This application claims the priority of Japan patent application serial no. 2018-068198, filed on Mar. 30, 2018. The entirety of the above-mentioned patent application is hereby incorporated by reference herein and made a part of this specification.
The disclosure relates to a control apparatus for controlling an object under control.
Conventionally, in the field of factory automation (FA), a configuration in which a control apparatus, such as a programmable controller (PLC), is connected to an information system that deals with production management information such as production instructions or production results is adopted.
For example, Japanese Laid-Open No. 2008-084343 (Patent Document 1) discloses a programmable controller, etc., that is capable of transmitting and receiving data even among apparatuses (computers, PLCs, etc.) connected to networks different each other.
Along with the progress in information and communication technologies (ICT) in recent years, there is also a need to exchange various information between control apparatuses. The configuration disclosed in Japanese Laid-Open No. 2008-084343 (Patent Document 1) is a PLC including a CPU (central processing unit) and a communication unit, and assumes that each unit is connected to a different network.
In the case where such a configuration is adopted, communication units in the same number as the number of networks that are connected are required, and the configuration becomes complicated.
According to an embodiment of the disclosure, a control apparatus for controlling an object under control is provided. The control apparatus includes a first network controller and a second network controller for exchanging data according to a first communication protocol, and a packet transferring part for outputting a duplicate of a packet received by the first network controller from the second network controller and outputting a duplicate of a packet received by the second network controller from the first network controller.
The disclosure provides a means capable of simplifying the configuration of network connection even in the case where multiple control apparatuses are in network connection.
According to an embodiment of the disclosure, a control apparatus for controlling an object under control is provided. The control apparatus includes a first network controller and a second network controller for exchanging data according to a first communication protocol, and a packet transferring part for outputting a duplicate of a packet received by the first network controller from the second network controller and outputting a duplicate of a packet received by the second network controller from the first network controller.
According to the embodiment of the disclosure, in the case where the plurality of control apparatuses are connected to a network for exchanging data according to the first communication protocol, since it is sufficient to connect the control apparatuses to each other without using a hub, etc., the configuration of network connection can be simplified.
According to an embodiment of the disclosure, the first communication protocol may be a communication protocol including Ethernet (registered trademark) and TCP/IP. According to the embodiment of the disclosure, an Ethernet-based industrial network, etc., can be used.
According to an embodiment of the disclosure, the control apparatus may further include a third network controller for exchanging data according to a second communication protocol different from the first communication protocol. According to the embodiment of the disclosure, data exchange according to the plurality of communication protocols can be performed in parallel.
According to an embodiment of the disclosure, the second communication protocol may be a communication protocol of an industrial network that guarantees arrival time of data. According to the embodiment of the disclosure, an industrial network that guarantees the arrival time of data other than the first communication protocol can be used as a field network.
According to an embodiment of the disclosure, based on a physical address designated as a destination of a packet received by one network controller, the packet transferring part determines whether to output a duplicate of the received packet from another network controller. According to the embodiment of the disclosure, since it is possible to only duplicate necessary packets and transfer the duplicates to a subsequent stage among the packets entering a certain control apparatus, the increase in traffic in a network composed of multiple control apparatuses can be suppressed.
According to an embodiment of the disclosure, based on a network address designated as a destination of a packet received by a network controller, the packet transferring part determines whether to output a duplicate of the received packet from another network controller. According to the embodiment of the disclosure, since it is possible to only duplicate necessary packets and transfer the duplicates to a subsequent stage among the packets entering a certain control apparatus, the increase in traffic in a network composed of multiple control apparatuses can be suppressed.
According to the disclosure, even in the case where multiple control apparatuses are in network connection, the configuration of network connection can be simplified.
Embodiments of the disclosure will be described in detail with reference to the drawings. In the drawings, the same or corresponding parts are denoted by the same reference numerals, and the description thereof will not be repeated.
First, an example of a scene to which the disclosure is applied will be described.
In the configuration shown in
The main unit 100 has three communication ports P11, P12, P2. The communication ports P11 and P12 are capable of exchanging data under the same communication protocol. Typically, the communication ports P11, P12 are connected to an Ethernet-based industrial network.
On the other hand, the communication port P2 exchanges data with a field apparatus, such as a remote input/output device, various sensors, various actuators, etc. Typically, the communication port P2 is connected to a field network. Also, the communication port P2 may be omitted.
In the control apparatus 1, packets can be arbitrarily transferred between the communication port P11 and the communication port P12. That is, the control apparatus 1 has a packet transfer function for outputting a duplicate of a packet received by the communication port P11 from the communication port P12 and outputting a duplicate of a packet received by the communication port P12 from the communication port P11.
