Blog

Versatile motion control solutions for small to medium machines

Looking to improve your production metrics?

Kinetix servo drives from Rockwell Automation are designed to simplify machine designs,
enhance system flexibility and increase overall performance

Kinetix 5300 and Kinetix 5100 servo drives are designed to be paired with the Kinetix TLP servo motor, delivering complete motion control solutions that are right-sized for small to medium machines. These drive-motor pairings are designed with all the essential features to help machine builders deliver innovative and competitive solutions.

Seamless integration with Rockwell Automation® Logix control offers flexibility in design for small to medium machines in a variety of motion control applications. Designed with all the essentials covered – comprehensive power range, dual Ethernet ports, and hardwired Safe Torque Off, the Kinetix 5300 proves to be an excellent choice right-sized for building or modernizing machines with lower axes count.

Designed for versatility, the Kinetix 5100 provides a large range of power options to fit the unique needs of every individual application. With a wider choice of power range than comparable alternatives – up to 15 kW – Kinetix 5100 drives can be used in standalone mode or with Micro800™ or Logix controllers.

Tested and validated for optimized performance with Kinetix 5100 and Kinetix 5300 servo drives, this motor is available in eight frame sizes and ranges from 50 W to 15 kW. Complete the customization of your system with a range of motor cables and accessories.

If your work involves cranes, hoists or the lifting of any type of load, you understand the unique challenges posed by these types of applications. Safety, reliability and productivity are always on your mind. Fortunately, Allen-Bradley® drives are specifically designed to make your job easier. And you can select the type of drive that best meets your needs. AC DC Low voltage Medium voltage.

Put these PowerFlex® drive capabilities to work for you and invest in improved performance

• TorqProve™ Control helps verify control of a load in lifting applications
• Anti-Sway Capability is designed to improve safety and efficiency by reducing the swinging of a moving load
• Regeneration enables a drive to put energy back on the incoming line, providing a braking solution that is far more energy efficient than resistive braking
• Premier Integration is the exclusive experience of integrating Allen-Bradley smart devices into the Logix control environment. It helps you save configuration time and simplify your application

When you make the decision to purchase new technology for your lifting application, you’re making an investment in safety, reliability – and most of all, productivity. Moving to application-specific technology can be a big step forward in achieving your goals.

PowerFlex drives provide capabilities that can enhance the performance of lifting applications. Select the drive and capabilities you need.

When you use PowerFlex drives, you’re getting well-established products that are designed for application flexibility and ease of use.

The TorqProve feature is specifically tailored for applications needing coordinated and sustained control of a load and brake. TorqProve helps to verify control of the load in lifting applications of all kinds. Control capability helps confirm that the mechanical brake has control of the load when stopping the drive, and the drive has control of the load when releasing the brake during any move command.

Combined with excellent low and zero speed performance with accurate torque and speed regulation, TorqProve helps eliminate concerns with brake timing.

It can also help to significantly reduce wear and tear on the mechanical brake with smooth operation and reduced machine stress.

Use TorqProve in any application where coordination between the drive and the mechanical brake is required:

• Cranes
• Hoists
• Draglines
• Material handling lifts (vertical conveyors)
• Automatic Storage and Retrieval Systems (ASRS)
• Palletizer lifts

• Convenient setup, only a few parameters to set
• Brake control is performed by drive

No Special Drive or Software Required

• TorqProve technology is a standard feature of the drive
• The same drive can be used for  entirely independent functions on the same machine or in the same  This versatility allows you to reduce inventory costs
• Power Flex drives provide high-power capability in a compact footprint
• With the drive controlling the braking, the life of the mechanical brake can be extended

System Performance

• The drive easily integrates via the same communication networks you currently use
• Seamless integration of PowerFlex drives and Logix programmable automation controllers helps increase productivity by providing easy access to system and machine level data and diagnostic information

One major challenge for many lifting applications involves the swinging of a load. Any time a crane moving a load accelerates or stops, it causes the load to sway back and forth. The heavier the load, the more potentially dangerous and disruptive the swinging becomes. Production time is lost while waiting for the load to stabilize when in position. To address these concerns, PowerFlex 755T drives provide built-in anti-sway capability.

