Softing develops product line for network monitoring
Modern OT network monitoring in Ethernet systems
Monday, 28. April 2025
| Redaktion
Share on:
OT network monitoring
OT network monitoring, Photo: Shutterstock/Softing Industrial

Ethernet has established itself as the network technology of choice in industrial automation systems. This is demonstrated by the annual increase in the number of Profinet, Ethernet/IP, and Ethercat field devices installed. With Ethernet APL, Ethernet is now also gaining ground at the field level in process automation. However, the spread of Ethernet in industrial automation is also increasing the need for centralized monitoring. Network monitoring solutions have been established in the IT environment for decades. These sophisticated monitoring systems are managed by administrators throughout. But network monitoring systems are also finding their way into the automation environment, i.e., at the operational technology (OT) level. This is because high network availability is at least as important in OT as it is in IT. However, OT requires specialized applications that must be integrated into a modern IT architecture.

Modern architecture in IT networks

A distributed architecture has become the standard in IT network monitoring solutions. Agents for collecting network and device data are distributed across the network and deliver the information to a central monitoring application. There, this information is stored, processed, and displayed to the user. For easy IT integration, it is recommended to make the information available via an IT protocol such as MQTT. An existing MQTT broker infrastructure can then also be used for this information.

Challenges in OT network monitoring

Unplanned downtime due to malfunctions leads to production losses and, in the worst case, damage to the plant. This results in immense costs and lost profits. Continuous monitoring of the automation network allows errors to be detected early and rectified in good time. In serial bus systems such as Profibus, the main focus is on the bus physics, i.e. the quality of cables, lines, and connectors.

In Ethernet systems, on the other hand, the physical structure hardly contributes to failures anymore. Instead, the increasing complexity of devices and networks requires the qualitative evaluation of a large number of parameters at the logical level. Modern network diagnostics therefore now includes collecting as much information as possible, both through active queries to participants and through the analysis of telegram traffic.

Network monitoring collects and stores network and device information

Field devices provide comprehensive status information about both the device itself and connected sensors and actuators. They log all faults or malfunctions as well as statistical variables in the network, such as telegram repetitions. All this information is collected by network monitoring and stored in a database. It is also used to calculate the status of a network and the status of each individual device in the network. These status values provide a quick overview of the state of the network and enable the user to be notified in a targeted manner if problems occur.

The evaluation of values stored in the database over a longer period of time helps to identify temporal correlations. Errors that occur in temporal patterns or the frequent occurrence of problems are important information for the maintenance of the automation system.

Creation and use of an asset inventory

The devices connected to an industrial automation network are an essential component of that network. Often, only the original planning document exists, but there is no current picture of the solution that has actually been installed. This can lead to problems, as the actual configuration may differ from the plan. OT network monitoring provides a current live image of the installed devices and their attributes, such as serial numbers, hardware and software versions, item numbers, etc. For modular devices, this information can also be determined for the individual modules of the device. A complete asset inventory forms the basis for many further actions. For example, the article numbers and firmware versions can be used to check whether there are any cybersecurity vulnerabilities in the installed devices.

Efficient maintenance thanks to network topology information

Modern Ethernet-based automation networks usually provide extensive topology information. This data is crucial for network maintenance and management and is clearly displayed in network monitoring applications. If the devices support the LLDP protocol, as required by Profinet, the physical connection topology can be visualized. This enables the connections between the existing Ethernet ports of the devices to be displayed. This visualization greatly simplifies maintenance and troubleshooting, as it provides a clear overview of the physical structure of the network and allows potential weak points or sources of error to be identified more quickly.

Integrated network monitoring solutions

Based on the ideas and requirements described here, Softing has developed a product line for network monitoring. The devices and software applications in the “smartLink” product family collect relevant data for network monitoring and make it available via MQTT. In addition to the primary use case of network monitoring, “smartLinks” offer additional functionalities for other use cases such as asset management and IIoT, all integrated in one device. As a central network monitoring application, “plantPerfect Monitor” collects the data transmitted by the “smartLinks” via MQTT. It stores it in a database and generates further information such as asset and network status. This is made available to the user via a modern web interface.

The Docker technology used for “plantPerfect Monitor” allows easy integration into an IT application server. If such a server is not available, installation on a Windows PC is also possible. The current version of “plantPerfect Monitor” monitors Profibus installations in conjunction with the “smartLink HW-DP.” In fall 2025, monitoring of Profinet networks will also be offered. For this purpose, the “smartLink HW-PN” and “smartLink SW-PN” will be available as both hardware and software solutions for data collection. Support for Ethernet/IP networks is planned for the long term. In addition, it should also be possible to monitor Hart devices, which are widely used in process automation, if they are connected to remote I/Os in the supported networks.

Author
Thomas Rummel, Managing Director
Softing Industrial Automation

This could interest you

No chance for ransomware attacks thanks to Cyber Resilience Act
3-in-1 safety module from Murrelektronik for EtherNet/IP applications, based on the standardized CIP Safety protocol certified according to IEC 61508 up to SIL3
Siemens Sinec Security Inspector is an all-in-one security testing suite
Sinec Security Guard is a cloud-based cybersecurity software that provides full risk transparency and cybersecurity management of OT assets
Ewon remote solution
Industrial companies are under increasing pressure when it comes to cyber security
Keywords:
Softing OT security Cybersecurity Ethernet Monitoring