon time schedule, and they are awake more than the end nodes. The coordinator node for the network tends to be a powered node that is not subject to reduced energy consumption. Figure 10 illustrates the topology of a ZigBee network. 2.2.3 WiMedia (IEEE 802.15.3) The objective of IEEE 802.15.3 was to develop alternative highdata-rate radio delivery methods for personal area networks. This work failed to come to agreement, and has been termi- Unit 2: Wireless Network Standards 47 ZigBee Coordinator ZigBee Router ZigBee End Device Mesh Link Star Link Figure 10. ZigBee Network nated by IEEE, but the work continues through the WiMedia Alliance and UWB-Forum. The committee defined UltraWideBand (UWB) as its chosen technology. However, UWB is still new and its use for networks is in an embryonic stage. The standards committee provisionally approved the use of multiband orthogonal frequency division multiplexing (MODFM), which simulates the original pulse-position modulated UWB signal now called DS-UWB (Direct Sequence – UWB) or sometimes CSS (Chirp Spread Spectrum.) WiMedia was being created to make possible the local connection of high-speed devices such as streaming video over short distances. This will make it possible to replace hard wires and therefore simplify the process of connecting devices for home entertainment. Like other WPANs, the connection distance is expected to be from a few millimeters to about 10 meters. The FCC ruling that approved the use of UWB allows the frequency range to overlap other assigned frequencies. The premise for this decision was that the signal at each frequency is so short and low in power that other radio services would view it as impulse noise. The FCC ruling has forced WiMedia to operate in the 3.1-10.6 GHz band and to exclude all signals from the 48 Unit 2: Wireless Network Standards GPS bands at 1.228 and 1.575 GHz. Figure 11 illustrates the frequency assignments for UWB and the restricted power rating required. Narrowband (30kHz) FCC Part 15 Limit Wideband CDMA (5 MHz) UWB (Several GHz) Frequency Figure 11. Frequency Band for UWB Radio (Source: IEEE working papers) WiMedia is being designed for high data rates from 54 to over 500 Mbps. While such high data rates may not currently be necessary for industrial automation, the prospect of interconnecting systems without wires is often an appealing one. With more experience in using UWB at these very low power limits, manufacturers will make greater efforts to extend distance by increasing average power output. The Bluetooth SIG has decided to develop a Wireless USB profile based on the use of WiMedia technology. Eventually, this may get written into an update of the IEEE 802.15.1 standard. The IEEE 802.15.4a Task Group has, on the other hand, approved an alternate physical layer using DS-UWB. 2.3 WMAN, WiMAX (IEEE 802.16a) WiMAX is a robust, higher-power technology that is used for wireless broadband. It has been developed for long distances, up to forty kilometers, and for metropolitan locations where line-of-sight interference is possible. While WiMAX does not seem well suited to low-level industrial automation applications, it is appropriate for replacing cable used in “home-run” or other high-bandwidth long cable runs – those identified as H2 for many fieldbus applications. Unit 2: Wireless Network Standards 49 WiMAX is specifically addressing the 2.5 GHz frequency band. It is expected that WiMAX will be deployed across both licensed and unlicensed bands, for specific needs. This too is a developing market, but it is one that is based on several years of experience with Multichannel Multipoint Distribution Service (MMDS) in the 2.1 to 2.7 GHz licensed frequency band. WiMAX is based on the IEEE 802.16a standard for stationary nodes, and for mobile nodes in IEEE 802.16e. The WiMAX technology includes mesh network topology that solves the multipath problems encountered by MMDS before it. It is also based on the use of orthogonal frequency division multiplexing (OFDM), the same technology that used in 802.11a, g, and n. Mesh networking also allows suitable signals to be delivered to areas in which direct line of sight from the primary transmitter is obstructed. WiMAX is not a low-power standard and is not intended to use unlicensed frequency bands. One of the first projected uses of WiMAX is as the wireless backhaul network for Wi-Fi access points. Backhaul is a telecommunications term for the network infrastructure that is needed to deliver data to the primary user networks. In this case, WiMAX is being groomed to connect Wi-Fi access points to the host network in an all-wireless network. Another potential use of WiMAX is to be the “last mile” for delivering broadband to homes and business. This has the oxymoronic name of wireless cable. In this service, hundreds of channels of television will be delivered, along with two-way voice (telephony) and data services. WiMAX is also being proposed for wireless cell phone use where it is often referred to, unofficially, as 4G wireless. 2.4 Wireless Telephony Radio has been used for telephone or voice communications since the 1920s. World War II witnessed the use of walkie-talkie phones, which were heavy and had very short battery life. Citizen’s Band (CB) radio became popular in the 1970s. The first wireless telephone network used a technology called Advanced 50 Unit 2: Wireless Network Standards Mobile Phone Service (AMPS), which is still implemented in most North American metropolitan areas. AMPS was generally known as a “car phone” technology because the radios of the day used high-power technology, which made them large and heavy. Today, AMPS is often implemented in conventional “trimode” cell phones that use low-power radio. AMPS towers typically cover a range up to about forty kilometers. European countries each installed different analog wireless networks, but soon realized that they needed a system common for all of Europe. The European Economic Community (EEC) standardized an early all-digital method called GSM (for “global system for mobile communications”). GSM uses TDMA (time division multiple access) as well as FDMA (frequency division multiple access) in its protocol. GSM was originally assigned the frequencies 890-915 MHz for the uplink (mobile station to base station) and 935-960 MHz for the downlink (base station to mobile station) for mobile networks in Europe. These frequencies are not available for this purpose in North America. Eventually, the capacity of the system was improved by adding more frequencies in the 1800 MHz band. GSM is also implemented in North America in the 1900 MHz band. You can read much more about GSM on the official website: http://www.gsmworld.com/index.shtml. The FDMA part involves the division by frequency of the (maximum) 25 MHz bandwidth into 124 carrier frequencies spaced 200 kHz apart. One or more carrier frequencies are assigned to each base station. Each of these carrier frequencies is then divided in time, using a TDMA scheme. The complex TDMA and FDMA scheme allows many users to simultaneously use the same frequency on a single base station. North America evolved more slowly toward replacing AMPS with digital technology. The first offerings were TDMA schemes that were not compatible with GSM. All of these are now being converted to GSM, but at the North American 1900 MHz frequency band (AT&T). T-Mobile has developed a pure GSM service in the North American 1900 frequency band. Unit 2: Wireless Network Standards 51 Qualcomm developed its DSSS-based CDMA (code division multiple access) modulation method, which was adopted by two U.S. wireless companies (Sprint and Verizon). CDMA offers a clear migration path to higher digital data rates that are not directly offered by GSM. In 1998, the ITU (International Telecommunications Union), which is the United Nationssanctioned standards body responsible for telephony and radio standards, adopted CDMA-2000, a standard based on Qualcomm’s patents. Its objective was the eventual union of wireless telephony for the world in the 2.4 GHz frequency band. This plan was called 3G (third-generation) wireless. CDMA-2000 was doomed from the start since it did not consider all of the varied frequency assignments around the world, nor did it consider the prior investments in GSM and TDMA technology. Moreover, the popularity of Wi-Fi in the 2.4 GHz frequency band would suffer if CDMA-2000 were permitted in this same band. However, all is not lost! The revision of CDMA-2000 is called WCDMA (for “Wideband CDMA”) and calls for the recognition of regional frequency assignments. It also calls for the stepwise migration of data rates through some intermediate steps called 2.5G, since GSM, TDMA, and early CDMA were considered 2G, or second generation. Specifically, WCDMA takes into account the use of multiple radio channels and allows GSM-like TDMA when necessary to maximize the use of these channels. The 2.5G steps such as General Packet Radio Service (GPRS) and EDGE (Enhanced Data rates for Global Evolution) for GSM and CDMA2000 1xRTT (radio transmission technology) are interesting. However, they are transitional steps to 3G that will soon become obsolete. Only WCDMA and the full CDMA2000 1xEVDO (EVolutionary Data Only) specifications will produce real 3G data rates in excess of 2.0 Mbps. These are the current standards toward which the cellular telephone industry is migrating. However, since radio technology is still embryonic, we can expect more rapid change toward higher data rates, even before the market settles on a current definition of 3G. Figure 12 illustrates the evolutionary path of the transition from 2G to 3G telephone standards. 52 Unit 2: Wireless Network Standards Figure 12. Evolution of Digital Cellular Technologies 2.5 Convergence of Voice and Data Networks In case you had not noticed, the evolutions of modern voice networks and data networks have a great deal in common. At one time, when voice was carried as an analog signal, the switched voice network was unique. Gradually, the analog signal was replaced by a digitized stream that was used only in the long distance networks. Then, the local switching office was replaced by a digital switch that required the voice to be digitized as soon as it entered the telephone central office. The latest telephone technology uses VoIP (Voice over Internet Protocol), in which voice is digitized at the local telephone handset, if there is one, or by a VoIP modem. Wireless telephones using digital PCS and GSM have always been all-digital. The commonality now is the use of one universal protocol, IP, for the voice network as well as for the data network. The convergence of voice and data networks is expected to have a profound influence on the development of future network technologies. Voice is the largest single market for any Unit 2: Wireless Network Standards 53 digital technology, and is responsible for reducing costs for network elements to very low levels. The voice network has long been used in cumbersome ways to transport data, as with telephone modems. With modern VoIP technology, voice and data naturally mix on the same network, reducing the cost of implementing the data network by sharing the cost with the voice network. Today, controversy swirls over the wisdom of spreading Wi-Fi “hotspots” for data access with the alternative of making data connections widely available through the use of 3G technology. The only thing fueling this controversy is the reluctance of the wireless telephone carriers to make the required infrastructure investment for the propagation of 3G networks and attractively pricing the service. The problem is not technical! If the wireless telephone carriers understood the rich rewards of making broadband data service widely available at reasonable prices, then there would be no need for Wi-Fi hotspots. However, the telephone industry has historically not understood the need to develop a data utility market, and has priced itself out of this market on many occasions. As a result, the cost of 3G is not presently competitive with WiFi solutions. However, the evolution to full WCDMA and CDMA2000 1xEVDO will occur before the end of 2008, according to the current plans of the wireless telephone industry. By that time, I expect low-cost versions of 3G to become available for local converged voice/data networks, much like PBX is used today. It is this availability that may offer 3G for practical use in industrial automation. Section 4.5 contains a more technical discussion of this issue. Unit 3: Industrial Automation Requirements Industrial automation is a difficult market in which to introduce any new technology. The rate of acceptance of any new technology in industry is relatively slow compared to the commercial, office, or home markets. Even when technology is well accepted by one of the more visible markets, there are special environmental problems that must be overcome. Security and privacy are different in the industrial automation market as well. Reliability, however, is often the factor where some measurable difference in implementation is required from other markets. 3.1 Environmental There are two generally accepted submarkets within industrial automation: • factory automation • process automation Factory automation generally encompasses both machine shops, where metal cutting is involved in the manufacture of products; and assembly, where parts are fabricated into finished products. Additionally, in factory automation, materials handling, movement, or conveying is normally required to move raw materials, work-in-progress, and final products within the shop floor and to/from shipping locations. The factory is often dirty, dusty, oily, noisy, filled with vibration, and electrically noisy because of all the electrical motors used to power equipment. Temperature, while often uncontrolled, is usually suitable for human inhabitation. Except for wash-down conditions, the factory floor is rarely wet. 55 56 Unit 3: Industrial Automation Requirements In contrast, process automation often occurs in plants located out-of-doors, and the production is usually hidden from the plant operators since it usually lies inside pipes, tubes, and pressure vessels. The products are often fluids, thus leading to the label fluid process industries. Often the products and the intermediates are volatile and sometimes flammable or poisonous to humans. In most cases, the fluids are corrosive as well. Here too, electrical noise is usually high because of all the electrical motors used to power mixers and pumps. Temperature is uncontrolled except for the places, typically called control rooms, which are intended for human habitation. The process area is typically subject to all types of atmospheric conditions, including rain, snow, ice, wind, and direct sunshine. 