Anti-sway capability in PowerFlex 755T drives:

• Helps protect personnel and assets by reducing the unpredictable, pendulum-like movements of a load
• Helps improve productivity by reducing the time needed to wait for a swinging load to stabilize
• Helps control sway of a load without the need for additional sensors, external controller or complex programming
• Doesn’t require application expertise – just configure a few drive parameters
• Helps extend the life of mechanical components
• Can be used with a manual or automatic operation mode

With anti-sway, we can have a higher cycle time because the deceleration is managed by this feature, which allows us to lower the hoist when we arrive at the destination. We don’t have to wait.

The benefits of anti-sway capability also extend to applications that involve the movement of fluids.

Using built-in regeneration capability, some PowerFlex drives can help reduce energy consumption by putting energy back on the incoming power supply, providing a solution that is far more energy efficient than resistive or mechanical braking. Regenerative drives also help to eliminate the need for braking resistors and cooling equipment along with associated wiring, labor, installation and maintenance costs.

The PowerFlex 755TR drives, PowerFlex 755TM bus supplies, PowerFlex DC and PowerFlex 7000 drives have built-in regeneration capability to help you avoid wasteful dissipation of energy. Instead, use that energy for other applications.

When a load is lifted, energy goes into the motor from the drive, then into the machine from the motor. When this happens, the motor and rotation are in the same direction, meaning the system is operating in a “motoring” or “consumption” mode.

But when the load is lowered, the motor and drive must hold back the load to control its speed. Energy comes out of the machine and into the motor, then from the motor into the drive. When this happens, the motor torque and rotation are not in the same direction and the system is operating in a “regeneration” mode.

The motor behaves as a generator. When the drive is in a regeneration mode, energy flows back onto the mains and can be used for other purposes.

Premier Integration is the exclusive experience of using Allen-Bradley smart devices in the Logix control environment.

The Studio 5000® environment serves as a single programming tool for  the design and configuration of your application. You need only one software package for discrete, process, batch, safety, and drive-based applications.

• Drive  configuration is saved as part of the Studio 5000 Logix Designer® project file and stored in the Logix.  You only need one file for both the controller and all drive configurations.
• Consolidating controller programming and device system configuration helps reduce complication and eliminates mismatch errors
• Drive profiles provide a visual interface for automatic tag generation, instant pairing of controller to drive, and tools to assist drive configuration
• Diagnostic, fault, alarm and event information are integral to the Studio 5000 environment

Leverage the Studio 5000 environment to manage application libraries

• Rockwell Automation provides libraries of application code that enable you to take pre-built code and apply it to any Allen- Bradley automation device, making set up of the equipment fast and easy
• Application Code Manager enables time savings during commissioning and enhanced productivity by reusing application code independent of automation device platform

Analytics and visualization provide windows into critical production and process information gathered from self-aware and system-aware smart devices like PowerFlex Drives. Enabling you to:

• Predict mechanical problems and help improve performance with diagnostics in real-time
• Investigate, collaborate and troubleshoot in the plant – instantly with no setup and very little change to your infrastructure
• Providea common user experience for all Rockwell Automation devices with pre-engineered faceplates that provide necessary information for engineers, operators, and maintenance personnel

Integrated functional safety helps to increase productivity in machine operation and maintenance. Safety ratings up to SIL3, PLe, and CAT 4 are available.

• Decreased set-up times for networked solutions compared with hardwired safety
• Diagnostics become more accessible as part of the overall system
• Safety instructions and functions integrate into the controller for modularity and scalability

Offer harmonic mitigation, regeneration and common bus solutions in a wide power range of 10…6000 Hp / 7.5…4550 kW.

PowerFlex 755T drives are the only VFDs on the market to offer the combination of  TorqProve Technology, Anti-Sway Capability, Regeneration and Premier Integration. Using patented technology, they offer a variety of exclusive benefits to help improve the safety, dependability and productivity of your lifting application.

