1. Field of the Invention
In distributed industrial automation systems, it is necessary to ensure, when acquiring, evaluating and transmitting measurement and control data, that complete and unchanged data are present in real time, i.e., in time-critical industrial production processes. Intentional or unintentional changes or changes caused by a technical fault should be avoided because they may result in inconsistent system states and system failures with economically serious downtimes within an industrial automation system.
2. Description of the Related Art
An industrial automation system usually comprises a multiplicity of automation devices networked to one another via an industrial communication network and is used to control or regulate installations, machines or devices within the scope of production or process automation. On account of time-critical boundary conditions in technical systems automated using industrial automation systems, real-time communication protocols, such as Profinet, Profibus or real-time Ethernet, are predominantly used for communication between automation devices in industrial communication networks.
Interruptions of communication connections between computer units of an industrial automation system or automation devices may result in undesirable or unnecessary repetition of the transmission of a service request. This gives rise to additional utilization of communication connections of the industrial automation system, which may result in further system disruptions or faults. A particular problem in industrial automation systems regularly results from message traffic having a relatively large number of, but relatively short, messages, thus intensifying the above problems.
In order to be able to compensate for failures of communication connections or devices, communication protocols, such as Media Redundancy Protocol, High-availability Seamless Redundancy or Parallel Redundancy Protocol, have been developed for highly available industrial communication networks that can be operated in a redundant manner. The Media Redundancy Protocol (MSR) is defined in the International Electrotechnical Commission (IEC) standard 62439 and makes it possible to compensate for individual connection failures in networks having a simple ring topology during bumpy redundant transmission of data packets. According to the Media Redundancy Protocol, a redundancy manager is assigned to a switch having two ports inside the ring topology, which redundancy manager monitors the network for connection failures and possibly initiates a switching measure to close the ring. In the normal operating state, the redundancy manager uses test data packets to check whether an interruption has occurred inside the ring topology. However, the switch assigned to the redundancy manager normally does not forward data packets containing useful data from one port to the other. Data packets containing useful data are therefore prevented from permanently circulating inside the ring topology. If a switch or a connection fails inside the ring topology, test data packets transmitted by a port are no longer received at the respective other port. The redundancy manager can use this to detect a failure and, in the event of a failure, forward data packets containing useful data from one port to the other and vice versa, in contrast to the normal operating state. In addition, the redundancy manager causes the remaining switches to be informed of a topology change caused by a failure. This avoids data packets from being transmitted via the failed connection.
Bumpy media redundancy methods can be implemented, in principle, with relatively little effort. However, the disadvantage is that, on the one hand, messages may be lost in the event of a fault and, on the other hand, a fault state is first of all present during reconfiguration of a communication network. Such a fault state must be safeguarded via a superimposed communication protocol, for example using TCP/IP on the network or transport layer, in order to avoid an interruption in a communication connection.
PROFINET (IEC 61158 Type 10) also refers to the Media Redundancy Protocol as a bumpy media redundancy method inside a communication network with a ring topology. In contrast, Media Redundancy Planned Duplication (MRPD) is an extension for bumpless transmission of isochronous real-time data. However, Media Redundancy Planned Duplication is not an application-neutral bumpless media redundancy method but rather a PROFINET-specific extension.
High-availability Seamless Redundancy (HSR) and the Parallel Redundancy Protocol (PRP) are defined in the IEC 62439-3 standard and make it possible to bumplessly transmit data packets in a redundant manner with extremely short recovery times. According to High-availability Seamless Redundancy and the Parallel Redundancy Protocol, each data packet is duplicated by a transmitting communication device and is sent to a receiver on two different paths. A communication device at the receiver end filters redundant data packets constituting duplicates from a received data stream.
DE 10 2008 017 192 A1 describes a method for setting up a network comprising a first network subscriber with a set of ports. These ports are connected to ports of further network subscribers of the network. In a first method step, the ports assigned to the first network subscriber are switched to a first operating mode. In the first operating mode, test messages can be received and transmitted via the ports. According to a further method step, test messages are transmitted via the ports assigned to the first network subscriber. In addition, the ports assigned to the first network subscriber are switched to a second operating mode if no test message of the transmitted test messages is re-received by the first network subscriber. In the second operating mode, messages that are received via one of the ports assigned to the first network subscriber are forwarded via the remaining ports. This makes it possible to avoid the formation of network loops when networking or expanding complex networks.
EP 2 282 452 A1 describes a method for transmitting data inside a ring-type communication network, in which the data are transmitted according to High-availability Seamless Redundancy and the communication network comprises at least one master node, a source node and a destination node. Each node has a first communication interface and a second communication interface with a respective first neighboring node and a second neighboring node. In addition, each node receives data frames via the first communication interface and forwards the received data frame, either in changed or unchanged form, via the second communication interface without an additional delay. The master node transmits a first redundant data frame and a second redundant data frame or an empty data packet to its first or second neighboring node. Upon receiving the two redundant data frames, the source node fills the respective data frame with process data in a predetermined reserved area. Each filled data frame is then immediately and individually forwarded to the first or second neighboring node of the source node. The destination node finally extracts the process data from the first received filled data frame of a pair of redundant data frames.
EP 2 343 857 A1 describes a network node for a communication network comprising a first subnetwork and a second subnetwork connected to the first subnetwork. Whereas data are transmitted according to a spanning tree protocol in the first subnetwork, a second protocol that differs from the protocol used in the first subnetwork is used to transmit data in the second subnetwork. The network node described in EP 2 343 857 A1 is set up as an element for the second subnetwork and for communication inside the second subnetwork. In addition, the network node is set up as a spanning tree main node for monitoring and controlling the second subnetwork by means of a spanning tree functionality. As a result, the second subnetwork can be handled as a virtual network node by the spanning tree protocol used in the first subnetwork.
EP 2 413 538 A1 discloses a method for redundant communication in a communication system comprising a plurality of communication networks. The communication networks are connected to one another via at least one coupling node. Data that originate from a first communication network are prevented from being transmitted back to the first communication network from a second communication network based on an item of information defined before data transmission.