Abstract: A system for communicating between redundant devices balances the desired attributes of a high availability (HA) control system and a safety control system. The system includes concurrent connections as a fault tolerant mechanism for industrial protocol connections at the transport layer. The concurrent connections establish multiple paths for redundancy from a data producer to a data consumer. Concurrent connections increase availability of the HA control and safety instrumented systems. More specifically, concurrent connections and architectural redundancies eliminate a single point of failure within the control system and further reduce safety connection timeouts during fault detection and/or recovery. Concurrent connections may be used to keep a HA system operational or to provide detection of a failure in a safety system. The industrial control network may be configured to function as a HA control system, as a safety control system, or with certain degrees of both HA and safety-related operation.

Abstract: A method and system for assigning slot addresses to modules in a fault tolerant industrial control system includes a pair of backplane switches on each base. Each backplane switch is configured to communicate between one backplane and the modules located on the base and to communicate between backplane switches located at adjacent bases. A backplane switch on a bank master base first assigns a base address and slot addresses to itself. The backplane switches on each additional base initiate transmission of a base address request. A base address response, including a base address and slot numbers for the adjacent base, is transmitted after a base has its own address assigned. Each base repeats the process in sequence along the bank, incrementing the base address by one and the slot address by the number of slots on the base and passing the new base and slot addresses along the bank.

Abstract: A modular I/O system for an industrial automation network includes a network adapter including first and second adapter modules, wherein each adapter module is configured for connection with an industrial network. The I/O system further includes a first I/O device with first and second I/O modules each configured for operative connection to a controlled system for input/output of data with respect to the controlled system. The I/O system further includes first and second independent backplane data networks that connect each of the first and second adapter modules to each of the first and second I/O modules. The network adapter includes first and second removable backplane network switches and the first I/O device includes third and fourth removable backplane network switches that establish the backplane networks. The backplane network switches can be Ethernet gigabit switches.

Abstract: A method and system for assigning slot addresses to modules in a fault tolerant industrial control system includes a pair of backplane switches on each base. Each backplane switch is configured to communicate between one backplane and the modules located on the base and to communicate between backplane switches located at adjacent bases. A backplane switch on a bank master base first assigns a base address and slot addresses to itself. The backplane switches on each additional base initiate transmission of a base address request. A base address response, including a base address and slot numbers for the adjacent base, is transmitted after a base has its own address assigned. Each base repeats the process in sequence along the bank, incrementing the base address by one and the slot address by the number of slots on the base and passing the new base and slot addresses along the bank.

Abstract: A system of communicating data over a high availability industrial control system is disclosed. The industrial control system includes a first data producer, a second data producer in communicative connection with the first data producer, a first data consumer, and a second data consumer in communicative connection with the first data consumer. The system further includes the first producer communicating the data over multiple connection paths from the first producer to the first consumer and the second consumer through intermediate modules, and the second producer communicating the data over multiple connection paths from the second producer to the first consumer and the second consumer through intermediate modules. Also disclosed is a method of communicating data over the high availability industrial control system.

Abstract: A system for communicating between redundant devices balances the desired attributes of a high availability (HA) control system and a safety control system. The system includes concurrent connections as a fault tolerant mechanism for industrial protocol connections at the transport layer. The concurrent connections establish multiple paths for redundancy from a data producer to a data consumer. Concurrent connections increase availability of the HA control and safety instrumented systems. More specifically, concurrent connections and architectural redundancies eliminate a single point of failure within the control system and further reduce safety connection timeouts during fault detection and/or recovery. Concurrent connections may be used to keep a HA system operational or to provide detection of a failure in a safety system. The industrial control network may be configured to function as a HA control system, as a safety control system, or with certain degrees of both HA and safety-related operation.

Abstract: A modular I/O system for an industrial automation network includes a network adapter including first and second adapter modules, wherein each adapter module is configured for connection with an industrial network. The I/O system further includes a first I/O device with first and second I/O modules each configured for operative connection to a controlled system for input/output of data with respect to the controlled system. The I/O system further includes first and second independent backplane data networks that connect each of the first and second adapter modules to each of the first and second I/O modules. The network adapter includes first and second removable backplane network switches and the first I/O device includes third and fourth removable backplane network switches that establish the backplane networks. The backplane network switches can be Ethernet gigabit switches.

Abstract: A system of communicating data over a high availability industrial control system is disclosed. The industrial control system includes a first data producer, a second data producer in communicative connection with the first data producer, a first data consumer, and a second data consumer in communicative connection with the first data consumer. The system further includes the first producer communicating the data over multiple connection paths from the first producer to the first consumer and the second consumer through intermediate modules, and the second producer communicating the data over multiple connection paths from the second producer to the first consumer and the second consumer through intermediate modules. Also disclosed is a method of communicating data over the high availability industrial control system.

Abstract: For uninterrupted network communications, a method detects a protected reset at a network device. In response to the protected reset, the method maintains communication functions of a communication module. The communication module communicates with other network devices using the communication functions. In response to the protected reset, the method resets the network device without resetting the communication module.

Abstract: A modular I/O system for an industrial automation network includes a network adapter including first and second adapter modules, wherein each adapter module is configured for connection with an industrial network. The I/O system further includes a first I/O device with first and second I/O modules each configured for operative connection to a controlled system for input/output of data with respect to the controlled system. The I/O system further includes first and second independent backplane data networks that connect each of the first and second adapter modules to each of the first and second I/O modules. The network adapter includes first and second removable backplane network switches and the first I/O device includes third and fourth removable backplane network switches that establish the backplane networks. The backplane network switches can be Ethernet gigabit switches.

