Computer network technology has experienced phenomenal growth over the past two decades, from the esoteric experimental defense-related projects known to only a handful of electronics and military specialists in the 1960s and 1970s, to the epicenter of the so-called dot-com stock market boom of the late 1990s. Today, tens, perhaps hundreds, of millions of people over the globe rely on computer networks for their jobs, education, and entertainment. In the industrialized world, access to computer networks appears to be almost ubiquitous. Examples include building control networks for managing a building's internal environment, networks of sensors monitoring air quality, factory floor automation, and combined communications systems comprising previously disparate systems. SCADA systems provide process supervisory control and data collection capabilities used to operate most industrial systems today. Most industrial processes and machines are also controlled by SCADA systems using industrial controllers such as PLCs. In recent years, PLCs have become better integrated with TCP/IP-based networks, but often still require custom applications for control and management. Other industrial controllers have not migrated to TCP/IP due to various technical and other considerations. Thus, in general, the term “network” or “computer network” includes both “traditional networks,” i.e., those using TCP/IP or SNMP protocols, and “non-traditional” networks that do not have either an SNMP (or other TCP/IP management stack), an SNMP OID-based management data hierarchy, or other aspects required for “traditional” network management functions to operate as understood by those having ordinary skill in the art. Typically non-traditional networks use protocols such as CANbus and IEEE 488. (The differentiation of traditional and non-traditional computer networks will be apparent to those persons having ordinary skill in the art.) As used herein, “network” or “computer network” includes both traditional and non-traditional networks as just defined.
Not only has the presence of computer networks expanded but the complexity of these electronic webs has increased as well. Today, a system administrator must simultaneous deal with a myriad of different devices, manufacturers, network types, and protocols, as well as support the ad-hoc attachment and removal of devices from the network as portable wireless devices automatically connect and disconnect from the network infrastructure. Devices must be able to communicate properly across the network without interfering with each other. In particular, administrators must be able to identify warnings and troubleshoot abnormal behavior on the network and network-attached systems long before risk to network integrity or availability occurs. Non-traditional networks (e.g. CANbus, IEEE 488) and the devices connected to them are often used in real-time control of SCADA systems, increasing the urgency that these networks and devices be effectively managed. Traditional management systems, i.e., management systems that are used to manage traditional computer networks, typically do not integrate with non-traditional networks and traditional management paradigms are generally not extensible to support non-traditional networks and devices.
For various reasons, including providing flexible security arrangements and the effects of changes implemented in device upgrades or revisions over time, some devices can present a plurality of “personalities” to a network. For example, two devices, both of the same manufacture and type, can have differing capabilities or behaviors due to differences in revision level or the firmware loaded on the device. Identical devices can also can present different capabilities or behaviors depending on how a device is accessed. For example, if a particular device is accessed with a first set of Authentication and Authorization (A&A) materials, it provides one set of capabilities (e.g. functions A, B, and C) or provides certain information (e.g. data values 1, 2, and 3). When the same device is accessed with a second set of A&A materials, it provides a second set of capabilities (e.g. functions X, Y, and Z), and provides a second, different, information set (e.g. data values 10, 20, and 30). If the device is accessed with a third set of A&A materials, it can provide yet another set of capabilities (e.g. functions A, B, C, X, Y, and Z), and can provide yet another information set (e.g. 1, 2, 3, 10, 20, and 30). Current network management systems cannot cope well with devices that exhibit these types of highly context-specific behavior. Network management systems that can deal with such devices are needed, because devices presenting this type of behavior are used on some networks, and due to increasing emphasis on security, and a need for flexibility in implementing security, the number of such devices is likely to increase over time.
Six Sigma is one current methodology for implementing manufacturing process improvements. Six Sigma is based upon Statistical Process Control (SPC) on the premise that improving the processes that make products will produce higher quality and yields. Virtually every large organization has, or requires their subcontractors to have, a quality initiative that focuses on repeatable results. Many organizations focus on quality initiatives to reduce scrap, increase throughput, and improve the bottom line. Automation has been of help in these areas. Six Sigma is a highly structured methodology summarized by the acronym “DMAIC,” which represents Define, Measure, Analyze, Improve, and Control. Core to Six Sigma methodologies is the ability to define, measure, and control processes using statistical methods. There is a need to apply DMAIC principles to the SCADA and SPC network of devices to gain the benefits of Six Sigma in this area.
