To Go 'Fast. Forward.' Build on Bedrock.

Oceangoing vessels have many of the same secure monitoring and control needs as land-based operations vehicles and have an even greater need for mobility, remote operations and space efficiency. Meeting these needs has cast many control system providers deep in the throes of digital transformation.

“Over the past 30 years, machinery controls have moved from hardware-based logic to software-based logic. Relays, pushbuttons and light bulbs have been replaced by processors, graphical user interfaces, PLCs and enterprise software systems,” said Lead Electrical Engineer Ryah Dupre of L3Harris, a supplier of control systems for marine navigation, steering and other auxiliary systems.

“Requirements have evolved from custom circuit cards, in-house designed software and specified processes running machine language to commercial off-the-shelf (COTS) software and hardware. Networks now provide communication-industry standard protocols, which has driven changes and improvements in acquisition, philosophy, capabilities, life cycle support, training and modernization programs,” Dupre continued.

Distributed applications enhance survivability and reliability

L3Harris builds machine control systems (MCSs) for vessels of many different sizes and applications, including oceanography, defense and surveillance. An MCS can touch every part of such vehicles, including navigation, propulsion thrusters, and ballast monitoring. (Figure 1) Each function has different payloads and requires different control strategies.

L3Harris users access such functionality through an HMI interface that manages the input and output of all devices under control or monitoring. They can see related alarms in one place and distribute control systems across the vessel. This flexibility increases survivability and reliability by implementing multiple controllers across the ship.

“If you have only one set of controllers and it goes down, you have a problem. But if you have multiple sets of controllers distributed around the vessel and one goes down, you still have others and you can operate the vessel,” said Dupre.

Managing complexity with reusable building blocks

To simplify application development across so many varied functions, L3Harris has been using CODESYS application development software, enabling the creation of IEC 61131 standard control applications. The CODESYS software facilitates the construction of reusable blocks of code that developers can package as small chunks for use in multiple applications.

“Every boat is different, so every piece of code needs to be configured in a slightly different way and CODESYS lends itself to that for us,” said Dupre.

Standardizing on IEC 61131 is part of L3Harris’ commitment to reducing costs and maximizing design flexibility by using COTS and standards-based protocols. So, when the L3Harris engineering team evaluated Bedrock Open Secure Automation (OSA) as a supplier of control systems for their vessels, the fact that Bedrock has based its integrated development environment (IDE) on CODESYS was important.

“We have lots of experience with CODESYS, so it was very beneficial for Bedrock to have that capability along with all their other benefits, including cyber security, seamless integration of SCADA and rugged PLC functionality,” said Dupre. “Our biggest application with Bedrock right now is in the shipboard machinery control systems.”

Securing communications

Dupre says that the criticality of shipboard control systems requires highly reliable communications among all systems and that seamless integration into SCADA interfaces such as OPC UA is essential for communications with other systems.

“Redundancy is a must. Downtime is not an option. Bedrock and CODESYS make it extremely easy to have that seamless failover redundancy,” he said.

Cyber security is also a huge consideration for us,” Dupre continued. “The Bedrock technology is very secure, including the hardware, firmware and software. It has a hardened operating system, pin-less interconnect, and anti-tamper capabilities.”

The Bedrock OPC UA implementation takes full advantage of the authentication and encryption options available in an OPC UA integration. Bedrock uses Secure OPC UA, which, unlike a standard OPC UA integration that does not require a digital certificate on either the controller or the SCADA side, the Bedrock implementation requires authentication on both ends and encryption of all data that passes between them.

“The security structure is not limited to a local network; you can apply these security policies over the cloud, Wi-Fi, cellular, etc. You can operate on a zero-trust network. You can go up to the cloud and lock down your data, from your screen down to your screw terminals and everywhere in between. It does not matter if it is local or remote, the security just scales,” said Marcus Savini, L3Harris senior software engineer.

Other advantages of standard application development

In addition to the reduce costs of application development flexibility, Dupre sees adherence to the IEC 63111 as implemented by Bedrock and CODESYS delivering the following other benefits:

  • Software control reduces the need for control panels that otherwise might house relays and push buttons.
  • The fact that Bedrock does not charge for Application development software and support saves licensing costs and time that night otherwise be applied to managing multiple licenses.
  • Supports for all leading protocols makes it easy to communicate with the latest IIoT technology.

Moving Forward

“Bedrock and CODESYS check off all the requirements we were looking for, especially high-reliability, COTS, modular co-configurability, online support, and remote diagnostics. Having the standard IEC 61131 compliance is wonderful and will help us carry over to wherever the future takes us,” said Dupre.

Read next:
Whitepaper: Best Practices for Securing Industrial Control Systems
Download Now


Free whitepaper: Best Practices for Securing Industrial Control Systems