You Name It, We Analyze It!

Jim Gilsinn & Bryan Singer Kenexis Consulting Corporation

You Name It, We Analyze It! 1

Industrial Network Types & Metrics: Publish/Subscribe

• Publish/subscribe or peer-to-peer communications • Main performance metric: Cyclic frequency variability/jitter • Real-time EtherNet/IP uses publish/subscribe

•  Requested/Accepted Packet Interval (RPI/API) •  Measured Packet Interval (MPI)

You Name It, We Analyze It! 2

Industrial Network Types & Metrics: Publish/Subscribe

• Difference between TPub_Com_Init & TSub_Com_Init is network roundtrip delay

• TPub_Com_Init, TSub_Com_Init not important

• Variability in TPub much more important

• Theoretically, TPub doesn’t need to match Tsub

•  In production systems, they are the same

You Name It, We Analyze It! 3

TPub_Com_Init

Subscriber Publisher

TPub_1

TPub_2

TPub_N-1

TPub_N

TSub_Com_Init

TSub_M

.

.

.

Performance Testing Methodology: Performance Metrics

• Command/response or master/slave communications • Main performance metric: Latency • Large numbers of protocols use this

•  Most (All?) PC-based server/client protocols – HTTP(S), (S)FTP, etc. •  Most industrial protocols – Modbus/TCP, Profinet, Ethercat, etc.

You Name It, We Analyze It! 4

Industrial Network Types & Metrics: Command/Response

• Difference between TCom_Delay_# & TRes_# is network roundtrip delay

• Latency in TCom & TRes important

You Name It, We Analyze It! 5

TRes_1

Commander Responder

TRes_2

TCom_Delay_1

TCom_1

TCom_2

TCom_Delay_2

Isolating Traffic Streams •  Isolating traffic streams can be tricky • 10’s – 100’s of traffic streams in production environment • Your Wireshark Fu must be strong! • Usually requires additional post-processing • Multiple streams can exist between same devices

You Name It, We Analyze It! 6

Isolating Traffic Streams • Traffic pairs

•  Source IP/MAC address •  Destination IP/MAC address •  Source TCP/UDP port •  Destination TCP/UDP port

• Publish/Subscribe •  Communication stream ID •  Sequence number (optional)

• Command/Response •  Command message/field •  Response message/field •  Message ID (optional)

You Name It, We Analyze It! 7

Test Time vs. Packet Interval

You Name It, We Analyze It! 8

Test Time (s)

Measured Packet Interval (ms) ~62 sec test Mean MPI = 2ms Min ~ 1.2 Max ~ 2.9

Time Plot for Command/Response

You Name It, We Analyze It! 9

Regular Pattern to Delayed Packets

Regular Pattern of Minimal Delayed Packets

Command/Response Timing Plots • Quick succession of command/response packets • Minimal delay in command/response sequence • Apparently large delay in a single packet • Example: Rockwell tag reads

You Name It, We Analyze It! 10

Quick Succession Read Commands

Delay Until Next Time Sequence

Next Steps • Streamline traffic stream processing • Develop better command/response code • Build more mathematical statistical models • Add graphical modeling of time & frequency domain • Add more industrial protocols and obtain example files

•  Modbus •  Profinet •  DNP3 •  61850 •  And others…

You Name It, We Analyze It! 11

Questions • Contact Me

•  Jim Gilsinn •  301-706-9985 or 614-323-2254 •  jim.gilsinn@kenexis.com •  Twitter – @JimGilsinn •  LinkedIn – http://www.linkedin.com/in/jimgilsinn/ •  SlideShare – http://www.slideshare.net/gilsinnj

You Name It, We Analyze It! 12