Using Virtualization Technology to Enhance Industrial Control System

Industrial control systems comprise IT and OT hardware on a single heterogeneous network. Server virtualization technology allows multiple VMs to run on a single hardware host running different operating systems with engineering and data acquisition services and applications. The hardware that runs the VM can be located in a server room far away from the control room.

Virtualization is an old technology, but still relevant due to its use for the transformation of hardware resources of a single computer to create virtual machines, emulating hardware components like CPU, RAM, network adapters, hard disks, etc.

 

What is the Concept of Virtualization?

According to the information technology company International Business Machines (IBM); virtualization is defined as “Enabling the hardware resources of a single computer like processors, disk I/O, memory, storage and more to be divided into multiple virtual computers, called virtual machines (VMs). ” Virtualization is particularly important in the evolution to cloud infrastructure we see today.

Now when you think of virtualization, imagine the computer just like a big box divided into little boxes, each in some way sharing the resources of the main big box. The resulting little boxes are called VMs or virtual machines that run their operating systems (like Linux, AIX, or Windows). The backbone of virtualization is the hypervisor which enables the virtualization technology.

 

Hypervisor Enables Virtualization

The hypervisor is critical software that runs on top of the compute host and virtualizes all the components of the host. The compute host could be a server, desktop, or laptop. The compute host is just the physical hardware, containing the 3 main components of the CPU, RAM, and network adapters.

Usually, one physical host (like your laptop) is only usable by one single person, but if the computer is a powerful machine, then we can spread out the host power to users and workloads to take advantage with the help of a hypervisor.

Virtualization abstracts the operating system running on the physical hardware and creates a ‘virtualization layer,’ separating the CPU, RAM, and network cards into the virtual machines running on the physical hardware. The machine on which the hypervisor is installed is called a guest host and different operating systems installed on the hypervisor are called guest virtual machines. The hypervisor pools the resources from the physical server and allocates them to virtual workloads. There are 2 types of hypervisors: "Type 1 Hypervisor” and “Type 2 Hypervisor”.

 

Figure 1. Type 1 and Type 2 hypervisor difference. Image used courtesy of the author

 

Type 1 Hypervisor

The hypervisor is directly installed on the physical server without installing any operating systems like Windows and Linux. So it means there is no layer between the hypervisor and the physical server. They are also called bare-metal hypervisors and are most commonly used in the industry. The hypervisor allows us to create single or multiple virtual machines, with each VM thinking that it’s running directly on the physical hardware, as shown in Figure 1. The most popular hypervisors are EXi, Hyper V, and Oracle V.

 

Type 2 Hypervisor

This type of hypervisor does not run directly on the physical server, but rather on the operating system layer running in between the hypervisor and the physical machine. Any operating system like Windows, Redhat, or Centos directly runs on the physical machine. Then, on top of that host OS, the hypervisor is running. Type 2 hypervisors are also called hosted, and they are less common than type 1 hypervisors due to latency. Some examples of type 2 hypervisors are virtual boxes, VMware workstations, or virtual PCs.

 

Leveraging Virtualization Technology for Industrial Control Systems

ABB has incorporated virtualization at the server level and selected VMware ESX hypervisor, which is available for users of System 800xA. System 800xA can be installed on two physical servers as shown in Table 1 below.

 

VHOST1	AS1: Aspect Server CS1: Connectivity Server DC1: Domain Controller 1 vCenterServer
VHOST2	AS2: Aspect Server CS2: Connectivity Server DC2: Domain Controller 2 BackupServer
Client Workstations	WP1: Workplace WP2:Workplace ESW: Engineering WorkStation Clients are not virtualized and are installed in the conventional way

Table 1. ABB System 800xA Redundant Aspect/Connectivity Virtual Servers distribution on physical hosts.

 

The one physical server named “VHOST1” runs a single instance of aspect server, connectivity server, and single domain controller along with vCenterServer, which is used to manage multiple ESXi hosts running multiple VMs.

Similarly, the VHOST2 runs the second aspect server, connectivity server, and domain controller, and it serves as a backup server for the virtual machine.

 

Figure 2. Typical ABB System 800xA network schematic, 2 physical hosts with hypervisor running VMs, and operator workplace in CR. Image used courtesy of the author

 

Benefits of Virtualization

After discussing the core virtualization technology and process, there are, of course, some advantages of adopting virtualization infrastructure.

• In terms of cost-saving, we can run multiple virtual environments on a single hardware, consequently reducing physical infrastructure.
• By cutting down the number of hardware servers, there is no need to maintain so many servers which consume immense electricity.
• Due to fewer servers, less cooling is required, and maintenance costs are saved.
• Creating and starting a new VM is relatively easy, quicker, and simpler than provisioning the new IT/OT infrastructure.
• Fewer network switches, cabling, cabinets, etc, where less physical space is required.
• Easily portable and has lower downtime. Suppose one host goes down, then using virtualization technology, we can move the VM from one hypervisor to another hypervisor.
• The fewer physical servers in the working space reduce the noise level and enable better temperature control.
• We can easily add nodes and migrate to new hardware without reinstalling the automation systems and their functions from scratch.

 

Featured image used courtesy of Adobe Stock