3.2 Security The security of an industrial automation network means the network is protected against espionage, sabotage, or attack. This implies a freedom from risk or danger from outside sources. It also means the network may be depended upon to continuously do its job of delivering data when and where it was intended. Where process or human safety is one of the network tasks, that safety is ensured. The term security is often used to include both privacy and reliability, but this dual usage is incorrect. We discuss privacy and reliability in the next two sections. However, many of the solutions for making a network more secure will also have the side effect of increasing privacy as well. 3.3 Privacy Privacy is defined as the quality or condition of being secluded from the presence or view of others. It might also be described as the state of being free from unsanctioned intrusion, or being concealed. If network security eliminates unauthorized intrusion, then it has effectively provided a privacy solution as well. Even when the network is adequately protected against external intrusion, it must still be protected against persons or sys- Unit 3: Industrial Automation Requirements 57 tems accessing or changing data to which they are not authorized. Often, the information technology (IT) staff in a particular business area will have open access to the business network, but they could do unintended damage if their access were extended to the automation network. For example, a common IT procedure is to notify all users of some company-wide event such as a server being rebooted. In the Windows operating system, such notices are sent using the NET SEND command. This creates a broadcast message on the network that passes through all network switches. A router that has been enabled to prohibit broadcast messages through stateful inspection will block such messages. Stateful inspection is a firewall that keeps track of the state of network connections (such as TCP streams) travelling across it. Automation network access by authorized persons and programs must be allowed, but not by unauthorized persons or programs, even though they may have open access to the entire business database and network. Blocking network access is generally assigned to devices called firewalls. For example, firewalls are conventionally used to isolate a business’s network from the Internet. Firewalls work by blocking access to IP port addresses. Additionally, they may authenticate users by requiring a log-on. 3.4 Reliability Reliability means dependability. Network failure often means the failure of the automation system upon which control of the process or machine depends. When a network fails some type of system response is usually required to bring the process or machine to a safe state, depending on the nature of the data being passed on the network. For example, if all control occurs only in field devices and they do not depend on the network, then network failure need not cause control to cease, but it should produce an alarm to notify human operators. If the process cannot run when the network fails, then some fail-safe mechanism must be implemented to bring the process or machine to a safe state. 58 Unit 3: Industrial Automation Requirements Higher reliability in cabled networks can often be achieved by using premium components such as better cable, connectors, and terminations as well as network electronics of higher quality or greater ruggedness. The only equivalent reliability achievable in wireless networks is to use higher-quality or ruggedized network electronics. Higher power radio can often be used to overcome interference, but most of the time, radiated power is limited by governmental regulations. Fault-tolerance is a solution for improving network reliability. Networks that are fault-tolerant provide more than one network path between any two nodes. Mesh networks are specifically a fault-tolerant solution for wireless networks. 3.5 Power Industrial wired networks are generally expected to deliver power to each node, as well as to carry the network signals. In many process plants, the network is also expected to be intrinsically safe, meaning that a cable break will not cause flammable gases to ignite. Wireless networks definitely have the advantage of not using wire and are inherently safe, but powering wireless nodes remains a problem. Battery power is not a well-accepted power source for primary control devices, except to provide backup power. This attitude may eventually change, but a better primary power source must be provided for wireless devices. Local AC, or sometimes DC, power is always an option, and wiring for power costs much less than wiring for communications, since local power sources are usually available. Unit 4: Application of Wireless Networks to Industrial Automation 4.1 Politics of Wireless Most of us in industrial automation would like solutions to be based upon sound engineering principles and open, competitive procurement practices. In other words, we would like to purchase our solutions/applications from the supplier that has the best product at the right price and delivery for our needs and supplies the type of maintenance services we require. Unfortunately, it just doesn’t work that way! All too often, suppliers have a vested interest in milking the last quarter-year of product life from existing products, or most often perceive the need to make any new product backwards-compatible with existing products to maintain their customer base. To this end, they participate in standardization activities and industry consortiums with the stated mission of embedding their technology into the resulting standards and documents. This is not evil; it is business. Wireless is a disruptive technology, as Peter Drucker described the term in his book: Innovation and Entrepreneurship: Practice and Principles (Harper & Row, 1985). According to Drucker, business is conducted differently after a disruptive technology is introduced. Leading suppliers to an industry will always resist disruptive technologies since they tend to render existing products obsolete before the end of their desired life cycles. Disruptive technologies offer new opportunities for new or secondary competitors within an industry to assume leadership by displacing entrenched suppliers. In process control, the introduction of the distributed control system (DCS) was such 59 60 Unit 4: Application of Wireless Networks to Industrial Automation a disruptive technology, and Honeywell emerged as the industry leader, displacing previous leader Foxboro. Fieldbus is another example. Emerson has successfully played its Fieldbus leadership card and has emerged as the process control DCS leader, displacing Honeywell and pushing Foxboro further down the stack. Currently, no leading process control supplier has fully embraced wireless, which indicates that we are not yet on the brink of a disruptive revolution. However, both Honeywell and Emerson have now introduced their second generation wireless networks and devices with a promise to upgrade them to the future ISA100 wireless standard when it becomes available. No factory automation supplier has yet embraced wireless either, although Eaton has been an early sponsor of the development of IEEE 802.15.4/ZigBee. The transition of industrial networks to an Ethernet base in this industry is now in its market development phase. Therefore, interest in wireless is currently at a low ebb. However, even before Ethernet solutions become the de facto standards in factory automation, wireless will have a dramatic effect. The politics of wireless tend to work against the conservative suppliers in the industrial automation industry, both in process control and factory automation. Wireless has already invaded the home: more than 65 percent of home networks are wireless. Office networks are also rapidly expanding with wireless links, especially since the equipment is very low-cost, highly reliable, and easy to configure. Wireless is spreading much as the personal computer did in the PC revolution of the mid-1980s. If this parallel holds, then wireless will eventually invade the shop floor in manufacturing – with or without the product support of current suppliers. As the major automation suppliers resisted the PC, the HMI (human-machine interface) market rose to meet the industry’s needs. Something similar can happen with wireless. To give order to wireless, there are standards. Unfortunately, there are too many standards, a problem not dissimilar to the fieldbus situation. In addition to the declared standards work, there are also separate industry consortiums and vendors’ pro- Unit 4: Application of Wireless Networks to Industrial Automation 61 prietary products. These are also part of the politics of wireless. At the moment, no single wireless solution exists that is capable of solving all connection problems in all of industrial automation. The remaining part of this chapter reviews the potential of each of these solutions to play some part in the wireless future for the industrial automation market. 4.2 Wi-Fi Wi-Fi can be used anywhere that wired Ethernet can be used, and in many other locations too hostile, expensive, inconvenient, or cluttered for physical wiring. However, Wi-Fi does have many limitations that may make it the non-optimal choice for a wireless industrial network. Wi-Fi, like Ethernet, is designed for applications that are permanently connected or on all of the time. Wi-Fi is not meant for mobile applications, although recent modifications to IEEE 802.1d allow some mobility between the switches of a single wired network. There are also some recent implementations of wireless switching for Wi-Fi networks. However, for a device such as an automated guided vehicle or forklift truck, which is in constant movement, these solutions require excessive time and network overhead. Wi-Fi is also not designed for low-power applications. Notebook computers using Wi-Fi on battery operation typically experience a rapid power drain that often reduces their effective battery life by 50 percent or more. While Wi-Fi does not require high transmit power, the protocol for the network expects to find the Wi-Fi radio ON all of the time. Field instruments or other measurement devices would need a local source of power to effectively use Wi-Fi. Recent advances in wireless switching for Wi-Fi access points effectively turn the access point into a network switch. Traditional Wi-Fi access points are more like Ethernet hubs that broadcast all messages received from the wired network to all Wi-Fi devices within their radio range. It is the responsibility of the wired switch in the network above the access point to use its IEEE 802.1d spanning tree bridge protocol to filter out all mes- 62 Unit 4: Application of Wireless Networks to Industrial Automation sages not intended for stations connected through that access point. Access points are now available to perform these switching functions. However, mobile devices must be able to initiate a message whenever they move from one location to another in order for the network spanning tree to remove them from the old location and establish them in the new location. Wi-Fi networks are intended for high-bandwidth usage, varying from a low of 1.0 Mbps to today’s limit of 54 Mbps, and perhaps soon to 480 Mbps or more, given the future IEEE 802.11n standard. High bandwidth usually requires more power than lower bandwidth, which makes Wi-Fi less appropriate for battery or other low-power applications. Obviously, Wi-Fi is used on battery-operated notebook computers, but here the Wi-Fi component uses far less energy than the microprocessor, and is therefore not the central issue in battery life. Of lesser importance is the fact that the Wi-Fi spectrum is quite crowded with wireless LAN traffic, cordless telephony, Bluetooth, microwave ovens, and other unlicensed uses. Wi-Fi has a range of about 100 m or less depending upon the topology, which is typical of most networks operating in the 2.4 MHz ISM band. The fact that Wi-Fi can easily be substituted for Ethernet in almost any application means it will be able to be used without modification in industrial automation applications where Ethernet is already accepted, such as to replace Modbus/TCP, FOUNDATION™ Fieldbus HSE, EtherNet/IP, or PROFINET. Obviously, there will be performance, privacy, and security issues that these network designers did not consider when high speed wired Ethernet was to be the base network, but many early applications will ignore the obvious problems. Eventually, the network sponsors will need to address performance, privacy, and security issues for Ethernet-based networks using Wi-Fi. 4.3 Bluetooth When Bluetooth was first announced, many thought that it would naturally become the most favored wireless network for Unit 4: Application of Wireless Networks to Industrial Automation 63 industrial automation. However, part of that premise was that the cost of the Bluetooth node would quickly drop to only a “few dollars” as the volume of Bluetooth implementations exponentially increased. The key to high volume in Bluetooth sales was its core application: a wireless headset for cell phones. Unfortunately, the cost of wireless telephone headsets still lingers in the $40-80 price range, dramatically limiting Bluetooth’s sales volume. The commodity market for Bluetooth has yet to emerge, and the cost of the chip remains high relative to other wireless choices. A closer look at the full Bluetooth suite has also revealed significant overhead posed by its software, which has again complicated Bluetooth’s acceptance for uses other than the original purposes for which it was invented, and for which profiles are already available. While the overhead does decrease efficiency, the more important factor is the large memory requirements for embedded applications. This has enabled “improved” protocols to be developed for other applications such as ZigBee for industrial automation and WiMedia for streaming video. The net effect is to reduce the market for Bluetooth silicon, keeping its selling price high. The future for Bluetooth lies in the hands of the Bluetooth SIG, the organization supporting the development of the Bluetooth standard. There is considerable interest within Bluetooth SIG in simplifying the Bluetooth stack for applications that do not require voice or streaming video. Suppliers that are already committed to Bluetooth for industrial automation and other similar applications drive some of this interest. Other members of the Bluetooth SIG want to increase the performance of Bluetooth for more traditional data uses such as wireless USB and for larger piconets. Read more about Bluetooth at the Bluetooth websites: http://www.Bluetooth.org and http://www.Bluetooth.com. Notice that Bluetooth does not have a profile for industrial automation applications. This is mostly because the Bluetooth SIG was focused on telephony-like applications. For Bluetooth to become useful for industrial automation, suitable profiles would need to be developed that are specific to this application. 