You are not registered yet. Please click here to register!


 
 
plc storereviewsdownloads
This board is for PLC Related Q&A ONLY. Please DON'T use it for advertising, etc.
 
Try our online PLC Simulator- FREE.  Click here now to try it.

New Here? Please read this important info!!!


Go Back   PLCS.net - Interactive Q & A > PLCS.net - Interactive Q & A > LIVE PLC Questions And Answers

Reply
 
Thread Tools Display Modes
Old July 28th, 2020, 03:32 PM   #1
agarb
Member
United States

agarb is offline
 
Join Date: May 2006
Location: USA
Posts: 301
fiber ethernet question

Consider two control panels 100 meters apart. Customer is to run fiber between them so the PLC can talk to the HMI. Each panel has an A/B Stratix 1783-US6T2H switch that has 2 FE singlemode preinstalled fiber SFP modules with dual LC connector type.

Customer is in another country with a weird looking alphabet so there is a language barrier. They seem to think that I also need to provide “Fiber Patch Cords and Fiber Ports as well as Fiber Optic Patch Panels (OJ)”.

I’m not sure what they are asking for. I figured they would get 100m of fiber and have somebody install an LC connector on each end and plug them in. What am I missing? I know next to nothing about fiber. Tried to do a web search but came up empty.

Picture of switch is attached.

Thanks for the help.
Attached Images
File Type: jpg switch.jpg (84.8 KB, 144 views)
  Reply With Quote
Old July 28th, 2020, 03:53 PM   #2
James Mcquade
Member
United States

James Mcquade is offline
 
Join Date: Oct 2007
Location: Tennessee
Posts: 2,841
you need to confirm that single mode connection is what you have
and if you need both connections used. single mode has been an issue in the plants I worked at.
if they are dual mode connections, I would use multimode fiber.

the next question is how will you get the information out of the plant to the customer?

the BIG QUESTION is how will you secure this connection? giving them access will allow them to modify the program, timers, setpoints, any thing they want. in my opinion, this is bad.
you also open the door to hackers. you need a firewall between the plant and them, like kerio control (what we use), you can assign users and access rights to get in.
james

Last edited by James Mcquade; July 28th, 2020 at 03:59 PM.
  Reply With Quote
Old July 28th, 2020, 04:23 PM   #3
mk42
Lifetime Supporting Member
United States

mk42 is offline
 
Join Date: Jun 2013
Location: MI
Posts: 2,481
Quote:
Originally Posted by James Mcquade View Post
the BIG QUESTION is how will you secure this connection? giving them access will allow them to modify the program, timers, setpoints, any thing they want. in my opinion, this is bad.
you also open the door to hackers. you need a firewall between the plant and them, like kerio control (what we use), you can assign users and access rights to get in.
james

Why is it bad to let the customer have access to their own PLC?


Do you normally put a firewall on every Ethernet cable between cabinets? Every single plant I've been in treats the control network between the PLC and HMI as trusted.



I feel like I'm missing something, or you are?
  Reply With Quote
Old July 28th, 2020, 04:32 PM   #4
agarb
Member
United States

agarb is offline
 
Join Date: May 2006
Location: USA
Posts: 301
Quote:
Originally Posted by James Mcquade View Post
you need to confirm that single mode connection is what you have
and if you need both connections used. single mode has been an issue in the plants I worked at.
if they are dual mode connections, I would use multimode fiber.

the next question is how will you get the information out of the plant to the customer?

the BIG QUESTION is how will you secure this connection? giving them access will allow them to modify the program, timers, setpoints, any thing they want. in my opinion, this is bad.
you also open the door to hackers. you need a firewall between the plant and them, like kerio control (what we use), you can assign users and access rights to get in.
james

They specified single mode.




Security is of no concern here as we also have to include a laptop with a registered copy of software when we ship the machine.




