OSA White Paper Series Chapter One-The Backplane120114pdf

White Paper Series – Chapter One (12.01.14) _________________________________________________________________________________________________________

S i m p l e S c a l a b l e S e c u r e ™ P a g e 1 | 8

Revolution

This white paper is the first in a series to outline a new epoch of industrial automation. All aspects of control system reliability, security and lifecycle cost have been rethought from first principles. The result is a new ICS platform we call Open Secure Automation™. OSA™ delivers a user-centric renaissance of improved reliability, embedded security and lower cost. Our journey begins…

Chapter One: The Backplane



In the beginning…

ICS backplanes were born decades ago when more than one module or input/output (I/O) device needed to be interfaced for communication and control. The first interfaces were wire-wound connectors and cables which proved to be high cost and unreliable after multiple connect/disconnect cycles. As the size of ICS computing devices decreased and communication speed and I/O densities increased, the backplane rapidly evolved into high density mating connectors on a printed wire board (PWB) substrate wrapped in a plastic or metal housing. (See Figure 2.) This design approach, with all the corresponding limitations, has remained virtually unchanged for decades…until now.

Figure 1 Examples of wire-wound backplane boards (photos from Creative Commons).

Backplane status quo

Houston, we have problems: pins…pins…pins

Reliability and pins ICS backplanes and the mating modules, use connectors with precision male or female noble metal pins…often thousands of them. In normal long term use these pins break, bend, wear, misalign and foul in dirty or corrosive environments. In most cases damage to a single pin necessitates replacing the entire backplane or corresponding I/O, Power, Communication or Controller module. RFI, EMP and pins Backplane pins are power and communication terminals that route, receive and radiate DC to RF energy. Every pin is an antenna susceptible to RFI bursts from hand-held radios and EMI from motors, variable frequency drives, and other electrical equipment used on the plant floor. Just as these pins receive RFI, they can also radiate it causing potential interference and lowering the quality of signals in neighboring system devices. EMP hardening could be a specific requirement of future automation systems used in critical infrastructure. Therefore EMP hardening should be integral to new ICS platforms without added cost or secondary containment. Current ICS systems are EMP vulnerable at many levels, starting with a sea of pins.



Isolation and pins Where pins are, galvanic isolation is not. To achieve galvanic isolation of module power and communications on a conventional ICS backplane, transformers and/or opto-coupling is required. This cost and complexity is often sacrificed by way of group-isolated designs. Even where galvanic isolation is implemented, the degree of isolation is limited by the breakdown voltage of thin transformer wires. Trust and pins An open window to industrial espionage is to snoop a backplane with a logic analyzer and/or fake out a module through the connector pins. Backplanes are the doorway to rampant counterfeit and cyber compromised products making their way into mission critical control. It is time to shut the ICS pindows…a cyber wind is blowing.

Figure 2

Examples of typical ICS backplanes with high density pins and plastic enclosures.

System performance – backplane limited by design Waiting for the bus ICS backplanes generally use serial multi-drop bus (MDB) designs. In a typical MDB, the master device communicates half duplex with the slave devices by polling each slave one at a time. When the controller is talking to one device, it cannot simultaneously talk by MDB to others. As the number of slave devices increases, the turnaround time for communication also increases as bits and bytes wait for the bus. Total turnaround time for an MDB is proportional to the number of devices on the bus. This limitation by design artificially constrains performance of the associated I/O, Communication and Control modules. Dark power Many ICS systems deploy minimalist DC/DC power modules on the backplane, while the AC/DC power and UPS elements are functionally decoupled from the backplane. This significant limitation by design leaves power in the dark with no ICS operational awareness. We’re going down Redundancy is the automation system antidote to common mode failures. However, even redundant system modules including I/O, Power, Communication and Control, converge into a non-redundant backplane. For that reason, backplane failures are common mode with significant system reliability consequences. ICS backplane materials of construction – the use of plastic What were we thinking!? Toys are made out of plastic.



Okay…a quick recap; pins, isolation, security, RFI, EMP, performance, communications, power, plastic…Lots of room for improvement.

A New Beginning We call it a BMI for Backplane Module Interconnect. From a blank sheet of paper, a reliability-centric design modality, (Simple Scalable Secure™) and advanced materials and tools, Bedrock’s revolutionary backplane technology emerged.

Figure 3 Backplane Module Interconnect – BMI and I/O module with electromagnetic interconnect.

Honey I shrunk the pins Based on our proprietary electromagnetic interface, all conventional connectors, plugs, and pins on both the backplane I/O slots and corresponding I/O modules are gone. While the Controller and Power module pins remain, 100% of I/O backplane and I/O module pins are forever gone. Gone with the pinned Eliminating thousands of pins eliminates thousands of possibilities of common mode electromechanical failure due to breaking, bending, fouling, misalignment and corrosion. RFI, EMP Gone too are RFI and EMP vulnerabilities associated with pins. By using advanced electromechanical designs, an Open Secure Automation™ system can be integrally EMP hardened. Can you keep a secret? Isolation for everyone Operating similar to a passive linear motor, the BMI is the transformer. This ensures delivery of galvanic isolation for every power and every communication channel in every slot, always…and lots of it too. Over 1000 volts channel to channel and channel to ground. Breakdown voltages are no longer a function of transformer windings and mating I/O modules are no longer burdened by isolation electronics. A new gold standard for operational reliability and performance is achieved.



Enlightened power Empowering power begins with advanced backplane design. Integrally BMI mounted, sensor-filled, crypto-smart, digitally-coupled OSA power systems that include AC/DC, DC/DC, and UPS functions shine a light on power with advanced diagnostics and power management. This is applied IIoT at work. (More on this in future chapters.)

