Digital Transformation Transforming Industrial Sensor Design

Show video

foreign so how does the digital transformation transforms the industrial sensor design the industry is demanding more data and more data is needed for improving the efficiencies uh and improving the morality the manufacturing of any Factory being it factories or process industry everybody's looking for more data and use the data for optimization of the process so not only for control but bringing the data up to a higher level of not only control but Enterprise and up to the cloud and process the data and find out how to make the the factory more efficient so what we'll talk about today is look at the instrument which is sitting at the edge of any process or or factory system and how does the transformation looking for more digital and more data how does it transform the design of the device itself so we look at some connectivity types architectures of 4 to 20 millimeter and then APL 10 base t1l and then we dive deep dive into the field device design look at Power explosive safety functional safety security and hopefully we'll be able to draw some conclusions so typical installations in the field so on the left hand side it's a typical plan via 4 to 20 milliamps these plants are running for years decades 50 years we have connected it from the end device and by principle it's very simple there is a pair of wires going from the end device from The Edge and it finds old its ways to the PLC input and similarly if you need to control some valve it finds its way from the output of PLC programmable logic controller and control some valve so principle very simple the challenge comes with a scale even if I look at my own plant we have a manufacturing facility in Arnold devices and if I look in our own Fab there is hundreds and thousands of these nodes they go through some field junction boxes there is a piece of equipment somewhere so the the device and cables from Individual devices is congregated into some junction box and then it goes goes through some multi multiplayer multi-core shielded cable and the cables are quite thick lots and lots of bars inside land up in Marshall in cabinet just to paint the picture the imagining cabinets in our Factory are like huge cabinets and there are thousands of of cables Landing there and then if you need to maintain it if you need to add a note somewhere on some Edge I need to find a new bar there the challenge comes with a scale and and maintaining maintaining such a plot is not an easy easy way so by electrically very simple with the scale of the manufacturing it's not not that simple anymore uh if you look at the on the right hand side that's where APL is is looking for having an Ethernet connectivity down to the sensors up until recently there was not possible to bring ethernet to this to this to these edges of many of the industries because it could be sitting an explosive environment so it needs to be safe explosive safe in changing safe industry calls it APL allows us to bring ethernet down to the edge and then it simplifies significantly the topology of the wiring you have the same signals coming individually from the sensor but they now come from to a field switch what through what they call Sports up to 200 meters per apil specification and then you can change the field switches and get the information up to the to the what they call power switch for injecting the power to power supply all the all the sensors and to do plc about that brings it you have an IP address on the on each of the sensor and not only you can run the control signals between the control information between the sensor actuator and the programmable controller you can in parallel on the same wires get much more data up the stream and process the data and again use them for improving their efficiency and and uh sustainability of the manufacturing so now let's dive deeper here so this is 4 to 20 milliamp again sensor PLC input output unlock input output and reminder it's analog signal so it's 4 milliamps is zero percent of temperature zero zero pressure 20 milliamps is the maximum 100 of the input uh and any value in between represents the value that is measured that's 4 to 20 milliamps sometimes on the 4 to 20 milliamp there is a optional heart modulation which does bring some digital bi-directional modulation uh bi-directional information from and out of the sensor heart is pretty slow 1.2 kilobit kilowatt sorry 1.2 kilobit which is slower than any modem that we saw 20 years ago on our telephone line so it's really small really slow uh and not every plcdcs device would have a native hard modem on the on the port so you may have a hard multiplexer a sighted again complicates the wiring if you look at the APL again the signal chain is you can have some 100 gigabit connectivity from the switch to the plc field switch or multiple field switches and the sports to the to the uh sensors and actuators and uh the signal is digital then basically one of this palm tree tree levels modulation digital and you have DC power over the same line uh so it's pure digital pure digital communication no 4 to 20 million financing between now architecture of the field instrument itself and I focus in the presentation on the sensor side Eco will be applying to any actuators and evolves and and devices like that so typically a sensor measuring temperature pressure flow distance whatever needs to be measured there some unlock front-end microcontroller maybe two you can see that it is relatively small on today's scale small microcontroller and communication so the 4 to 20 milliamp communication would like that you have a d2a converter uh kind of taking the data saying okay zero or 100 convert to the current and driving the current in the loop and then of course you have some DC DC step down converter to supply the the insides the guts of the sensor when you look at the field device on APL to front end is very similar you may need a little bit bigger microcontroller because