I'm mainly trying to understand what they are asking for when they want me to provide “Fiber Patch Cords and Fiber Ports as well as Fiber Optic Patch Panels (OJ)”.
  Reply With Quote
Old July 28th, 2020, 04:38 PM   #5
agarb
Member
United States

agarb is offline
 
Join Date: May 2006
Location: USA
Posts: 301
Also, attached is a portion of my original drawing that they marked up to to include the "OJ" as well as the foreign test and blue translation by our rep.
Attached Images
File Type: gif network.gif (27.8 KB, 127 views)
  Reply With Quote
Old July 28th, 2020, 05:19 PM   #6
Maxkling
Member
United States

Maxkling is offline
 
Join Date: Mar 2011
Location: Atlanta
Posts: 420
Usually you will terminate the fiber to a fiber patch panels. Then you run fiber patch cables to plug in the devices. Usually the cable ran between the devices are not a cable you want to have to work with, patch cables are flexible and designed to be disturbed.
  Reply With Quote
Old July 28th, 2020, 05:29 PM   #7
shawn_75
Member
United States

shawn_75 is offline
 
Join Date: Apr 2010
Location: KY
Posts: 406
OJ -might- mean OptiJack connectors on the patch panel. Might be common wherever your customer is.

http://www.panduit.com/heiler/Specif...-NC04SP01D.pdf
  Reply With Quote
Old July 28th, 2020, 05:32 PM   #8
shawn_75
Member
United States

shawn_75 is offline
 
Join Date: Apr 2010
Location: KY
Posts: 406
Here's the singlemode version.

https://objects.eanixter.com/PD317909.PDF
  Reply With Quote
Old July 28th, 2020, 05:54 PM   #9
Ken Moore
Lifetime Supporting Member
United States

Ken Moore is offline
 
Ken Moore's Avatar
 
Join Date: May 2004
Location: North, West, South Carolina
Posts: 2,795
In my experience the fiber contractor installs the punch panels, and I supply the patch cords.
__________________
https://azr.com/
  Reply With Quote
Old July 28th, 2020, 07:25 PM   #10
James Mcquade
Member
United States

James Mcquade is offline
 
Join Date: Oct 2007
Location: Tennessee
Posts: 2,841
MK42,

in regards to the customer having access.
first off, they are in a different country, no issue there.
What I am referring to is having access to is the plc code, hmi code, scada code and making changes. Even if it is their machine, who knows what the customer will do to the code while it is running, what about when maintenance is working on the machine? that's a big issue.

secondly, if the customer is in another country, they have to get internet access, that means putting up security measures to prevent hackers from getting access to the machine and other plc's / computers in the plant. there are also computer viruses that will replicate themselves throughout the network. first it's 1 hour, then every 30 minutes, then every 15 minutes, then every 5 minutes, then every minute.
Laugh all you want, we spent (4) 18 hour days getting rid of a virus that did just that. almost shut the entire plant communications down. I do NOT wish that on anyone.
james
  Reply With Quote
Old July 28th, 2020, 08:40 PM   #11
PLCnovice61
Member
Australia

PLCnovice61 is offline
 
Join Date: Apr 2015
Location: home
Posts: 256
man l hate it when people abbreviate something, without first showing the long form of the name before abbreviating it.
  Reply With Quote
Old July 28th, 2020, 09:26 PM   #12
mylespetro
Supporting Member
Canada

mylespetro is offline
 
mylespetro's Avatar
 
Join Date: Dec 2015
Location: NS
Posts: 229
I would guess that they want the 100m fiber cable terminated on each end in a patch panel and then use a patch cord between the panel and the switch. In your screenshot, the OJs would be the patch panels I believe.
  Reply With Quote
Old July 28th, 2020, 10:17 PM   #13
mk42
Lifetime Supporting Member
United States

mk42 is offline
 
Join Date: Jun 2013
Location: MI
Posts: 2,481
Quote:
Originally Posted by James Mcquade View Post
MK42,

in regards to the customer having access.
first off, they are in a different country, no issue there.
What I am referring to is having access to is the plc code, hmi code, scada code and making changes. Even if it is their machine, who knows what the customer will do to the code while it is running, what about when maintenance is working on the machine? that's a big issue.