64 4.4 Unit 4: Application of Wireless Networks to Industrial Automation ZigBee ZigBee was designed for industrial automation as one of its core markets. The protocol was designed for significant sleep time in excess of 97 percent, enabling long battery life. Intermittent use of the spectrum also reduces the opportunity for interference. The moderate data rate and bandwidth were designed for industrial automation applications to keep energy consumption low during transmission. However, ZigBee implements only DSSS on a single channel in the 2.4 GHz domain, and does not offer frequency hopping that has been successfully used for early industrial automation products. The purpose of this book is not to sell any particular technology—that is the task of commercial equipment suppliers. However, it does appear that ZigBee fulfills many of the market and technical requirements for many of the industrial automation applications where wireless data transmission to/from field devices is involved. At this point, acceptance of ZigBee is quite uncertain. One of the supporting founders of the ZigBee Alliance is Leviton, one of the world’s largest makers of AC receptacles and switches. However, they have not yet announced volume products for ZigBee that could elevate chip production to commodity levels. Both Honeywell and Invensys are supporting the ZigBee Alliance, but more for their respective process control or building automation products. Eaton/Cutler-Hammer also supports ZigBee, but it also has not announced any product intentions. Certainly, ZigBee does not support the high-data-rate backbone networking functions. Therefore, any entirely wireless industrial automation solution would need to support ZigBee and some other wireless broadband protocol. There is still some controversy over the ability of ZigBee’s direct sequence spread spectrum protocol to adequately reject industrial electromagnetic noise, vs. use of frequency hopping spread spectrum as used by both Honeywell and Accutech in their commercial process control field instruments. While both DSSS and FHSS reject noise, at least these two suppliers advocate that FHSS is more robust. Unit 4: Application of Wireless Networks to Industrial Automation 65 Furthermore, ZigBee alone is not enough, since it only defines the basic means of data communications. More complete upper layers such as for FOUNDATION™ Fieldbus, Profibus, DeviceNet, or LonWorks are necessary before a technology such as ZigBee can be used in an industrial automation system. You can read more about ZigBee at the ZigBee Alliance website (http://www.zigbee.org) and also at the IEEE 802.15.4 website (http://www.ieee802.org/15/pub/TG4.html). 4.5 ISA100 Standard for Wireless Industrial Networks ISA Standard and Practices committee 100 (SP100) was chartered in 2005 to prepare a standard for wireless industrial networks. It appears that the first release, designated as ISA100.11a and targeted to the needs of the process industries, will be completed in 2008. Most of the major automation suppliers are active contributors to this committee. The categories of wireless applications have been classified by the ISA SP100 committee as shown in Table 4. Table 4. Categories of Wireless Applications ISA100 is targeted to be a family of compatible networks for the industrial manufacturing environment. The first release, ISA100.11a is being developed to be the universal wireless network to support FOUNDATION™ Fieldbus, HART, and Profibus- 66 Unit 4: Application of Wireless Networks to Industrial Automation PA when accessing these devices via a wireless interface. It is expected that their respective consortiums will create wireless applications to work with the ISA100.11a base network. As of mid-2007, the Fieldbus Foundation has agreed to base its wireless version of FOUNDATION™ Fieldbus on ISA100; HART Communications Foundation has decided to release its own unique wireless interface, but is working with ISA100 to seek some type of interoperability. PROFIBUS Nutzerorganisation has agreed to support WirelessHART, but is actively contributing to ISA100 with the expectation of basing wireless Profibus on ISA100 technology. ISA100.11a is being designed to support non-critical applications in the process industries, but is not exclusive in this support. This first release supports low-speed closed loop control with cycle times no faster than one second, and latencies no smaller than 100 ms. Future releases will be targeted for higher speed control loops and lower latencies suitable for discrete controls in factory automation. Not only are ISA100.11a compliant field instruments expected to be on the market by the end of 2008, but modules also will be available to attach to existing wired HART instrument 4-20mA cabling to access the digital HART data available on this wiring. All HART data is obtained by specification of the HART DD (Device Description,) a subset of EDDL. The modules will be able to draw power from the 4-20mA wiring just like the HART instrument. The HART data can then be used on an ISA100.11a compatible handheld device, or may be routed through the ISA100.11a network to a gateway device connected to a host system. 4.5.1 ISA100.11a Technology Like ZigBee and WirelessHART, ISA100.11a is based on the use of IEEE 802.15.4 chips operating in the 2.4 GHz frequency band at very low duty cycles to enable long life in battery-powered nodes. ISA100.11a additionally specifies channel hopping, or fixed frequency changing among the 16 channels defined for IEEE 802.15.4. One of these channels is not available in all Unit 4: Application of Wireless Networks to Industrial Automation 67 countries, and may be excluded from use for any particular installation. Nodes may be configured to be leaf-nodes with no mesh routing to maximize battery life, or full mesh nodes that are capable of routing messages toward the gateway. Channel hopping provides frequency diversity to avoid interfering signals, and mesh routing provides spatial diversity to eliminate fade or multipath effects. Mesh routing also provides the distances and topological paths needed to reach all parts of the plant. Additionally, ISA100.11a uses TDMA (Time Domain Multiple Access) for longer messages to maximize use of the media. Routing within the ISA100.11a field network is provided within the upper portion of the Data Link Layer. In order to provide long battery life for battery-powered nodes, ISA100.11a nodes are asleep most of the time. Nodes awake on a variable schedule to transmit, receive, or relay (route) data. The awake/sleep schedule is a configurable variable to allow the network to be tuned somewhere between maximizing battery life and minimizing latency time. Unlike IEEE 802 standards, ISA100.11a is a full stack solution to the industrial network problem. A lightweight version of Internet Protocol Version 6 or IPv6 (6LoWPAN, IETF draft standard RFC4944) is used at the Network Layer, providing IP access to field devices, if desired. The Network Layer provides routing compatibility outside the ISA100 network. For reasons of efficiency, the Network layer defines short addresses (16bits) that are used for normal data exchange among ISA100.11a devices. Short addresses are also used to make devices inaccessible to normal IP access. However, since the short addresses are subsets of the actual device 128-bit IPv6 address, it is possible to access field devices via a long IP address when necessary. Use of this type of addressing eliminates the maximum number of notes on an ISA100 plant network. The Transport Layer provides acknowledged and unacknowledged transfers and allows retries for data not successfully delivered to its destination. Unlike TCP, the ISA100 Transport Layer does not attempt to optimize message routing or other inefficiencies of TCP. Block data transfer, unicast, and multicast data transfers are supported. 68 Unit 4: Application of Wireless Networks to Industrial Automation The ISA100.11a Application Layer not only provides all of the usual read/write and upload/download functions, but also adds an object-based Upper Application Layer based on access to field data parameters using EDDL (Electronic Device Description Language) that is standardized by IEC 61804. Use of EDDL is designed to make ISA100.11a immediately compatible with FOUNDATION™ Fieldbus, HART, and Profibus, all of which have EDDL compatible data access on their wired networks. Additionally, OPC has also adopted EDDL for its object-based data network access. For networks in which devices may require the use of protocols that cannot be resolved with the native ISA100 protocols, messages in the native device protocol can be encapsulate using this protocol option. The encapsulated message may then be carried on the ISA100 wireless network between the Gateway to the host or upper level network and the field device. Security has been interwoven into the design of ISA100.11a from the beginning. In general, ISA100.11a security uses symmetric AES-128 or 256 encryption keys or asymmetric public/ private encryption keys for data exchange. The use of carefully designed encryption allows the use of ISA100.11a to be protected from unauthorized access or interference. Additionally, ISA100.11a is designed to be configured over the air without requiring a specific configuration device. ISA100 has been designed for installation in a wide variety of plants from small to very large. One of the options is to use field routers to extend the network to dimensions and locations that may otherwise be unsuitable for wireless networks. This forward-looking standard also allows using different chips at the physical layer in the future to obtain the performance that will be enabled as changes in silicon become available. It has been based on available work from other standards committees including work done by the IETF (Internet Engineering Task Force) as well as IEEE 802 in various committees. Unit 4: Application of Wireless Networks to Industrial Automation 4.6 69 WirelessHART Starting in 2006, the HART Communications Foundation launched its program for HART version 7 that includes WirelessHART protocol. The objectives for WirelessHART were to provide a wireless link to channel the HART data captured in more than 5 million field instruments without a digital connection to the control system to which they are attached. Additionally, Wireless HART is to provide the protocol to be used to build new HART instruments with a wireless interface for use by field technicians and for connection to host systems. The primary benefit for WirelessHART is the ability to network the millions of existing wired HART devices that currently have no connection to a DCS or any other network. This requires a Gateway device to gather information from the WirelessHART network and supply it to a host system. A common interface protocol between the WirelessHART Gateway and a host network is being defined for host networks running FOUNDATION™ Fieldbus or Profibus. WirelessHART devices are expected to be marketed as full wireless instruments and as adapter modules for connecting to existing wired HART instruments. 