PlantStruxure Certified Expert Program - 2015 - Principles...
Transcript of PlantStruxure Certified Expert Program - 2015 - Principles...
Rev: 1.1 | October 2015 Page | 1
PlantStruxure™ Certified Expert Program –Principles of Ethernet Networking Study Guide (2015)
LEGAL NOTICE and DISCLAIMER
Each of Schneider Electric Industries SAS, its subsidiaries and affiliated companies, hereinafter “Schneider Electric”, makes no representations
or warranties with respect to this Schneider Electric Certification Program manual and, to the maximum extent permitted by law, expressly
limits its liability for breach of any warranty that may be implied to the replacement of this manual with another. Furthermore, Schneider
Electric reserves the right to revise this publication at any time without incurring an obligation to notify any person of the revision.
The contents of this Schneider Electric Certification Program manual are proprietary to Schneider Electric and all rights, including copyright
and any other intellectual property rights as applicable, are reserved by Schneider Electric. You must not copy any part of this manual in hard
or electronic form or make any adaptation or other commercial use of it without Schneider Electric’s prior written consent. Schneider Electric
will not accept any liability for action taken in reliance on this manual.
Your registration for the Schneider Electric PlantStruxure Certified Expert Certification Program entitles you to attend the program and sit the
corresponding examinations.
Successfully passing said examinations is mandatory for you to receive the qualification pertaining to this certification program.
It is the sole and entire duty of the individual attending this certification program and, as applicable receiving the corresponding attendance
certificate, as well as the company or other legal organisation employing this individual, to ensure the relevant understanding by this
individual of the courses, concepts and materials taught or otherwise exposed within and during this certification program.
Schneider Electric will not accept or bear any liability for any action taken by such individual or the company or legal organisation employing
him/her in reliance on this certification program and the corresponding qualification, such as but not limited to any action with respect to the
installation, commissioning or maintenance of Schneider Electric's products or any other products.
© 2015 Schneider Electric All rights reserved.
Rev: 1.1 | October 2015 Page | 2
Contents Introduction .................................................................................................................................................................... 3
PlantStruxure™ Ethernet Architectures ...................................................................................................................... 3
Architectures & Networking ....................................................................................................................................... 3
Topics covered in the exam ............................................................................................................................................ 4
Principles of Ethernet Networking .............................................................................................................................. 4
Topic Overview ............................................................................................................................................................... 5
History and Standards ................................................................................................................................................. 5
Physical Installation ..................................................................................................................................................... 6
Layer 2 – Data Link Layer ............................................................................................................................................ 7
Network Equipment .................................................................................................................................................... 8
TCP/IP .......................................................................................................................................................................... 9
Layer 2 Traffic Control ............................................................................................................................................... 10
Network Reliability .................................................................................................................................................... 11
Routing Introduction ................................................................................................................................................. 12
TCP/IP Routing .......................................................................................................................................................... 13
Connection Management ......................................................................................................................................... 14
Network Administration and Security ...................................................................................................................... 15
Investigative Tools .................................................................................................................................................... 16
Preparation ................................................................................................................................................................... 17
Recommended Training ............................................................................................................................................ 17
Additional Recommended Reading ........................................................................................................................... 17
Practical Experience .................................................................................................................................................. 17
Rev: 1.1 | October 2015 Page | 3
Introduction
PlantStruxure™ Ethernet Architectures Schneider Electric offers a range of networking solutions and architectures based on the modern standard of
industrial Ethernet. This high-capacity, open networking technology connects all the domains of the enterprise,
from plant floor through control room to the board room, enabling production optimization and enhanced energy
management.
Industrial networking solutions from Schneider Electric put Ethernet at the core of the system.
PlantStruxure Ethernet architectures are built on best-in-class products and lifecycle services, and constitute the
key building block of the EcoStruxure™ architecture, a comprehensive energy management system from Schneider
Electric.
