wirelesshart: applying wireless technology in real …nadeem/classes/cs795-cps-s13/mat… · ·...
TRANSCRIPT
WirelessHART: Applying Wireless Technology in Real-Time Industrial Process Control
Jianping Song, Song Han, Al Mok University of Texas at Austin
Deji Chen, Mike Lucas, Mark Nixon Emerson Process Management
Wally Pratt HART Communication Foundation
Outline
Background
Introduction to WirelessHART
Development Challenges and Solutions
WirelessHART Demonstration
Summary
WirelessHART: History
HART (Highway Addressable Remote Transducer)
Bi-directional industrial field communication protocol
Used to communicate between field devices and host systems
The global installed base of HART-enabled devices is more than 20
million
WirelessHART
Wireless extension of HART
Released in 09/2007
WirelessHART: Designed for Wireless Plant Solutions
Real-Time
TDMA technology
Centralized Network Management
Reliability
Channel Hopping and Channel Blacklisting
Mesh Networking
Security
Data Integrity on MAC layer
Data Confidentiality on the Network layer
Alternative Wireless Standards: Not Suitable for Process Control
Zigbee
No Channel Hopping or Channel Blacklisting
Problem with persistent noises
Bluetooth
Only supports star type network topology
Not scalable for large industrial control systems
Wi-Fi
No Channel Hopping
Power Consumption
ISA SP100
Not available yet
Outline
Background
Introduction to WirelessHART
Development Challenges and Solutions
WirelessHART Demonstration
Summary
WirelessHART Architecture
Physical Layer (IEEE 802.15.4)
Data Link Layer
Network Layer and Transport Layer
Security
Network Manager
Timer Module
Time is sliced into time slots (starting from 0)
Time intervals in a time slot
Clock synchronization is critical
Links and Superframes
Link: activity in a time slot
Neighbor
Send/Receive
Communication channel
Superframe: a group of links
Defined by network manager
Repeat itself infinitely
A device can support several superframes
Data Link Layer State Machine
Each run of the state machine
1. Call the link scheduler to determine the next slot to be serviced
2. On receiving the ”time slot start” event, increment the ASN (Absolute Slot Number) by 1
3. When it is time to service the given time slot derived in step 1), execute the associated transaction (SEND/RECV)
WirelessHART Architecture
Physical Layer (IEEE 802.15.4)
Data Link Layer
Network Layer and Transport Layer
Security
Network Manager
Security
Data Link Layer
Hop-to-hop data integrity
CCM* (Counter with CBC-MAC) mode with AES-128 to generate the MIC
Network Layer
Public keys: used to generate MICs on MAC layer by joining devices
Network keys: used by existing devices in the network to generate MAC MIC’s
Join keys: used during the joining process to authenticate the joining device
Session keys: unique for each end-to-end connection between two network devices
WirelessHART Architecture
Physical Layer (IEEE 802.15.4)
Data Link Layer
Network Layer and Transport Layer
Security
Network Manager
Functions of Network Manager
Support devices joining/leaving the network
Create routes
Schedule communications
Adapt the schedule upon network changes
Outline
Background
Introduction to WirelessHART
Development Challenges and Solutions
WirelessHART Demonstration
Summary
Hardware Platform
MC1321x Evaluation Kit by Freescale
One 1321x-NCB board, two 1321x-SRB boards
40 MHz 8-bit HCS08 MCU
2.4 GHz 802.15.4 Transceiver
Programmable 60 KB Flash and 4KB RAM
Multiple 16-bit timers
4 LEDs for demonstrations and monitoring
A simple IEEE 802.15.4 Physical Layer Library
Challenge 1: Timer Design
Challenge
Stringent timing requirements – a 10ms time slot further sliced into several time intervals
Some tasks are time consuming and may exceed allocated time
Solution
Use a separate hardware timer for WirelessHART
The caller informs the timer module current slot type
The timer generates required timer events accordingly
Challenge 2: Time Synchronization
Challenge
Synchronize the nodes in a network
A new node should derive current time during the joining process
Solution
A node records the time when the first bit of a frame arrives
The receiver calculates the clock drift TsError
The receiver includes the drift in the time adjustment field of the corresponding ACK frame
When a node receives an ACK from its time source, it will adjust its clock
Challenge 3: Speed Up Security Calculations
Challenge
The receiver must run CCM* on the received frame and the corresponding ACK frame within TsTxAckDelay (1ms)
The lower power HCS08 MCU can not meet the requirement
Solution
Upon request, Freescale is developing a new chipset with hardware encryption accelerator
We propose to execute CCM* as soon as every 16 bytes are received
A WirelessHART demonstration
One gateway and two devices: Device 1 and Device 2
The gateway and Device 2 exchange values through Device 1 and show the received values on the LEDs
All frames are captured by a sniffer
Time slot configuration
A WirelessHART Demonstration
A device can synchronize to its time source within 3 time slots
A data frame is always ACKed in the same time slot
Device 1 acts as a router for the Gateway and Device 2
Summary
Conclusions
Introduction of the WirelessHART architecture
Discussion of the challenges and solutions
Demonstration of a prototype WirelessHART network
Future Works
Full-featured WirelessHART prototype
Network Manager
Co-existence with ZigBee and Bluetooth