4.6.1 WirelessHART Technology WirelessHART, like ISA100.11a and ZigBee, also uses the IEEE 802.15.4 chip in the 2.4 GHz band with low duty cycles for long life with battery-operated nodes. Like ISA100.11a, WirelessHART also uses channel hopping among 15 of the available channels and mesh routing. In WirelessHART, all nodes are capable of routing. The WirelessHART protocol has simple Network, Transport, and Application Layers. WirelessHART security is implemented using 128-bit AES encryption. Different encryption keys are used for joining the wireless network and for transferring data. WirelessHART nodes are asleep most of the time to conserve battery life for battery-operated nodes. Each WirelessHART 70 Unit 4: Application of Wireless Networks to Industrial Automation node awakens on a fixed 10ms time schedule to transmit, receive, or relay data. The network layer is responsible for routing using graph routing technology. Routing provides redundant paths for reliability, and is optimized for minimal latency. The WirelessHART Transport layer is defined to allow long data transfers to be segmented during transmission. Broadcast, multicast, and unicast transmissions are all supported. Reliable block data transmissions are supported, including un-acknowledged and acknowledged data transmissions with retries in case the transmission was unsuccessful. A formal Application layer is not defined, but HART 7 instruments may transmit data values by request, upon significant change, or upon crossing a critical threshold value. HART values are addressed using the traditional HART DD’s (Device Descriptions) or the newer EDDL shared with FOUNDATION™ Fieldbus and Profibus-PA. Additionally, WirelessHART configuration settings are also addressed by new DD’s defined for that purpose. The common Gateway interface between WirelessHART and host networks for FOUNDATION™ Fieldbus and Profibus has not yet been defined (as of late 2007.) The purpose of this interface is to make HART devices connected through the WirelessHART network accessible to controllers using only the HART commands that are based on EDDL or its DD subset. Modules for WirelessHART will be available to attach to existing wired HART instrument 4-20mA cabling to access the data available on this wiring. All HART data is then available by specification of HART DD (Device Description). The modules will be able to draw power from the 4-20mA wiring just like the HART instrument. The HART data can then be used on a WirelessHART handheld device, or may be routed through the WirelessHART network to a gateway device connected to a host system. Unit 4: Application of Wireless Networks to Industrial Automation 71 Because the WirelessHART network is limited to only handling HART data, the security aspects of WirelessHART are much less complex than those for ISA100. The WirelessHART interface modules and WirelessHART instruments are expected to be configured on the bench with the instrument name, tag, and security key. A conventional HART handheld configurator may be used for all of these operations. This means that WirelessHART instruments must first be configured by attachment to a 4-20mA connection, even if this connection is not used during operation. WirelessHART instruments cannot be initially configured over the wireless network. 4.7 Comparison: WirelessHART vs. ISA100.11a Since WirelessHART and ISA100.11a were written to serve the same general process control market needs, it would seem that they should be compatible. However, they were written by two independent organizations, with different goals and with no interaction between them until the HART 7 specification was completed. Although the ISA100.11a development effort was public and open, the development of WirelessHART was private and closed. While all of the information from the ISA100 development was available to the WirelessHART development, those portions of ISA100 that were not yet completed were developed by the HART 7 working group to meet only the needs for process data acquisition and control. The WirelessHART effort focused on a “wireless extension” of the HART protocol for the process industries, while ISA100 focused on development of an industrial wireless network to be applied in a consistent and unified manner for both process and discrete manufacturing industries. Additionally, the ISA100 committee recognized the need to support multiple fieldbus protocols for complex intelligent field devices such as for FOUNDATION™ Fieldbus and Profibus-PA. This is where and why the divergence happened: in the layers between the Application Layer and the Data Link Layer. The WirelessHART and ISA100.11a Physical Layer and the corresponding MAC portion of the Data Link Layer are identical. Even the way in which the channel hopping is done is almost 72 Unit 4: Application of Wireless Networks to Industrial Automation identical. ISA100.11a allows all 16 channels to be used in countries where all 16 channels are available, but with the ability to exclude any channel. WirelessHART specifies only the 15 channels available worldwide. The channel hopping pattern is different, but ISA100.11a allows using the same pattern as WirelessHART. WirelessHART uses a fixed 10ms time slot (awake time). ISA100.11a uses a variable time slot in order to adapt to specific application requirements, including the same fixed slot time as WirelessHART. Variable slot time allows “tuning” the network so it may be optimized for performance and overall scalability. Similarly, ISA100.11a allows either AES-128 or 256 bit security keys to be used, while WirelessHART has been simplified to use only AES-128 bit security keys. Additionally, ISA100 allows the use of session key rotation to improve security, while WirelessHART does not. Both WirelessHART and ISA100.11a use 16-bit local addresses that are the lower 16-bits of a larger unique address. That larger unique address is 64-bits for WirelessHART and 128-bits for ISA100.11a, in order to meet the needs to support IPv6 for the Network Layer. The network address choices show that WirelessHART extends HART to the wireless domain, but ISA100 is designed for the future to allow a more universal technology to accommodate all protocols. All of the above are minor differences in which ISA100.11a can be configured to be a “superset” of WirelessHART through the Data Link and MAC layers. However, the layers above these are quite different. ISA100.11a uses a full IETF 1 standard Network Layer for routing messages to/from field devices. No such external routing exists for WirelessHART. When the Network Layer protocol is applied, the resulting frame format of messages from each of the two networks is very different, making them incompatible. 1. Internet Engineering Task Force, the standards body controlling Internet standards. Unit 4: Application of Wireless Networks to Industrial Automation 73 Use of the IETF standard at the Network Layer allows ISA100 messages to be encapsulated and routed over any backbone network based on Internet Protocol. Additionally, use of this routable Network Layer expands the maximum size of an ISA100 network to thousands of field devices, while a WirelessHART network is limited to 250 field devices. Managing addresses for ISA100 networks in large plants will be simpler than managing addresses for WirelessHART networks in the same plant. Is there hope for convergence? Not without a lot of pain and grief. The work on WirelessHART is excellent work, but narrowly focused on only one application, and responding to the goal to be completed as soon as possible. If users make the decision to wait a few months for ISA100.11a compliant devices to be on the market, and do not make a commitment to purchase WirelessHART, then economics will settle the issue. If, on the other hand, WirelessHART is as popular as wired HART, then there can be no good solution. Inserting the WirelessHART protocol stack into the ISA100 protocol (a dual-stack approach) should not be regarded as “convergence.” Replacement of the ISA100.11a protocol with WirelessHART protocol should be viewed as a capability and security reduction, not convergence. Solution to this “multi-standard” problem is not technical, it’s commercial. Some suppliers have already made the decision to offer WirelessHART compliant instruments and WirelessHART adapters for wired HART instruments with free upgrade to ISA100.11a when it becomes available. Users of these devices will not have a compatibility problem. Other suppliers of WirelessHART instruments and wired HART adapters have not yet made any similar pledge because they have not received any demands from users for convergence or ISA100 compliance. This author’s opinion is that all suppliers of WirelessHART instruments, adapters, and gateways should offer an ISA100.11a conversion option that should be either free or at low cost. 74 Unit 4: Application of Wireless Networks to Industrial Automation 4.8 3G/4G for Automation Why is it appropriate to consider wireless telephony for automation applications? Notice that most of the emphasis on 3G centers on its potential for high-data-rate digital data transmission. The telephone industry wants to use 3G for video, chat, graphics, and e-mail applications to supplement voice revenues. Of course, there will be many applications for these services within industry, but 3G and its practical implementation, WCDMA, share many of the desirable characteristics of an industrial wireless network as well: • Low power consumption • High data rate • More than adequate distance coverage • High-volume silicon production leading to low cost • High levels of security protection • Confirmed/connected services • Low latency Since 3G is being implemented for battery-powered handheld cellular PCS (personal communications services) telephones, and long battery life is important to consumers, service is designed to conserve energy during active radio connection. Chips for 3G will draw little more energy than the chips for Bluetooth or ZigBee. In fact, requirements for long standby power and talk time led to the same design choices as for these technologies. Only ZigBee’s scheduled communications cycle (beacons) can achieve lower duty cycles, and beacons can be implemented on top of 3G technology. Short Message Service (SMS), which is now integrated into many cellular telephones, is an example of such a low-power protocol. The data rate for 3G has been tested as exceeding 2.4 Mbps (CDMA2000 1xEVDO) in stationary (non-mobile) applications, with a requirement for at least 2.0 Mbps. Even in mobile appli- Unit 4: Application of Wireless Networks to Industrial Automation 75 cations, 384 Kbps must be achieved. These rates are achievable for distances between the telephone and the cell tower of about 2.5 Km or less, which is much longer than most industrial automation network requirements. Much has been written about industrial automation needing to use silicon that has been developed for high-volume markets. With annual wireless cell phone sales exceeding 460 million units (according to Gartner’s Mobile Terminal Market Shares: Worldwide, 2Q03) sufficient volume is unquestioned. Most of the cost of cell phones is related to the user interfaces: color LCDs and keyboards. Industrial automation applications need only the radio and the protocol chip, but not the usual 3G telephone applications. 4G is the designation for “some future technology” that is expected to replace 3G. This has yet to be defined, but many expect that WiMAX will serve this need. Some readers of this book will wonder why GSM and its derivative digital communications standard, EDGE, are not included in this discussion. EDGE is only an interim 2.5G evolution of GSM and TDMA telephony to make it possible to achieve a peak data rate of about 384 Kbps. The longer-term 3G evolution for GSM is WCDMA, which is included in this discussion. The security of the CDMA and WCDMA cell phone protocol is naturally high since it is a sequence of packetized data sent using DSSS. Intercepting this protocol’s signal would require knowing the exact chipping sequence out of millions of combinations. Assuming that this barrier was broken, data messages would need to be encrypted using the IEEE 802.1x standard, which recently adopted the Advanced Encryption Standard (AES) for its long encryption key. Industrial automation networks have generally required some type of confirmed service to validate that critical messages have been delivered to the proper destination. This is a characteristic of telephony and its connected services. However, for industrial automation uses, a simpler response protocol such as in ZigBee might be used. 76 Unit 4: Application of Wireless Networks to Industrial Automation In command and control applications, a decision to turn on or off is critical and must not be delayed. Likewise, in telephony, voice cannot be delayed. 3G is designed to deliver digitized voice packets that have low latency, which would satisfy almost all of industrial automation applications. However, it is not enough to say that 3G is suitable for industrial automation. One of the network standards organizations now active in industrial automation must specify exactly how it is to be used. This has not yet been done for 3G any more than it has for any other wireless standard such as for Bluetooth or ZigBee. Organizations such as the Fieldbus Foundation, ODVA, Modbus Organization, and/or Profibus International need to add their upper-layer protocols on the wireless base and test them to confirm their suitability for industrial automation applications that are at least within their field of usage. So far, none of these groups is even considering ZigBee, Bluetooth, or 3G. Unit 5: On the Bleeding Edge Wireless is now the area of networking receiving the greatest investment in new technology development. There is a great deal known about the propagation of conventional narrowband and spread-spectrum wireless in the frequencies up through about 5 GHz. Many promising wireless technologies have also failed in the marketplace for which they were intended. All of this is typical for an embryonic market such as wireless networking. The following technologies are not yet ready for full commercialization, much less for the industrial market, which demands field-proven technologies. We often refer to these not-yet-fully-developed technologies as the bleeding edge. However, we must always be aware that market development times have dramatically shrunk over the past few years, with new technologies suddenly becoming “mainstream” more rapidly than ever before. 