Ethernet is the backbone of PlantStruxure system from Schneider Electric, a collaborative and integrated
architecture for process automation, built on best-in-class products and lifecycle services. Its primary goal is to help
you optimize your energy consumption by delivering a clear picture of how energy is spent in your process.
Architectures & Networking Building effective and cost efficient architectures is a challenging task and requires knowledge of a broad range of
components and technologies.
This exam module covers exactly that: without delving into deep technical details of individual components or
networking standards, Schneider Electric expects PlantStruxure Certified Experts to master this broad portfolio of
knowledge in order to be able to build the best possible architecture which meets the customer and application
requirements.
Rev: 1.1 | October 2015 Page | 4
Topics covered in the exam
Principles of Ethernet Networking History & Standards
Physical Installation
Layer 2 – Data Link Layer
Network Equipment
TCP/IP
Layer 2 – Traffic Control
Network Reliability
Routing Introduction
TCP/IP Routing
Connection Management
Network Administration and Security
Investigative Tools
Rev: 1.1 | October 2015 Page | 5
Topic Overview
History and Standards In order to ensure that any device may communicate with any other device, it is essential that standards are
defined for all aspects of the communication process.
Understand the components that comprise communications, e.g. transmitters, receivers, master, slave, client,
server etc.
Be aware of terms such as ARPANET and how this was fundamental in the development of the internet as we know
it today.
Be aware of the components and methodology involved with Industrial Networks and the ways in which they
exchange information.
Industrial communication is defined using the OSI model standard (Open System Interconnection Reference Model)
know the layers within the OSI model, their purpose and which Industrial Protocol uses which layers.
Layer 7 – Application
Layer 6 – Presentation
Layer 5 – Session
Layer 4 – Transport
Layer 3 – Network
Layer 2 – Data Link
Layer 1 - Physical
Have an understanding of the IETF & IEEE Standards.
Suggested Exercises Use these suggested exercises to increase your understanding of the topic.
Why Communications
Limiting factors in the Evolution of Computer-based Communications
Circuit vs. Packet Switching
Apply the OSI Model to a Physical Situation
Encapsulation
Further Reading Use the following references to assist your understanding of the topic.
See Additional Recommended Reading for list of general resources.
Rev: 1.1 | October 2015 Page | 6
Physical Installation At some point, the data being transferred has to exist on something physical - be that wires, optical fibre or as some
form of radio wave propagation.
Understand the different Mediums and Standards that comprise the Physical Layer of the OSI model.
Be able to identify the properties of the commonly used mediums:
Twisted Pair
Copper
Fibre optic
Understand the Components & Topologies that are used within Networks, e.g.:
Network Interface Cards
MAC Address
Hubs
Switches
Routers
Media Convertors
Ring
Bus
Star
Mesh
Be aware of newer technologies that are finding a place within Industrial Networks:
Power over Ethernet (PoE)
Wireless Networking
Suggested Exercises Use these suggested exercises to increase your understanding of the topic.
Cables
What is my MAC Address?
Appropriate use of Network Topologies
Power over Ethernet Uses
Further Reading Use the following references to assist your understanding of the topic.
See Additional Recommended Reading section for list of general resources.
Rev: 1.1 | October 2015 Page | 7
Layer 2 – Data Link Layer The Data Link layer defines how information is packaged up for transmission across the physical medium. Most
modern communication (or Network) systems make use of Ethernet to perform this task.
Understand the components of an Ethernet frame:
Pre-amble
SFD – Start of Frame Delimiter
Destination & Source Address
Type / Length
LLC - Logical Link Control
PDU – Protocol Data Unit
FCS – Frame Checking Sequence
IFG – Inter frame Gap
Know the design rules of an Ethernet network. Understand half vs. full duplex and be able to identify the
characteristics of each implementation:
CSMA/CD
Collisions
CSMA/CA
Suggested Exercises Use these suggested exercises to increase your understanding of the topic.
