Network Software Ch. 5 1.pptx
Document Details
Uploaded by ExquisiteAmetrine
Full Transcript
NETWORK SOFTWARE IN THIS CHAPTER WE DISCUSS NETWORK OPERATING SYSTEMS AND SOME SOFTWARE ANCILLARY TO THE CORE NETWORK OPERATING SYSTEMS THE SPECIFIC SYSTEMS SELECTED FOR DISCUSSION HERE WERE CHOSEN BECAUSE THEY MADE THE BEST POSSIBLE ILLUSTRATION OF THE VARIETY OF SYSTEM TYPES AVAILABLE GIVEN TH...
NETWORK SOFTWARE IN THIS CHAPTER WE DISCUSS NETWORK OPERATING SYSTEMS AND SOME SOFTWARE ANCILLARY TO THE CORE NETWORK OPERATING SYSTEMS THE SPECIFIC SYSTEMS SELECTED FOR DISCUSSION HERE WERE CHOSEN BECAUSE THEY MADE THE BEST POSSIBLE ILLUSTRATION OF THE VARIETY OF SYSTEM TYPES AVAILABLE GIVEN THE UNUSUALLY CONTENTIOUS ATMOSPHERE SURROUNDING DISCUSSIONS OF NETWORK OPERATING SYSTEMS AND PARTICULAR TYPES OF INDUSTRIAL CONTROL SYSTEMS, THE AUTHORS HASTEN TO ADD THAT THE OPINIONS EXPRESSED HERE ARE THEIR OWN, NOT THOSE OF ANY ORGANIZATION , AND THAT THEY HAVE NEITHER RECEIVED, NOR WILL RECEIVE, COMPENSATION OF ANY TYPE FOR THEIR COMMENTS FOR OR AGAINST ANY NETWORK OPERATING SYSTEM INTRODUCTI ON O B J E C TORIENTED PROGRAMS • To start a chapter on network operating systems, there is a need to build some definitions and discuss the modern goals of software design • Object-oriented programming is a good place to begin discussing network operating systems • Their advantages include: reduced development time, better organization of programming efforts, and reusable code • Today, any modern network system used in either commercial or industrial applications should be object-oriented and have a good “object model” • Object-oriented programs have classes of objects • The concept of “class” can be explained by an example: a class of objects known as Dog • This object-orientedness enables software to be built out of components, rather than be all original or new each time • O B J E C TORIENTED PROGRAMS Distributed control systems and supervisory control and data acquisition systems ) have long used a basic object model concept • In most OOP programming, the objects are created by the program and cease to exist when the program terminates ALTHOUGH THIS IS A BOOK ABOUT INDUSTRIAL DATA COMMUNICATIONS, MOST OF THE SYSTEMS USED IN THE INDUSTRIAL ENVIRONMENT HAD THEIR START IN THE COMMERCIAL WORLD AT PRESENT, THAT WORLD IS DIVIDED INTO SEVERAL CAMPS, ALL OF WHICH GIVE THE IMPRESSION THAT THEY ARE “STANDARDS-BASED.” UNFORTUNATELY, INTEROPERABILITY BETWEEN THEM IS OFTEN DIFFICULT TO ACCOMPLISH COMMERCIAL SYSTEMS THE VARIOUS APPLICATION MODELS WERE DISCUSSED IN CHAPTER 2 AND THE READER IS REFERRED BACK TO THOSE MODELS AS THEY ARE MENTIONED A PROPRIETARY PRESENTATION MEANS ) WOULD PRESENT THE INFORMATION TO THE USER USER SERVICES WOULD INTERFACE BETWEEN THE BUSINESS RULES AND THE PRESENTATION, USUALLY BY PRESENTING HOOKS TO THE RESIDENT OPERATING SYSTEM USING THE GUI S TA N D ALONE SYSTEMS T W O -T I E R S Y S T E M S The figure for the two-tier system may be found in chapter 2 , as well as a detailed discussion of thin/fat clients and n-tier systems In the world of computer-based automation, the classic DCS and PLC architectures have been thick client designs in which each workstation or operator console has a full suite of application software and user tools SCADA systems have made more use of the thin client approach, where there may be a redundant server that supports multiple thin-client operator workstations • T W O -T I E R SYSTEMS The advantage of the thick client is this: if the primary database server is unavailable and the client is attached to another database server, then the business rules for the client are intact • The problem with the two-tier model is that it has no way of distributing functions • Since the functions on a three-tier model may be spread out over three or more machines, the three-tier model is just a subset of the n-tier model • The n-tier model in figure 5-2 uses an Internet perspective and technologies, such as web servers/browsers, which can and are being used in current industrial automation system designs • The process control field has traditionally used the three-tier model for