5.1 WiMAX (Worldwide Interoperability for Microwave Access) WiMAX is based on some of the technology from two failed markets: LMDS (local multipoint distribution service) and MMDS (multichannel multipoint distribution service.) LMDS was intended to be a digital wireless transmission system in the 28 GHz range in North America and 24-40 GHz elsewhere. The purpose of LMDS was to replace wired CATV (community access television), otherwise known as cable TV. For this purpose, LMDS acquired the oxymoronic title of wireless cable. LMDS requires a clear line of sight between transmitter and receiving antenna, which is from one to four miles apart, depending on weather conditions. LMDS provides bandwidth in the 51– 622 MHz range. This is considerably greater than other wireless services, but is necessary for LMDS to accomplish its original task of replacing wired analog cable TV sys77 78 Unit 5: On the Bleeding Edge tems. A few operating LMDS systems remain to satisfy some rural customers, but satellite TV eventually has satisfied the demands for the original wireless cable market. MMDS was a second attempt to satisfy the need for wireless cable, but at a more reasonable frequency band, in the 2.2-2.4 GHz range. It also requires a clear line of sight between transmitter and receiver, which can be thirty or more miles apart. It was designed initially as a one-way service for bringing cable TV to subscribers in remote areas or in locations in which it is difficult to install cable. In late 1998, the FCC opened up the technology for two-way transmission, enabling MMDS to provide data and Internet services to subscribers. MMDS too has been displaced by satellite TV, but its two-way Internet access has not been displaced. WiMAX is intended for the general data communications market, which demands high bandwidth and highly reliable bidirectional interconnections. Sometimes this market is called a backhaul in telephony terms; in data communications, it is usually referred to as a backbone network. The meaning is the same: a network that serves to unite local networks into a larger single operational network. For this backbone task, WiMAX needs to have high bandwidth, be resilient (the telecom word for fault-tolerant), and must cover a large service area. However, WiMAX is purely digital and was never intended to carry analog signals. The task of defining a wide-area wireless network was given to the IEEE 802.16 committee that created both the initial 802.16 standards document and its more recent extension, 802.16a. The original task for 802.16 was to define high-speed wireless services in the 2-66 MHz band. They defined the task so as to cover two frequency ranges: 2-11 MHz and 10-66 MHz. IEEE 802.16a specifically addresses the 2-11 MHz band. Some of the underlying technology for the standard was taken from MMDS, since it has been proven to work. However, more than simple broadband for television was intended for 802.16. It was intended to supply all of the fixed (nonmobile) needs of a backbone network for voice, digital video, and data communications. IEEE 802.16 is a very complex standard with options for Unit 5: On the Bleeding Edge 79 everything. The task of the WiMAX Forum is to develop profiles and test specifications for the many possible implementations of the standard. The base data rate intended for WiMAX is specified as 268 Mbps. The standard specifies both FDM (frequency division multiplexing) and TDD (time division multiplexing) for different data services. The initial standard, IEEE 802.16a is for fixed (non-mobile) service, but the standard for mobile services, IEEE 802.16e has now been completed. The data rate for mobile services is somewhat lower than for fixed services. WiMAX uses mesh networking to avoid the need for direct line of sight between two points on the network. Each station automatically relays all messages not intended for itself to the rest of the network. In the 2-11 GHz band, omnidirectional antennas are used. This enables the network to become quite large, but with some multipath distortion as the signal is reflected from buildings and other structures in the signal path. In the 10-66 GHz band, directional antennas are used to avoid multipath effects. Cellular telephone carriers are very interested in using WiMAX to connect their towers to central offices. Currently, these connections require expensive landlines, which are often rented from the local exchange carriers (LECs), the existing wired telephone services. Those LECs that are also providing cellular services have a competitive advantage over other cellular providers. A wireless backhaul would make cellular service providers independent of the LECs, a financially and strategically important factor. Internet service providers (ISPs) to business also have a strong interest in WiMAX as a way of bypassing the need for expensive T1 or T3 service lines leased from the LECs. With WiMAX, the ISPs can directly reach their customers and have better control over the performance of their broadband Internet services. You can read more about the standard at: http://grouper.ieee.org/groups/802/16/. 80 5.2 Unit 5: On the Bleeding Edge UWB (UltraWideBand) In 2002, the Federal Communications Commission approved the use of UWB for limited services including data communications. UWB is a new way to use radio transmission that consists of short pulses of low-energy radiation. The shape of the pulse gives it the property of generating radio energy over a wide frequency range, but at very low energy at any one frequency. The data is detected only by the presence (=1) or absence (=0) of a pulse at the repetition time slot. This allows UWB to overlap other radio bands such as Wi-Fi and the other services in the 2.4 GHz ISM band without interfering. Generally, other radio modulation schemes such as DSSS will see UWB as just impulse noise, which they easily filter out. Since UWB uses pulses, it is capable of being detected over a much longer range than other signal forms. Pulse signals also tend to penetrate solid objects better than continuous wave signals. For example, one approved use of UWB is for groundpenetrating radar. This characteristic makes UWB an exciting new technology with great potential for industrial automation applications. Low-energy radiation requires less transmit power and results in longer battery life for battery-powered devices. 5.2.1 WiMedia IEEE 802.15.3 was given the responsibility for high-data-rate personal area networks (PANs). While many different air interfaces (radio) were considered, the committee decided that UWB has the most potential. Initially, it appeared that the pulse radio from the UWB pioneer XtremeSpectrum was the only choice. Motorola considered this exciting enough to purchase that company. The original UWB technology was referred-to as Direct Sequence (DS) UWB, and was favored by manufacturers that banded together as the UWB Forum. However, a rival group called Multiband OFDM Alliance (MBOA) challenged pulse radio technology with a more conventional wideband radio that uses OFDM (orthogonal frequency division multiplexing) similar to that used in Wireless-A, G, and N. Unit 5: On the Bleeding Edge 81 The WiMedia Alliance was formed to promote Multiband ODFM technology that approximates the pulse modulation of direct sequence UWB. However, the IEEE 802.15.3 committee could not come to an agreement on how the two rival technologies could be written into the standard. In 2006, IEEE disbanded the 802.15.3 committee. The WiMedia Alliance, now merged with the former MBOA, found a new home for the base Multiband OFDM UWB standard in having it published as ECMA-368 that has also been approved as ISO/IEC 26907. ECMA-369 (ISO/IEC 26908) specifies the low level interfaces. WiMedia Alliance is the organization responsible for promoting the technology based on MBOA. The Alliance states its objectives for WiMedia as follows: • High-throughput, wireless communications for multimedia • An easy-to-use, consumer-friendly solution • Based on international standards WiMedia is intended primarily as a cable replacement technology for high-bandwidth applications such as streaming digital video and for peripheral device attachment. While no industrial field applications obviously need WiMedia, it seems certain to find its way into configurations of control equipment to replace cable. Cable replacement is usually well justified because it reduces the cost of installation. Meanwhile, future versions of Bluetooth will use WiMedia technology and provide the needed upper layers of protocol necessary for complete USB cable replacement for high speed applications. 5.2.2 DS-UWB IEEE 802.15.4a has recently been approved using DS-UWB as its technology base. While the ZigBee Alliance has not made any decisions on the use of this alternative PHY specification, it 82 Unit 5: On the Bleeding Edge will be considered. One of the desirable properties of DS-UWB is a higher data rate, up to 1 Mbps. Another property is location services; the ability to locate a transmitter within one meter or less. 5.3 Wireless Sensor Networks For the past ten years, there has been a vision for networkindependent smart sensors that are capable of using any convenient network technology. This vision has been based on work begun by the National Institute of Science and Technology (NIST). NIST has concentrated on the IEEE 1451 family of standards for connecting smart transducers to networks. The microprocessor interface to sensors is called a smart transducer interface module (STIM). Early work has produced IEEE 1451.2, a standard for Transducer Electronic Data Sheet (TEDS) that specifies the digital interface for accessing that data sheet so as to read sensors and set actuators. IEEE 1451 is not another field network; it is an open standard that may be used with multiple networks. IEEE 1451.1 describes the network-level, object-oriented model of 1451 devices. The processing of the sensor data is done in the network-capable application processor (NCAP), which is packaged with the smart sensor. The devices described by IEEE 1451.1 and .2 are network independent. They have been demonstrated with direct Ethernet connections and with CAN networks as well. IEEE 1451.4 moves the NCAP to the data acquisition device (which is a plug-in board and computer, data logger, or standalone unit). The intention is to keep the size of the TEDS as small as possible. 1451.4 defines a number of templates, which allows a more compact representation of the data. The host must have some understanding of the templates in order for it to decode the TEDS information. With IEEE 1451.4, the network between the NCAP and the sensor is defined as a very simple multidrop, serial communication protocol. This protocol requires that a single master device (the system) supplies power and initiates each transaction, with each node according to a defined transaction timing sequence, on a single wire and return. Dreams of wireless are just that — dreams. Unit 5: On the Bleeding Edge 83 A new project, IEEE 1451.5 has now been formed to standardize on the movement to wireless sensor networks. Most of the discussion has been about adaptation of Bluetooth technology by creating a profile for wireless sensors. ZigBee has also made its proposals to the working group. Since the 1451 parent committee is committed to avoiding the definition of any new network protocols, it is unlikely that a new network protocol will emerge from this new effort. The work on IEEE 1451 has been technically sound, but it has not been adopted or supported by any industrial automation suppliers. The TEDS concept originated in the EDS of ODVA for DeviceNet and has been greatly expanded by FOUNDATION™ Fieldbus function blocks, Profibus EDDS, and HART DDL. Now, these device descriptions have been unified by their common inclusion into IEC 61804, Function blocks (FB) for process control - Part 2: Specification of FB concept and Electronic Device Description Language (EDDL), and ISA104. The original vision of networks of “microwave-connected sensor chips” for collecting atmospheric and environmental data has not been fully realized. It appears to be a wireless sensor network that exhibits much of the character of ISA100: awakening on some schedule and broadcasting its value and status, then returning to sleep to conserve stored energy (battery). To cover a wide area, a mesh network topology, similar to that defined by ISA100, may be necessary. It will probably not require high data rates or long messages, and it will not require node synchronization with any other node. It seems that the dreamers of wireless sensor networks will experiment with unique networks such as being supplied by Sensicast and Dust Networks, but will eventually settle on ISA100 or something similar. 5.4 Network Device Power Wireless networks have existed primarily for portable or mobile devices such as cell phones and other two-way radio devices. The wireless LAN, WAN, and PAN have introduced the new concept of wireless connections for its own sake — to 84 Unit 5: On the Bleeding Edge eliminate the cost and inconvenience of wired connections. With portable and mobile devices, battery power is a given, since there is no other readily available power source. Soon, this will change somewhat as fuel cells begin to offer alternatives to batteries for some devices. However, the subject of a power source for wireless LAN, WAN, MAN, and PAN devices has not often been discussed. Battery operation has been assumed. 5.4.1 Optical Significant power can be delivered over distances without wire by using optical delivery methods. The most well-known optical power-delivery method uses photovoltaic cells, often called solar cells, which are usually made from the following materials: single-crystal silicon, polycrystalline silicon, amorphous silicon, and cadmium telluride. These materials are optimized for generating electrical power from solar radiation, but they are also used to power devices, such as calculators, through incandescent and fluorescent light. Laser light may also be used to deliver significant energy; however, high-power lasers may be dangerous to humans and birds. Solar cells are often used to power remote SCADA nodes. The use of artificial light to power wireless sensors and other automation equipment is not currently being offered, since even today’s Bluetooth devices use too much power. The essential ingredient for light-powered wireless field devices to become practical is low-powered radio transmission such as is being developed for ZigBee, WirelessHART, and ISA100. Highly efficient, long-life light sources may be used in the future to power wireless field devices as low-power wireless protocols become accepted. 