SlideShare a Scribd company logo

Review of Distributed Computer Control System for Industrial Process Control

A
Andrianda's Tech-Center
1 of 37
Download to read offline
Review: Distributed Computer Control System For Industrial Process Control Andrianda Utama 1 Magister Teknik informatika, Universitas bina Darma Palembang, South Sumatera, Indonesia Andrianda.utama@tech-center.com In a distributed computer control system in which remote stations are interconnected by a communications link, the remote stations take turns having supervisory control over the communications link. Each remote is numbered in sequence in a predetermined succession order and takes its turn having control of the communications link in accordance with this succession order. When a remote station has completed its turn of having supervisory control, it transmits a first control message over the communications link. The next remote station in the succession order then takes control over the communication link by transmitting a second control message over the communications link. Each remote station has two variable timers which are set in response to said first control message and said second control message, respectively, and have time out intervals depending upon the offset of the receiving remote station from the remote station which transmitted the control message. If and when any of these variable timers times out in a given remote station, then that remote station will assume control of the communications link by transmitting the second control message on the communications link. 1 Introduction Distributed computer systems rely on data communication networks for exchanging data. Within a defined geographical area, e.g. an office, a control station or a manufacturing plant, local area networks (LAN) are used to interconnect components, i.e. communication entities, of the system. To enable remote access to the distributed computer system, typically, the local area networks are connected to the world wide web of the Internet and/or interconnected through communication links over publicly accessible territories and/or systems. To protect the distributed computer system from intrusion, the local area network is delimited by a perimeter consisting of firewalls and/or virtual private network (VPN) terminators. The perimeter, defined by VPN terminators, firewalls and/or other intrusion detection systems (IDS), protects the distributed computer system from malicious data traffic originating from sources external to the local area network. Conventionally, encrypted communications either required the termination of the encrypted connection at the perimeter or giving up content-_based traffic control in firewalls or intrusion detection systems, because encrypted traffic cannot be looked into. Consequently, security of data communication is limited to the perimeter and there is thus a risk that malicious data content is introduced into the distributed computer system, e.g. from or introduced through one
of its components, and exchanged between its components via the local area network Particularly in distributed control systems, intrusion of malicious data into the system can be of catastrophic consequences. 2. CONTROL STATION 2.1. Workstation / Single Board Computer In view of the above, it is a broad, overall, object of the present invention, among others, to provide a distributed single board computer industrial control system which does not have the programming drawbacks normally associated with systems of this type. It is another object of the present invention to provide a distributed single board computer industrial control system in which each of the computers has a common master program and in which each computer can be easily adapted to a particular application without modification of the master program. It is still another object of the present invention to provide a distributed single board computer industrial control system in which each computer has a common master program and in which a worker, relatively unskilled in programming, can easily adapt each computer to a particular application. In accordance with the present invention, an industrial control system having a plurality of controlled devices is provided with a single board computer connected to each device through an input/output interface. Each computer is controlled by a master or composite program that includes program steps adapted to achieve control and monitoring of all possible logic 'control functions and command sequences that exist within the system. A user alterable interconnection device (UAID) allows only those portions of the master program that relate to the logic control functions and/or control sequences of a particular controlled device to be operatively connected with the input/output ports associated with that device. As the single board computer continuously and successively loops through the master program, only those program steps that relate to the logic control functions and/ or control sequences for the controlled device are operative, as determined by the UAID, to effect control and monitoring of the controlled device.
FIG. 1 is a schematic representation of the overall organization of an industrial control system in accordance with the present invention in which a plurality of controlled devices are connected to an associated single board computer through an input/output interface
1. FIGS. 2-3 are examples of logic diagrams which maybe implemented by single board computers of the system
FIGS. 12a and 12b depict a flow chart illustrating the program employed in each of the single board computers to control the output devices in accordance with the logic functions selected by the user of the system. 2.2. Programmable Logic Control (PLC) The concept of distributed industrial control systems, which have both a hardware and software component, is known in the art. Distributed control has been used since companies began installing programmable logic controllers (“PLCs”) to manage independent parts of a factory poor. PLCs are used in industrial control systems to provide coordinated control of equipment, devices, and processes. PLCs generally comprise a central processing unit (“CPU”) and a
plurality of input/output (“I/O”) modules having I/O connection terminals. PLCs are ordinarily connected to various sensors, switches, or measurement devices that provide inputs to the PLC and to relays or other forms of output to control the field equipment or other controlled elements. As control technology evolved, the idea of islands of programmable controllers was discarded in favor of larger, centralized controllers. Industry is now moving back to a decentralized approach in which small, intelligent controllers gather data locally and share it across a network. The move back to a decentralized approach may be explained by describing the disadvantages of using a centralized control system. First, a centralized control system has lower flexibility and scalability. The maximum number of I/O modules and therefore I/O connections that can be controlled is determined during design by the model of controller used. Second, because a single processor (CPU) and a given amount of memory are used for the entire system, any future additional device, or any change in the system’s con?guration, must consider these limitations. Alternatively, an oversized central controller must be chosen in advance. Third, the wiring requirements for a centralized system, wherein every device must be wired to a central controller, are extensive. Although the use of remote I/O modules can reduce wiring requirements, adding more I/O modules to an existing controller does not add processing power and memory, which are usually fixed. Alternatively, a centralized system could be used wherein a single controller controls all the devices in the system. This would allow every condition to be set in one control program, but the wiring requirements in such a system would be much more extensive, and, importantly, the system would suffer from the lack of flexibility and scalability. Were an existing device to need functional expansion, or were any additional device to need control in the future, it would require additional I/O modules to be added to the controller (if technically possible) and would require additional control programming as well, which would increase the workload for the fixed central processor and memory. For theseand other reasons, today’s automation world is moving towards distribution of control rather than building centralized systems. In addition, the industry is making use of small (including “micro” and “nano”) PLCs and exploiting the latest improvements in communications and network technologies which have allowed companies to migrate from a centralized structure to a true distributed architecture. Such improvements include embedded networking capabilities (especially Ethernet, TCP/IP based solutions), new powerful CPUs that make controllers faster and stronger, enhanced security features for decentralized architectures, the physical downsizing of controllers, and reduced pricing. FIG. 4 is a high-level ?oW diagram of a control program implementation method in accordance With the present invention.
FIG. 5 is a How diagram of the main part of a control program implementation method in accordance With the present invention.
FIG. 6 is a relational diagram shoWing programmable logic controllers in a network configuration in accordance with the present invention. FIG. 7 is a table shoWing a control statement Weighting matrix in accordance With the present invention.
3. DATA LINK COMMUNICATION The present invention relates to control systems of the type having a plurality of remotely located process control units connected together through a communications link and, more particularly, to a control system in which each of the remote units sequentially assumes supervisory communication control of the communication link and in which high reliability information transfer is achieved between remotes. Many system type industrial installations, for example, those related to industrial process-type manufacturing and electrical power generation, employ a large number of physically distributed controlled-devices and associated sensors for effecting coordinated operation of the overall system. In the past, coordinated control of the various devices has been achieved by manual operation and various types of semi-automatic and automatic control systems including electromagnetic relay systems, hardwired solid-state logic systems, and various types of computer control systems. The computer system have included central systems in which the various sensors and controlled devices are connected to a central computer; distributed control systems in which a remotely located computer is connected to each of the controlled devices and to one another; and hybrid combinations of the central and distributed systems. The successful functioning of the control system is vital to any industrial process, and, accordingly. Distributed systems have generally been preferred over central systems because the failure of one of the remotely located control computers generally does not cause a system wide failure as in the case of the failure of the central computer in the central system. However, in many distributed computer systems, one of the remotes or a specially designed control unit generally handles supervisory communication control of the communication buss and, for these systems, failure of the communication buss supervisor can lead to a system-wide failure. In many industrial control systems, the various communication busses that extend between the remotely located computer process control units are exposed to high electrical noise environments. Accordingly, the information transferred over the communication buss can be subjected to error-inducing interference because of the harsh electrical environment. In view of this, a control system must have a means for detecting errors within the transmitted information in order to provide high reliability data transmission between remotes.
FIG. 1 is a schematic diagram of an exemplary process control systemincluding a plurality of remote process control units (remotes) connected to a common dual-channel communications link;
FIG. 2 is a schematic block diagram of an exemplary remote process control unit of thetype shown in FIG.1;
FIG. 3 is a schematic block diagram of a communication controller employed in the remote station shown in FIG. 2;