distributed control, using a sole-source proprietary system or mixed stores ) to put together a distributed control system N -T I E R • The business rules server may very well use a process like Microsoft’s ActiveX Data Objects that requests data and receives responses from the database N -T I E R server • For the n-tier model, the user services may employ the Hypertext Markup Language delivered by HTTP or HTTPS for the user interface • The application model and Internet n-tier technologies have already revolutionized office systems by coming closer to the goal of providing simple, universal, and platform-independent access to corporate data THE INTERNET • As a medium for connecting geographically separated plants, the Internet offers the tremendous advantage of costing only the services of an ISP for truly high-speed interconnection • However, Internet technologies have established themselves on company Intranets GIVEN THE PREVIOUS BACKGROUND AND SUPPORTING INFORMATION, THIS WOULD BE A GOOD POINT TO START A DISCUSSION OF BASIC NETWORK OPERATING PROGRAMS, KNOWN AS NETWORK OPERATING SYSTEMS NETWORK O P E R AT I N G SYSTEMS AN ENTIRE BOOK COULD BE DEVOTED TO NETWORK OPERATING SYSTEMS, THEIR DESIGN, AND IMPLEMENTATION THERE IS NEITHER THE SPACE NOR THE REQUIREMENT FOR A DETAILED EXPLANATION, SO ONLY SOME SALIENT FACTS ABOUT DATA COMMUNICATIONS APPLICATIONS WILL BE DISCUSSED ALONG WITH A FEW OF THE MORE POPULAR NETWORK OPERATING SYSTEMS MICROSOFT WINDOWS HAS THE LARGEST MARKET SHARE OF DESKTOP SYSTEMS AND HAS MADE SIGNIFICANT INROADS INTO THE SERVER BUSINESS, PARTICULARLY IN PROCESS CONTROL MICROSOFT FA M I LY O F WINDOWS PRODUCTS IT ACQUIRED ITS SHARE BY OFFERING REASONABLY-PRICED SOFTWARE THAT WOULD DO 90% OF WHAT MOST PEOPLE WANTED AT LEAST 90% OF THE TIME THROUGH AN EASY-TO-USE INTERFACE NO ONE WHO EVER USED THE EARLIER WINDOWS NETWORK VERSIONS WILL SAY THAT IT ALWAYS DID WHAT HE OR SHE WANTED, HOWEVER, IT CERTAINLY GAVE REASONABLE PERFORMANCE FOR ITS INTENDED USE AND PRICE PC O P E R AT I N G SYSTEMS • Microsoft has offered a myriad of operating systems under the marketing-driven title “Windows” that are different in concept and execution • Windows 3.1 was a 16-bit system with a GUI glued onto Microsoft DOS • Windows 95 was a hybrid system supporting 16-bit DOS programs and true 32-bit programs • Windows NT was good to start with and has done nothing but improve the operating system’s capabilities • Windows XP was an effort by Microsoft to do two things: Primarily, it wanted to establish a standard code base across all of its operating systems • Since the last version of this book, Microsoft has introduced a number of operating systems: Windows Vista, circa PC O P E R AT I N G SYSTEMS 2007, ; Windows 7, circa 2009, ; and Windows 8, circa 2012, and 8.1, circa 2013 • Most users in industrial data communications circles seemed to be of the opinion that Vista was not quite ready for prime time at the time of its introduction, so they held on to XP • A server uses the underlying desktop operating system core base; however, because its purpose is to share resources, it requires different software applications SERVER O P E R AT I N G SYSTEMS and hardware than the basic operating system on a desktop • Server tools are added to make the sharing more efficient and easier to access • Microsoft entered the server world with the introduction of NT Server 3.1, a processor-independent, multiprocessing, multi-user operating system • The big push commercially is “cloud” computing, this is an effort to again penetrate the subscription market CLOUD COMPUTIN G • Office 365 is a good example of an application living in the cloud; for a monthly fee you have an up-to-date, patched version of Office • The problem is that most users of control systems are reluctant to base operating their control systems over the Internet EMBEDDED O P E R AT I N G SYSTEMS WINDOWS CE WAS MICROSOFT’S ENTRY INTO THE SMALL-FOOTPRINT OPERATING SYSTEMS MARKET FOR PERSONAL DIGITAL ASSISTANTS AND SUB-NOTEBOOKS, INCLUDING TABLETS IT HAS FOUND APPLICATIONS IN INDUSTRY BECAUSE OF ITS LOW RESOURCE REQUIREMENTS AND ITS ABILITY TO INTERFACE