By adopting such a packet transfer function, various network functions (e.g., a repeater hub function, a switching hub function, a router function, a filtering function, a packet monitoring function, etc., as described later) can be realized by using the communication port P11 and the communication port P12.
By implementing such network functions in the control apparatus 1, the configuration of network connection can be simplified even in a case where a plurality of control apparatuses are in network connection.
First, a configuration example of the main unit 100 included in the control apparatus 1 according to the present embodiment will be described.
The processor 102 is equivalent to the arithmetic processing part that executes control computation, etc., and is configured with a central processing unit (CPU), a graphics processing unit (GPU), etc. In particular, the processor 102 reads a program (e.g., a system program or a user program) stored in the secondary memory apparatus 108, develops the program in the main memory apparatus 106, and executes the program, thereby realizing control corresponding to the object under control as well as various processes to be described later.
The chipset 104 mediates and controls data exchange between components constituting the main unit 100.
The main memory apparatus 106 is composed of a volatile memory apparatus, such as a dynamic random access memory (DRAM) or a static random access memory (SRAM). The secondary memory apparatus 108 is composed of, for example, a non-volatile memory apparatus, such as a hard disk drive (HDD) or a solid state drive (SSD).
The network controllers 110, 120 exchange data with another control apparatus or an arbitrary device via respective networks according to a communication protocol for industrial use. Typically, the network controllers 110, 120 are compatible with an Ethernet-based industrial network and have the functions of a physical layer and a data link layer conforming to the specification of the Ethernet.
Further, in the network controllers 110, 120, as a network layer and a transport layer (an Internet layer and a transport layer), a communication protocol such as the transmission control protocol/Internet protocol (TCP/IP) or the user datagram protocol/Internet protocol (UDP/IP) may be used. In this manner, a communication protocol including the Ethernet and TCP/IP may be adopted as the communication protocol used for data exchange by the network controllers 110, 120.
Then, as a session layer, a presentation layer, and an application layer, by adopting a common industrial protocol (CIP), an industrial network such as EtherNet/IP, DeviceNet, ControlNet, CompoNet, etc., can be realized.
By being compatible with the same communication protocol and operating in conjunction with each other, the network controllers 110, 120 can function as a kind of switching hub or repeater hub. That is, packets being transmitted and received can be transferred internally between the network controller 110 and the network controller 120, a duplicate of the packet received by the network controller 110 can be transmitted from the network controller 120, and a duplicate of the packet received by the network controller 120 can also be transmitted from the network controller 110.
The field network controller 130 is compatible with a communication protocol different from the communication protocol used in the network controllers 110, 120. That is, the field network controller 130 exchanges data with an arbitrary device via a field network according to a communication protocol for the field network.
In the field network, a communication protocol of an industrial network that guarantees arrival time of data may be adopted. For example, as the field network controller 130, one conforming to any of EtherCAT (registered trademark), DeviceNet (registered trademark), CompoNet (registered trademark), PROFIBUS (registered trademark), etc., may be adopted.
The USB controller 140 exchanges data with a support apparatus not shown herein, etc., via a USB connection.
In the memory card interface 150, a memory card 152 which is an example of a recording medium can be attached and removed. The memory card interface 150 can read and write various data (user program, setting data, log, trace data, etc.) with the memory card 152.
The local bus controller 160 exchanges data with the local unit 200 (see
Next, typical connection modes of a network configuration using a plurality of control apparatuses 1 according to the present embodiment will be described.
In the connection mode shown in
In such a connection configuration, a cable for connection is laid from the hub 10 to each control apparatus 1.
On the other hand, in the connection mode shown in
In order to realize such a connection mode, the communication port P11 and the communication port P12 of each control apparatus 1 function as a repeater hub or a switching hub. That is, a packet entering the communication port P11 of a certain control apparatus 1 is transmitted as-is or selectively from the communication port P12. Likewise, a packet entering the communication port P12 of a certain control apparatus 1 is transmitted as-is or selectively from the communication port P11.
In this manner, by implementing a process for appropriately transferring packets between the communication port P11 and the communication port P12, the hub 10 as shown in
For the ease of explanation, in
Next, examples of the network functions provided by the control apparatus 1 according to the present embodiment by using the network controllers 110, 120 will be described. It is not necessary to implement all of the network functions described below, and it may be that only at least part of the functions are implemented.
The control apparatus 1 according to the present embodiment has a packet transfer function for outputting a duplicate of a packet received by the network controller 110 (the communication port P11) from the network controller 120 (the communication port P12) and outputting a duplicate of a packet received by the network controller 120 (the communication port P12) from the network controller 110 (the communication port P11). Below, some variations of such transfer function will be explained.
The packet duplicating part 170 duplicates an arbitrary packet received by one of the network controllers 110, 120 and outputs the packet to one of the network controllers 110, 120. Also, the packet duplicating part 170 outputs the packet received by one of the network controllers 110, 120 to the packet processing part 180.
