Cases-Roadway, Bridge, Tunnel
MRD™子午线®——Application Case in Transportation Industry
MRD™子午线®——Features and Requirements of Communication System
1. Communication system takes safety and stability, easy-maintainability and scalability as the primary consideration;
2. The network scheme has changed from SDH to MSTP, and finally evolved to PTN;
3. The evolution of technology has been moving to lower cost of bandwidth assurance mechanisms, better redundancy protection mechanisms and easier operation;
4. High-speed and reliable redundant ring network switching mechanism, the switching time is no more than 50ms;
5. Point-to-point and point-to-multipoint strict bandwidth guarantee mechanism. CIR and PIP are no more than 1%;
6. Perfect network expansion, real-time monitoring and management methods, easily achieve bandwidth redistribution, fault early warning and flexible expansion.
Topological Graph——Common Scheme
Topological Graph——New Scheme
Topological Graph——Future Scheme
Communication System——Comparison of Industrial Ethernet and Optical Network
MRD™子午线®—Node Equipment in Communication System
TNM6000 Industrial Level-3 Safety Protection +HSR core switches
1.320Gbps Backplane bandwidth——Easy to do with high-flow subsystem(CCTV).
2.Multifunctional Service Module——Level-3 Safety Protection +HSR/PRP
3.Equipped with 8 10G and 80 1G ports at most——Easy to handle with high-density access.
4.4 hot plug service slots——Meet the on-demand configuration and flexible expansion.
Modular Level-3 Safety Protection Module
Security Risk of Network Structure
Complex network structure, many system interface, lack of effective regional segregation.
ISCS has many subsystem interfaces, but without effective safety protection measure.
Lack of Intrusion detection and security self-check mechanism; can not find the risk of network in time and do the security self-check of the network.
The subsystem lack of the access, deny or reorientation to data flow, and lack of audit and control of network services and access.
Security Risk of System Bug
The operating system of terminal device have lots of system bug and cannot be repaired in time.
Subsystem controller mostly adopt foreign equipments which have many serious bug ,even the backdoor.
Security Risk of Network Protocol
Common used TCP/IP protocol has congenital security flaw.
Industrial control protocols are lacking of security feature and function such as authentication, authorization and encryption which needs additional overhead.
Security Risk of Common Measure
Traditional IT firewall lack the knowledge of industrial control system, and can not meet the requirements of the control system like ISCS which needs higher security level.
Cannot update the virus library of anti-virus software timely which is installed in the workstation and the server, and often affects the stability of the system.
Modular Level-3 Safety Protection Module—Information Safety
Integrated Supervisory Control System takes the station as a unit to isolation and protection. And divide the safe area, configure a reasonable security system, analysis and protection, keep the station safe, and combine with the whole network security, isolation and in-depth protection.
Firewall of Stateful Packet Inspection Technology
Supporting IP and MAC address filtering
Providing simple deployment and high protection
Layer-2 network bridge without IP address
having no effect on the existing network
very safe and reliable
Protocol-level depth content check
ModBus/TCP、OPC and Ethernet/IP
simple deployment(modular board), configuration and management
Next Generation Industrial redundant Network
1. IEC organization has already issued IEC62439-3-5 and regulated High-availability Seamless Redundancy(HSR) in 2012.
2. HSR protocol is a public and standard redundant protocol.
3. HSR protocol is a double-emission and optional-receiving mechanism to realize zero-packet-loss, zero switching time high redundant industrial ring network.
4. HSR(IEC62439-3-5) protocol and PRP(IEC62439-3-4) protocol can be adopted at the same time, and can realize the switching of network A and network B in hardware layer.
PRP-Parallel Redundancy Protocol
DANP is the node supporting PRP protocol, and separately connect network A and Network B.
DANP have same IP and MAC address in Network A and Network B, and send the same packet to Network A and Network B at the same time.
HSR-High Reliability Seamless Redundant Backbone Network
1.MTBF—Mean time between failures
Based on SR-332 Algorithm
Based on the lowest operating parameters @ Operating Temperature Algorithm
3.Design—Details and experience of product design
The difference between air sucking and air blowing of the fan;
The difference between Conductive Oxidation and Spray Lacquer;
The difference between Immersion Gold and Tinplating;
The difference between single-port and multi-port of Network Transformer;
The difference between the lowest bottleneck of capacity and lifetime of electrolytic capacitor;
The difference between insulate and non-isolated power supply;
The difference of Software periodic memory check;