FIG. 5 illustrates the format of an exemplary or illustrative information block for transferring informationbetween remotes; FIG. 5A illustrates the format of a header frame ofthe information block shown in FIG. 5; FIG. 58 illustrates the format for a data/informationframe of the information block shown in FIG. 5; FIG. 5C illustrates the format for an acknowledgement block (ACK) for acknowledging successful receipt of an information block; FIG. 5D illustrates the format for a non-acknowledgement block (NAK) for indicating the unsuccessfultransmission of an information block between remotes; FIG. 6 illustrates, in pictorial form, two identical data blocks having the format shown in FIG. 5 successively transmitted on each communication channel of the communication link illustrated in FIG. 1;
FIG. 7 is a flow diagram summary of themanner in which a source and a destination remote effect communications with one another; FIG. 8A is a partial flow diagram illustrating in detail the manner in which a source and a destination remote communicate and validate information transferred between one another.
FIG. 8B is a partialflow diagram which completes theflow diagram of FIG. 8A and illustrates in detail the manner in which a source and a destination remote communicate and validate information transferred between one another; FIG. 9 is a legend illustrating themanner in theflow diagrams of FIG. 8A and FIG. 8B are to be read;
FIGS. 10A through 10F are exemplary tables illustrating the manner in which supervisory control of the communication link is transferred from remote to remote.
4. NETWORK ARCHITECTURE To aid in the understanding of the prior art and the problems associated therewith. it may be helpful to provide a brief overview of distributed computing environments. As used herein. a computing environment consists of a plurality of computers connected by a network which allows the computers to communicate and pass information and/or data between themselves. The network may range from a local environment. such as a local area network (LAN). to a very large and expansive network. such as a wide area networks (WAN). and many other distributed network systems. The computer environment also includes the various operating systems. storage mediums. and other processing resources which reside on these computers and that are interconnected and accessible via the network through various software products. Further. a collection of information service systems and application systems generally embodied within software products. are also considered to be part of the computing environment. The information service systems and application systems used within any given computing environment range from commercially available software applications (e.g.spreadsheets. word processors. databases) to custom developed software products tailored for a specific use within a designated computing environment. A dominant architecture that is receiving widespread use in many current distributed computing environments is known as the client-server architecture. Client-server architecture is a hierarchical architecture for distributed computing environments that is generally divided into two layers. One layer within the client-server architecture includes most of the application systems. Application systems include fourth generation languages. computer aided software engineering tools. programming languages and their support tools. and various other commercially available software products. This first layer typically represents the client layer. A second layer within the client-server architecture includes most of the information service systems. The information service systems are software products such as database management systems and data repositories. specialized data access methods. application servers. and any number of service based monolithic software systems. This second layer represents the server layer. Include the introduction of a third or middle layer. This third layer typically includes software products designed to provide various infrastructure or interfacing services between other components of the distributed computing environment such as between an application system and an information service system. Such software products are classified as middleware products or systems. A recent term for the hierarchical architecture that utilizes middleware systems is a three-tier system or multi-tier system architecture. Where the middleware system consists of software products. applications and services that had previously existed either in the client layer or server layer. Three-tier or multi-tier layers are well known in the art.
5. PROCESS CONTROL The present invention relates to digital distributed process control systems which have controllers or control stations at each of a number of distributed locations with each controller controlling a plurality of control loops. Moreparticularly, this invention relates to a method and apparatus for carrying out a required control strategy for the loops at any one location with a maximum of flexibility in the type of strategy to be executed while at the same time minimizing the cost per loop. The control of complex industrial processes has evolved from the use of a large number of simple single loop controllers, which either perform without central direction or, alternatively, are directed by a central computer, toward the use of distributed systems. In distributed systems, widely spaced control stations are connected for communication with one another and, if desired, with a host computer. Each of the stations usually is capable of controlling a large number of loops and is microprocessor based with the host computer being employed for complex computing, control, and storage functions beyond the capability of the stations. The individual stations of distributed control systems typically execute control on a number of loops by either of two general approaches. The first is the use of time slots during which are executed selected library algorithms which determine the functional relationship between measured variables (controller inputs) and controlled variables (controller outputs) of the process loops. The second is the use of user-entered programs to determine those functional relationships. With the time slot approach a fixed number of slots is established for each scan period during which the controller inputs the measured variables and supplies the control signals to the control elements of the loops. Each slot can be used to execute any one of a number of common algorithms stored as firmware in a library of I algorithms. The output for each of the slots can alternatively be used as a control output to an associated loop or as an input to another
slot where supplementary processing of the control signal can be carried out before the signal is used for control of a loop. This approach has some severe limitations, however, when it is desired to apply it to the extremely diverse combinations of control strategies which may be required in an industrial environment. Thus, for example, where the library of algorithms includes a standard PID algorithm to provide proportional, integral, and derivative functions as well as a summing algorithm, a multiplying algorithm, and a full range of algorithms for logic functions, it will be evident that, while the PID algorithm may make efficient use of the time for one slot, the less complex algorithms may not. Thus, the execution of non-standard control strategies which require a number of summers and multipliers or a number of logic functions, will not use the limited number of slots efficiently. FIG. 1 illustrates a distributed process control system of the typefor which this invention is useful.
FIG. 2 illustrates an optical-electrical interface of the typewhich can be used in the arrangement of FIG. 1. FIG. 3 is a block diagram showing a controller of the system. In accordance with the present invention there is provided a method and means for carrying out the control of a process using a plurality of control loops in a digital distributed process control system. This method includes providing a database having a plurality of memory cells for storing numerical and boolean values for use in the control of the loops and providing in
firmware a library of frequently used control algorithms which can be sequentially executed to produce an algorithm output which is a predetermined function of selected algorithm inputs obtained from the database. There is a scanning of a plurality of time slots during each of which the station controller is assigned to produce an algorithm output in accordance with a predetermined function of the algorithm inputs associated with that slot, as determined by the algorithm selected for that slot. Concurrently established sequential programs are executed to provide other control strategies. These programs are run to provide a program output to the database having a predetermined functional relationship to program inputs from the database. Each algorithm output and program output is used as either a controller output or as a value to be stored in said data base for use as an algorithm input for another slot or a program input for another program. The controller input to the database is used as a program input or as an algorithm input, whereby the control elements of the process are controlled in accordance with the desired strategy as established by the algorithms associated with the time slots and by the sequential programs. 6. DISTRIBUTED CONTROL SYSTEM With the development of commercially available digital computers industrial process control has been typically handled through centralized direct digital control systems. These systems included a main frame computer which is programmed to control processes. From time to time, the program would be modified to change the control of processes and to accept new process control functions or parameters. As a result, the use of computerized direct digital control of processes was expanded in order to control more of the total process than could previously been achieved with prior conventional analog process controllers. However, a number of major fundamental problems existed with such a main frame, direct digital control system. As with any complex piece of equipment, maintenance was difficult and required personnel with specialized training. As the process control became more sophisticated, it became impractical to maintain in-house service personnel for the computerized system. Therefore, users had to rely upon vendors for maintenance and repair support. Moreover, in a continuous process, the failure of the central computer could have catastrophic effects because control of a substantial portion if not all of the 35 overall process would be interrupted. In some areas of technology, such as glass forming, reliance upon a single main frame central processing control system became impractical because of the potential of these catastrophic failures.
FIG. 1 is a drawing showing thehierarchical interconnections of the various components of the distributed control system. 6.1. Distributed Computer Control System More recently, distributed computer control systems have been developed in which a single board computer is connected to each control device with each single board computer having a specific program dedicated to the particular control device. However, a number of 45 drawbacks have been associated with the distributed computer control systems. In order to conserve memory and reduce operational time, the single board computers are generally programmed in a low-level, assembly-type language. As a result, many system users are reluctant to employ distributed single board computers because of the difficulty of obtaining or training personnel to program the computers. Moreover, because maintenance personnel are typically not trained in programming, a large inventory of single board computers are necessary in order to properly repair a system malfunction by replacing the microprocessor which is down. In addition, should there be a desire to upgrade or modify the program in any given microprocessor, such modification or upgrading will often require the modification of the overall system control program. Thus, cost effective retrofitting of existing industrial process control systems is not feasible. Johnson et al. disclosed in U.S. Pat. No. 4,253,148 a system of distributed control of a process which was designed to overcome the difficulty of having a large inventory of preprogrammed microprocessors for each device to be controlled. Thus, in the Johnson et al. system a master or composite program was developed which was capable of controlling all possible logic functions and command sequences for all of the devices to be controlled. This program was downloaded into each of a plurality of microprocessors. Because each microprocessor was designed to control a specific device, a user alterable interconnection device was provided in each microprocessor in the form of a programmable read only memory (PROM). The PROM in each microprocessor allowed only those portions of the master program which related to the logic control functions and control sequences of a particular control device to be connected to