EASILY WITH ITS KIN MICROSOFT HAS MADE A BIG MARKETING PUSH TO HAVE WINDOWS CE, OR A SELECTIVE COMBINATION OF CE OBJECTS, ON WIRELESS PHONES, COPIERS, AND OFFICE EQUIPMENT OF ANY DESCRIPTION WINDOWS CE 5.0 BECAME WINDOWS EMBEDDED CE 6.0 , A COMPONENTIZED OPERATING SYSTEM DESIGNED TO POWER SMALL-FOOTPRINT DEVICES SUCH AS: TV SETTOP BOXES WINDOWS-EMBEDDED CE 2013 WAS RELEASED IN JUNE 2013 AND WILL BE SUPPORTED UNTIL OCTOBER • The Microsoft family of embedded operating systems includes: Windows Embedded Standard 7, released in 2010, is based on Windows 7 and includes features such as Aero, SuperFetch, ReadyBoost, BitLocker Drive Encryption, EMBEDDED O P E R AT I N G SYSTEMS Windows Firewall, Windows Defender, address space layout randomization , Windows Presentation Foundation, Silverlight 2, and Windows Media Center, among several other packages • Windows Embedded Automotive is an embedded operating system based on Windows CE for use on computer systems in automobiles • UNIX, which has been around for over 40 years, has had time to mature • UNIX vendors are far less numerous now because many have consolidated and partnered in the past few years, resulting UNIX in fewer language variants • UNIX has suffered through the years from each vendor’s lack of sufficient market share, preventing mass-marketing of their software LINUX • Linux is an open-source clone of UNIX • Open-source does not necessarily mean free, only that the source code is available • In most of its distributions, Linux has a good reputation as an application server and its total cost of ownership rivals or, in some cases, betters that of Windows • While there are many good Linux programs that will do at least some of what the users want, most programming firms, which are in business to make money from programming services, do not want to give away software or intellectual property rights, as is required by some of the open-source Linux license agreements • There are a number of problems with using open source programs, particularly with concern to both financial and operational liability of an open-source industrial program • Apparently, Novell will do the open-source things while Microsoft will make Windows work better with Linux—a win-win for users, LINUX if it works out • In 2011, Microsoft and SUSE, an independent business unit of The Attachmate Group Inc., announced a 4-year extension of the groundbreaking agreement struck nearly 5 years before, between Microsoft and Novell, for broad collaboration on Windows and Linux interoperability and support • This relationship will extend through 1 January 2016, with Microsoft committed to invest $100 million in new SUSE Linux Enterprise certificates for customers LINUX receiving Linux support from SUSE • Another popular release of Linux-based systems is Ubuntu, which is applicable wherever Linux computers can be used • Windows supplied its own implementation of other vendors’ protocols, such as Apple’s AppleTalk, Netware’s IPX/SPX, and IBM’s DLC, in addition to NetBIOS PROTOCOL S U S E D BY VENDORS Extended User Interface • Windows XP can use other protocols but is designed for TCP/IP, as are all current versions of Windows • Novell version 5.2 offers TCP/IP as its native connectivity, and Apple’s OS-X is a flavor of UNIX, so it offers TCP/IP as a native protocol MICROSOF T’S NETBEUI • Before the Internet and TCP/IP became as popular as they are today, Microsoft was selling software to run on your IBM PC: DOS and eventually Windows 3 • In that same timeframe, Xerox, IBM, and Digital joined forces to create “Ethernet” • People wanted to connect PCs together using Ethernet and Microsoft had to either devise a means for this to happen or allow companies like Novell to dominate in that niche • Microsoft developed a protocol to run on top of Ethernet to provide basic messaging services and to name resolution services • They added another application layer on top of NetBIOS, called Server Message Blocks , to enable file and printer sharing among PCs • NetBEUI is both a protocol extension of NetBIOS and an application programming interface with a naming convention and a way of