The PowerFlex 755T drives provide harmonic mitigation, regeneration and common bus solutions that help you reduce energy costs, gain flexibility and increase productivity. These are the first drives to offer TotalFORCE® technology to achieve excellent motor control through precise, adaptive control of velocity, torque and position for electric motors. The PowerFlex 755T drives include:

• PowerFlex 755TL Drive – Provides harmonic mitigation and power factor correction through the use of  active front end  by reducing the adverse effects of harmonic distortion, the drive helps to improve energy efficiency, reduce energy costs and minimize power distribution issues on the factory floor.
• PowerFlex 755TR Drive – Features built-in regeneration capability that helps decrease energy consumption by delivering regenerative energy from motors back to the incoming Line regeneration reduces the need for braking resistors and associated cooling equipment and helps avoid wasteful dissipation of energy. The drive also offers harmonic mitigation.
• PowerFlex 755TM Drive System – Select from a series of predesigned configurations for regenerative common bus supplies and common bus inverters to optimize your system design and power.  A common bus drive system offers advantages such as design flexibility, energy optimization and reduced installation costs. PowerFlex 755TM systems provide harmonic mitigation and built-in regeneration capability.

For more information

www.ab.com/Drives

PowerFlex 755T Brochure, publication 755T-BR001

Take advantage of PowerFlex Drives

In addition to providing exclusive features for lifting applications, the robust family  of PowerFlex AC and DC drives provide ease of use, flexibility and performance for a variety of industrial applications

PowerFlex 755 AC Drives

With a complete power range of 1 to 2000 Hp (0.75 to 1500 kW), the PowerFlex 755 AC drive supports a wide range of network protocols to simplify integration into your architecture and features an embedded EtherNet/IP port for easy management of drive data over EtherNet/IP networks. To help protect personnel and equipment while reducing machine downtime, the drive offers safety solutions up to and including PLe/SIL3, Cat 3 and Cat 4. Automatic device configuration (ADC) is a productivity-enhancing benefit of Premier Integration and is available when the drive is used on an EtherNet/IP network. ADC enables a Logix controller to automatically detect a replaced PowerFlex 755 drive and download all configuration parameters, minimizing the need for manual reconfiguration.

PowerFlex 7000 AC Drives

The PowerFlex 7000 family of medium voltage AC drives delivers flexibility and highly efficient performance in a single solution for motor control applications from 200 to 34,000 Hp (150 kW to 25,400 kW), rated from 2.4 kV to 6.6 kV. To help protect personnel and equipment while reducing machine downtime, the drive offers safety solutions up to and including PLe/SIL3, Cat 3. Choose a configuration with Direct-to-Drive™ technology– and connect a drive directly to the line without the use of an isolation transformer. Direct-to-Drive technology combines an active front end (AFE) rectifier to lower line- side harmonics and a patented DC link inductor to address common mode voltage at its source. This allows the use of standard motors, making it ideal for both new projects and upgrades of existing applications.

PowerFlex DC Drives

The PowerFlex DC drive combines powerful performance between 1.5 to 1400 Hp (1.2 to 1044 kW), with flexible control to produce a highly functional, cost-effective drive and control solution. PowerFlex DC drive modules are available in both regenerative and non- regenerative configurations and standard IP20 open type enclosure. The PowerFlex DC includes an armature converter, regulated field converter for field weakening or economy applications, an advanced regulator with integrated DPI functionality, DC tachometer and encoder capability. Unlike many other DC drives available today, the PowerFlex DC can be easily integrated into your complete manufacturing system. With drive profiles for Premier Integration, end users can now have a single software approach to configure their controller, drive system, and for operation and maintenance.

A distribution network can be seen as the flow of goods from an OEM/Principal to an end consumer. Multivista makes it simple with  fully furnished storage facilities, warehouses, and transportation systems that supports the movement of goods until they reach the end consumer.

Our distribution network that allows the long-term optimization has transformed over time, as businesses expands and aim to reach more consumers. Thus, satisfying overall customer demand has done at low costs and higher service levels with  strategic planning and specialized supply chain management.

The structure of our distribution network considers the most crucial factors like product demands of the end customer, customer experience, product variety and product availability, response time, and finally, product return ability.

Multivista Sales and Distribution networks are built by considering all key service and cost drivers like

• Customer location.
• Order quantity and frequency
• Transportation costs & mode
• Warehousing
• Factory and supplier locations
• Service level requirements

By Keith Blodorn, Director of Product Management, and Vishal Prakash, Strategic Product Manager, ProSoft Technology

For manufacturers, machine uptime is directly proportional to profitable operation. As machines and production processes become more complex, the need to provide expert technicians with remote access to industrial control equipment is more important than ever. This paper highlights several key points for enterprise network engineers and automation engineers when considering how to safely and securely provide remote access to industrial machines.