the input/output ports associated with the device. Thus, as each microprocessor continuously looped through the master program, only those program steps which related to the control functions and sequences for a control device would be operative. This system had the drawback that a sometimes massive program had to be downloaded into each microprocessor. In addition, the time constraints on such a system which must loop through the entire master program is such that some processes cannot be adequately controlled. Moreover, because the master control program is stored in each microprocessor, storage space for other data such as process control data and operational parameters is limited. It, therefore, is an object of the present invention to provide an improved distributive control, microprocessor based process control system, with interchangeable components whose programming is transparent to the operators. FIG. 1 depicts a plurality of networked digital data processors for use in practicing the invention;
FIG. 2 depicts objects for controlling a process in a system according to the invention; 6.2. Distributed Computer Security System This invention relates to a method and apparatus for controlling access by users to applications programs in 10 a distributed computer system. A framework for security in a distributed computer system has been proposed by the European Computer Manufacturers’ Association (ECMA) and is described in the following references. 15l) ECMA TR/46 “Security in Open Systems-a Security Framework” July 1988 2) ECMA standard ECMA/ 138 December 1989 3) “Network Access Control Development”, COMPACS 90 Conference, London, March 1990 The ECMA security framework permits a user to be authenticated to the system, and to obtain as a result a data package referred to as a privilege attribute certificate (PAC) which represents a certified collection of access rights. When the user wishes to access a target application, the user presents the PAC to that application as evidence of the user’s access rights. An advantage of this approach is that the user does not need to be authenticated separately to individual applications—the authentication procedure is performed once only, to obtain the PAC. The PAC can then be used several times to access different applications. The object of the present invention is to build on this idea of using PACs, to provide an improved method ofaccess control.
FIG. 1 is a schematic diagram of a distributed computer systemembodying the invention. Computer security systems are often based on the basic access control model, which provides a foundation of secrecy and integrity security procedures. To do its work, the reference monitor needs a trust worthy way to know the access control rule and the source of the request. Usually the access control rule is attached to the object; such a rule is called an access control list or ACL. For each operation, it specifies asset of authorized principals, and the reference monitor grants a request if its principal is trusted at least as much as one of the authorized principals for the requested operation. It should be understood that operation of the reference monitor is separated and distinct from other security issues, such as whether a requestor is who he/ she/ it claims to be. That type of security is typically provided by using encryption and digital signature techniques, as will be understood by those skilled in the art. The present invention is directed at systems and methods for governing access to objects in distributed computer system that allow for “compound principals”. In summary, the present invention is a security system governing access to objects in a distributed computer system. Each object has an access control list having a list of entries. Each access conrol list entry can represent either a simple principal or a compound principal. The set of allowed compounds principals is limited to a predefined set of allowed combination of simple principals, roles, delegations and conjunctions in accordance with a defined hierarchical ordering of the conjunction, delegation and role portions of each compound principal.
1. Compound Principal Method The distributed computing system is provided with a naming service having a secure membership table that contains a list of assumptions. Each assumption specifies either one principal as being stronger than another specified principal, or specifies one role as being stronger than another specified role. These assumptions reduce the number of entries needed in an access control list by allowing an entry to state the weakest principals and roles that are authorized to access an object, with all stronger principals and roles being included by way of the assumptions listed in the membership table. The reference checking process, typically handled by a reference monitor found at each node of the distributed system, grants an access request if the requestor is stronger than any one of the entries in the access control list for the resource requested. Furthermore, one entry is stronger than another entry if for each of the conjuncts in the latter entry there is a stronger conjunct in the former. Additional rules used by the reference monitor the reference checking process govern the processes of comparing conjuncts in a requestor principal with the conjuncts in an access control list entry and of using assumptions to compare the relative strengths of principals and roles. The present invention provides a framework for making practical use of compound principals in distributed computer systems. FIG. 1 is a block diagram a distributed computer system with a trusted naming service for storing secure data shared by the members of the system.
FIG. 2 is a block diagram of one node of the distributed computer system shown in FIG. 1. FIG. 3 is a block diagram representing an access control list.
FIG. 4 schematically depicts the elements of one entry in an access control list. FIG. 5 is a block diagram representing a membership table, which contains a list of assumptions.
FIG. 6 is a flow chart of the process performed by a node’s reference monitor to determine whether or not to grant a request for access to a specified object. 2. Locally Cached Authentication Credentials Method In general, in most prior art systems authenticating each request by a requester requires digitally signing the request, as well as an exchange of information called “credentials” between the requester and the server to enable the server to authenticate the digital signature on the request. The authentication process can impose significant overhead on the operation of distributed computer systems, especially when the number of requests transmitted between nodes is high. In summary, the present invention is a security system governing access to objects in a distributed com puter
system. The computer at each node of the distributed system has a trusted computing base that includes an authentication agent for authenticating requests received from principals at other nodes in the system. Requests are transmitted to servers as messages that include a first identifier (called an Auth ID) provided by the requester and a second identifier provided (called thesub channel value) by the authentication agent of the requester node. Each server process has an associated local cache that identifies requesters whose previous request messages have been authenticated. When a request is received, the server checks the request’s first and second identifiers against the entries in its local cache. If there is a match, then the request is known to be authentic, without having to obtain authentication credentials from the requester’s node, because the authentication agents guarantee authenticity of such request messages. If the identifier in a request message does not match any of the entries in the server’s local cache, then the server node’s authentication agent is called to obtain authentication credentials from the requester’s node to authenticate the request message. Upon receiving the required credentials from the requester node’s authentication agent, the principal identifier of the requester and the received credentials are stored in a local cache by the server node’s authentication agent. The server process also stores a record in its local cache indicating that request messages from the specified requester are known to be authentic, thereby expediting the process of authenticating received requests. A further optimization is that the server process local cache is used to store a list of the object access control list entries previously satisfied by each requester, thereby enabling the server process to expedite granting access to previously accessed objects. FIG. 1 is a block diagram a distributed computer systemwith a trusted naming service for storing secure data shared by the members of the system.
FIGS. 2 and 3 are block diagrams of one node of the distributed computer system shown in FIG. 1.
FIG. 4 is a block diagram of two computers, one having a requester process that is requesting access to a server process in the second computer.
FIGS. 5A and 5B schematically depict an Authentication ID table and Channel Assignment Table maintained by authentication agents in the preferred embodiment of the present invention.
FIG. 6 schematically represents a data packet. FIG. 7 schematically depicts a “local cache" of au thentication data maintained by authentication agents in the preferred embodiment of the present invention.
FIG. 9 is a block diagram representing an access control list.
FIG. 10 is a ?ow chart of the authentication process performed by the authentication agents associated with a requester and a server.
7. CONCLUSION Distributed Computer Control System for Industrial Process Control has been conceived and partially implemented. DCS is well suited to solving some very awkward Industrial Process Control problem encounter by conventional computers in real-time control applications. for controlling an industrial process includes a plurality of remotely located process control units (remotes) each coupled to an associated input/output device(s) and adapted to communicate with one another through a dual channel communications link. References 1. Cope, Michael E., Distributed Computer Control System., (1984) 2. Naedele, Martin., Dzung, Dacfey., Distributed computer systemwith a local area., (2006), 3. William, D., Johnson, Dallas, Donald,L., Ewing, Richardson, James, S., DISTRIBUTED SINGLE BOARD COMPUTER INDUSTRIALCONTROLSYSTEM., (1981) 4. James, S., Grisham, Jr., Arlington., INDUSTRIALCONTROLSYSTEM WITH DISTRIBUTED COMPUTER IMPLEMENTED LOGIC,(1982) 5. Cope, Michael E.,Richardson,,DISTRIBUTED INDUSTRIALCONTROLSYSTEM WITH REMOTESTATIONSTAKING TURNSSUPERVISING COMMUNICATION LINK BETWEEN THE REMOTESTATIONS,(1983) 6. Cope, Michael E.,Farmers Branch,DISTRIBUTED COMPUTER CONTROL SYSTEM WITH VARIABLE MONITOR TIMERS,(1986) 7. Stephen P. Glaudel, Harleysville, Paul H. Grissom, Furlong,DISTRIBUTED PROCESS CONTROLSYSTEM,(1987) 8. Paul S. Sauik, Dennis H. Shreve, DISTRIBUTED CONTROLSYSTEM,(1989) 9. Rodger T.Lovrenich, Santa Teresa, DISTRIBUTED LOGIC CONTROLSYSTEM AND METHOD,(1992) 10. Martin Abadi, Palo Alto; Michael Burrows; Edward P. Wobber, ACCESS CONTROL SUBSYSTEM AND METHOD FOR DISTRIBUTED COMPUTER SYSTEM USING COMPOUND PRINCIPALS, (1992) 11. Edward Wobber, Menlo Park; Martin Abadi, Palo Alto; Andrew Birrell,ACCESS CONTROLSUBSYSTEM AND METHOD FOR DISTRIBUTED COMPUTER SYSTEM USING LOCALLY CACHED AUTHENTICATIONCREDENTIALS,(1993) 12. Larry Suarez., METHOD AND ARCHITECTUREFOR THECREATION, CONTROL AND DEPLOYMENT or SERVICES WITHIN A DISTRIBUTED COMPUTER ENVIROMENT,(1998) 13. Thomas A. Parker, ACCESS CONTROLIN A DISTRIBUTED COMPUTER SYSTEM,(1994) 14. Thomas B., Kinney, Franklin, MA.,PROCESSCONTROLSYSTEM AND METHOD WITH IMPROVED DISTRIBUTION, INSTALLATION AND VALIDATION OF COMPONENTS,(2002) 15. Halm Sham, SYSTEM AND METHOD FOR IMPLEMENTINGLOGIC CONTROLIN PROGRAMMABLECONTROLLERSIN DISTRIBUTED CONTROL SYSTEMS,(2007)

