1. Field of the Invention
The invention relates to control and, more particularly, to a controller and method for setting up communication links to redundantly operated controllers in an industrial automation system.
2. Description of the Related Art
An industrial automation system usually comprises a multiplicity of automation devices networked to one another via an industrial communication network, and is used within the context of production or process automation for controlling or regulating installations, machines and/or devices. Time-critical constraints in technical systems automated via industrial automation systems mean that realtime communication protocols, such as PROFINET, PROFIBUS or Real Time Ethernet, are predominantly used in industrial communication networks for communication between automation devices.
Interruptions in communication links between computer units in an industrial automation system or automation devices can lead to undesirable or unnecessary repetition of a transmission of a service request. This repeated transmission causes an additional workload for communication links in the industrial automation system, which can lead to further system disturbances or faults. A particular problem in industrial automation systems regularly results from signaling traffic with a relatively large number of, albeit relatively short, messages, which intensifies the above problems.
On account of their use for often extremely different applications, Ethernet-based communication networks can encounter problems when network resources for transmitting short data frames with realtime requirements are concurrently demanded for transmitting data frames with a large user data content, for example. This can lead to delayed transmission of the data frames with realtime requirements or even to a loss of individual data frames of this kind.
WO 2007/144364 A1 describes a method for networking an automated installation that comprises at least one cell having a subnetwork. The subnetwork is linked to a further subnetwork of the automated installation via a router. The automated installation is networked by providing a multicast group that extends over both subnetworks. The multicast group is used to detect a communication network address for a communication network interface of an assembly. Here, the assembly has joined the multicast group beforehand via the communication network address, and the communication network interface has been connected to the subnetwork beforehand. The communication network address is used to assign a name to the communication network interface of the assembly. In a further step, a further communication network address for the communication network interface of the assembly is ascertained, which has at least part of a numerical representation of the name.
European patent application 14200562.8 discloses a method for ascertaining communication device addresses within a communication network in an industrial automation system. Selected communication devices of the industrial automation system each have an associated memory unit that each temporarily store at least some name service information that is provided by a communication network name service. Connection setup from a first selected communication device to a second communication device is commenced from an application or function of the industrial automation system, which application or function is distributed over at least the first and second communication devices, using the name service information that is stored in the memory unit associated with the first communication device. In the event of a failed connection setup attempt, the application or function initiates an at least partial update of the temporarily stored name service information.
A method for configuring a communication device in an industrial automation system is described in co-pending U.S. application Ser. No. 15/044,906 filed Feb. 16, 2016, the contents of which are incorporated herein by reference in its entirety. In this case, a communication network address associated with the communication device is generated independently from at least one prefix transmitted via router notification messages by at least one router allocated within a subnetwork and from a device-individual interface identifier. The communication device asks at least one server in a name service system, in accordance with a name resolution protocol, which communication network addresses are associated with its communication device name. The communication network addresses requested from the server in the name service system are checked for a match with the prefix. However, the communication device allocates itself only those communication network addresses requested from the server in the name service system that have a match with the prefix transmitted by the router.
In the case of high-availability control systems, two programmable logic controllers are logically coupled to one another such that they execute identical user programs essentially in sync. Here, one programmable logic controller, which is in an active operating state for controlling or regulating a technical process, usually has, as the main controller, a leading role, while the other programmable logic controller, as a reserve controller, executes user programs with a prescribed time delay. If one of the two programmable logic controllers in a high-availability control system fails, the remaining programmable logic controller continues to execute the user programs.
In principle, a high-availability control system is more likely in a virtual form, specifically as a result of the interaction of the two programmable logic controllers that the high-availability control system comprises. Here, the high-availability control system, in contrast to the two programmable logic controllers, has no associated device name. If, by way of example, an operator control and monitoring device is intended to access a high-availability control system, then this device usually requires setup of a respective transport connection to each of the two programmable logic controllers. Ideally, this should not require explicit identification of the two transport connections. Instead, it makes sense to set up a connection to a high-availability control system on a logical level.
In order to set up a connection to a high-availability control system, the transport connections to the two programmable logic controllers could be planned individually, in principle. This is relatively inconvenient and also susceptible to error, however. Another way of setting up a connection to a high-availability control system would be to use an additional itinerant communication network address that always refers to the current main controller. One problem with such a solution is that address changes should also be promptly updated in a Domain Name System. Usually, corresponding changes in a Domain Name System are implemented only with delays of a few minutes. A setup of a communication to a high-availability control system could, in accordance with a further alternative, also be initiated by using an additional itinerant device name that always refers to the current main controller. However, in this case, one problem is that changes in a Domain Name System are also implemented only with delays of several minutes.