It’s 4PM on Friday, when the phone rings with news that the palletizer on your plant’s main bottling line just went down. The plant technical team is stumped and the palletizer vendor’s service engineer won’t arrive until Monday. The plant manager is on the other end of the phone line, asking you to somehow let the vendor access the palletizer control equipment to resolve the problem remotely.

Otherwise, he’ll need to idle the plant through the weekend, costing your company tens of thousands of dollars in lost revenue and wages. This scenario is a frequent occurrence in today’s world of automated manufacturing. At the same time, horror stories of corporate data breaches – including breaches due to outside contractor access mechanisms – raise the stakes for enterprise security professionals. With production quotas and profitability targets to meet, simply saying “no” to outside access is not an option for most companies. But before handing out a guest account on your corporate VPN or setting up a remote desktop connection to a production line PC, let’s consider the security and personnel safety factors associated with remote access to machine networks.

To begin with, consider these three key zones:

Each of these zones presents unique network security requirements and challenges. Understanding the challenges in each zone will help the enterprise network engineer determine the best solution that balances the production team’s need for fast remote support, the safety manager’s need to ensure personnel safety, and the enterprise network team’s need to safeguard the company’s data and information systems.

Another consideration for enterprise security professionals is industry standard cyber security guidelines. Now, an entire novel can be written about the various standards – NERC, NIST, IEC27001, IASME, and several others. Almost all of these are guidelines to good practices rather than strict adherence. So, for the purpose of this white paper we are going to focus on IEC62443.

IEC/ISA-62443, formerly known as ISA-99, is a series of standards and guidelines aimed for the implementation of electronically secure Industrial Automation and Control Systems. This reference guide may be used by end users, system integrators, security professionals, manufacturers, control system engineers, and architects.

Of all the security standards, IEC-62443 is the main guide for Industrial Automation and Controls systems as it deals with processes and guidelines from systems design to product development. As such, it is important for personnel involved with control systems to have an understanding of this standard and how it can help them solve security-related issues.

The good news is that ProSoft Technology uses these processes and guidelines to ensure our hardware and software products meet or exceed industry standards. Our products and solutions are audited internally and by an external independent organization regularly as part of our continuous security improvement process.

Now, let’s look at each of the zones mentioned earlier in this document

Machines are the heart of the manufacturing enterprise, making the products that drive revenue and pay the bills. In today’s manufacturing world, machines are more complex than ever. A machine like a palletizer or filling machine typically has one or more Programmable Automation Controllers (PAC), electronic operator interface screens, and scores of sensors, motors, and actuators. Often, these controllers and devices are connected via Ethernet. However, the machine Ethernet network should be segregated from the Enterprise Zone network and other machine networks through a DMZ1, which allows the machine to carry out its critical high-speed control communications without having to share its network capacity with office applications or other machines.

This segregation also provides an important layer of security, as only specific connections between machines and enterprise assets are allowed to communicate and transfer data with each other. This minimizes the risk of industrial devices infecting enterprise assets, and vice versa. Before considering network security in the Machine Zone, however, it’s critical to first understand machine safety. The equipment in the Machine Zone is responsible for running motors, energizing actuators, and running the machine. Anyone accessing the machine network has the ability to cause the machine to operate, and must fully understand the risks associated with any changes to the machine controls. Access to the machine network should be limited to only when the machine is in a “safe” state.

This brings us to the remote access device used in the Machine Zone. There are two common ways to provide remote access to the Machine Zone – a PC with a remote desktop connection and a dedicated remote access gateway. For enterprise network engineers, it’s tempting to connect a PC to the machine network and set up a remote desktop connection as this is a common practice in the Enterprise Zone for troubleshooting user PCs. However, this is not the best path in the Machine Zone for several reasons. First, a PC in the Machine Zone provides a highly capable platform for launching cyber-attacks against the machine and up into the Enterprise Zone. PCs typically have more advanced networking capabilities, so the user on the other end of the remote desktop connection now controls a device that can do a lot more than simply connect to the machine control equipment. This setup can allow a remote user, intentionally or inadvertently, to bypass the DMZ and access parts of the enterprise that he shouldn’t access.