Recommended

DISTRIBUTED CONTROL SYSTEMS
DISTRIBUTED CONTROL SYSTEMSDISTRIBUTED CONTROL SYSTEMS
DISTRIBUTED CONTROL SYSTEMSAshok Kumar Barla
 
International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)ijceronline
 
Distributed Control System (DCS) Notes
Distributed Control System (DCS) NotesDistributed Control System (DCS) Notes
Distributed Control System (DCS) NotesRaj Nayak
 
Plc 7 my saminar plc
Plc 7 my saminar plcPlc 7 my saminar plc
Plc 7 my saminar plcRameez Raja
 
Gemini_3__3008_web
Gemini_3__3008_webGemini_3__3008_web
Gemini_3__3008_webAlex Bogias, Phd
 
IRJET-Design of ARM Based Data Acquisition and Control System for Engine Asse...
IRJET-Design of ARM Based Data Acquisition and Control System for Engine Asse...IRJET-Design of ARM Based Data Acquisition and Control System for Engine Asse...
IRJET-Design of ARM Based Data Acquisition and Control System for Engine Asse...IRJET Journal
 
Dcs course
Dcs courseDcs course
Dcs courseMohamed A Hakim
 
Programmable Logic Controllers Paper (PLC) SM54
Programmable Logic Controllers Paper (PLC) SM54Programmable Logic Controllers Paper (PLC) SM54
Programmable Logic Controllers Paper (PLC) SM54Subhash Mahla
 

Recommended

DISTRIBUTED CONTROL SYSTEMS
DISTRIBUTED CONTROL SYSTEMSDISTRIBUTED CONTROL SYSTEMS
DISTRIBUTED CONTROL SYSTEMSAshok Kumar Barla
 
International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER)ijceronline
 
Distributed Control System (DCS) Notes
Distributed Control System (DCS) NotesDistributed Control System (DCS) Notes
Distributed Control System (DCS) NotesRaj Nayak
 
Plc 7 my saminar plc
Plc 7 my saminar plcPlc 7 my saminar plc
Plc 7 my saminar plcRameez Raja
 
Gemini_3__3008_web
Gemini_3__3008_webGemini_3__3008_web
Gemini_3__3008_webAlex Bogias, Phd
 
IRJET-Design of ARM Based Data Acquisition and Control System for Engine Asse...
IRJET-Design of ARM Based Data Acquisition and Control System for Engine Asse...IRJET-Design of ARM Based Data Acquisition and Control System for Engine Asse...
IRJET-Design of ARM Based Data Acquisition and Control System for Engine Asse...IRJET Journal
 
Dcs course
Dcs courseDcs course
Dcs courseMohamed A Hakim
 
Programmable Logic Controllers Paper (PLC) SM54
Programmable Logic Controllers Paper (PLC) SM54Programmable Logic Controllers Paper (PLC) SM54
Programmable Logic Controllers Paper (PLC) SM54Subhash Mahla
 
Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...
Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...
Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...IJERA Editor
 
Dcs write up
Dcs write upDcs write up
Dcs write upArthur Marshall
 
DCS an overview
DCS an overviewDCS an overview
DCS an overviewDeepan Babu
 
Thesis1 3-23
Thesis1 3-23Thesis1 3-23
Thesis1 3-23Hemant Dhoot
 
Distributed control system presentation
Distributed control system presentationDistributed control system presentation
Distributed control system presentationAYUSH VARSHNEY
 
Distributed Control System (Presentation)
Distributed Control System (Presentation)Distributed Control System (Presentation)
Distributed Control System (Presentation)Thunder Bolt
 
Topic 2-topic-31
Topic 2-topic-31Topic 2-topic-31
Topic 2-topic-31Samir Salman
 
Distributed Control System
Distributed Control SystemDistributed Control System
Distributed Control System3abooodi
 
OVERVIEW OF PLC AND SCADA
OVERVIEW OF PLC AND SCADAOVERVIEW OF PLC AND SCADA
OVERVIEW OF PLC AND SCADASandeep Sahu
 
Distributed control system
Distributed control systemDistributed control system
Distributed control systemTilahun Shibru
 
Distributed Control System (DCS) Applications, Selection & Troubleshooting
Distributed Control System (DCS) Applications, Selection & TroubleshootingDistributed Control System (DCS) Applications, Selection & Troubleshooting
Distributed Control System (DCS) Applications, Selection & TroubleshootingpetroEDGE
 
Working of DCS systems
Working of DCS systemsWorking of DCS systems
Working of DCS systemshameedakhtar155
 
BODY
BODYBODY
BODYKRISHNA KUMARR VELUMANI
 
DCS
DCSDCS
DCSShaheem TM
 
Power system automation
Power system automationPower system automation
Power system automationsatyam11
 
Task 1.3 – human machine interface (hmi) definition. (by graphitech)
Task 1.3 – human machine interface (hmi) definition. (by graphitech)Task 1.3 – human machine interface (hmi) definition. (by graphitech)
Task 1.3 – human machine interface (hmi) definition. (by graphitech)SLOPE Project
 
Matter new
Matter newMatter new
Matter newkanagasabai12
 
DCS Or PLC
DCS Or PLCDCS Or PLC
DCS Or PLCguest07abe9
 
PLC and SCADA communication
PLC and SCADA communicationPLC and SCADA communication
PLC and SCADA communicationTalha Shaikh
 
DCS fundamentals
DCS fundamentalsDCS fundamentals
DCS fundamentalsAlok Saikia
 
FINAL Protecting Our Older People _ A Call for Adult Safeguarding Legislation
FINAL Protecting Our Older People _ A Call for Adult Safeguarding LegislationFINAL Protecting Our Older People _ A Call for Adult Safeguarding Legislation
FINAL Protecting Our Older People _ A Call for Adult Safeguarding LegislationEmer Boyle
 
Tư duy khởi nghiệp triệu đô
Tư duy khởi nghiệp triệu đôTư duy khởi nghiệp triệu đô
Tư duy khởi nghiệp triệu đôYouRICH Academy
 

More Related Content

What's hot

Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...
Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...
Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...IJERA Editor
 
Distributed control system presentation
Distributed control system presentationDistributed control system presentation
Distributed control system presentationAYUSH VARSHNEY
 
Distributed Control System (Presentation)
Distributed Control System (Presentation)Distributed Control System (Presentation)
Distributed Control System (Presentation)Thunder Bolt
 
Distributed Control System
Distributed Control SystemDistributed Control System
Distributed Control System3abooodi
 
OVERVIEW OF PLC AND SCADA
OVERVIEW OF PLC AND SCADAOVERVIEW OF PLC AND SCADA
OVERVIEW OF PLC AND SCADASandeep Sahu
 
Distributed control system
Distributed control systemDistributed control system
Distributed control systemTilahun Shibru
 
Distributed Control System (DCS) Applications, Selection & Troubleshooting
Distributed Control System (DCS) Applications, Selection & TroubleshootingDistributed Control System (DCS) Applications, Selection & Troubleshooting
Distributed Control System (DCS) Applications, Selection & TroubleshootingpetroEDGE
 
Power system automation
Power system automationPower system automation
Power system automationsatyam11
 
Task 1.3 – human machine interface (hmi) definition. (by graphitech)
Task 1.3 – human machine interface (hmi) definition. (by graphitech)Task 1.3 – human machine interface (hmi) definition. (by graphitech)
Task 1.3 – human machine interface (hmi) definition. (by graphitech)SLOPE Project
 
PLC and SCADA communication
PLC and SCADA communicationPLC and SCADA communication
PLC and SCADA communicationTalha Shaikh
 
DCS fundamentals
DCS fundamentalsDCS fundamentals
DCS fundamentalsAlok Saikia
 

What's hot (20)

Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...
Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...
Implementation of T-Junction Traffic Light Control System Using Simatic S7-20...
 
Dcs write up
Dcs write upDcs write up
Dcs write up
 
DCS an overview
DCS an overviewDCS an overview
DCS an overview
 
Thesis1 3-23
Thesis1 3-23Thesis1 3-23
Thesis1 3-23
 
Distributed control system presentation
Distributed control system presentationDistributed control system presentation
Distributed control system presentation
 
Distributed Control System (Presentation)
Distributed Control System (Presentation)Distributed Control System (Presentation)
Distributed Control System (Presentation)
 
Topic 2-topic-31
Topic 2-topic-31Topic 2-topic-31
Topic 2-topic-31
 
Distributed Control System
Distributed Control SystemDistributed Control System
Distributed Control System
 
OVERVIEW OF PLC AND SCADA
OVERVIEW OF PLC AND SCADAOVERVIEW OF PLC AND SCADA
OVERVIEW OF PLC AND SCADA
 
Distributed control system
Distributed control systemDistributed control system
Distributed control system
 
Distributed Control System (DCS) Applications, Selection & Troubleshooting
Distributed Control System (DCS) Applications, Selection & TroubleshootingDistributed Control System (DCS) Applications, Selection & Troubleshooting
Distributed Control System (DCS) Applications, Selection & Troubleshooting
 
Working of DCS systems
Working of DCS systemsWorking of DCS systems
Working of DCS systems
 
BODY
BODYBODY
BODY
 
DCS
DCSDCS
DCS
 
Power system automation
Power system automationPower system automation
Power system automation
 