Valid Ethernet Frames
Further Reading
Use the following references to assist your understanding of the topic.
See Additional Recommended Reading for list of general resources.
Rev: 1.1 | October 2015 Page | 8
Network Equipment In order to manage and control the connection of the various devices in a network, it is necessary to introduce a
variety of equipment. This equipment might be as simple as racks and patch panels in various junction boxes
scattered around the plant through to highly expensive high-performing data management devices to separate the
plant network from wider systems (including the Internet).
Understand the characteristics, functions and usage models of the most popular network equipment:
Racks
Patch Panels
Routers
Switches
Hubs
Be able to implement the above networking components into a real usage scenario.
Understand how to start and use the PLC Simulator, how to Analyze, Build and troubleshoot an application.
Be aware of Media Convertors and how they can be utilised in an Industrial Network.
Suggested Exercises Use these suggested exercises to increase your understanding of the topic.
Choose the Correct Cable
Identify the Best Network Aggregation Device
Further Reading
Use the following references to assist your understanding of the topic.
See Additional Recommended Reading section for list of general resources.
Rev: 1.1 | October 2015 Page | 9
TCP/IP Transmission Control Protocol / Internet Protocol (TCP/IP) is the most widely used computer-to-computer
communications protocol in use in the world today. It is the only protocol in use on the Internet, for example.
Be familiar with the TCP/IP Protocol stack and how it relates to the OSI model.
Understand IP Addresses, the characteristics and the usage. Be able to recognise Class A, B & C networks, and
private vs. public network address ranges.
Be able to explain a Subnet Mask and how the Network ID and Host ID relate to the Subnet Mask being used. Be
aware of how powerful the use of Subnet Masks can be to control / secure the network. In addition be able to
calculate Subnet Masks.
Be familiar with the following topics:
Broadcast Addressing
Multicast Addressing
TCP Ports & Services
UDP Usage
HTTP
DHCP
ARP
NTP
DNS
Be competent in the use of Wireshark to troubleshoot many aspects of a TCP/IP based network.
Suggested Exercises Use these suggested exercises to increase your understanding of the topic.
IP Address
Convert Between Binary & Decimal
Calculate NetMasks
Use Subnet Masks
Industrial Uses for TCP and UDP
Inspect the HTML of a Web Page
View the ARP Table
Examine Network Settings
Introduce Wireshark
Troubleshoot TCP/IP
View Ping traffic in Wireshark
Further Reading
Use the following references to assist your understanding of the topic.
See Additional Recommended Reading for list of general resources.
Rev: 1.1 | October 2015 Page | 10
Layer 2 Traffic Control Some information being transmitted on a network is more important than other information. For instance PLC-to-
SCADA system updates are considerably more important than email traffic. Most Layer 2 protocols offer methods
to identify and mark important traffic for higher-priority action at the expense of lower priority data. Techniques
include traffic shaping, Quality of Service and Frame tagging.
Understand the key-components of Traffic Control:
Frame Size Management
Bandwidth
Port Memory
Flow Control
Auto negotiation
Familiarity with Quality of Service principles, QoS tag priorities / categories and how to implement.
Understand how to subdivide a physical network with the use of Virtual LANs (VLANs).
Be familiar with Layer 2 filtering, the use of the CAM (Content Addressable Memory) table, updating the table and
VLAN filtering.
Suggested Exercises Use these suggested exercises to increase your understanding of the topic.
Auto negotiation
Duplex Mismatch
Assign Quality of Service Categories
Decode the Tag Field
Further Reading
Use the following references to assist your understanding of the topic.
See Additional Recommended Reading for list of general resources.
Rev: 1.1 | October 2015 Page | 11
Network Reliability No network can be guaranteed to remain 'up' and available at all times. With this in mind, it is important to design
and implement a network to be as resilient as possible to the most likely of (controllable) outages.
