L'Internet des objets (IDO)
0 likes614 views
The document discusses Cisco's vision for the Internet of Everything (IoE) and how it applies to the manufacturing sector. It addresses some of the challenges manufacturers face, such as disconnected systems and technology silos. It then presents Cisco's proposed architecture for industrial networks, including security frameworks, edge computing, and fog computing to enable distributed data processing at the network edge. This architecture is meant to help manufacturers overcome challenges and leverage IoT/IoE for operational improvements and business benefits.
![In Many Cases, Data Issues Must be Handled
“In the Network” to Meet the Requirements
Hence…
Distributed Data Processing [across the] Network Fabric](https://image.slidesharecdn.com/ciscoconnect2016iot-johan-161208195300/85/L-Internet-des-objets-IDO-23-320.jpg)
L'Internet des objets (IDO)
- 1. Johan Arens - Conseiller, ingénierie de réseaux //CCIE#29341, CCNP Voice, CCDP 7 décembre 2016 Cisco Connect Montréal 2016 L’Internet des objets (IDO) dans le secteur manufacturier
- 2. Équipe CCiQ Cisco au Québec Etienne Simard Sylvain Denoncourt Johan Arens
- 3. • Vision de Cisco • Réalité du monde manufacturier • Architecture et Sécurité • Edge Computing • Conclusion • Questions / Réponses Agenda
- 4. “L’Internet des objets est une façon intelligente de connecter des équipements physiques pour aller extraire des améliorations substancielles dans notre efficacité, croissance d’affaire et amélioration de la qualité de vie.” Qu’est-ce que l’Internet des objets ?
- 5. Cisco Confidential 5© 2013-2014 Cisco and/or its affiliates. All rights reserved. Converging Digital Disruptions The Nexus of Forces IoT = $1.9 Trillion in 2020 The 3rd Platform $462 Billion in 2013 (22% of total ICT spending) The Industrial Internet $10 Trillion to $15 Trillion Over Next 20 Years
- 6. Cisco Confidential 6© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Calls It The Internet of Everything (IoE) Interconnexion des personnes, procédés, données et des objets People Connecting People in More Relevant, Valuable Ways Process Delivering the Right Information to the Right Person (or Machine) at the Right Time Data Leveraging Data into More Useful Information for Decision Making Things Physical Devices and Objects Connected to the Internet and Each Other for Intelligent Decision Making IoE
- 7. Cisco Confidential 7© 2013-2014 Cisco and/or its affiliates. All rights reserved. 7.26.8 7.6 IoT Is Here Now – and Growing! Rapid Adoption Rate of Digital Infrastructure: 5X Faster Than Electricity and Telephony 50 Billion “Smart Objects” 50 2010 2015 2020 0 40 30 20 10 BILLIONSOFDEVICES 25 12.5 Inflection Point TIMELINE Source: Cisco IBSG, 2011 World Population The New Essential Infrastructure
- 8. Cisco Confidential 8© 2013-2014 Cisco and/or its affiliates. All rights reserved. The World Generates More Than 2 Exabytes of Data Every Day Connected Objects Generate Big Data 3/4 millions smart meters in Quebec 90 millions data points > 2 TB / month ! 10TB of data for every 30 minutes of flight With >25,000 flights per day, petabytes daily A large offshore field produces 0.75TB of data weekly A large refinery generates 1TB of raw data per day A single consumer packaged good manufacturing machine generates 13B data samples per day
- 9. Opérations en silos Pas de choix technologiques communs Dépendance des OEM ou fabricants de lignes Réalité du monde manufacturier
- 10. Musée des systèmes d’exploitation Usines installées proche des matières premières Centralisation des centres de données Production sur demande Faire plus avec moins Réalité du monde manufacturier
- 11. Relations tendues entre IT et OT Réalité du monde manufacturier CIA AIC Availability Integrity Confidentiality Confidentiality Integrity Availability
- 12. Relations tendues entre IT et OT Réalité du monde manufacturier Marc, OT Bernard, IT Bernard, J’ai besoin d’un adresse IP pour remonter ma drive que je viens de la remplacer. Ma motion ne marche plus ! Ah ! Il a des SAN lui sur son plancher ? Marc, donc pour bien comprendre tu as besoin de remonter ton SAN pour pouvoir bouger des VM d’un SAN à un autre ?