5.4.2 Pneumatic Power You read it first here! Pneumatic power in the form of compressed air is required to operate many manufacturing processes and is still needed to operate the majority of process control valves. It is therefore readily available in most manu- Unit 5: On the Bleeding Edge 85 facturing facilities; 4-20 mA signaled pneumatic power is still used in many instrumentation and control systems. The idea here is to pipe the compressed air into wireless field devices that are equipped with the ability to generate electricity from the flow of compressed air. This can be done internally within the device, or maybe in an external module. A very small device would be needed to generate all of the energy required for a low-powered wireless sensor and/or a control valve positioner. There are currently no products that are powered with compressed air, nor are there after-market turbo-generators suitable for powering remote wireless instrumentation. 5.4.3 Magnetic Induction So far, the technology does not exist to send significant amounts of power using a wireless method without endangering life. The only widely used method of wirelessly powering remote devices is magnetic induction using low frequencies, typically below 15 MHz. While component costs for magneticinduction power delivery are low, this technology is limited to about three meters’ distance and very low power. While suitable for PAN usage, perhaps to power headphones, distances appropriate for industrial automation LANs may not be suitable for magnetic induction. AC electrical power can be induced from the AC power lines that often run through process plants. The inductive coils can be clipped over AC lines and can produce enough low power DC to supply the necessary energy for low powered wireless field instrumentation. Some small amount of field wiring is necessary to pick up such power, but since most of this would be low power circuits, it can be simplified and installed at low cost. Currently, no devices are yet available to meet this need. 5.4.4 Microwave Power Transmission NASA has long been interested in transmitting electrical energy from solar collectors in stationary Earth orbit to ground stations that would convert it back into electrical energy (see http://www.seds.org/spaceviews/9608/nss-news.html). 86 Unit 5: On the Bleeding Edge While the energy source would be solar, the transmission would use a broadly spread beam of microwave radio. According to the SunSat Energy Council, a non-profit organization affiliated with the United Nations, the beam would be so low in density that it wouldn't even feel warm if you happened to walk through it. While the success of this program is in doubt, the technology for generating the broad microwave beam and converting it into electrical energy has long been known. This method may actually become practical when the power required is only a few milliwatts, but currently there is no known development of microwave power broadcasting for terrestrial applications. 5.4.5 Conversion of Waste Energy Energy exists within manufacturing processes in the form of vibration, thermal differences, flowing fluids, and often pressure differences. These sources of energy can be used to generate small amounts of electricity, perhaps enough to power lowenergy sensors with a wireless link. This technology is often called energy harvesting or energy scavenging. Millennial Net produces its I-Bean products as components that can be used by product manufacturers. One of its recent products uses an “energy harvesting” technology from Ferro Solutions, Inc. in which ambient vibration is used to power the communications interface, completely without batteries. Unit 6: Significant News for Wireless Networking 6.1 Energy-harvesting Component Runs Wireless Nets Microstrain Inc. has devised an answer to “energy-harvesting” with a component that can power wireless nodes directly from ambient energy in the environment (see http://www.eetimes.com/story/OEG20031230S0004). The Williston, Vermont, company recently received a $700,000 Small Business Innovative Research Grant from the Defense Department to develop the technology. Microstrain identified mechanical strain as the best source of inherent energy as a result of rapid advances in the performance of piezoelectric materials. These materials change their physical volume when placed in an electrical field or, conversely, generate an electrical field when subjected to mechanical strain. Not only is strain a commonly available force in buildings and machines, but recent advances in piezoelectric materials have made high-efficiency fibers commercially available. To extract sufficient electrical power from a strip of piezoelectric material bonded to a beam under variable stress, Microstrain devised a power-management scheme based on charge storage in a capacitor. The wireless circuit is held in the off state until enough charge accumulates to drive it. It remains to be seen if there is enough energy available even for circuits such as ZigBee or ISA100, which are off 97 percent of the time. 6.2 Honeywell Introduces OneWireless Networks Announced in June 2007, the OneWireless architecture is a selforganizing, secure, self-healing, mesh network designed to 87 88 Unit 6: Significant News for Wireless Networking support multiple wireless protocols including ISA100.11a, HART over wireless, and the Honeywell new line of XYR 6000 wireless field transmitters. OneWireless is designed to be the only wireless network required for plant-wide applications. It is designed to be the wireless network for all applications. The OneWireless architecture is based on the use of either of two different radios, both operating in the 2.4 GHz band: one is the same as the radio specified for ISA100.11a using IEEE 802.15.4:2006, and the other is a narrowband radio designed for frequency hopping similar in concept to the Bluetooth radio. The former would be used in networks integrating ISA100.11a devices from many suppliers, while the second would be used where a system would not require integration with ISA100.11a. Both networks may operate at the same time in the same area without interference. Additionally, OneWireless architecture uses IEEE 802.11 for an optional wireless backbone mesh network with wireless field routers. Typically, low powered wireless transmitters are not required to perform the routing function, that being assigned to the field routers. This architecture reduces or eliminates slow mesh hopping and makes the wireless network more responsive for closed loop control applications in the future. Typically, the backbone routers are electrically powered devices and do not need the battery conservation measures of battery operated routers. The previous wireless line, the XYR 5000 is still offered and will work with the OneWireless universal gateway. The XYR 5000 instruments wirelessly transmit measurements to a base radio networked to a control or data acquisition device like a recorder or PC. Each base radio accepts the signals of up to 50 transmitters. The base radio is available with a choice of Modbus or 4-20mA analog signal output for flexible communications. Honeywell’s XYR 5000 transmitters feature three to five year battery life and a low-battery alarm. This line of wireless instruments uses frequency hopping spread spectrum radio modulation in the 915 MHz ISM band between the transmitters and the base radio over distances up to about 600 meters. Unit 6: Significant News for Wireless Networking 89 XYR 5000 instruments are available for gauge pressure, absolute pressure, vibration, and temperature. The rated accuracy is ±0.1% of full-scale reading at reference conditions. See also: http://hpsweb.honeywell.com/Cultures/en-US/ Products/wireless/SecondGenerationWireless/default.htm. 6.3 Accutech Wireless Instrumentation Adaptive Instruments offers its Accutech brand of pressure, differential pressure, temperature, and acoustic (vibration) transmitters using frequency hopping spread spectrum transmission in the 915 MHz ISM band to a base station. These are battery powered devices with rated battery life up to five years. The distance between the field transmitters and the base station can be up to about 900 meters. The base station is wired to the data acquisition network using Modbus over RS-485 or Modbus /TCP, and must be powered with 24 vDC or 120/240 vAC. Accutech transmitters are rated at ± 0.1 % of full-scale reading at reference conditions. The devices are rated for operation from -40 to +85 degrees C, and are certified for intrinsic safety. The base station is rated either NEMA 7 (explosion-proof) or NEMA 4x (weather-tight). See also: http://www.accutechinstruments.com Unit 7: Recommendations for Wireless Networking The industrial automation industry is ready for broad use of wireless networks in process control and factory automation systems. The Wi-Fi technologies are ready for adoption by industry network consortiums, particularly for use where Ethernet and the Internet Protocols are currently used. Unfortunately, standards for the device level wireless (ISA100.11a) are not yet finally approved. In most cases, Wi-Fi can be tried where one of the Ethernetbased networks such as FOUNDATION™ Fieldbus HSE, EtherNet/IP, Modbus/TCP, or PROFInet can be used. At this time, considerable network planning will be necessary to make sure that all nodes are within the actual radio range of today’s wireless access points. The investment should be made in only Wireless-N devices, and of the commercial grade, not the less expensive home grade. Wi-Fi networks have dead spots that must be recognized during installation so that positions can be adjusted to receive transmissions. External antennas can usually be used to move the reception zone without moving the unit; only devices that have external antenna jacks should be purchased. Often, the external antennas need to be directional, which will extend the network to the limits required for the installation. The real payoff from wireless for industrial automation will come when field devices having standardized wireless connections are available. Supplier proprietary specifications for their wireless devices should be avoided unless there is a reasonable migration path to ISA100.11a. The wireless network technology tradeoffs are being evaluated in the work to establish ISA100. To some extent, some of these 91 92 Unit 7: Recommendations for Wireless Networking issues were evaluated to design WirelessHART, but against a very limited application environment. In the opinion of this author, unless there are unusual circumstances, the wireless connection of HART instruments should be made only with ISA100.11a conforming adapters, rather than using WirelessHART equivalents. WirelessHART is a single-purpose network and may cause some problems when installed in the same area as ISA100.11a networks. Since ISA100.11a has been designed as a universal network, it has the connectivity, flexibility, and security for integration of all field devices, including HART. At present, no organization is backing the adaptation of WCDMA (3G) technology for industrial automation wireless applications. Likewise, no organization is currently backing the use of WiMAX for wireless LANs. Both of these technologies are popular for use in digital voice networks, but have not yet attracted attention of the consortiums responsible for industrial networks, even though they exhibit most of the desired features. While the battles will usually occur in the physical (radio) and data link layers (protocols), the best path for the user will be defined when the supporting consortiums adapt their dominant wired industrial networks for wireless keeping their established application layers: FOUNDATION™ Fieldbus, DeviceNet, Modbus/TCP, EtherNet/IP, and PROFInet. The application network that suits the industrial application is the one to be selected. Although the consortiums sponsoring these networks are not involved in selecting the “best” wireless technology for their markets, they are all actively engaged in the ISA100 standardization effort. The Fieldbus Foundation has committed to using ISA100.11a as the basis for the wireless Fieldbus. Unit 8: Radio Frequency Tagging Although radio frequency (RF) tags have been around for over 16 years, they have only recently emerged into a unique market. The first application for RF tags was in the identification of animals; tiny tags about the size of a grain of rice were inserted under the skin of pigs. Readers, scattered about the pigpen, record when the tagged animals came to the feed trough and to identify individual animals for health records and at slaughter time. The latest, most prominent use of RF tags is in highway toll collection applications, where they are known as E-Z Pass, FastPass, etc. These active programmable tags allow vehicles to pass through toll bridge and toll road collection stations without stopping, speeding up the collection process. Another highly visible RF tag application, to identify persons purchasing gasoline at Mobile or Exxon stations uses the tiny passive SpeedPass. Processing the identity of the person with a SpeedPass allows the gasoline purchase to be charged to the pass owner’s credit card. 8.1 Types of Tags Although RF tags are not identical, they have a common identification field, usually 64–128 bits in length and a unique numerical value (see Table 5). They must have a source of electrical power in order to respond when queried by a reader. Different tag technologies are used to keep the tag’s cost at the lowest possible levels for the intended application. Finally, tags have readable memory, but which may or may not also be writeable. 