SPC software systems automate parts of these quality initiatives. SPC software systems monitor processes for variation and notify appropriate personnel of variations from statistical norms. SPC software is used to detect changes in process results before these changes create scrapped product. Coordinate Measuring Machines (CMMs) are examples of SPC devices—CMMs are measurement devices that are integrated with SPC systems, and provide accurate measurements of products in various stages of the processes. SPC systems are often limited to support of one or two devices or device types, limiting the types of data and the frequency at which information is collected from devices.
SPC software systems have typically required expensive retooling of control systems. In some instances, these initiatives require expensive controllers and expose SPC and SCADA devices to traffic and interference from the enterprise network. New legislative requirements require operators of SPC and SCADA systems to manage these networks and protect the SPC and SCADA systems from interference from other sources.
SCADA networks and devices include network-connected devices that provide data to SPC systems. A Remote Terminal Unit (RTU) connects to physical equipment and provides real time status and sense information for the physical equipment. Physical equipment includes switches, valves, gauges, and meters of various types. RTUs are connected using Serial, Ethernet, and other networking schemes such as CAN.
Initial forays into SCADA and SPC device management using traditional management products produced complex architectures that required significant custom programming and complex applications to interact with the controlled entities. Each entity required customized programming to collect and manage data collected from these entities. SCADA and SPC systems have traditionally existed outside traditional management paradigms, and have duplicated information and processes already automated by other systems. SCADA and SPC applications, sometimes called factory floor or manufacturing execution systems (MES):                Require specialized expertise to install and configure the data collection and management software and additional applications.        Require duplicative applications to monitor the data collection equipment and to collect and store information from it.        Require an expertise-based configuration of the software and applications for data collection and SPC within an enterprise, including:                    Complex collection of vendor-specific applications to monitor disparate hardware and software,            Monitoring a limited number of attributes per SCADA or SPC system during process control efforts,            Monitoring and collecting a variable number of attributes during data collection, the attributes and their measurements varying based upon business factors such as the part being operated upon,            Require extensive custom programming to monitor applications,            Require extensive custom programming to collect and store information from SCADA and SPC devices and systems.                        SCADA and SPC systems traditionally do not monitor application, system, or network performance and/or QoS,        Presume the network infrastructure is always available.        
In addition, the day-to-day operation of these types of network-based SCADA and SPC products:                Require skilled support staff to maintain the solution, including adding and removing devices and device configurations as the SCADA and SPC device and network topology changes.        Require the use of external (redundant) applications to manage the resulting workload (e.g. notifications, trouble tickets).        Require the use of external systems to manage enterprise critical infrastructure.        Require additional controller components to make SCADA and SPC products compatible with TCP/IP-based networks.        Are not integrated with network and system security products such as Intrusion Detection Systems (IDSs), audit trails, and other log management mechanisms.        Are not integrated with the enterprise's policies, including security, configuration management, and other IT-based policies.        Produce a high false positive rate, in which non-existent or transient failures are reported and must be acted upon.        
SCADA and SPC management products also require extensive pre-configuration for devices and require substantial additional setup as new devices are added or changed on a SCADA or SPC network. The additional configuration workload limits the usefulness of ad-hoc or intermittently connected networks of SCADA and SPC devices, requiring 100% uptime of connections between the SCADA and SPC devices and their management software. In these days of staffing reductions, the ongoing management costs of network-based SCADA and SPC management systems require substantial improvements in productivity to be justifiable.
Additionally, current management systems are not integrated with enterprise databases and are not able to manage networks (both traditional and non-traditional) using information contained in these enterprise databases. Additionally, the management of business parameters stored within management databases is supported using the management device. In addition, the management device provides integration with third party network and system security products such as IDSs, audit trails, and log management mechanisms. Many systems also do not integrate easily with enterprise management policies, including security, configuration management, operating parameters, and other IT-based policies, nor do they integrate with other corporate information systems that provide additional operating information. In addition, current management systems suffer from high false failure reporting rates, wasting manager time and resources.
Finally, there is a need for management systems that provide filtered interfaces of combinations of corporate, network performance, and other information in a variety of information distribution means and formats that are integrated with various applications and reporting methods.
Thus, there is an immediate need for management systems for traditional, non-traditional and networks combining traditional and non-traditional networks, that are more robust, and simpler to install, configure, and maintain. The exemplary, illustrative, technology herein meets these and other similar needs.