- 13. Besoin d’un plan directeur et d’une architecture !
- 14. Changing Industrial Automation Networks Ethernet and IP Provide Foundation for Manufacturing 2.0 Initiatives Robotics Human Machine Interface PC-Based Controllers Motors, Drives, and Actuators Programmable Logic Controllers Office Applications, Internetworking, Data Servers, and Storage Back-Office Mainframes and Servers Sensors and Other Input/Output Devices Corporate Network Control Network Gateway Robotics Human Machine Interface PC-Based Controllers Motors, Drives, and Actuators Programmable Logic Controllers Office Applications, Internetworking, Data Servers, and Storage Back-Office Mainframes and Servers Sensors and Other Input/Output Devices Corporate Network Traditional Ethernet-Based Control Network Device-Level Network Ethernet Automation Control
- 15. Logical Architecture Built on Industry Standards Enterprise Zone DMZ Manufacturing Zone Cell/Area Zone Enterprise Network Site Business Planning and Logistics Network Site Manufacturing Operations and Control Area Control Basic Control Process Demilitarized Zone— Shared Access Level 5 Level 4 Level 3 Level 2 Level 1 Level 0
- 16. Converged Plantwide Ethernet Network Architecture Cell/Area Zone Levels 0-2 Manufacturing Zone Level 3 Demilitarized Zone (DMZ) Real-Time Control <100ms Convergence Multicast Traffic Ease of Use MFG Integration Segmentation Multi-Service Networks Applications and Management Security Access Control Threat Protection Enterprise Network Levels 4-5 Gbps Link for Failover Detection Firewall (Active) Firewall (Standby) FactoryTalk Application Servers Cisco ASA 5500 Cisco Catalyst Switch Network Services Cisco Catalyst 6800/4500 Cisco Cat. 3850 StackWise Switch Stack Patch Management Terminal Services Application Mirror AV Server Cell/Area #1 (Redundant Star Topology) Drive Controller HMI Distributed I/O Controller DriveDrive HMI Distributed I/O HMI Cell/Area #2 (Ring Topology) Cell/Area #3 (Bus/Star Topology) Rockwell Automation Stratix 8000 Layer 2 Access Switch Controller Enterprise/ IT Integration Collaboration Wireless Application OptimizationWeb Apps DNS FTP Internet
- 17. CPwE Industrial Network Security Framework MCC Enterprise Zone: Levels 4-5 Soft Starter I/O Physical or Virtualized Servers • Patch Management • AV Server • Application Mirror • Remote Desktop Gateway Server Level 0 - ProcessLevel 1 - Controller Level 3 – Site Operations Controller Drive Level 2 – Area Supervisory Control FactoryTalk Client Controller Industrial Demilitarized Zone (IDMZ) Industrial Zone: Levels 0-3 Authentication, Authorization and Accounting (AAA) LWAP SSID 2.4 GHz SSID 5 GHz WGB I/O Active Wireless LAN Controller (WLC) Standby Core Switches Distribution Switch Stack Control System Engineers Control System Engineers in Collaboration with IT Network Engineers (Industrial IT) IT Security Architects in Collaboration with Control Systems Engineers Enterprise Identity Services External DMZ/ Firewall Internet IFW Exemple de sécurisation niveau procédé