93 94 Unit 8: Radio Frequency Tagging Table 5. Types of RF Tags Radio Frequencies Used Word Reading Power Length, Distance, Source Bits Meters ROM 138 KHz 13.85 MHz 64 Reader 0.04 – 3 EMF ROM 13.85 MHz 64 Battery EEPROM 138 KHz 13.85MHz 96, 128 Reader 0.04 – 3 EMF RFID active 2, 3, 4 EEPROM programmable 138 KHz 13.85 MHz >128 Battery 3 – 10 >128 Battery 3 – 10 Battery 1 – 100 Type of Tag EPC Memory Class Type RFID passive 0 RFID active 4 RFID passive 1 programmable Data tag 2, 3, 4 CMOS RAM 13.85 MHz Flash RAM 985 MHz (UHF) RF location - 8.1.1 EEPROM or 303 MHz, 2.4/5.8 64 CMOS RAM GHz, UWB 3 – 10 RFID Passive Tags The simplest tag is the Radio Frequency IDentification (RFID) passive tag, which only supplies its own identity—the 64-bit value—when read. During the manufacturing process, a different number that can never be changed is etched onto each of these least expensive RFID tags. Power for the RF transmission of the tag’s ID data field comes from the reader that emits a low-energy electromagnetic field (EMF to power the tag. When the tag is energized in this EMF radiation, it repeatedly transmits its own identity field value. A recent variation on this protocol allows the transmission to occur only once after a fixed time delay, unless it detects a query message generated by the reader. This variation allows many tags in the same field of the reader to be read individually. The EMF extends from the reader a distance dependent on the form factor of the reader’s antenna. Some high gain antennas focus the EMF to a narrow beam in order to increase the distance between tag and reader. Without a high gain antenna, the reading distances tend to be rather short, typically 3-4 cm. With Unit 8: Radio Frequency Tagging 95 a high gain antenna, reading distances of up to 3 meters are common, but usually only a single tag can be read at a time. By moving the high gain antenna, or moving the tagged objects past the reader’s antenna, many tags can be read consecutively. The passive RFID tag’s value is approximately the same as a barcode’s; the tagged item is uniquely identified. The data for the tagged item is usually located in a computer database, not on the tag. Simplicity of the tag keeps the cost at a minimum. However, the RFID tag needs only to be located within the reader’s EMF field, not in a direct line-of-sight as required to read a barcode. This feature enhances the RFID tag’s functionality for item-tracking over that of barcodes. To read RFID tags not located in a predictable location, wide variations in the reader’s antenna construct are often used. The most common antenna for reading an RFID tag with a reader in a fixed location is the loop antenna, in which the tagged item passes inside the loop. Imagine the loop as a portal or entrance in which the antenna wire encircles the passageway, creating an EMF field inside the loop. When the tagged item penetrates the EMF field, the tag is read. Loop antennas are ideal for doorways and conveyor belts to keep track of moving items. When a tag is read, the reader creates a transaction record that is sent via a network to a host computer where it is entered into the transaction database. With items in motion, as for a typical materialshandling operation, RFID tags provide the last known location for each item. The passive RFID tag, in the form of a credit card, is now being used in automatic fare collection for public transportation systems. The card is similar to a magnetic stripe identity card but does not need to have physical contact with the reader – only be near the read station. The card identifies the pass holder and allows passage at the fare collection point. More complex designs exist for variable fare systems; the card is read twice, once on entrance to the system and once on exit, billing the user’s account for the calculated fare. Unlike some magnetic stripe fare cards, there is no value retained on the RF card. The value is contained only in a computer database, resulting in a more reliable system. 96 8.1.2 Unit 8: Radio Frequency Tagging RFID Active Tags Active tags are powered by an on-board battery enabling higher power transmissions to cover longer distances. Reading an active tag involves the reader continuously polling to determine if any tags are within its reading range. Often, the reader generates an EMF to signal that it is ready to read the active tag. When the tag receives the poll read-request, it returns its ID value. This pattern avoids wasting the active tag’s battery life; the power required to receive is far less than that required to transmit a signal. Due to the much larger reading range for an active tag than for a passive tag, more than one tag is likely to be within reading range at a time. A reading protocol usually exists to ensure only one tag is read at a time. The most common uses of active RFID tags are in automatic highway toll collection and in tracking railroad boxcars. Systems such as EZ-Pass and FastPass use active RFID tags that can be read at distances of up to 10 meters when located behind the windshield of an automobile. Readers are positioned above the lanes that are marked for use of the pass. As the automobile equipped with the tag moves under the reader, the tag is read and the ID number is identified with the tag holder. For single toll positions such as for a toll bridge or tunnel, the tag holder’s account is debited immediately. For highway tolls, the entrance reading is saved for processing with the subsequent exit reading, at which time the tag holder’s account is debited for the calculated toll. The tag retains no data. The use of active RFID tags has resulted in a 300 percent improvement in these automated tollbooths’ capacity compared with manual toll collection. In North America, all railroad freight cars are tagged with an active RFID transponder as part of the Rail and Intermodal Asset Tracking System. As the rail cars pass in front of readers located at strategic rail switching yards scattered all over North America, their identity is read and reported to a common tracking system. This allows the system to track the location of all freight cars in North America to the specific switching yard. This information is used in billing freight car usage and in scheduling and routing freight cars. Unit 8: Radio Frequency Tagging 8.1.3 97 RFID Programmable Tags “Programmable tag” is an old name but means that the user can write the ID number on the tag. Most often, the technology used is the Electronically Erasable Programmable Read-Only Memory (EEPROM) that can be written without removing the chip from the circuit and erased without the use of ultraviolet light. Depending on the chip used, these tags can be re-written between 10,000 and 100,000 times. Write times are slow compared to computer memory circuits, so programmable tags are not intended to carry any dynamic data. The identity field is usually the same length as for factory written tags, 64-128-bits, but sometimes this field can be written to represent 8 to 16 ASCII characters rather than a 64- or 128-bit binary number. This may help identify items when using a handheld reader since the ID can be interpreted more easily as a character field. Both passive and active programmable tags are available, although tag use will be replaced by more connected databases using RFID tags or by more flexible RF Data tags. 8.1.4 RF Data Tags RF Data tags can be readable and writeable. Typically there is an ID field of the same 64-128-bit length as for both passive and programmable RFID tags, but extensive read/write memory is located on the tag as well. In all cases, RF Data tags are active with a long-life battery on-board. They generally have a read range equivalent to other active tags, up to 10 meters, depending upon the reader’s antenna gain. Writing distance is greatly reduced, to about 3 meters. The read/write memory is usually Flash RAM with capacity of up to 256 Mb. Flash memory is organized into blocks similar to disk and is supported to maintain a file system like that used for disk drives. Except for the wireless connection to an RF reader, RF Data tags are comparable to USB memory devices. Flash memory does not require battery power to retain data. Read and write speeds for RF Data tags with Flash RAM are similar to that of Universal Serial Bus (USB) memory, but slower than disk drives. 98 Unit 8: Radio Frequency Tagging A high performance RF Data tag may be produced using battery-powered CMOS RAM. Read/write times are similar to that of computer main memory. However, the radio speeds necessary to use this high-speed memory cannot currently be achieved at low cost, at low power, or for long distances. Although it does not require much power to retain memory in CMOS RAM, any loss of battery power erases memory content. Therefore, no commercial RF Data tags are available using CMOS RAM. 8.1.5 Location Tags Sometimes called beacon tags, location tags, proprietary VHF radio devices, are attached to pallets or containers stored in a large flat warehouse space. The tag generates an intermittent signal with the tag’s ID value that is broadcast over the warehouse space. Usually, the tag is equipped with a motion sensor so that the interval between broadcasts becomes shorter when the tagged item is in motion. Readers are logistically located at the corners of the warehouse space to receive the RF signals. When a reader receives the beacon from the tag, it also receives the strength of the signal, indicating the approximate distance between the tag and the reader. In order to map the twodimensional location of the item in the warehouse space, the beacon signal identification and signal strength must be simultaneously read by a second reader. Both readers then send this data to warehouse management software that maps the tagged item location in two-dimensional space using triangulation. Current commercial location tagging technology locates the tagged item to an accuracy of about 3 meters using two readers. Using more readers may increase the accuracy of location but also extends the warehouse area. Tags based on ultra wideband (UWB) communications are also used in location service. In this system, all tags and readers share a synchronized high-precision clock. The tag sends an intermittent location signal with its ID and the time-stamp from the tag’s clock. The receiver adds its own time-stamp to the message providing the system software with a differential time delay between the tag and the reader. This time delay is Unit 8: Radio Frequency Tagging 99 proportional to the distance between tag and reader. Readings from multiple readers then allow the tagged item to be located to an accuracy of less than one meter. A third type of location system uses the time delay between the time that a reader sends its signal, and the time it receives an echo of that signal as an indication of the distance between the tag and the reader’s antenna to an accuracy of about 3 meters. This system uses multiple antennas for each reader to reduce the cost of the system. It is theoretically possible to construct an RF tag with a Global Positioning Satellite (GPS) receiver to transmit its location with high accuracy. Here, the tag itself would compute location by reception of signals from at least 3 GPS satellites. However, such a tag would require an unobstructed view of the sky (outdoor use only), and the GPS circuitry would probably use too much energy to be powered from a battery. No commercial GPS tags are presently available. 8.2 Tag Encoding As previously mentioned, early RFID tags were only encoded with a 64-bit “license tag” number, and many tags are still so encoded. However, when it became clear that some tags would be used similar to barcodes—to identify manufactured items— a standards committee was formed to establish a uniform formatting for tag ID data. The organizations responsible for the successful establishment of Universal Product Code (UPC) were the Uniform Code Council (UCC) in the United States and European Article Numbering (EAN) International. The organization responsible for the international establishment of Electronic Product Codes (EPC) for RFID tags is EPCglobal, a joint venture of the UCC and EAN International. RFID tag numbering has, therefore, become an extension of EAN, the international version of the UPC. The complete organization for use of EPCglobal is called the EPCglobal Network that consists of the following elements: 100 Unit 8: Radio Frequency Tagging • EPC – the electronic product code, a number designed to uniquely identify a particular item in the supply chain • ONS – the object name service, which tells the computer systems where to locate information on the network about the object carrying an EPC • PML – the physical markup language, which is used as a common language in the EPCglobal Network to define data on physical objects • Savant – a software system that manages and moves information. EPC is the successor to barcodes for product identification. Barcodes have limitations, such as • They require line-of-sight for scanning, • They have limited encoding capacity, and • They cannot receive and store information. However, more than one million firms in more than 140 countries currently use barcodes across more than 23 industries. Barcode labels are inexpensive to print, are often included in product packaging at no incremental cost, and can be read by all modern point-of-sale machines. Since barcodes will always be less expensive to deploy than EPCs, both will coexist for many years to come. The EPC is a simple, compact “license plate” that uniquely identifies objects (items, cases, pallets, locations, etc.) in the supply chain. The EPC builds around a basic hierarchical idea that can be used to express a wide variety of different, existing numbering systems. EPC numbers can accommodate all EAN/ UCC keys, including Global Trade Identification Number (GTIN), Serial Shipping Container Code (SSCC), Global Location Number (GLN), Global Returnable Asset Identifier (GRAI), and Global Individual Asset Identifier (GIAI). Unit 8: Radio Frequency Tagging 101 Like many current numbering schemes used in commerce, the EPC is divided into numbers that identify the manufacturer and product type. In addition, the EPC uses an extra set of digits, a serial number, to identify unique items. The EPC is the key to the information on its associated product that exists in the EPCglobal Network. An EPC number contains the following items: • Header - identifies the length, type, structure, version and generation of EPC • EPC Manager - identifies the company or company entity • Object Class - similar to a stock keeping unit or SKU • Serial Number - specific instance of the Object Class being tagged Additional fields may also be used as part of the EPC to properly encode and decode information from different numbering systems into their native (human-readable) forms. EPC Manager numbers, issued by EPCglobal, are required for companies that engage with trading partners outside of the four walls of their internal operations. EPCglobal Networkcompliant software and hardware utilize EPCglobal standard data protocols, thus requiring the use of an EPC Manager number. 