The packet processing part 180 executes a process in correspondence with the packet given from the packet duplicating part 170.
The packet duplicating part 170 transmits a packet entering one of the network controllers as-is from the other network controller. As shown in
By repeating such duplicating and transmitting of packets, the packet communication substantially the same as the case where the plurality of control apparatuses 1 are connected to a common repeater hub can be realized.
The L2 switching part 172 realizes packet filtering and transfer processes at a layer 2 (L2) level. That is, based on the physical address designated as the destination of a packet received by one of the network controllers, the L2 switching part 172 determines whether to output a duplicate of the received packet from the other network controller. More specifically, the L2 switching part 172 refers to media access control (MAC) address information 173 describing the MAC address, which is the physical address of the control apparatus 1 connected to the network, and controls the transfer destination of the packet. The MAC address information 173 may be statically determined in advance or may be appropriately updated during the packet transfer process.
More specifically, when one of the network controllers 110, 120 receives a certain packet, based on the MAC address stored in the destination header of the received packet, the L2 switching part 172 determines whether the received packet is a packet addressed to its own apparatus. When determining that the received packet is a packet addressed to its own apparatus, the L2 switching part 172 outputs the received packet to the packet processing part 180. In this case, the L2 switching part 172 does not transfer the received packet to another control apparatus 1.
The packet processing part 180 executes a process in correspondence with the packet given from the L2 switching part 172.
On the other hand, when determining that the received packet is not a packet addressed to its own apparatus, based on the MAC address stored in the destination header of the received packet, the L2 switching part 172 determines whether the received packet should be transferred to another control apparatus 1. Then, when determining that the received packet should be transferred to another control apparatus 1, the L2 switching part 172 transmits a duplicate of the packet from the other network controller.
In this way, the L2 switching part 172 filters the packet entering one of the network controllers with the MAC address and then transmits the replicate from the other network controller. As shown in
In this case, the L2 switching part 172 outputs the packet 1 addressed to its own apparatus to the packet processing part 180, and does not transfer the packet 1 to another control apparatus 1. On the other hand, the L2 switching part 172 replicates the packet 2 that is addressed to the control apparatus 1B but not to its own apparatus, and transmits it from the network controller 120.
By repeating such filtering and transmitting of packets, the packet communication substantially the same as the case where the plurality of control apparatuses 1 are connected to a common switching hub can be realized.
The L3 switching part 174 realizes packet filtering and transfer processes at a layer 3 (L3) level. That is, based on the network address designated as the destination of a packet received by one of the network controllers, the L3 switching part 174 determines whether to output a duplicate of the received packet from the other network controller. More specifically, the L3 switching part 174 refers to IP (Internet protocol) address information 175 in which the IP address as the network address of the control apparatus 1 connected to the network is described, and controls the transfer destination of the packet. The IP address information 175 may be statically determined in advance or may be appropriately updated during the packet transfer process.
More specifically, when one of the network controllers 110, 120 receives some packet, based on the IP address stored in the destination header of the received packet, the L3 switching part 174 determines whether the received packet is a packet addressed to its own apparatus. When determining that the received packet is a packet addressed to its own apparatus, the L3 switching part 174 outputs the received packet to the packet processing part 180. In this case, the L3 switching part 174 does not forward the received packet to another control apparatus 1.
The packet processing part 180 executes a process in correspondence with the packet given from the L3 switching part 174.
On the other hand, when determining that the received packet is not a packet addressed to its own apparatus, based on the IP address stored in the destination header of the received packet, the L3 switching part 174 determines whether the received packet should be transmitted to another control apparatus 1. Then, when determining that the received packet should be transmitted to another control apparatus 1, the L3 switching part 174 transmits a duplicate of the packet from the other network controller.
In this way, the L3 switching part 174 filters the packet entering one of the network controllers with the IP address, and then transmits the replicate from the other network controller. As shown in
In this case, the L3 switching part 174 outputs the packet 1 addressed to its own process to the packet processing part 180, and does not transmit the packet 1 to another control apparatus 1. On the other hand, the L3 switching part 174 replicates the packet 2 that is addressed to the control apparatus 1B but not to its own apparatus, and transmits it from the network controller 120.
By repeating such filtering and transmitting of packets, the packet communication substantially the same as the case where the plurality of control apparatuses 1 are connected to a common router or bridge can be realized.
Based on the information (source MAC address, destination MAC address, source IP address, destination IP address, transmission date and time, port number, stored data, etc.) included in the entered packet, the filtering part 176 manages the transfer to the next control apparatus 1. More specifically, the filtering part 176 refers to filtering information 177 describing a transfer condition of the packet and determines whether the packet received by one of the network controllers 110, 120 is to be transferred and whether the transfer is necessary.
