Best approach for wireless over Ethernet

I currently have a Point Of View system talking to Click's over hardwired Ethernet. We are moving into a new building and they asked me to go to the IT guys and see if we can get it on their wireless system in the plant. What are others using to get PLC's onto a wireless system? From what I read I can use a bridge to get there and I tried it with my laptop to PLC no problems, but before I go to the great IT department I would like to know what is a industry standard practice if any.
Thanks
Cowboy

As long as you're doing HMI stuff, wireless is probably fine. Wireless will have much higher latency (communication delay) and jitter (randomness in communication delay) than wired Ethernet, so you want to probably stick to programming or non-critical communications unless you take a serious look at it first.

IT guys will want to keep IP subnets as small as possible, and then have routers with firewalls between everything, to limit communication. This is probably fine, but is the opposite of how controls guys usually think, where we WANT everything to be able to talk as much as possible.

I'd say you should make sure you're familiar with whatever communication mechanism you're using between the Clicks and other devices (I'm not familiar with them).

If it is MAC address based (Layer 2), then you may have some interesting challenges communicating across the wireless bridge, unless the bridge especially supports that. You also won't be able to go across routers. This probably doesn't apply to you.

Odds are you are talking over IP. This means you probably need to make sure you know what IP addresses are involved. You ALSO should know if you're doing any sort of traffic it is: unicast, multicast, broadcast. If the majority of the traffic isn't unicast (1 device to 1 device), you may run into trouble on wireless, and performance may suffer.

Thanks for the reply
It is IP address and is just for down time tracking, speed does not matter.

I wouldn’t mix the companies WAN and your SCADA system. They both have two very different purposes and requirements and typically don’t get along very well. The existing routers will more than likely be setup to make the internet, Email, Skype, etc… all work as efficiently as possible and that configuration isn’t going to like the PLC’s and HMI’s communications. Having said all of that if it’s a small system (on both sides) chances are no one is going to notice other than the guy monitoring the network (the IT guy) but as time goes on and systems and processes grow more and more conflicts can (and probably will) arise. I’d build out my own WiFi network and just make sure it isn’t stepping on the existing one. You’re still going to have to co-operate with IT but they won’t have to worry about “PLC’s” and “HMI’s” which will probably make them happier.

We usually set up an independent machine network and NAT across from the main network for Remote Access, Monitoring etc etc.

The machines talk to each other on their own network and never on the factory network.

Thanks guys I will setup my own network and let them worry about getting it on their network for slave monitors.

Beyond just network efficiency, it should be noted that there has been a MARKED increase in ransomware attacks on industrial networks in the past decade. The smaller the business, the smaller the target, but it's always better to be safe than paying 30k to someone in China to turn your production back on. We had the deputy director of homeland security host a seminar on this, and it's becoming a serious problem. When the IT and OT networks don't have any separation, any fool in the front office that clicks a phishing link in an email can shut down your entire production process.

It's HIGHLY recommended to always have a separate IT network for Internet-based work and make sure that your OT network is not physically connected to it in any way. If you're dealing with a business that needs internet connectivity on the OT network for remote access/monitoring or a business where the IT network needs to have access to the OT network for data collection/analysis, it's recommended that you structure your two networks with a DMZ in between (with a gateway on each side) to add an extra layer of security for any phishing/hacking attempts to have to defeat.