Task 1.3 – human machine interface (hmi) definition. (by graphitech)
Task 1.3 – human machine interface (hmi) definition. (by graphitech)Task 1.3 – human machine interface (hmi) definition. (by graphitech)
Task 1.3 – human machine interface (hmi) definition. (by graphitech)
 
Matter new
Matter newMatter new
Matter new
 
DCS Or PLC
DCS Or PLCDCS Or PLC
DCS Or PLC
 
PLC and SCADA communication
PLC and SCADA communicationPLC and SCADA communication
PLC and SCADA communication
 
DCS fundamentals
DCS fundamentalsDCS fundamentals
DCS fundamentals
 

Viewers also liked

FINAL Protecting Our Older People _ A Call for Adult Safeguarding Legislation
FINAL Protecting Our Older People _ A Call for Adult Safeguarding LegislationFINAL Protecting Our Older People _ A Call for Adult Safeguarding Legislation
FINAL Protecting Our Older People _ A Call for Adult Safeguarding LegislationEmer Boyle
 
Tư duy khởi nghiệp triệu đô
Tư duy khởi nghiệp triệu đôTư duy khởi nghiệp triệu đô
Tư duy khởi nghiệp triệu đôYouRICH Academy
 
Spark X - Enterprise Crowdfunding
Spark X - Enterprise CrowdfundingSpark X - Enterprise Crowdfunding
Spark X - Enterprise CrowdfundingHenning Muszynski
 
copni-commissioners-report-web
copni-commissioners-report-webcopni-commissioners-report-web
copni-commissioners-report-webEmer Boyle
 
BMC Buyers Guide Southern Version 08 Sep
BMC Buyers Guide Southern Version 08 SepBMC Buyers Guide Southern Version 08 Sep
BMC Buyers Guide Southern Version 08 SepSimon Roche
 
Baromètre EurObserv’ER 2014 - Etat des énergies renouvelables en Europe
Baromètre EurObserv’ER 2014 - Etat des énergies renouvelables en EuropeBaromètre EurObserv’ER 2014 - Etat des énergies renouvelables en Europe
Baromètre EurObserv’ER 2014 - Etat des énergies renouvelables en EuropePôle Réseaux de Chaleur - Cerema
 
Outils et ressources numériques en Histoire-Géographie
Outils et ressources numériques en Histoire-GéographieOutils et ressources numériques en Histoire-Géographie
Outils et ressources numériques en Histoire-GéographieChristine FIASSON
 
Workshop Springer - Tunisia
Workshop Springer - TunisiaWorkshop Springer - Tunisia
Workshop Springer - TunisiaBessem Aamira
 

Viewers also liked (10)

FINAL Protecting Our Older People _ A Call for Adult Safeguarding Legislation
FINAL Protecting Our Older People _ A Call for Adult Safeguarding LegislationFINAL Protecting Our Older People _ A Call for Adult Safeguarding Legislation
FINAL Protecting Our Older People _ A Call for Adult Safeguarding Legislation
 
Tư duy khởi nghiệp triệu đô
Tư duy khởi nghiệp triệu đôTư duy khởi nghiệp triệu đô
Tư duy khởi nghiệp triệu đô
 
Spark X - Enterprise Crowdfunding
Spark X - Enterprise CrowdfundingSpark X - Enterprise Crowdfunding
Spark X - Enterprise Crowdfunding
 
copni-commissioners-report-web
copni-commissioners-report-webcopni-commissioners-report-web
copni-commissioners-report-web
 
BMC Buyers Guide Southern Version 08 Sep
BMC Buyers Guide Southern Version 08 SepBMC Buyers Guide Southern Version 08 Sep
BMC Buyers Guide Southern Version 08 Sep
 
Distributed Computer Control System
Distributed Computer Control SystemDistributed Computer Control System
Distributed Computer Control System
 
CV
CVCV
CV
 
Baromètre EurObserv’ER 2014 - Etat des énergies renouvelables en Europe
Baromètre EurObserv’ER 2014 - Etat des énergies renouvelables en EuropeBaromètre EurObserv’ER 2014 - Etat des énergies renouvelables en Europe
Baromètre EurObserv’ER 2014 - Etat des énergies renouvelables en Europe
 
Outils et ressources numériques en Histoire-Géographie
Outils et ressources numériques en Histoire-GéographieOutils et ressources numériques en Histoire-Géographie
Outils et ressources numériques en Histoire-Géographie
 
Workshop Springer - Tunisia
Workshop Springer - TunisiaWorkshop Springer - Tunisia
Workshop Springer - Tunisia
 

Similar to Review of Distributed Computer Control System for Industrial Process Control

Paper id 37201531
Paper id 37201531Paper id 37201531
Paper id 37201531IJRAT
 
SCADA Assignment.pptx
SCADA Assignment.pptxSCADA Assignment.pptx
SCADA Assignment.pptxssuser1831ba
 
The art of control systems 110915
The art of control systems 110915The art of control systems 110915
The art of control systems 110915Moustafa M Elsayed
 
Introduction To SCADA
Introduction To SCADAIntroduction To SCADA
Introduction To SCADAKunal gupta
 
Power system automation
Power system automationPower system automation
Power system automationAbbas Ali
 
SCADA.pptx supervisory control and data aquasition
SCADA.pptx supervisory control and data aquasitionSCADA.pptx supervisory control and data aquasition
SCADA.pptx supervisory control and data aquasitionRapidAcademy
 
Communication between PLC different vendors using OPC server improved with ap...
Communication between PLC different vendors using OPC server improved with ap...Communication between PLC different vendors using OPC server improved with ap...
Communication between PLC different vendors using OPC server improved with ap...TELKOMNIKA JOURNAL
 
Practical Troubleshooting and Problem Solving of Modbus Protocols
Practical Troubleshooting and Problem Solving of Modbus Protocols Practical Troubleshooting and Problem Solving of Modbus Protocols
Practical Troubleshooting and Problem Solving of Modbus Protocols Living Online
 
Scada presentation (group 10)
Scada presentation (group 10)Scada presentation (group 10)
Scada presentation (group 10)Ritvik Bhatia
 
Scada system architecture, types and applications
Scada system architecture, types and applicationsScada system architecture, types and applications
Scada system architecture, types and applicationsUchi Pou
 
scada system
scada system scada system
scada system surangagw
 
PLC SCADA report Paras Singhal
PLC SCADA report Paras SinghalPLC SCADA report Paras Singhal
PLC SCADA report Paras SinghalPARAS SINGHAL
 
Embedded Patient Monitoring System
Embedded Patient Monitoring System Embedded Patient Monitoring System
Embedded Patient Monitoring System ijesajournal
 

Similar to Review of Distributed Computer Control System for Industrial Process Control (20)

Paper id 37201531
Paper id 37201531Paper id 37201531
Paper id 37201531
 
SCADA Assignment.pptx
SCADA Assignment.pptxSCADA Assignment.pptx
SCADA Assignment.pptx
 
The art of control systems 110915
The art of control systems 110915The art of control systems 110915
The art of control systems 110915
 
Introduction To SCADA
Introduction To SCADAIntroduction To SCADA
Introduction To SCADA
 
Power system automation
Power system automationPower system automation
Power system automation
 
SCADA.pptx supervisory control and data aquasition
SCADA.pptx supervisory control and data aquasitionSCADA.pptx supervisory control and data aquasition
SCADA.pptx supervisory control and data aquasition
 
Communication between PLC different vendors using OPC server improved with ap...
Communication between PLC different vendors using OPC server improved with ap...Communication between PLC different vendors using OPC server improved with ap...
Communication between PLC different vendors using OPC server improved with ap...
 
Whatisaplc
WhatisaplcWhatisaplc
Whatisaplc
 
Practical Troubleshooting and Problem Solving of Modbus Protocols
Practical Troubleshooting and Problem Solving of Modbus Protocols Practical Troubleshooting and Problem Solving of Modbus Protocols
Practical Troubleshooting and Problem Solving of Modbus Protocols
 
Scada presentation (group 10)
Scada presentation (group 10)Scada presentation (group 10)
Scada presentation (group 10)
 
03 scada.synopsis
03 scada.synopsis03 scada.synopsis
03 scada.synopsis
 
SCADA
SCADASCADA
SCADA
 
Scada system architecture, types and applications
Scada system architecture, types and applicationsScada system architecture, types and applications
Scada system architecture, types and applications
 
56758-60
56758-6056758-60
56758-60
 
scada system
scada system scada system
scada system
 
PLC SCADA report Paras Singhal
PLC SCADA report Paras SinghalPLC SCADA report Paras Singhal
PLC SCADA report Paras Singhal
 
Dcs vs scada
Dcs vs scadaDcs vs scada
Dcs vs scada
 
Ethercat twincat e
Ethercat twincat eEthercat twincat e
Ethercat twincat e
 
Embedded Patient Monitoring System
Embedded Patient Monitoring System Embedded Patient Monitoring System
Embedded Patient Monitoring System
 