Second, PCs typically have a full featured operating system, including many components that have nothing to do with the basic goal of providing remote access to the machine. Over time, vulnerabilities in these OS components come to light, creating the need to regularly update the PC or risk exposing both the machine and the enterprise to attack. Worse, the PC used for remote desktop access is often supplied by the machine builder or system integrator, and may not be under the plant IT department’s standard update and virus protection routine.

Finally, programming and troubleshooting industrial control equipment requires specific software packages, which are often quite expensive to license. Installing a PC on the machine for remote access requires purchasing licenses for all the necessary software, and adds to the list of installed software that the enterprise network team must monitor and update. The better solution for access to the machine network is to use a purpose-built remote access gateway, like the ProSoft Technology ICX35-HWC cellular LTE and PLX35-NB2 wired
network gateways. These devices plug in to the local machine network on one side and an Internet accessible wired or cellular wide area network on the other side.

Because the gateway is designed specifically for secure remote machine access, it does not have all the capabilities of a PC and thus does not provide a platform for attacks against the enterprise zone. The ports on the PLX35-NB2 are logically separate and do not allow routing of traffic from the machine network port to the wide area network port2. Unlike with the remote desktop approach, the remote access user cannot route back through the PLX35-NB2 to reach assets on the enterprise network.

Both gateways can integrate into the machine controller program, such that remote access is inhibited by the machine controller whenever the machine is in a state where remote access would be unsafe. Both gateways use outbound-only connections to the secure ProSoft Connect service and only after the gateway has been activated in the Connect service through a two-factor activation process. ProSoft Connect requires a second form of authentication for a remote user when attempting to access the machine.Unlike the full operating system on a remote desktop PC, the firmware on the ProSoft remote access gateways is regularly subjected to extensive penetration testing and regular ongoing vulnerability evaluations by a third-party cyber security consulting firm. The gateways were tested using industry standard penetration testing software tools, Achilles and Codenomicon.

In addition, ProSoft contracts a cyber security consultant, Independent Security Evaluators, to perform regular evaluation of both gateways and the ProSoft Connect service looking for vulnerabilities. The ProSoft gateways have been hardened to withstand would-be hackers; before using a PC for remote access, consider whether it has been and will be subjected to the same rigorous testing. An often-overlooked aspect of security and protection is capturing historical information of events and changes. A skilled hacker will defeat the logging in a PC and cover his tracks to avoid detection.

The ProSoft Connect service keeps an audit trail of events, which cannot be changed or deleted, to maintain clear visibility into access and changes. 2 Network Address Translation and Port Forwarding functions can be configured in the PLX35-NB2. If configured, these functions do provide a fixed software-based means of mapping local ports to wide area network ports.

The Enterprise Zone is often a large, complex network that connects the organization’s PCs, servers, email system, customer databases, and financial software. This zone is often the focus of hackers, looking to steal consumer data such as credit card numbers, employee information, or corporate intellectual property. The enterprise network typically provides users with access to the Internet, but also includes firewalls and other technology to limit the kind of connections that enter the network from the outside. Many companies provide VPN access to the Enterprise Zone for authorized users who need to access enterprise network services remotely. Companies sometimes also provide vendor and customer portals for access to some parts of the enterprise network.

Faced with the need to establish a remote connection for the external machine builder, the corporate VPN or a dedicated vendor portal might seem like a quick and easy way to solve the problem. However, guest VPN access will give the remote user access to more of the enterprise than he needs. In addition, the enterprise network engineer will need to establish a new connection or route from the Enterprise Zone through the DMZ to the Machine Zone. Not only is this inconvenient, these ad hoc configurations may inadvertently leave access to confidential enterprise assets open.

Since the encrypted VPN tunnel terminates within the Enterprise Zone, the remote user will necessarily gain some visibility to the enterprise network. Additionally, granting enterprise VPN guest access to a PC that does not fall under the company’s update and virus protection routine potentially exposes the servers and PCs on the enterprise network to malicious software on the remote PC. Conversely, remote access gateways installed on the machine network provide a more secure way for the remote user to traverse the Enterprise Zone. The ProSoft PLX35-NB2 uses the enterprise network’s Internet access to allow the remote user access to only the machine network, while the ICX35-HWC uses the cellular LTE network instead.