Abstract: A modular I/O system for an industrial automation network includes a network adapter including first and second adapter modules, wherein each adapter module is configured for connection with an industrial network. The I/O system further includes a first I/O device with first and second I/O modules each configured for operative connection to a controlled system for input/output of data with respect to the controlled system. The I/O system further includes first and second independent backplane data networks that connect each of the first and second adapter modules to each of the first and second I/O modules. The network adapter includes first and second removable backplane network switches and the first I/O device includes third and fourth removable backplane network switches that establish the backplane networks. The backplane network switches can be Ethernet gigabit switches.

Abstract: A system of communicating data over a high availability industrial control system is disclosed. The industrial control system includes a first data producer, a second data producer in communicative connection with the first data producer, a first data consumer, and a second data consumer in communicative connection with the first data consumer. The system further includes the first producer communicating the data over multiple connection paths from the first producer to the first consumer and the second consumer through intermediate modules, and the second producer communicating the data over multiple connection paths from the second producer to the first consumer and the second consumer through intermediate modules. Also disclosed is a method of communicating data over the high availability industrial control system.

Abstract: A method and system for interacting with data frames passing through a module connected to an industrial network is disclosed. Each module includes an aggregation unit located on the network interface above the physical layer. To transmit data, the aggregation unit reads a header from a dynamic data packet to determine if the module is a participant module for the packet. If so, the aggregation unit inserts data from the module into the data packet and transmits the packet to another module. To receive data, the aggregation unit reads a header from the data packet to determine whether the data packet includes data for the module. If so, the aggregation unit reads the data and passes the data packet to another module. If the aggregation unit determines that a data packet is not intended for the module, the data packet is passed to another module with no further interaction.

Abstract: An improved system for establishing rules in a firewall for an industrial network is disclosed. Rules are established at an application level, identifying, for example, actions to occur between two devices. The action may be, for example, read data table or get attribute, and each action may require multiple message packets to be transmitted between the two devices in order to complete. A network device executing the firewall is configured to receive message packets from a sending device and to inspect the message packets to determine which action the sending device is requesting to perform. If the action corresponds to a rule in the database, the network device manages communications between the two devices until all message packets have been transmitted. Thus, a single action, or application, may be defined in the rules database to permit multiple data packets to be communicated between the devices.

Abstract: A method and system for interacting with data frames passing through a module connected to an industrial network is disclosed. Each module includes an aggregation unit located on the network interface above the physical layer. To transmit data, the aggregation unit reads a header from a dynamic data packet to determine if the module is a participant module for the packet. If so, the aggregation unit inserts data from the module into the data packet and transmits the packet to another module. To receive data, the aggregation unit reads a header from the data packet to determine whether the data. packet includes data for the module. If so, the aggregation unit reads the data and passes the data packet to another module. If the aggregation unit determines that a data packet is not intended for the module, the data packet is passed to another module with no further interaction.

Abstract: A method and system for interacting with data frames passing through a module connected to an industrial network is disclosed. Each module includes an aggregation unit located on the network interface above the physical layer. To transmit data, the aggregation unit reads a header from a dynamic data packet to determine if the module is a participant module for the packet. If so, the aggregation unit inserts data from the module into the data packet and transmits the packet to another module. To receive data, the aggregation unit reads a header from the data packet to determine whether the data packet includes data for the module. If so, the aggregation unit reads the data and passes the data packet to another module. If the aggregation unit determines that a data packet is not intended for the module, the data packet is passed to another module with no further interaction.

Abstract: A high-speed security device for network connected industrial controls provides hybrid processing in tandem hardware and software security components. The software security component establishes state-less data identifying each packet that requires high-speed processing and loads a data table in the hardware component. The hardware component may then allow packets matching data of the data table to bypass the software component while passing other non-matching packets to the software component for more sophisticated state analysis.

Abstract: A high-speed security device for network connected industrial controls provides hybrid processing in tandem hardware and software security components. The software security component establishes state-less data identifying each packet that requires high-speed processing and loads a data table in the hardware component. The hardware component may then allow packets matching data of the data table to bypass the software component while passing other non-matching packets to the software component for more sophisticated state analysis.

Abstract: A method and system for interacting with data frames passing through a module connected to an industrial network is disclosed. Each module includes an aggregation unit located on the network interface above the physical layer. To transmit data, the aggregation unit reads a header from a dynamic data packet to determine if the module is a participant module for the packet. If so, the aggregation unit inserts data from the module into the data packet and transmits the packet to another module. To receive data, the aggregation unit reads a header from the data packet to determine whether the data packet includes data for the module. If so, the aggregation unit reads the data and passes the data packet to another module. If the aggregation unit determines that a data packet is not intended for the module, the data packet is passed to another module with no further interaction.

Abstract: A high-speed security device for network connected industrial controls provides hybrid processing in tandem hardware and software security components. The software security component establishes state-less data identifying each packet that requires high-speed processing and loads a data table in the hardware component. The hardware component may then allow packets matching data of the data table to bypass the software component while passing other non-matching packets to the software component for more sophisticated state analysis.