Scada
ScadaScada
Scada
 

Review of Distributed Computer Control System for Industrial Process Control

  • 1. Review: Distributed Computer Control System For Industrial Process Control Andrianda Utama 1 Magister Teknik informatika, Universitas bina Darma Palembang, South Sumatera, Indonesia Andrianda.utama@tech-center.com In a distributed computer control system in which remote stations are interconnected by a communications link, the remote stations take turns having supervisory control over the communications link. Each remote is numbered in sequence in a predetermined succession order and takes its turn having control of the communications link in accordance with this succession order. When a remote station has completed its turn of having supervisory control, it transmits a first control message over the communications link. The next remote station in the succession order then takes control over the communication link by transmitting a second control message over the communications link. Each remote station has two variable timers which are set in response to said first control message and said second control message, respectively, and have time out intervals depending upon the offset of the receiving remote station from the remote station which transmitted the control message. If and when any of these variable timers times out in a given remote station, then that remote station will assume control of the communications link by transmitting the second control message on the communications link. 1 Introduction Distributed computer systems rely on data communication networks for exchanging data. Within a defined geographical area, e.g. an office, a control station or a manufacturing plant, local area networks (LAN) are used to interconnect components, i.e. communication entities, of the system. To enable remote access to the distributed computer system, typically, the local area networks are connected to the world wide web of the Internet and/or interconnected through communication links over publicly accessible territories and/or systems. To protect the distributed computer system from intrusion, the local area network is delimited by a perimeter consisting of firewalls and/or virtual private network (VPN) terminators. The perimeter, defined by VPN terminators, firewalls and/or other intrusion detection systems (IDS), protects the distributed computer system from malicious data traffic originating from sources external to the local area network. Conventionally, encrypted communications either required the termination of the encrypted connection at the perimeter or giving up content-_based traffic control in firewalls or intrusion detection systems, because encrypted traffic cannot be looked into. Consequently, security of data communication is limited to the perimeter and there is thus a risk that malicious data content is introduced into the distributed computer system, e.g. from or introduced through one
  • 2. of its components, and exchanged between its components via the local area network Particularly in distributed control systems, intrusion of malicious data into the system can be of catastrophic consequences. 2. CONTROL STATION 2.1. Workstation / Single Board Computer In view of the above, it is a broad, overall, object of the present invention, among others, to provide a distributed single board computer industrial control system which does not have the programming drawbacks normally associated with systems of this type. It is another object of the present invention to provide a distributed single board computer industrial control system in which each of the computers has a common master program and in which each computer can be easily adapted to a particular application without modification of the master program. It is still another object of the present invention to provide a distributed single board computer industrial control system in which each computer has a common master program and in which a worker, relatively unskilled in programming, can easily adapt each computer to a particular application. In accordance with the present invention, an industrial control system having a plurality of controlled devices is provided with a single board computer connected to each device through an input/output interface. Each computer is controlled by a master or composite program that includes program steps adapted to achieve control and monitoring of all possible logic 'control functions and command sequences that exist within the system. A user alterable interconnection device (UAID) allows only those portions of the master program that relate to the logic control functions and/or control sequences of a particular controlled device to be operatively connected with the input/output ports associated with that device. As the single board computer continuously and successively loops through the master program, only those program steps that relate to the logic control functions and/ or control sequences for the controlled device are operative, as determined by the UAID, to effect control and monitoring of the controlled device.
  • 3. FIG. 1 is a schematic representation of the overall organization of an industrial control system in accordance with the present invention in which a plurality of controlled devices are connected to an associated single board computer through an input/output interface
  • 4. 1. FIGS. 2-3 are examples of logic diagrams which maybe implemented by single board computers of the system
  • 5. FIGS. 12a and 12b depict a flow chart illustrating the program employed in each of the single board computers to control the output devices in accordance with the logic functions selected by the user of the system. 2.2. Programmable Logic Control (PLC) The concept of distributed industrial control systems, which have both a hardware and software component, is known in the art. Distributed control has been used since companies began installing programmable logic controllers (“PLCs”) to manage independent parts of a factory poor. PLCs are used in industrial control systems to provide coordinated control of equipment, devices, and processes. PLCs generally comprise a central processing unit (“CPU”) and a
  • 6. plurality of input/output (“I/O”) modules having I/O connection terminals. PLCs are ordinarily connected to various sensors, switches, or measurement devices that provide inputs to the PLC and to relays or other forms of output to control the field equipment or other controlled elements. As control technology evolved, the idea of islands of programmable controllers was discarded in favor of larger, centralized controllers. Industry is now moving back to a decentralized approach in which small, intelligent controllers gather data locally and share it across a network. The move back to a decentralized approach may be explained by describing the disadvantages of using a centralized control system. First, a centralized control system has lower flexibility and scalability. The maximum number of I/O modules and therefore I/O connections that can be controlled is determined during design by the model of controller used. Second, because a single processor (CPU) and a given amount of memory are used for the entire system, any future additional device, or any change in the system’s con?guration, must consider these limitations. Alternatively, an oversized central controller must be chosen in advance. Third, the wiring requirements for a centralized system, wherein every device must be wired to a central controller, are extensive. Although the use of remote I/O modules can reduce wiring requirements, adding more I/O modules to an existing controller does not add processing power and memory, which are usually fixed. Alternatively, a centralized system could be used wherein a single controller controls all the devices in the system. This would allow every condition to be set in one control program, but the wiring requirements in such a system would be much more extensive, and, importantly, the system would suffer from the lack of flexibility and scalability. Were an existing device to need functional expansion, or were any additional device to need control in the future, it would require additional I/O modules to be added to the controller (if technically possible) and would require additional control programming as well, which would increase the workload for the fixed central processor and memory. For theseand other reasons, today’s automation world is moving towards distribution of control rather than building centralized systems. In addition, the industry is making use of small (including “micro” and “nano”) PLCs and exploiting the latest improvements in communications and network technologies which have allowed companies to migrate from a centralized structure to a true distributed architecture. Such improvements include embedded networking capabilities (especially Ethernet, TCP/IP based solutions), new powerful CPUs that make controllers faster and stronger, enhanced security features for decentralized architectures, the physical downsizing of controllers, and reduced pricing. FIG. 4 is a high-level ?oW diagram of a control program implementation method in accordance With the present invention.
  • 7. FIG. 5 is a How diagram of the main part of a control program implementation method in accordance With the present invention.
  • 8. FIG. 6 is a relational diagram shoWing programmable logic controllers in a network configuration in accordance with the present invention. FIG. 7 is a table shoWing a control statement Weighting matrix in accordance With the present invention.
  • 9. 3. DATA LINK COMMUNICATION The present invention relates to control systems of the type having a plurality of remotely located process control units connected together through a communications link and, more particularly, to a control system in which each of the remote units sequentially assumes supervisory communication control of the communication link and in which high reliability information transfer is achieved between remotes. Many system type industrial installations, for example, those related to industrial process-type manufacturing and electrical power generation, employ a large number of physically distributed controlled-devices and associated sensors for effecting coordinated operation of the overall system. In the past, coordinated control of the various devices has been achieved by manual operation and various types of semi-automatic and automatic control systems including electromagnetic relay systems, hardwired solid-state logic systems, and various types of computer control systems. The computer system have included central systems in which the various sensors and controlled devices are connected to a central computer; distributed control systems in which a remotely located computer is connected to each of the controlled devices and to one another; and hybrid combinations of the central and distributed systems. The successful functioning of the control system is vital to any industrial process, and, accordingly. Distributed systems have generally been preferred over central systems because the failure of one of the remotely located control computers generally does not cause a system wide failure as in the case of the failure of the central computer in the central system. However, in many distributed computer systems, one of the remotes or a specially designed control unit generally handles supervisory communication control of the communication buss and, for these systems, failure of the communication buss supervisor can lead to a system-wide failure. In many industrial control systems, the various communication busses that extend between the remotely located computer process control units are exposed to high electrical noise environments. Accordingly, the information transferred over the communication buss can be subjected to error-inducing interference because of the harsh electrical environment. In view of this, a control system must have a means for detecting errors within the transmitted information in order to provide high reliability data transmission between remotes.
  • 10. FIG. 1 is a schematic diagram of an exemplary process control systemincluding a plurality of remote process control units (remotes) connected to a common dual-channel communications link;
  • 11. FIG. 2 is a schematic block diagram of an exemplary remote process control unit of thetype shown in FIG.1;
  • 12. FIG. 3 is a schematic block diagram of a communication controller employed in the remote station shown in FIG. 2;