There are many considerations to be taken into account when planning for the correct architecture to use, be
aware of the advantages and disadvantages of the following common architectures:
Mesh
Ring
Double line
Be aware of the two methods to re-establish a failed connection:
Physical connection
Logical connection
Knowledge of the Spanning Tree Algorithm, Spanning Tree Protocol (STP) and Rapid Spanning Tree Protocol (RSTP)
is vital, along with the awareness of:
RSTP Path Costs
RSTP Port States
RSTP Port Roles
Understand how RSTP rediscovers change after a new network link is implemented.
Have a working knowledge of a Redundancy Manager (RM) and the Redundancy Manager Protocol (MRP).
Understand the concepts of Sub Rings, Sub Ring Managers (SRMs), Redundant Rings and Ring Coupling and the use
of Dual RSTP.
Suggested Exercises Use these suggested exercises to increase your understanding of the topic.
Spanning Tree
Interpret Rapid Spanning Tree Attributes
Plant Topology
Further Reading
Use the following references to assist your understanding of the topic.
See Additional Recommended Reading for list of general resources.
Rev: 1.1 | October 2015 Page | 12
Routing Introduction Routers operate at layer 3 of the ISO model and may be implemented as either hardware or software solutions. In
general hardware Routers (from a variety of dedicated vendors) are used for high-performance routing on Internet
backbones etc. Software routers are generally implemented as a sub-component of a file server.
The process of routing is composed of two distinct aspects:
The determination of how to efficiently move data between two separate locations:
- Path establishment
- Optimisation
- Route costs (and other factors)
The process of actually moving data across that path:
- Technologies (Ethernet / Wireless / Radio / PSTN etc)
- Multiple hop transfers
Be aware of the fundamentals of Routing, the hardware required and the steps to implement.
Have in-depth knowledge of the different functions of a router:
Encapsulation
Subnet Routing
Topology Routing
Suggested Exercises Use these suggested exercises to increase your understanding of the topic.
Manually Implement Routing
Router Encapsulation
Further Reading Use the following references to assist your understanding of the topic.
See Additional Recommended Reading for list of general resources.
Rev: 1.1 | October 2015 Page | 13
TCP/IP Routing The TCP/IP protocol suite offers a range of protocols to support the movement of data packets though a wider
arrangement of networks. These include the ability to locate resources by name and by address, to dynamically
learn the location of Hosts and also to deal with both outages and new links.
Be able to compare and discuss the characteristics and differences of Distance Vector Routing vs. Link State
Routing.
Understand the process and protocols used in IP Routing:
Routing Information Protocol (RIP)
Open Shortest Path First (OSPF)
Interior Gateway Routing Protocol (IGRP)
Border Gateway Protocol (BGP)
Understand the primary use of Network Address Translation (NAT) routing and IP Masquerading.
Be aware of the ability to achieve Static Routing, make use of Domain Name Servers (DNS) and some of the
common commands that can be used to investigate and troubleshoot TCP/IP routing.
Suggested Exercises Use these suggested exercises to increase your understanding of the topic.
Manually Create Link State and Distance Vector Router tables
NAT Routing
IP Masquerading
Execute a TraceRoute Command
Further Reading Use the following references to assist your understanding of the topic.
See Additional Recommended Reading for list of general resources.
Rev: 1.1 | October 2015 Page | 14
Connection Management Capture and view the various connection exchanges required for a Computer to become an active network
participant.
Be aware of IP Addressing, both manual assignment and automatic assignment via DHCP or similar.
Understand how ARP requests are transacted whilst resolving an address. Be able to use tools such as Wireshark or
similar to view ARP requests.
Be aware of the Headers that get added at each layer of the OSI model, the reason they are used and the content.
Have knowledge of the TCP State Diagram.
Suggested Exercises Use these suggested exercises to increase your understanding of the topic.
Trace a DHCP Transaction
View an ARP Request
View Headers at Various Layers
TCP States
View Headers at Various Layers
View the Creation of a TCP Connection
Further Reading Use the following references to assist your understanding of the topic.