you need to run some communication protocol on it but then you have a fi or integrated Mark and file same dc-dc converter and as a digital digital communication there and then power coupling there's some power coupling inductors that couple the date the the decouple the power and data so data is AC coupled to the communication and power is DC couples through an inductor so but the front end is can look very similar to what we see today at 4 to 20 milliamps now we look at the power power aspects of the of the instrument 4 to 20 milliamp is the information the system has to be able to power the full power needed for the device so if it's signaling 20 milliamps which is 100 it needs to be able to deliver 20 milliamps at 24 volts through the system and most of the 20 milliamps would there be burned or Bypass or shunt through the communication stage of the of the device and then what we are left with is 4 milliamps because if it needs to Signal 4 milliamps then the whole sensor it needs to be taking maximum four Millions from the loop and four milliamps it's all that is left for powering all the device the the back end the microcontrollers the front end so you can see some power budgeting here and what is left for the instrument is uh yeah and we lose some power on the barriers and on the cable because the cable if it's long and have some resistance you have some voltage of public cable there's an interesting save barrier which there is no way around that having a resistor in series so again you have some voltage drop there so what is left for the instrument itself is something in order 40 millivolts you can argue it's 38 or 45 but in order of this and for the measurement itself will be around 25 millivolts so 25 millivolts is all that is left for the sensor unlock front end a to d converters microcontroller running algorithm to calculate from the voltage from the sensor pressure or whatever is being measured if we compare now to the 10 base t1l APL device and I'm referring to APL Port specification Class A which is a half about half about power the system is drawing similar power about half a lot of power going to the communication line uh and the specification says that you need to account for minimum 9 volts on the instrument about 55 milliamps that can be taken by the instrument we are going to use much more power on the pro more power on the protection we use more power for the communication itself but we still you know and it's our Focus to make low power communication you will need a little bit more power on the microcontroller just to run protocol and it depends on what protocol you are running will be different if you're on full plus profinet and different if you run something simpler but roughly the power budget there so from the 500 milliwatts that is delivered by the port now we end up about 250 milliwatts left from the sensor itself so it's about 10 times more than we had in the 4 to 20 milliamps which means we can build more sophisticated sensors and we can maybe transfer more sensors that previously on the 40-20 milliamp Loops would need external power supply couldn't lift from the 4-20 milliamp Loop so we can we can maybe transfer more sensors because we have more power available you can transfer more sensors to the two-line single pair communication so let's power power aspect of the design explosive safety explosive safety is being built you know intrinsic safety instruments for 4 to 20 milliamp Loop are being built for a long time there is a barrier that limits how much how much power how much current how many voltage can you get to the line and then the instruments have to be able to safely operate uh under that power budget and safely operate is the philosophy of the intrinsic safety that you have to consider anything can fail you can't count that one diode will work and that's why you can see three dials in serious in the signal pass if you think about that in any polarity uh any component can fail so if the components is critical for limiting the power that can be dissipated inside the instrument or if the component is guaranteed you don't have much then expected voltage on capacitor uh all these things have to be either very simple my apologies has to be either very simple components or they have to be they have to be doubled well-known techniques in the in the industry you have come maximum voltage 30 volts from here you may be pumping voltage lower on the on the instrument side because if you climb to voltage lower you connect afford more capacitance uh and just again the philosophy here is if you accidentally short this capacitance by damaging the instruments and you short it it cannot it must not spark because it Sparks and there is a hydrogen outside it will just blow up the factory and similar temperatures if any of the device fails completely fails and starts heat up and dissipate the power under the maximum power dissipation for each section of the device must not exceed temperature that could cause ignition of the of the environment around so for 40-20 milliamp device the maximum power that the whole instrument can dissipate about 0.75 Watts so it has to be designed in a way that that power dissipation does not cause uh temperature that could cause some damage now if we compare now with the APL device the philosophy and the the techniques around are very similar if not same uh the APL specification specify how much power can deliver the 10 base t1l Spore Port so the Institute save barrier now is effectively built inside the switch and it says how much voltage can be expected how much current can be expected to go to the device there's some more protection needed for the power coupling and you can see large number of diodes there has to be power two columns of dials in parallel just in case one of the diode fails the other seal needs to be able to clump and when mentioning these diodes the 10 base t1l amplitude to explosive environment is limited to one volt the standard recognizes two amplitudes 2.4