interfacing network hardware and MICROSOF T’S NETBEUI network software • Older Windows systems ran NetBIOS over IEEE 802.2 and Novell’s IPX/SPX using the NetBIOS Frames and NetBIOS over IPX/SPX protocols, respectively • Although NetBEUI is now a legacy networking protocol, for small networks , NetBEUI is as close as you could once come to a plug-and-play network COMMON INTERNET FILE SYSTEM The TCP/IP suite offers FTP for file transfers; however, it is somewhat limited when it comes to file sharing for applications and browsers The Common Internet File System is a variant of the SMB protocol that Microsoft proposed to the Internet Engineering Task Force as an open standard Since Microsoft-based clients are a large number of the Internet hosts , it is highly likely that CIFS will reign and that Sun’s Network File System will be used strictly for UNIX-only answers UNTIL VERSION 5.0 AND UP, NOVELL USED ITS OWN IPX, DERIVED FROM XEROX’S XNS PROTOCOLS NETWARE’S IPX/SPX SUITE NOTE THAT TO TALK TO NETWARE FROM WINDOWS REQUIRED THAT THERE BE A DEVICE OR SOFTWARE PROGRAMMING TO TRANSLATE THE DIFFERENT LAYER 7 PROTOCOLS, EVEN IF BOTH WERE RUNNING IPX/SPX THIS IS ONLY A HISTORICAL REFERENCE, AS IPX IS NOW LEGACY SOFTWARE • There is no UNIX suite since, for the most part, UNIX has used the TCP/IP suite • TCP/IP SUITE This Layer 7 protocol performs the same functions as Microsoft SMB and the Novell NCP • Even though the different network operating systems have a common standards-based set of protocols, they still cannot talk directly to each other • A network operating system is really only good by itself on a small peer-to-peer system, or perhaps a very small server-based system • D I R E C T O RY SERVICES Network operating systems will establish a set of services to handle network management and networks will have their own, or some other vendor’s, directory service • In this case, we mean a centralized administrative software on a server of some type that provides network management, provides node updating and patching, handles address allocations, provides location/node information for distributed services, and handles user and application authentication functions AN AD DOMAIN CONTROLLER AUTHENTICATES AND AUTHORIZES ALL USERS AND COMPUTERS IN A WINDOWS DOMAIN NETWORK, ASSIGNING AND ENFORCING SECURITY POLICIES FOR ALL COMPUTERS AND INSTALLING OR UPDATING SOFTWARE MICROSOFT ACTIVE D I R E C T O RY WHEN A USER LOGS INTO ANY COMPUTER THAT IS PART OF A WINDOWS DOMAIN ), AD CHECKS THE SUBMITTED PASSWORD AND DETERMINES THE USER’S PRIVILEGES BASED ON PREDEFINED CONFIGURATION SETTINGS FOR THE GROUP TO WHICH THE USER BELONGS THE AD SERVER CAN “PUSH DOWN” A GROUP POLICY OBJECT , WHICH IS A SET OF LOCAL ACCESS POLICY SETTINGS, THAT WILL BE USED FOR THIS PARTICULAR USER ON THE SYSTEM INTO WHICH THE USER HAS LOGGED ON • AD uses the LDAP structures • An LDAP directory tree is a hierarchical structure of organizations, domains, trees, ROOT TREE groups, and individual units • At the top of the AD structure is the root tree, which holds all the objects, organizational units , domains, and attributes in its hierarchy • Under that root tree may be other trees that replicate the root tree for reliability and availability purposes • Subsets of the main root tree may be physically distributed around a corporate FORESTS WAN to enable a measure of fault tolerance and to provide faster response • The collection of trees that contains all the domain’s OUs, objects, security policies, and attributes is called a forest • Trust Relationships are important elements in an AD environment, as they enable forests, and the domains they represent, to communicate with one TRUST R E L AT I O N S HIPS another and pass credentials • Within a single forest, there are implicit two-way transitive trusts • By default, two-way transitive trusts are automatically created when a new domain is added to a domain tree using the Active Directory Installation Wizard AN ORGANIZATIONAL UNIT IS A CONTAINER WHICH GIVES A DOMAIN ITS HIERARCHY AND STRUCTURE IT IS USED FOR EASE OF ADMINISTRATION AND TO CREATE AN AD STRUCTURE IN THE COMPANY’S GEOGRAPHIC