The “network system” is, for example, an automation network system. For some time, there has been a noteworthy trend here in that conventional fieldbus systems are increasingly being replaced or supplemented by Ethernet-based systems such as, for example, PROFINET or EtherCat. Ethernet-based systems—which, like conventional fieldbus systems, can also be configured for real time-capable data transmission—enable a uniform network structure of the process control level, up to the field devices in industrial production installations. This trend is known as vertical integration of automation technology; in Ethernet-based network systems of automation technology, there is generally also discussion of industrial Ethernet. In automation network systems, there is cyclic or even acyclic transmission of, in particular processing and diagnostic data and any applicable additional data between the network participants, examples of which may be field devices and controllers.
The network infrastructure of an automation network system, in particular a fieldbus, is generally geographically limited, i.e., locally limited to, for example, a production site. Only rarely is it possible for the network infrastructure of an automation network system to extend beyond a production site. Often, a so-called virtual private network (VPN) is set up in order to connect two or more network infrastructures or sub-networks at different production sites, and thus to form a multi-site network system. The sub-networks of the individual sites (local area networks (LANs)) are then connected over a VPN gateway to a wide area network such as, for example, the Internet, wherein a data link, also called a VPN tunnel, which is secured by encryption mechanisms is constructed between the VPN gateways.
Within a sub-network, the network participants communicate in accordance with at least one shared communication protocol. Even if the same communication protocol is provided in the sub-networks of two sites, data transmission between the two sub-networks via the VPN tunnel often takes place in accordance with a so-called telecontrol protocol. With automation network systems, the telecontrol protocol must be set up in at least one controller of the respective sub-network, so that data can be transmitted between the controllers of different sub-networks via the VPN tunnel in accordance with the telecontrol protocol.
However, a considerable amount of administrative and configurational effort must be put into implementing a network system having sub-networks configured in at least two separate sites in accordance with the aforementioned conventional approach.
First, it is necessary for the respective network infrastructure to be set up with the network participants thereof at each of the sites; in particular, the respective controller must be configured and put into operation. Then, the network infrastructure of each site must be connected to a wide area network such as, for example, the Internet. In the controllers of the network infrastructures connected via the wide area network, a telecontrol protocol must be set up, in accordance with which the controllers are to transmit data to one another via the wide area network. Because a telecontrol protocol only rarely allows for encrypted data transmission, a VPN tunnel must also be set up. Even if the telecontrol protocol already provides encryption mechanisms, problems can arise with respect to addressing. The addresses of the participants must be known, both in order to set up the telecontrol protocol and in order to set up the VPN tunnel. In wide area networks such as the Internet, the operator or provider confers mostly dynamic addresses, in particular public IP addresses to the network participants of the wide area network, such that the address of a network participant changes over the course of time. The telecontrol protocol or the VPN tunnel can then be set up on the basis of the name of the respective participant, wherein a service for a dynamic domain name system (DNS) must additionally be set up, with corresponding additional expenditure, the respective currently-valid address being assigned by means thereof to the name of the respective participant. Another possible problem is the fact that due to performance reasons, a VPN tunnel can often only handle a relatively small number of connections, for example, ten connections. Moreover, though the telecontrol protocol does make it possible to transfer data between the controllers at the different sites, the network infrastructure of one site is not thereby expanded through the network infrastructure of the other site in such a manner that the network participants of the one network infrastructure could exchange data with the network participants of the other network infrastructure in the same manner as can be done with participants of the same network infrastructure. This complicates the engineering of automation processes beyond the limits of the network infrastructure of one site. It also bears mentioning that the wide area network, as a connection between the local network infrastructures, also poses a risk in that if there is a disconnect or connection failure, the entire automation process will be stopped, because parts of the network system—i.e., the separate sub-network and the network participants thereof—would no longer be available. With a PROFINET-based network system, for example, a so-called watchdog timer would be triggered if specific data is not available within a protocol-specifically defined period of time, or at a protocol-specifically defined point in time.
Another trend observed in network systems in general and in automation network systems in particular is the coupling of network infrastructures with cloud computer infrastructures, involving abstracted IT infrastructures that are dynamically adaptable to the respective requirements and that supply, for example, computing capacity, storage capacity, or network capacity, as well as software applications for the network participants of the network infrastructure coupled to the cloud computing infrastructure. The cloud computing infrastructure is then operated, for example, by a service provider, and is connected to the local network infrastructure via a WAN such as the Internet.
DE 10 2011 053 757 A1, for example, discloses a method for generating and handling component applications for physical components of a control system, such as, for example, a programmable control unit. The aforementioned method provides that the component applications are generated so as to be distributed in a cloud-based environment, wherein each of the component applications is generated in a representative representing the physical components in the cloud-based environment, through interaction between the representatives as well as between the representatives and the associated physical components. The interaction between the representatives and between the representatives and the associated physical components is then controlled by service-level agreements (SLAB). The generated component applications can be distributed to the other components of the control system by means of the physical components, in the form of the control unit, with consideration given to the SLAB.
Similarly, EP 2 580 628 A1 discloses a method for integrating at least one field device into an automation network. Therein, the field devices are accessed via a field access unit that communicates with at least one automation integration platform at least one web server of a service provider, wherein a virtual version of the field device is provided in a database by the service provider for each of the field devices. The virtual version of the field device, with the precise field device-specific and application-specific properties, can thereby be transmitted at runtime either automatically or on request by the service provider to the operator of the automation installation, via cloud computing web services or Internet-based services, and immediately transferred into the field device so that the field device performs its function in the automation installation immediately upon being integrated into the network.
In addition, EP 2 605 096 A1 also discloses a safety-oriented controller in combination with cloud computing. This control device cyclically accepts safety-oriented input signals from an industrial technical process in a failsafe manner, and transmits the input signals to a computer cluster via a connection to a computer network, with the use of a failsafe protocol. The controller then accepts certain safety-oriented control signals from the computer cluster for the industrial technical process, and decides on the basis of additional information in a failsafe manner whether it recognizes as correct the control signals identified by the computer cluster.
Depending on the outcome of the decision, the controller controls the industrial technical process in accordance with the safety-oriented control signals in a failsafe manner, or transfers the industrial technical process into a secure state in a failsafe manner.
Moreover, EP 2 484 061 B1 also discloses a scalable, cloud computing-based architecture for extending a private enterprise network infrastructure, wherein resources can be seamlessly integrated through the setting up of, inter alia, a logical customer edge router in a cloud data center in the cloud topology.
EP 2 528 302 A1 additionally discloses a cloud-enabled virtual gateway that can masquerade, to an application within the cloud environment, as a physical gateway that is installed at a geographic location. The virtual gateway can receive a request from the cloud-based application for a device at the geographic location to which it is connected via a communication system.