volt one volt so one volt is used for these uh intensive instrument not because the one volt car is less energy but because you can effectively clamp the the components inside the device so that one volt amplitude if you think about diode it cannot forward bios by the signal itself so you need at least two two diodes two voltage drops that don't open in one volt and if you go 2.4 volts it'll be much more more many diodes and then inside the instrument the techniques are the same as in 40 milliamp Loops so that compares one to one so the only thing to watch if you design 10 base t1l device for inchanging safety the power that it needs to be able to dissipate is now about 5 watts and that comes from the fiscal principle from the A Plus specification but it's not completely new because this technique and this power level is already used in some Foundation field bus or profibus PA devices today so there's explosive safety again design is not much more complicated at existing 40 to 20 million bloops and then functional safety if you design functional safety instrument you have to be sure that what you think you measure is actually what you measure so the a2d converter if the a2d converter failed you need to know it and you need to detect it and report to the rest of the system so you would see techniques like having redundant a2d converter redundancy in the front end of the of the measuring but what's more interesting is the four to twenty lamp Loop itself again remember it's a analog signal 4 milliamps is zero percent 20 milliamps hundred percent and anything in between represents a value that is being measured on this by the sensor so if you want to make sure that the 4 to 20 million blue represents what sensor is measuring you need to make sure that if the microcontroller says I don't know 12 milliamps you have to watch that it is really 12 milliamps which means some additional components additional techniques output Loop driver itself so you will see typically a another resistor ADC load back to the microcontroller and similarly on the on the input side on the unlocking site on the on the uh controller you will see some again redundancies there you wouldn't rely on one register you would have two registers two a to d converters again to make sure that what sensor measures that get that information gets all the way down there and if it doesn't if there is any fault detected at any stage you have to declare that the sensor count measure so if you can imagine you are watching a level in some tank and the tongue has some dangerous chemical you want to make sure that it doesn't overflow so you have to make sure that what you measure as a level is actually what the level is because if you overflow you can cause some damage kill some people and so on so that's functional safety and again 4 to 20 mil amp Loop you have to design to the function safety standard as a parent standard for functional safety all the signal chain including your communication needs to be designed to the standard now if we compare with the APL instrument the same techniques the same function safety the same redundancy applies for the analog front end connected to the sensor but once you get to digital It's relatively easy it's a black Channel you either do that commonly do get communication or you don't and you can apply of course you apply some safety protocol if you if you're on profinet you will uh you will apply profinet safety there you can but you can you can easily detect that the packet that is sent by this microcontroller is correctly easy from the other side you do crcs and and so on and you know that you have to get new packet you can number the packets so you know that the next bucket is not the same as the previous one there are techniques around that but these techniques are digital and do not apply for the communication for the APL communication itself so there's function safety now security if you look at the plant and if you look at the on the left hand side on the plan wire 4 to 20 milliamps and if you look how can you Cyber attack that plant you can go you can come from the cloud from from internet you know many people interested in in taking your plant down but it's kind of only I.T level so you would you would have of course you would have some firewalls and and security built up there uh but then if you look at the perimeter of course you need to sort out Security in your plant if somebody gets inside and can pull out wire then you can't do much about that on the electronic side so you have to have a security of your plan sorted but then if you go down to the field uh if you have some device if you can attack one device and I put one device deliberately on the edge so it could be your I don't know intake of materiality or plant it may have some sensors there so somebody unauthorized can access that sensor okay he can access that sensor he can damage it or fake it but it's only one sensor of many that are in inside your plants so yes you can take one sensor down one four to twenty million bloop is lying or doing something strange but as a control system is still doing what it's supposed to do if we look now at the 10 base c1l and we say seamless connectivity collecting data from The Edge to the cloud that means it's a network and once you access any node of that Network you can potentially get pseudo Network and you can attack all plants all of your plant if you if you are able to attract and fake one of the sensors and that's why if we talk about 4 to 20 milliamps we usually don't do we obviously don't talk about security at 4 to 20 milliamps I have not seen anybody in the industry you know building a security 4 to 20 million plug transmitter but if you go to the 10 base t1l you have to make sure that the device that is connected to the network is what the device is supposed to be you need to make sure that it's running the collect firmware in your microcontroller that somebody doesn't put something different there and we discussed the microcontroller if it's microcontroller is able to run a profinet stock it can equally run some rock kind of firmware there so you need to make sure that the firmware is what's supposed to be so into apply some secure boot you need to apply authentication on both directions so from this side you need to make sure that you talk to device that you are supposed to talk and equally if the device is getting firmware update it needs to make sure that the firmware update is coming from an authorized source and you use typically use encryption and so on so there is a security IEC standard that applies to the industry and in the APL instrument you need to apply security and dark chips for providing these functions in the instruments so that's the security and that's just a quick summary of of what we talk about so comparing 4 to 20 milliamp and 10 base t1l from The Edge device point of view from design of the edge device of the field instrument so quick comparison Sultan base t1l you can get all data that you want and the available Upstream Downstream you can get seamless connectivity from IP addressable and device up to as high as you allow your plant to the cloud you can collect lots of data use them for optimization monitoring and so on you actually can get much more power for the instrument for the measurement itself for the API device about 10 times the power than the 1420mm loop was providing uh intrinsic safety there are known techniques you have to deal with a little bit more power that you need to be able to burn in your instruments and gained our techniques how to Stage the power limiting and again we will have solutions for that in chips and connection is actually from the function safety point of view the connection is easier the channel itself is black Channel you don't care you either do get data or not plus 4 to 20 milliamp any value in between could be wrong and then security is something critical that you need to implement on the end device and that's the price that you pay for seamless connectivity up to the cloud and that's for me if you have any questions feel free [Music] foreign [Music]

2023-03-17

Show video