  • 13. FIG. 5 illustrates the format of an exemplary or illustrative information block for transferring informationbetween remotes; FIG. 5A illustrates the format of a header frame ofthe information block shown in FIG. 5; FIG. 58 illustrates the format for a data/informationframe of the information block shown in FIG. 5; FIG. 5C illustrates the format for an acknowledgement block (ACK) for acknowledging successful receipt of an information block; FIG. 5D illustrates the format for a non-acknowledgement block (NAK) for indicating the unsuccessfultransmission of an information block between remotes; FIG. 6 illustrates, in pictorial form, two identical data blocks having the format shown in FIG. 5 successively transmitted on each communication channel of the communication link illustrated in FIG. 1;
  • 14. FIG. 7 is a flow diagram summary of themanner in which a source and a destination remote effect communications with one another; FIG. 8A is a partial flow diagram illustrating in detail the manner in which a source and a destination remote communicate and validate information transferred between one another.
  • 15. FIG. 8B is a partialflow diagram which completes theflow diagram of FIG. 8A and illustrates in detail the manner in which a source and a destination remote communicate and validate information transferred between one another; FIG. 9 is a legend illustrating themanner in theflow diagrams of FIG. 8A and FIG. 8B are to be read;
  • 16. FIGS. 10A through 10F are exemplary tables illustrating the manner in which supervisory control of the communication link is transferred from remote to remote.
  • 17. 4. NETWORK ARCHITECTURE To aid in the understanding of the prior art and the problems associated therewith. it may be helpful to provide a brief overview of distributed computing environments. As used herein. a computing environment consists of a plurality of computers connected by a network which allows the computers to communicate and pass information and/or data between themselves. The network may range from a local environment. such as a local area network (LAN). to a very large and expansive network. such as a wide area networks (WAN). and many other distributed network systems. The computer environment also includes the various operating systems. storage mediums. and other processing resources which reside on these computers and that are interconnected and accessible via the network through various software products. Further. a collection of information service systems and application systems generally embodied within software products. are also considered to be part of the computing environment. The information service systems and application systems used within any given computing environment range from commercially available software applications (e.g.spreadsheets. word processors. databases) to custom developed software products tailored for a specific use within a designated computing environment. A dominant architecture that is receiving widespread use in many current distributed computing environments is known as the client-server architecture. Client-server architecture is a hierarchical architecture for distributed computing environments that is generally divided into two layers. One layer within the client-server architecture includes most of the application systems. Application systems include fourth generation languages. computer aided software engineering tools. programming languages and their support tools. and various other commercially available software products. This first layer typically represents the client layer. A second layer within the client-server architecture includes most of the information service systems. The information service systems are software products such as database management systems and data repositories. specialized data access methods. application servers. and any number of service based monolithic software systems. This second layer represents the server layer. Include the introduction of a third or middle layer. This third layer typically includes software products designed to provide various infrastructure or interfacing services between other components of the distributed computing environment such as between an application system and an information service system. Such software products are classified as middleware products or systems. A recent term for the hierarchical architecture that utilizes middleware systems is a three-tier system or multi-tier system architecture. Where the middleware system consists of software products. applications and services that had previously existed either in the client layer or server layer. Three-tier or multi-tier layers are well known in the art.
  • 18. 5. PROCESS CONTROL The present invention relates to digital distributed process control systems which have controllers or control stations at each of a number of distributed locations with each controller controlling a plurality of control loops. Moreparticularly, this invention relates to a method and apparatus for carrying out a required control strategy for the loops at any one location with a maximum of flexibility in the type of strategy to be executed while at the same time minimizing the cost per loop. The control of complex industrial processes has evolved from the use of a large number of simple single loop controllers, which either perform without central direction or, alternatively, are directed by a central computer, toward the use of distributed systems. In distributed systems, widely spaced control stations are connected for communication with one another and, if desired, with a host computer. Each of the stations usually is capable of controlling a large number of loops and is microprocessor based with the host computer being employed for complex computing, control, and storage functions beyond the capability of the stations. The individual stations of distributed control systems typically execute control on a number of loops by either of two general approaches. The first is the use of time slots during which are executed selected library algorithms which determine the functional relationship between measured variables (controller inputs) and controlled variables (controller outputs) of the process loops. The second is the use of user-entered programs to determine those functional relationships. With the time slot approach a fixed number of slots is established for each scan period during which the controller inputs the measured variables and supplies the control signals to the control elements of the loops. Each slot can be used to execute any one of a number of common algorithms stored as firmware in a library of I algorithms. The output for each of the slots can alternatively be used as a control output to an associated loop or as an input to another
  • 19. slot where supplementary processing of the control signal can be carried out before the signal is used for control of a loop. This approach has some severe limitations, however, when it is desired to apply it to the extremely diverse combinations of control strategies which may be required in an industrial environment. Thus, for example, where the library of algorithms includes a standard PID algorithm to provide proportional, integral, and derivative functions as well as a summing algorithm, a multiplying algorithm, and a full range of algorithms for logic functions, it will be evident that, while the PID algorithm may make efficient use of the time for one slot, the less complex algorithms may not. Thus, the execution of non-standard control strategies which require a number of summers and multipliers or a number of logic functions, will not use the limited number of slots efficiently. FIG. 1 illustrates a distributed process control system of the typefor which this invention is useful.
  • 20. FIG. 2 illustrates an optical-electrical interface of the typewhich can be used in the arrangement of FIG. 1. FIG. 3 is a block diagram showing a controller of the system. In accordance with the present invention there is provided a method and means for carrying out the control of a process using a plurality of control loops in a digital distributed process control system. This method includes providing a database having a plurality of memory cells for storing numerical and boolean values for use in the control of the loops and providing in
  • 21. firmware a library of frequently used control algorithms which can be sequentially executed to produce an algorithm output which is a predetermined function of selected algorithm inputs obtained from the database. There is a scanning of a plurality of time slots during each of which the station controller is assigned to produce an algorithm output in accordance with a predetermined function of the algorithm inputs associated with that slot, as determined by the algorithm selected for that slot. Concurrently established sequential programs are executed to provide other control strategies. These programs are run to provide a program output to the database having a predetermined functional relationship to program inputs from the database. Each algorithm output and program output is used as either a controller output or as a value to be stored in said data base for use as an algorithm input for another slot or a program input for another program. The controller input to the database is used as a program input or as an algorithm input, whereby the control elements of the process are controlled in accordance with the desired strategy as established by the algorithms associated with the time slots and by the sequential programs. 6. DISTRIBUTED CONTROL SYSTEM With the development of commercially available digital computers industrial process control has been typically handled through centralized direct digital control systems. These systems included a main frame computer which is programmed to control processes. From time to time, the program would be modified to change the control of processes and to accept new process control functions or parameters. As a result, the use of computerized direct digital control of processes was expanded in order to control more of the total process than could previously been achieved with prior conventional analog process controllers. However, a number of major fundamental problems existed with such a main frame, direct digital control system. As with any complex piece of equipment, maintenance was difficult and required personnel with specialized training. As the process control became more sophisticated, it became impractical to maintain in-house service personnel for the computerized system. Therefore, users had to rely upon vendors for maintenance and repair support. Moreover, in a continuous process, the failure of the central computer could have catastrophic effects because control of a substantial portion if not all of the 35 overall process would be interrupted. In some areas of technology, such as glass forming, reliance upon a single main frame central processing control system became impractical because of the potential of these catastrophic failures.
  • 22. FIG. 1 is a drawing showing thehierarchical interconnections of the various components of the distributed control system. 6.1. Distributed Computer Control System More recently, distributed computer control systems have been developed in which a single board computer is connected to each control device with each single board computer having a specific program dedicated to the particular control device. However, a number of 45 drawbacks have been associated with the distributed computer control systems. In order to conserve memory and reduce operational time, the single board computers are generally programmed in a low-level, assembly-type language. As a result, many system users are reluctant to employ distributed single board computers because of the difficulty of obtaining or training personnel to program the computers. Moreover, because maintenance personnel are typically not trained in programming, a large inventory of single board computers are necessary in order to properly repair a system malfunction by replacing the microprocessor which is down. In addition, should there be a desire to upgrade or modify the program in any given microprocessor, such modification or upgrading will often require the modification of the overall system control program. Thus, cost effective retrofitting of existing industrial process control systems is not feasible. Johnson et al. disclosed in U.S. Pat. No. 4,253,148 a system of distributed control of a process which was designed to overcome the difficulty of having a large inventory of preprogrammed microprocessors for each device to be controlled. Thus, in the Johnson et al. system a master or composite program was developed which was capable of controlling all possible logic functions and command sequences for all of the devices to be controlled. This program was downloaded into each of a plurality of microprocessors. Because each microprocessor was designed to control a specific device, a user alterable interconnection device was provided in each microprocessor in the form of a programmable read only memory (PROM). The PROM in each microprocessor allowed only those portions of the master program which related to the logic control functions and control sequences of a particular control device to be connected to