OR ORGANIZATIONAL TERMS AN OU CAN CONTAIN OTHER OUS, ALLOWING FOR CREATING A MULTILEVEL STRUCTURE O R G A N I Z AT I ONAL UNITS • AD is integrated with DNS and requires DNS to be present to function, as Microsoft no longer supports nor DOMAIN NAMING SYSTEM recommends using their WINS server • DNS is built into Windows Server 2003 and all newer systems • Use of Window’s DNS service is recommended as it is integrated into Windows and provides the easiest to use functionality • It is probable that the IT organization has established one or more centralized AD servers to manage user access rights, push out “policy” objects, and administer company PCs AD CONCLUSIO N • Automation systems are now and if not now may eventually be tied into one of these AD servers and then be dependent on its functioning and availability • Automation technologists need to be aware of the functions of an AD architecture and of its role in a centrally-administered architecture so that they can understand how it will impact operations, security, and reliability • The evolution and development of computer-based automation technologies, smart devices, and subsystems had, by the 1990s, produced a lot of proprietary designs AN A P P L I C AT I ON OBJECT MODEL: OPC and a lack of interoperability • In 1996, a group of industrial user, integrator, and developer vendors came together to create the OPC standard to enable data exchanges between products and systems from differing vendors • It was originally focused on enabling communications between PC-based HMI packages and PLCs, but OPC gained traction and expanded into several variations and is now supported by many vendors OPC IS TYPICALLY IMPLEMENTED BY ADDING “OPC GATEWAYS” TO SYSTEMS THAT CANNOT DIRECTLY SUPPORT OPC, HAVING THESE GATEWAYS COMMUNICATE IN THE NATIVE PROTOCOL OF THE SYSTEM, AND THEN ACTING AS EITHER OR BOTH AN OPC CLIENT AND OPC SERVER TO OTHER SYSTEMS AND DEVICES AND OTHER OPC GATEWAYS AN A P P L I C AT I O N OBJECT MODEL: OPC OBJECT LINKING AND EMBEDDING FOR PROCESS CONTROL WAS BASED ON MICROSOFT’S COMPONENT OBJECT MODEL AND DISTRIBUTED COMPONENT OBJECT MODEL , WHICH USES WINDOWS PROPRIETARY REMOTE PROCEDURE CALL CAPABILITIES OPC CONSISTS OF A STANDARD SET OF INTERFACES, PROPERTIES, AND METHODS FOR USE IN THE PROCESS CONTROL INDUSTRIES • The goal of OPC is plug-and-play for process control, where only one set of drivers for a device has to be written and AN A P P L I C AT I ON OBJECT MODEL: OPC may be reused, where only one software toolkit is required for development, and where the configuring of software and hardware is automatic • OPC offers a number of benefits to users: Lower system integration costs Elimination of proprietary lock Access to data by every level of the hierarchy An OPC client is a system or device that wants to receive data from an OPC server CONCLUSIO NS TO CHAPTER 5 • As we have seen, communicating between dissimilar platforms is almost as difficult in the commercial world as it is in the industrial world • The problems the two spheres share grow, as most industrial networks standardize around Ethernet and TCP/IP , leaving the operating system to determine Layers 5 through • One of the priorities that could be construed from the previous discussions on Directory Services, particularly applying to large corporate IT groups, is the goal to enforce “policies” from a central AD facility • These central AD facilities link EMS/SCADA systems and plant automation systems across the corporate WAN, so that they can push down security policy changes and account setting updates, such as adding and deleting user accounts • This chapter discussed some of the models used in both industrial and commercial networks, as well as some of the vendor products used in industrial networks • Since both of the feature sets and details are apt to change during this book’s life span, the level of detail provided here is S U M M A RY sufficient • In fact, this chapter could be summed up as follows: For network operating software, Layers 1 and 2 are Ethernet, Layers 3 and 4 are TCP/IP, and whichever operating system you choose will supply Layers 5, 6, and