Deep trust Each slot on the BMI is designed for active and passive cyber security. Without I/O pins it is virtually impossible to “latch on” and listen. With patented anti-snoop technology it is virtually impossible to insert a bit or byte in any communication path. With additional layered and embedded cyber IP, only deep-trust modules of any kind, (i.e., I/O, Power, Communication and Control) will be authenticated and powered up on the backplane. The era of counterfeit, compromised ICSs has come to an end. (Much more on this in future chapters.)

Bedrock Black Fabric™

Figure 4 Bedrock’s patented backplane module interconnect (BMI) Black Fabric™ architecture.

Performance on demand Black Fabric™ is Bedrock’s patented backplane power and communication architecture that deploys a passive, asynchronous, full duplex communications switch fabric with both parallel and serial interfaces. (See Figure 4, BMI Architecture and Table 1, Patents.) The serial interface is configured to connect the I/O devices to the Control, Communication and Power devices in parallel. The parallel communications interface is configured to separately connect the I/O devices to the master and to transmit information between the I/O devices and each other. The parallel interface forms a dedicated channel for each of the BMI devices and operates like an integral cross switch.



For the love of speed Because all BMI slots and modules have dedicated communication and power channels, there is no polling, scanning, interrupts, or inherent latencies. Every channel and every module asynchronously communicates at full speed, automatically, all the time. Black Fabric™ has a communication bandwidth of multiple GHz. Every slot is individually powered directly from the BMI coupled power supplies or UPS through the Black Fabric.™ Every BMI slot is logically and electrically isolated from every other slot at all Power, Control and Communication modules. A failure of one module will not cause a failure of any other module. System diagnostics alert if a module has failed while all other I/O, Power, Communication and Control modules continue to operate with no reduction in capabilities or communication speed. I/O module symmetry for cable management By design, all BMI I/O slot and I/O module electromagnetic power and communication interconnections are symmetric. The result is any I/O module can be placed in any slot on the backplane and also in any orientation. This allows for elegant cable management and flexible segregation of field wiring to either left versus right or top versus bottom as a function of vertical versus horizontal BMI mounting. This feature compliments differing installation practices and reduces cable congestion. (Refer to Figure 5, I/O mounting.) Managing redundancy The backplane is designed for scalable redundancy supporting dual slots for Power, Communication and Control with redundant interlinks built into the backplane. Any I/O module can operate in single, dual or triple redundant mode from any BMI slot. I/O redundancy is backplane slot independent. When dual or triple I/O modules are in use, the system can detect a failure in any one channel or module on the BMI and automatically continues operation with the other channels or modules. Materials of construction – precision metal To ensure decades of operation in the harshest environments, Bedrock’s BMI is constructed from machined, anodized aluminum. All-metal construction of the BMI and mating modules creates contiguous thermal coupling and passive cooling. Conducted thermal continuity minimizes component differential and transient temperatures and maximizes component reliability and system life. This is only possible with advanced thermal and electromechanical designs, combined with precision all-metal construction.

Summary

The future is now! Open Secure Automation™ delivers new levels of ICS reliability, embedded security and unified automation performance at much lower life cycle costs. The mission starts with reinventing the backplane. Bedrock’s BMI is designed with an advanced architecture, industrial grade materials and passive fail-safe principles. With a new foundation, automation can be rebuilt. There is no other way.



Figure 5

Backplane I/O module symmetric mounting – examples of bottom, top and alternating I/O cable termination.



Author Albert Rooyakkers, Founder, CTO, VP Engineering, Bedrock Automation Visit Bedrock Automation www.bedrockautomation.com and follow us on LinkedIn. Visit Albert on LinkedIn https://www.linkedin.com/profile/view?id=32444535&trk=nav_responsive_tab_profile Upcoming Bedrock Automation OSA™ white paper chapters: (actual title and sequence may change) One: Backplane - Our Journey Begins Two: Power - Get Smart Three: Virtual I/O - The Chosen Ones Four: Secure Control - Release the Beast Five: Open and Secure - Solving the Dichotomy Six: Obsolescence - Solve it too Seven: Life Cycle Cost - Show me the Money Stay tuned.

Table 1 Bedrock Automation BMI and Black Fabric™ patents and patents pending.

Patent Reference Country Title

8,862,802.B2 USA Switch Fabric Having A Serial Communication Interface And A Parallel Communication Interface

8,868,813.B2 USA Communications Control System With A Serial Communications Interface And Parallel Communication Interface

13/875,858 USA Electromagnetic Connectors

13/959,888 USA Electromagnetic Connector

29/462,572 USA Backplane For An Industrial Control System

14/446,412 USA Industrial Control System Cable

14/469,931 USA Secure Industrial Control System

201280065564.2 China Electromagnetic Connector And Communications/Control System/Switch Fabric With Serial And Parallel Communications Interface

201410182071.8 China Electromagnetic Connectors

201410383686.7 China Electromagnetic Connector

201430023921.0 China Backplane For An Industrial Control System

12862174.5 Europe Electromagnetic Connector And Communications/Control System/Switch Fabric With Serial And Parallel Communications Interface

14166908.5 Europe Electromagnetic Connectors

14180106.8 Europe Electromagnetic Connector

1402820-0001, 0002, 0003, 0004, 0005

Europe Backplane For An Industrial Control System

2014-080952 Japan Electromagnetic Connectors

2357,2358/2014 Japan Backplane For An Industrial Control System

30-2014-5754/5755 Korea Backplane For An Industrial Control System

103300681, 682, 684, 685, 686 Taiwan Backplane For An Industrial Control System

154938 Canada Backplane For An Industrial Control System

End of white paper.

http://www.bedrockautomation.com/

https://www.linkedin.com/profile/view?id=32444535&trk=nav_responsive_tab_profile

Documents

OSA White Paper Series Chapter One-The Backplane120114pdf