- 18. CPwE Industrial Network Security Framework MCC Enterprise Zone: Levels 4-5 Soft Starter I/O Physical or Virtualized Servers • Patch Management • AV Server • Application Mirror • Remote Desktop Gateway Server Level 0 - ProcessLevel 1 - Controller Level 3 – Site Operations Controller Drive Level 2 – Area Supervisory Control FactoryTalk Client Controller Industrial Demilitarized Zone (IDMZ) Industrial Zone: Levels 0-3 Authentication, Authorization and Accounting (AAA) LWAP SSID 2.4 GHz SSID 5 GHz WGB I/O Active Wireless LAN Controller (WLC) Standby Core Switches Distribution Switch Stack Control System Engineers Control System Engineers in Collaboration with IT Network Engineers (Industrial IT) IT Security Architects in Collaboration with Control Systems Engineers Enterprise Identity Services External DMZ/ Firewall Internet IFW Exemple d’acces à distance d’un entrepreneur Martin T., Cossins Inc Doit accéder usine Granby
- 19. CPwE Architectures • Collection of Standalone Cisco Validated Design (CVD) Guides CPwE REP CVD June 2014 CPwE WLAN CVD Nov. 2014 CPwE IDMZ CVD July 2015 CPwE Resiliency June 2016 CPwE CVD Baseline CPwE NAT CVD June 2015 CPwE ISE CVD July 2015 CPwE Migration Jan. 2016 CPwE VPN CVD March 2016 CPwE Industrial Firewall August 2016 CPwE Loc. Serv. White paper CPwE Resiliency Dec. 2015 Design Zone manufacturing – Modular CVD’s http://www.cisco.com/c/en/us/solutions/enterprise/design-zone- manufacturing/landing_ettf.html
- 20. Edge Computing
- 21. Most IoT data is not used currently. For example, only 1 percent of data from an oil rig with 30,000 sensors is examined. The data that is used today is mostly for anomaly detection and control, not optimization and prediction, which provide the greatest value.
- 22. Leveraging Machine Generated Data and Networking for Business Benefit IoT Environments Need to Process and Analyze Data Locally
- 23. In Many Cases, Data Issues Must be Handled “In the Network” to Meet the Requirements Hence… Distributed Data Processing [across the] Network Fabric
- 24. The Case for Edge and Fog Computing 1. There’s too much data, so it has to be filtered, aggregated, batched, etc. 2. Some of the consumers of the data are distributed. 3. The data is in the wrong format. 4. You want to analyze the data as soon as possible. 5. The data needs to be time stamped for time series analysis or for compliance reasons. 6. You have thousands of devices, and it’s too complicated for a single application in the cloud to talk to them individually.
- 25. General Patterns Data CenterEdge Processing Aggregation NodeOil Rig Data Data Data Local Feedback Data CenterFactory Device Data Data CloudIoT Device 2 Tier 3 Tier 4 Tier Data
- 26. IoT Requires Distributed Computing ENDPOINT DATACENTER/CLOUD FOG App App App App App IoT Compute Model (Local control loops, Data Volume, Security, Resiliency, Latency, Scale) BYOI: Bring Your Own Interface (Legacy interfaces, Industry-specific interfaces, Partner-proprietary interfaces) WiHart Zigbee PLC 802.15.4 Other Domain Specific Interfaces
- 27. Architecture FOG - IoX Routers / Switches at the edge App Hosting App Lifecycle Management App Monitoring App Monitoring Local Manager Customer-built App Cisco-built App Partner-built App App Packaging SDK App Lifecycle App Management Fog Director IOx Services (Alpha*) Applications (LXC*, PaaS, VM) Network (IOS) IOx
- 28. Why is this Unique? Bring Analytics to the Data DATA DATA Fog NodeEdge Node DATA AnalyticsIoT Devices IoT Devices Analytics DATA Distributed Analytics (Distributed, High Volume, Time Critical, Regulated) Cloud Based Analytics (Centralized, Low Volume, Non Perishable, Non Regulated) Analytics Analytics
- 29. Pour résumer…
- 30. • Vision IoE de Cisco • Défis du monde manufacturier • Sécurité • Edge Computing (Fog)
- 31. Merci !