Wireshark – User Guide
See Additional Recommended Reading for list of general resources.
Rev: 1.1 | October 2015 Page | 15
Network Administration and Security Just about every modern network is connected to far more places than might be considered ‘ideal’. Plant control
networks were originally built in the expectation that they would be entirely isolated, but this is no longer true with
the need to provide collated information to a variety of management applications.
Be aware of the technologies that can be invoked and how they fit around the layers of the OSI model.
IDS/IPS
Firewalls
Access Control Lists
VLAN
Understand what a Firewall is, how they are used and why they are a vital part of any network implementation.
Know the different types and the reason for selecting each:
Stateless
Stateful
Application Layer Firewalls
Have a good in depth knowledge of the Schneider Electric Defence in Depth Cyber security approach; understand
the six key steps to the strategy implementation:
Security Plan
Network Separation
Perimeter Protection
Network Segmentation
Device Hardening
Monitoring & Update
Understand available Authentication Technologies, the necessity for Information Security and how the Simple
Network Management Protocol (SNMP) can be implemented.
Suggested Exercises
Use these suggested exercises to increase your understanding of the topic.
Apply the Principles of Defence-in-Depth
Authentication Methods
Secured Connections
Document an Industrial Control Network
Further Reading Use the following references to assist your understanding of the topic.
See Additional Recommended Reading for list of general resources.
Rev: 1.1 | October 2015 Page | 16
Investigative Tools It is often necessary to dig deep into the operation of the network. This might require tools to identify all of the
stations (valid and intruders) and also to capture the traffic on the wire to investigate problems.
A well-designed network will help ensure that there is adequate structural separation between the Enterprise, Site
and Process Management components.
Be able to use commonly found tools to troubleshoot and investigate network characteristics:
Command Prompt
Wireshark
Snort
Nmap
Suggested Exercises Use these suggested exercises to increase your understanding of the topic.
Determine Ports used by the Computer
Run Nmap
Integrated Analysis and Troubleshooting
Further Reading Use the following references to assist your understanding of the topic.
Wireshark – User Guide
Snort – Web Based User Manual: http://manual.snort.org
Nmap – Online Reference Guide: http://nmap.org/book/man.html
See Additional Recommended Reading for list of general resources.
Rev: 1.1 | October 2015 Page | 17
Preparation
Recommended Training
Training name Delivery Duration
Principles of Ethernet Networking Classroom 3d
Additional Recommended Reading InetDaemon.com - OSI Model Tutorial:
o http://www.inetdaemon.com/tutorials/basic_concepts/network_models/osi_model/
IBM – TCP/IP Tutorial:
o http://www.redbooks.ibm.com/redbooks/pdfs/gg243376.pdf
Tutorials Web – Computer Networking:
o http://www.tutorialsweb.com/networking/computer-networking.htm
9 Tut.com – CCNA Training – OSI Model Tutorial:
o http://www.9tut.com/osi-model-tutorial
Soft Panorama – OSI Protocol Layers Tutorial:
o http://www.softpanorama.org/Net/Articles/osi_protocol_layers_tutorial.shtml
Fujitsu – The TCP/IP Protocol Suite tutorial:
o http://www.fujitsu.com/downloads/TEL/fnc/pdfservices/TCPIPTutorial.pdf
Cisco Document Wiki:
o http://docwiki.cisco.com/wiki/Category:IOS_Technology_Handbook
Wikipedia – Internet Protocol Suite:
o http://en.wikipedia.org/wiki/Tcp/ip
o This is an entry-point to a large information repository. Use the links in the "Internet Protocol Suite"
box to the right of the page to access information on all aspects of TCP/IP.
Practical Experience We strongly recommend a relevant amount of practical experience working hands-on with Ethernet Architectures
before attempting the certification exam, as experience during designing, programming, debugging and
commissioning are key to truly mastering the topic.