The filtering information 177 may be defined in the form of a whitelist describing a condition under which the packet should be transferred or in the form of a blacklist describing a condition under which the packet that should not be transferred. The filtering information 177 may be arbitrarily set or updated externally.
More specifically, when one of the network controllers 110, 120 receives some packet, the filtering part 176 refers to the filtering information 177 and determines whether the received packet should be received or transferred based on the header information, etc., in the received packet. A packet that is determined not to be received or transferred may be discarded.
The filtering part 176 outputs a packet addressed to its own apparatus, among the packets determined to be received or transferred, to the packet processing part 180. In this case, the filtering part 176 does not transmit the received packet to another control apparatus 1. Also, regarding a packet addressed to another control apparatus 1 among the packets determined to be received or transferred, the filtering part 176 sends a duplicate of the packet from the other network controller.
In this way, the filtering part 176 filters the packet entering one of network controllers under an arbitrary filtering condition and then sends the replicate from the other network controller as needed.
As shown in
In this case, the filtering part 176 discards the packet 3 and the packet 4, and processes only the packet 1 and the packet 2 as valid ones. In this case, the packet 1 is given to the packet processing part 180 of the control apparatus 1A, and the packet 2 is given to the packet processing part 180 of the control apparatus 1B.
By applying such arbitrary filtering to packets, various applications such as forbidding transfer of a packet that can cause a security concern are possible.
As shown in
The packet monitoring function is a function for sequentially collecting the history of the packet transmitted on the network and can be used for investigating the cause of any trouble occurring in the network. In such a packet monitoring function, the beginning and the end of packet history collection can be arbitrarily designated. Further, arbitrary filtering on packets to be collected may be performed. For example, filtering such as only packets transmitted from a specific control apparatus 1 or only packets having a specific port number can be performed.
In the case of activating the network function as described above in the control apparatus 1, necessary settings in the support apparatus may be created and the created settings may be given to the target control apparatus 1. In this case, a network function that should be enabled, filtering information, etc., may be designated in the support apparatus.
As another setting method, an instruction designating the network function that should be enabled may be described in the user program executed in the control apparatus 1. In this case, by activating the control apparatus 1 and executing the user program, the designated network function is activated.
A function block corresponding to each network function may be provided as an instruction for activating such a network function. By providing the function block, the program creator can realize the necessary network function even if the program creator has limited network-related knowledge.
In the above-described embodiment, the main unit 100 and the support apparatus are configured to be independent from each other. However, all or part of the functions of the support apparatus may be incorporated into the main unit 100. In this case, for example, by using the virtualization technology, a process equivalent to the control apparatus 1 and a process equivalent to the support apparatus may be executed in parallel on common hardware.
In the above-described embodiment, the control apparatus 1 (PLC) including the main unit 100 and the local unit 200 is exemplified. However, a configuration in which a safety control unit, a special control unit, etc., is mounted on a local bus from the main unit 100 may be adopted. In this case, the mounted safe control unit or special control unit can also establish connection with another unit or device by using the network controllers 110, 120 of the main unit 100. Also, in this case, the network functions as described above can be applied.
The above-described embodiment of the disclosure includes the following technical concepts.
A control apparatus (1) for controlling an object under control, including:
The control apparatus according to Configuration 1, wherein the first communication protocol is a communication protocol including Ethernet (registered trademark) and TCP/IP.
The control apparatus according to Configuration 1 or 2, further including a third network controller for exchanging data according to a second communication protocol different from the first communication protocol.
The control apparatus according to Configuration 3, wherein the second communication protocol is a communication protocol of an industrial network that guarantees arrival time of data.
The control apparatus according to any one of Configuration 1 to 4, wherein based on a physical address designated as a destination of a packet received by a network controller, the packet transferring part (172) determines whether to output a duplicate of the received packet from another network controller.
The control apparatus according to any one of Configuration 1 to 4, wherein based on a network address designated as a destination of a packet received by a network controller, the packet transferring part (174) determines whether to output a duplicate of the received packet from another network controller.
The control apparatus 1 according to the present embodiment has two network controllers, and can arbitrarily transfer packets between the network controllers, and implements a network function which uses such a packet transfer function. By using the network function implemented in the control apparatus, the configuration of network connection can be simplified even when multiple control apparatuses are in network connection.
It should be considered that the embodiment disclosed herein is an example in all respects and is not restrictive. The scope of the disclosure is to be indicated by the scope of the claims rather than the above description and it is intended that all modifications within meaning and scope equivalent to the claims are included.
Number | Date | Country | Kind |
---|---|---|---|
2018-068198 | Mar 2018 | JP | national |