  • 23. the input/output ports associated with the device. Thus, as each microprocessor continuously looped through the master program, only those program steps which related to the control functions and sequences for a control device would be operative. This system had the drawback that a sometimes massive program had to be downloaded into each microprocessor. In addition, the time constraints on such a system which must loop through the entire master program is such that some processes cannot be adequately controlled. Moreover, because the master control program is stored in each microprocessor, storage space for other data such as process control data and operational parameters is limited. It, therefore, is an object of the present invention to provide an improved distributive control, microprocessor based process control system, with interchangeable components whose programming is transparent to the operators. FIG. 1 depicts a plurality of networked digital data processors for use in practicing the invention;
  • 24. FIG. 2 depicts objects for controlling a process in a system according to the invention; 6.2. Distributed Computer Security System This invention relates to a method and apparatus for controlling access by users to applications programs in 10 a distributed computer system. A framework for security in a distributed computer system has been proposed by the European Computer Manufacturers’ Association (ECMA) and is described in the following references. 15l) ECMA TR/46 “Security in Open Systems-a Security Framework” July 1988 2) ECMA standard ECMA/ 138 December 1989 3) “Network Access Control Development”, COMPACS 90 Conference, London, March 1990 The ECMA security framework permits a user to be authenticated to the system, and to obtain as a result a data package referred to as a privilege attribute certificate (PAC) which represents a certified collection of access rights. When the user wishes to access a target application, the user presents the PAC to that application as evidence of the user’s access rights. An advantage of this approach is that the user does not need to be authenticated separately to individual applications—the authentication procedure is performed once only, to obtain the PAC. The PAC can then be used several times to access different applications. The object of the present invention is to build on this idea of using PACs, to provide an improved method ofaccess control.
  • 25. FIG. 1 is a schematic diagram of a distributed computer systemembodying the invention. Computer security systems are often based on the basic access control model, which provides a foundation of secrecy and integrity security procedures. To do its work, the reference monitor needs a trust worthy way to know the access control rule and the source of the request. Usually the access control rule is attached to the object; such a rule is called an access control list or ACL. For each operation, it specifies asset of authorized principals, and the reference monitor grants a request if its principal is trusted at least as much as one of the authorized principals for the requested operation. It should be understood that operation of the reference monitor is separated and distinct from other security issues, such as whether a requestor is who he/ she/ it claims to be. That type of security is typically provided by using encryption and digital signature techniques, as will be understood by those skilled in the art. The present invention is directed at systems and methods for governing access to objects in distributed computer system that allow for “compound principals”. In summary, the present invention is a security system governing access to objects in a distributed computer system. Each object has an access control list having a list of entries. Each access conrol list entry can represent either a simple principal or a compound principal. The set of allowed compounds principals is limited to a predefined set of allowed combination of simple principals, roles, delegations and conjunctions in accordance with a defined hierarchical ordering of the conjunction, delegation and role portions of each compound principal.
  • 26. 1. Compound Principal Method The distributed computing system is provided with a naming service having a secure membership table that contains a list of assumptions. Each assumption specifies either one principal as being stronger than another specified principal, or specifies one role as being stronger than another specified role. These assumptions reduce the number of entries needed in an access control list by allowing an entry to state the weakest principals and roles that are authorized to access an object, with all stronger principals and roles being included by way of the assumptions listed in the membership table. The reference checking process, typically handled by a reference monitor found at each node of the distributed system, grants an access request if the requestor is stronger than any one of the entries in the access control list for the resource requested. Furthermore, one entry is stronger than another entry if for each of the conjuncts in the latter entry there is a stronger conjunct in the former. Additional rules used by the reference monitor the reference checking process govern the processes of comparing conjuncts in a requestor principal with the conjuncts in an access control list entry and of using assumptions to compare the relative strengths of principals and roles. The present invention provides a framework for making practical use of compound principals in distributed computer systems. FIG. 1 is a block diagram a distributed computer system with a trusted naming service for storing secure data shared by the members of the system.
  • 27. FIG. 2 is a block diagram of one node of the distributed computer system shown in FIG. 1. FIG. 3 is a block diagram representing an access control list.
  • 28. FIG. 4 schematically depicts the elements of one entry in an access control list. FIG. 5 is a block diagram representing a membership table, which contains a list of assumptions.
  • 29. FIG. 6 is a flow chart of the process performed by a node’s reference monitor to determine whether or not to grant a request for access to a specified object. 2. Locally Cached Authentication Credentials Method In general, in most prior art systems authenticating each request by a requester requires digitally signing the request, as well as an exchange of information called “credentials” between the requester and the server to enable the server to authenticate the digital signature on the request. The authentication process can impose significant overhead on the operation of distributed computer systems, especially when the number of requests transmitted between nodes is high. In summary, the present invention is a security system governing access to objects in a distributed com puter
  • 30. system. The computer at each node of the distributed system has a trusted computing base that includes an authentication agent for authenticating requests received from principals at other nodes in the system. Requests are transmitted to servers as messages that include a first identifier (called an Auth ID) provided by the requester and a second identifier provided (called thesub channel value) by the authentication agent of the requester node. Each server process has an associated local cache that identifies requesters whose previous request messages have been authenticated. When a request is received, the server checks the request’s first and second identifiers against the entries in its local cache. If there is a match, then the request is known to be authentic, without having to obtain authentication credentials from the requester’s node, because the authentication agents guarantee authenticity of such request messages. If the identifier in a request message does not match any of the entries in the server’s local cache, then the server node’s authentication agent is called to obtain authentication credentials from the requester’s node to authenticate the request message. Upon receiving the required credentials from the requester node’s authentication agent, the principal identifier of the requester and the received credentials are stored in a local cache by the server node’s authentication agent. The server process also stores a record in its local cache indicating that request messages from the specified requester are known to be authentic, thereby expediting the process of authenticating received requests. A further optimization is that the server process local cache is used to store a list of the object access control list entries previously satisfied by each requester, thereby enabling the server process to expedite granting access to previously accessed objects. FIG. 1 is a block diagram a distributed computer systemwith a trusted naming service for storing secure data shared by the members of the system.
  • 31. FIGS. 2 and 3 are block diagrams of one node of the distributed computer system shown in FIG. 1.
  • 32. FIG. 4 is a block diagram of two computers, one having a requester process that is requesting access to a server process in the second computer.
  • 33. FIGS. 5A and 5B schematically depict an Authentication ID table and Channel Assignment Table maintained by authentication agents in the preferred embodiment of the present invention.
  • 34. FIG. 6 schematically represents a data packet. FIG. 7 schematically depicts a “local cache" of au thentication data maintained by authentication agents in the preferred embodiment of the present invention.
  • 35. FIG. 9 is a block diagram representing an access control list.
  • 36. FIG. 10 is a ?ow chart of the authentication process performed by the authentication agents associated with a requester and a server.
  • 37. 7. CONCLUSION Distributed Computer Control System for Industrial Process Control has been conceived and partially implemented. DCS is well suited to solving some very awkward Industrial Process Control problem encounter by conventional computers in real-time control applications. for controlling an industrial process includes a plurality of remotely located process control units (remotes) each coupled to an associated input/output device(s) and adapted to communicate with one another through a dual channel communications link. References 1. Cope, Michael E., Distributed Computer Control System., (1984) 2. Naedele, Martin., Dzung, Dacfey., Distributed computer systemwith a local area., (2006), 3. William, D., Johnson, Dallas, Donald,L., Ewing, Richardson, James, S., DISTRIBUTED SINGLE BOARD COMPUTER INDUSTRIALCONTROLSYSTEM., (1981) 4. James, S., Grisham, Jr., Arlington., INDUSTRIALCONTROLSYSTEM WITH DISTRIBUTED COMPUTER IMPLEMENTED LOGIC,(1982) 5. Cope, Michael E.,Richardson,,DISTRIBUTED INDUSTRIALCONTROLSYSTEM WITH REMOTESTATIONSTAKING TURNSSUPERVISING COMMUNICATION LINK BETWEEN THE REMOTESTATIONS,(1983) 6. Cope, Michael E.,Farmers Branch,DISTRIBUTED COMPUTER CONTROL SYSTEM WITH VARIABLE MONITOR TIMERS,(1986) 7. Stephen P. Glaudel, Harleysville, Paul H. Grissom, Furlong,DISTRIBUTED PROCESS CONTROLSYSTEM,(1987) 8. Paul S. Sauik, Dennis H. Shreve, DISTRIBUTED CONTROLSYSTEM,(1989) 9. Rodger T.Lovrenich, Santa Teresa, DISTRIBUTED LOGIC CONTROLSYSTEM AND METHOD,(1992) 10. Martin Abadi, Palo Alto; Michael Burrows; Edward P. Wobber, ACCESS CONTROL SUBSYSTEM AND METHOD FOR DISTRIBUTED COMPUTER SYSTEM USING COMPOUND PRINCIPALS, (1992) 11. Edward Wobber, Menlo Park; Martin Abadi, Palo Alto; Andrew Birrell,ACCESS CONTROLSUBSYSTEM AND METHOD FOR DISTRIBUTED COMPUTER SYSTEM USING LOCALLY CACHED AUTHENTICATIONCREDENTIALS,(1993) 12. Larry Suarez., METHOD AND ARCHITECTUREFOR THECREATION, CONTROL AND DEPLOYMENT or SERVICES WITHIN A DISTRIBUTED COMPUTER ENVIROMENT,(1998) 13. Thomas A. Parker, ACCESS CONTROLIN A DISTRIBUTED COMPUTER SYSTEM,(1994) 14. Thomas B., Kinney, Franklin, MA.,PROCESSCONTROLSYSTEM AND METHOD WITH IMPROVED DISTRIBUTION, INSTALLATION AND VALIDATION OF COMPONENTS,(2002) 15. Halm Sham, SYSTEM AND METHOD FOR IMPLEMENTINGLOGIC CONTROLIN PROGRAMMABLECONTROLLERSIN DISTRIBUTED CONTROL SYSTEMS,(2007)