secondly, if the customer is in another country, they have to get internet access, that means putting up security measures to prevent hackers from getting access to the machine and other plc's / computers in the plant. there are also computer viruses that will replicate themselves throughout the network. first it's 1 hour, then every 30 minutes, then every 15 minutes, then every 5 minutes, then every minute.
Laugh all you want, we spent (4) 18 hour days getting rid of a virus that did just that. almost shut the entire plant communications down. I do NOT wish that on anyone.
james
I think we're getting OT here, but I think we're making some different assumptions about his setup. I was assuming that he was building a machine, shipping it to another country, and working through the details of installing it over there. At that point, I assumed he'd be hands-off. I'm not quite sure what you're assuming, that he's giving his customer access to a machine in his facility?

From my perspective, if I build a machine, sell it to someone and ship it to them, why wouldn't I want them to be able to change the program or setpoints? Could they mess it up, sure, but it's their problem at that point, not mine. Unless they want to pay me to fix it. In my industry, there are no black boxes; everything is delivered with all source code or it is refused.

I agree that any internet facing comms absolutely need to be protected, and it's a good idea to do it to comms leaving the control level as well. Cybersecurity is no joke. I've only ever seen a firewall between a PLC and an HMI in a network vendor's brochure, though.

I heard there were a couple plants in my area brought to their knees by wannacry a few years ago. It isn't just you.
  Reply With Quote
Old July 28th, 2020, 10:32 PM   #14
Bit_Bucket_07
Member
United States

Bit_Bucket_07 is offline
 
Bit_Bucket_07's Avatar
 
Join Date: Feb 2013
Location: Southeast US
Posts: 1,590
Quote:
Originally Posted by James Mcquade View Post
you need to confirm that single mode connection is what you have
and if you need both connections used. single mode has been an issue in the plants I worked at.
if they are dual mode connections, I would use multimode fiber.

the next question is how will you get the information out of the plant to the customer?

the BIG QUESTION is how will you secure this connection? giving them access will allow them to modify the program, timers, setpoints, any thing they want. in my opinion, this is bad.
you also open the door to hackers. you need a firewall between the plant and them, like kerio control (what we use), you can assign users and access rights to get in.
james

I don't know why you'd assume that a fiber optic link between the PLC and HMI would somehow expose the network to the Internet.
__________________
  Reply With Quote
Old July 29th, 2020, 03:13 AM   #15
JohnCalderwood
Member
Scotland

JohnCalderwood is offline
 
Join Date: Feb 2014
Location: Stirling, Scotland
Posts: 720
Wow! some folk go right off topic here.....

Same as I have here...we have two panels on the one site that are too far apart to use CAT6, so we use fibre.

If you only have the one fibre between panels, then terminate the fibre in something like a Panduit Fibre Optic Connector, then patch cable to the switch at both ends.
If you go into multiple connections, then you look at other options for fibre terminations, but nothing complicated.

I would also check what the SFP ports actually are, as there are different models with multimode, singlemode and different speeds. (just checked - they are preinstalled 100BaseLX)

Last edited by JohnCalderwood; July 29th, 2020 at 03:20 AM.
  Reply With Quote
Reply
Jump to Live PLC Question and Answer Forum

Bookmarks


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Topics
Thread Thread Starter Forum Replies Last Post
Ethrnet IP, Ethernet TCP/ip, Modbus TCP/ip Steve_D LIVE PLC Questions And Answers 4 June 23rd, 2016 08:36 PM
Question about using a PLC PID through ethernet? Ivan B. LIVE PLC Questions And Answers 2 June 3rd, 2009 03:46 AM
PlC5 Ethernet, a warning, a story, and a question allscott LIVE PLC Questions And Answers 5 December 8th, 2006 01:05 PM
Ethernet question with RSview tgaljar LIVE PLC Questions And Answers 3 November 13th, 2006 11:35 AM
Ethernet switches. Small question. JesperMP LIVE PLC Questions And Answers 3 August 25th, 2005 10:37 AM


All times are GMT -4. The time now is 07:35 PM.


.