The remote user’s VPN tunnel is terminated only on the local port of the gateway, so the user never “sees” any part of the Enterprise Zone. The traffic between the gateway and ProSoft Connect service is strictly over secure HTTPS connections, using AES 256-bit encryption. This way, one can connect the machine to the Internet using the enterprise Internet connection or the cellular network, while maintaining a clear separation of the machine and enterprise networks.

The outside zone includes the remote user’s PC, the cloud connectivity service, and communications infrastructure like the Internet and the cellular network. Several key elements of any remote access solution reside outside the enterprise and are therefore more difficult for the enterprise network engineer to control. Therefore, it’s vital to understand the security features of the remote access solution’s components in the Outside Zone to determine how well the solution protects the enterprise.

The first component is the remote user’s PC – and the software needed to make the remote access solution work. Some remote access gateways only work in conjunction with software that must be installed on the remote PC. While this kind of product offers the remote user a slightly more convenient way to connect, it also introduces several critical security issues. First, the software itself has been targeted by malicious actors like the Dragonfly group. By replacing the real remote PC software with an infected version, Dragonfly attackers were able to gain access to industrial machine networks across several industries3. Second, the enterprise network engineer has no way to know if the remote user is keeping this software up to date. As vulnerabilities in common software components are discovered, the remote access software often needs updating to address these issues. If the remote user is not patching this software, he may inadvertently compromise your enterprise.

ProSoft Connect does not require user-installed software. Instead, the service uses the industry standard, operating system native L2TP VPN client with 256-bit AES encryption. Remote connections use single-use, randomly generated user names which cannot be reused. Even if an attacker were to steal the connection information when a Connect user creates a VPN tunnel, that information cannot be used to create another tunnel. If a vulnerability is found in any component used in ProSoft Connect, all users are covered as soon as we update the service. As a result, ProSoft Connect reduces the potential for the remote user’s PC to introduce vulnerabilities beyond the control of the enterprise network engineer.

The next Outside Zone consideration is the security of the VPN server technology or appliance which might reside in the Enterprise Zone or in a cloud connectivity service. It is common practice to try and save a few dollars by using freely available VPN tools like OpenVPN installed on a server with a static public IP address and add static or common passwords rather than using a hardened two-factor authentication scheme. Once the complicated VPN software setup has been meticulously configured for remote access, network engineers must understand and learn all of the potential threat vectors to adequately secure the VPN software to ensure hackers cannot gain access. Finally, network engineers must regularly check for vulnerability and security updates to the VPN server software and the PC software running the VPN server. Cloud service technology, including security, has advanced significantly in the last few years.

In addition, the major cloud providers like Amazon, Microsoft, and Google offer a level of physical and cyber security on their platforms that is significantly greater than what most companies can build on their own. Security-centric services like ProSoft Connect use several key technologies to keep remote machine access secure. ProSoft doesn’t stop at using these key technologies; as stated earlier, white-hat security experts are regularly targeting the ProSoft Connect service to identify and address potential vulnerabilities so the network engineer doesn’t have to become a security expert. ProSoft Connect is built with scaling, robustness and security in mind by leveraging a container and micro-service architecture. 4 Compared to earlier cloud services using Virtual Machines to run monolithic software applications, each function in ProSoft Connect is designed as a stand-alone micro-service.

These stand-alone services run in containers, which are like very tiny virtual machines and can be scaled to handle more demand when needed. The key difference is that the container only runs the application components needed by the micro-service. This reduces the likelihood that a security flaw in one OS component will compromise the service. In addition, because the micro-services all run independently of one another, a vulnerability in one micro-service won’t provide access to the entire cloud service. Finally, if an update is needed in any one component or micro-service of the entire cloud service, the update is performed often without impact to any other running services. Due to our flexible design, we can even upgrade services without affecting that service.

ProSoft Technology’s secure ICX/PLX gateways and ProSoft Connect are subjected to extensive penetration testing against the Achilles and Codenomicon platforms as well as constant evaluations by an independent third-party cyber security consultant. We take care of the security and complexity  of remote access so that you can access your machines and processes at any time and ensure a positive impact on the bottom line