8.2.1 EPC Global Gen2 tags In late 2004, the EPC Global Gen2 tag specification was approved. At the same time, the EPC Global organization agreed to provide no further conformance testing for the older Gen0 and Gen1 tags, but to devote its efforts to interoperability testing for Gen2 tags. The specific nature of the approved Gen2 tags includes an air interface in the 985-MHz UHF band and requires an ID field of at least 96 bits. Both active and passive tags may be used. The protocol provides for multi-tagging, allowing separate reading of multiple tags in the same reader 102 Unit 8: Radio Frequency Tagging field. The specifications are not yet published for the general public but are being drafted for ISO submittal for international standardization. 8.3 Alternative RFID Standards EPCglobal is considered to be a North American and European standard, with little participation from Asia. Both Japan and China have their own standards in this area. • UID – Ubiquitous ID, the Japanese RFID standard • NPC – National Product Codes, China’s RFID standard Since Japan and China strongly depend on their exports to North America and Europe, it is unlikely that their regional standards will do more than influence future revisions of EPCglobal, except in their local home markets. 8.4 RF Database Tag RF Database tags are not yet in wide commercial use. The tag type is the RF Data tag described in Section 7.1.4, but the application is to hold a database designed to travel between domains. Eventually, this type of tag will be widely used to solve a very difficult problem in the integration of data between companies on both sides of the supply chain. Simple RFID tags contain a unique number used to identify the tag. To identity the tagged item, the tag number must be associated with the item’s identity such as its Stock Keeping Unit (SKU). That association is found in a database. When the goods are shipped, the portion of the database describing the shipment, including the RFID tag number, is sent from the manufacturer or distribution center (DC) to the customer. For the customer to use the database, the format must be known. In the past, the format was defined, in many cases, by a standard known as Electronic Data Interchange (EDI), a complex encoding based upon use of Abstract Syntax Notation (ASN.1), an international standard for defining data structures. Data formats for interchanging data were defined for many industries Unit 8: Radio Frequency Tagging 103 using the standard identified by the ANSI X.12 committee. To use EDI, a private communications link between trading partners was required, limiting use to only large companies. There was also the need for consultants capable of using ASN.1 to specify the database structures and to adapt these structures for model and usage changes. ANSI X.12 has now been replaced by Electronic Data Interchange For Administration Commerce and Transport (EDIFACT), defined by the ISO 9735 standard, and administered by the United Nations Economic Commission for Europe (UNECE). Under direction of UNECE, new standards have been prepared for building data exchange standards in many industries and applications. The latest efforts for simplifying EDIFACT use eXtensible Markup Language (XML), an Internet standard. XML uses human-readable data identifiers to define data items and structures. The primary problem in data handling across the supply chain is associated with timing. Often, the goods are delivered before the old rules of EDI, or even the newer EDIFACT formats, can deliver the data. Therefore, the goods remain on the receiving dock until they are registered in the on-line inventory database. Initially, this problem was to be corrected using barcoded shipping container labels, but these required special equipment to read the two-dimensional barcodes, operator training to read all of the item barcodes on the shipping label, and the discipline to actually read the label when the goods were received. RF Database tags are designed to solve this problem in real-time without the use of real-time data communications, specialized training, or difficult-to-administer work processes. An RF Database tag reader/writer records the shipping container information when the container is loaded to the common carrier at the manufacturer or DC. Another RF Database tag reader reads the RF Database tag as the shipping container is received from the common carrier and then registers the data as a transaction with the on-line database. For factory operations using just-in-time processes, another layer of work-inprocess inventory can often be removed, immediately paying for the equipment installed. 104 Unit 8: Radio Frequency Tagging RF Database tags can also be used to transport item data during the manufacturing process. While Information Technology (IT) networks are widely deployed to the shop floor in large assembly line manufacturing operations, they are not usually designed to deliver real-time data to the workstations where parts are machined or assembled. For example, when an automobile chassis is moved into a workstation, the IT network may take an indeterminate time to look up the chassis ID verified by a barcode scan and inform the operator which of several options are to be mounted. This information, including full text descriptions of the options, can be contained on an RF Database tag for immediate action by the manufacturing cell workstation. Furthermore, the ID of the options can be added to the tag, along with any quality test results as manufacturing or assembly takes place, keeping a running record of the assembly with the chassis. The RF Database tag creates a traveling database that functions within the manufacturing environment without requiring a real-time network to be installed. 8.5 RF Tag Recommendations Due to the requirements of significant users such as Wal-Mart and the US Department of Defense (DoD), RFID tags using EPCglobal standards will be widely used. These tags are basic identity for products and will be expected for inventory control as well as all transaction processing. The investment in RFID for control of work-in-process, shipping, and receiving inventory will also be highly beneficial in industries not directly affected by Wal-Mart or the DoD, and in which previous studies of barcode use did not prove to be effective. Contrasted to the human actions required to read barcodes, the automatic reading of RFID tags will yield positive cost saving results. Barcoded shipping container labels are supplied in many industries, especially automotive parts manufacturing and automobile assembly. However, in some industries, shipping container barcode labels are less than effective due to the manual scanning step required before data can be used. RF Database tags can overcome this problem with properly configured readers. Inventory reduction resulting in a net positive cash Unit 8: Radio Frequency Tagging 105 flow benefit should ensure that RF Database tags become popular. However, as the industry has not focused on this area of application, RF Database tags are still relatively expensive. To replace shipping container barcodes, RF Database tags must follow industry standards for encoding the contained database. Using the EDIFACT encoding methods based on XML is the key to standards; however, this work is incomplete. Many years of development led to the X.12 EDI standards for each industry, and now much of these efforts are being converted to EDIFACT standards. When these standards are complete, they will become the benchmark for each shipping container description. About the Author I am now CEO of CMC Associates (Acton, Massachusetts), which is to say that I am an independent consultant and can give myself any title I want. I have been actively involved in industrial automation work since 1958 when I started doing instrumentation for a small chemical plant of Ethyl Corp. in Baton Rouge, Louisiana. Not too long after graduating from the University of Florida in chemical engineering, I began working on my masters in science at Louisiana State University in Baton Rouge. Paul Murrill and Cecil Smith, now fellow ISA authors, were in my graduate automatic control class, the first ever taught at LSU. In 1964, I received my M.S. in chemical engineering. In 1964, I became one of the pioneers in computer control while working at Union-Camp in Savannah, Georgia (now part of International Paper). There I developed, installed, and operated an IBM 1800 computer for control of both a fast Kraft paper machine and a Kamyr continuous digester, and consulted to the Franklin, Virginia mill for bleach plant control. I performed all the software design and FORTRAN programming for this real-time system, which actually performed closed-loop advanced feedback control. To think that the IBM 1800 had less computing capability and disk storage than the very first IBM PC fifteen years later! I feel very fortunate to have had the chance to be a control systems pioneer. Foxboro Company was my next stop. I went to work immediately on its PDP-8-based control systems. I led the team that converted its control systems to the PDP-11 as the FOX/2 and 2A. Later, I led the team that brought the FOX/1 to market in my first project as a department manager. I then became the 107 108 About the Author marketing guy for Foxboro’s computer control products and planned the successor line, the FOX/1A. My final assignment at Foxboro was in the R&D area, where I ran a project to introduce a new architecture into control systems. Along the way, I earned my MBA. With computer control as my specialty, I was recruited by Ken Harple, the founder of ModComp in Ft. Lauderdale, Florida, my hometown, as ModComp’s Director of Industry Marketing. ModComp needed control systems software, so I worked with my old friend Cecil Smith to create a control systems package for its computers. After a financial meltdown at ModComp, I found myself working for Cecil, selling his software on ModComp and other computers. Following this, Ken Harple again recruited me for Autech Data Systems, a company he had formed to build process control systems after he had been forced out of ModComp. This was great fun and gave me the chance to design my own DCS, the DAC-6000, and a Faultproof system. It was the first DCS to feature ruggedized fault-tolerant controllers, an Ethernet-based fiber-optic network, and a PC-based touchscreen operator console, all exhibited at ISA 1983. In this same period, I joined the ISA SP50 standards committee to help develop Fieldbus. Failure to secure financing forced Autech to shut down before we could become self-sustaining. After solving problems for Computer Products, Inc., Analogic, and other companies as an independent consultant, I moved back to Massachusetts to work for Arthur D. Little, Inc., (ADL) a world-class technology-based consulting company. ADL taught me the dynamics of consulting. Most of my time was spent in new product innovation and telecommunications, but I also did some industrial automation. One of my projects was to design the mechanism for detecting and suppressing commercials while recording video broadcasts so the VCR can fastforward past commercials without missing any story material. This innovative project resulted in two U.S. patents: 5,455,630 in 1995 and 5,692,093 in 1996. ADL sold licenses for it to all VCR manufacturers as Commercial Advance™. In this period, I About the Author 109 also took over the management of the ISA and IEC fieldbus standards committees. When ADL began the downward spiral that eventually led to its bankruptcy and dissolution, I joined Andy Chatha at ARC Advisory Group. ARC gave me a marvelous platform to influence the automation industry. During this time, the international fieldbus standard was completed and published. ARC gave me the opportunity to spread the word on the use of Ethernet for industrial automation, initiating the trend I actually began in 1983, toward its widespread use today. Now, at my own consulting company, I have the chance to help many companies, but at a more leisurely pace. Writing books was not my chosen profession, but it is an honorable one and certainly fills my days. These days my time is filled with work on the emerging ISA100.11a standard, where I co-chair the User Working Group. Building consensus among the users and resolving differences from WirelessHART is intellectually stimulating and a valuable service. I have been privileged to receive a number of awards, mostly from ISA. In 2000 I received the ISA Standards Award for my leadership in completing the ISA 50.02 and IEC 61158 fieldbus standards. In 2001 I was elected to be an ISA Fellow, a lofty honor indeed. In 2005 I was elected to the Process Automation Hall of Fame. Also in 2005 I became an ISA Certified Automation Professional. Richard H. Caro, CEO CMC Associates 2 Beth Circle Acton, MA 01720-3407 USA Dick@CMC.us