IETF Logo Mail Archive

Re: [Iotops] Fw: I-D Action: draft-km-industrial-internet-requirements-00.txt

Kiran Makhijani <kiran.ietf@gmail.com> Tue, 06 July 2021 06:37 UTC

Return-Path: <kiran.ietf@gmail.com>
X-Original-To: iotops@ietfa.amsl.com
Delivered-To: iotops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 70CAE3A1613 for <iotops@ietfa.amsl.com>; Mon, 5 Jul 2021 23:37:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ohv1RJrIjO2E for <iotops@ietfa.amsl.com>; Mon, 5 Jul 2021 23:37:54 -0700 (PDT)
Received: from mail-pl1-x630.google.com (mail-pl1-x630.google.com [IPv6:2607:f8b0:4864:20::630]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7FF853A1611 for <iotops@ietf.org>; Mon, 5 Jul 2021 23:37:54 -0700 (PDT)
Received: by mail-pl1-x630.google.com with SMTP id a6so519694plh.11 for <iotops@ietf.org>; Mon, 05 Jul 2021 23:37:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id:in-reply-to:references:reply-to :user-agent:mime-version:content-transfer-encoding; bh=WkTeM/lwiNqO6CEOheJzCoUfC71KKjf64fnxxN0DFww=; b=hTOBhAe+BSMCMLfKpsSCc+hZxyJ2uJ2wRd/N1ZOEjOVSZxCQ2zeD8Tu/R8/TEOfIJZ +6+QZsalNLt/LsyT2osQGSW//3Ly55eoGBHpGv9trcFV9/Hf33c662oWaKrJ/hKXsbKP Bbn87kfGJV6/QsUVsmG/SuQSvtJh8T3qbHZE03u6U0sOvanpQT09cVUhRie5G2mvOacs FaojiHJsqLs8rX4DcfPAVURoznFKams1yiLEOsYjZqT+9JQff0VysYyoaSXN9f2iu3eC 2O/O5tH/oD7ddxFbLp1Ax+rUQKRQHAfiRKQd3WyjF+SYmSVmo+/ycdIAo+LsskNVmByR +Ahg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:reply-to:user-agent:mime-version :content-transfer-encoding; bh=WkTeM/lwiNqO6CEOheJzCoUfC71KKjf64fnxxN0DFww=; b=p6j8h/ryOjBvjjCyLhwvFu5hH9/NlZxlpZ3xbB5r1bcVeYvNP3jiVPhIu7UQeTm3as P0qEOwg5DbUIIfM65IgulF8ilODa4i14VOoDHZoKsxO34fxA5NuuaULw+k+ACdr+3fZf WSe8TRI4BvqgCZg0KakFAvXWb4QpiHO+nUYWhtAGy8EHiZ3cFkEppKh6c5QQ7qBIj0qF 6fRZB3tXK6C1717Eu5qSLF/zJ9EFkk6CFjuPGble8nQHbI4bB/57m+qpMC7eqH+E/Xld 3DHwwj05KsyGdfTdK/UefM7ZSjvbyjlTIbZ94dqLMvxAlmLGCMTyRgMAV69uBjaYe0hI JGVg==
X-Gm-Message-State: AOAM533X0TkH89U/wTrAKm24CayGcMUHISpUC0W4FRZtzdhUegmO5l0t 6EueKaLagNI/a/sAbqYCUuI=
X-Google-Smtp-Source: ABdhPJx70rMqMY04MQovrInKhBtdK5YGHbU+7WFX3giIXBncTqjOyq+TRC1kPaRQBjbdDUahzRKwBg==
X-Received: by 2002:a17:902:d2c1:b029:128:d851:77fc with SMTP id n1-20020a170902d2c1b0290128d85177fcmr15884463plc.23.1625553473101; Mon, 05 Jul 2021 23:37:53 -0700 (PDT)
Received: from [192.168.1.22] (c-73-202-182-183.hsd1.ca.comcast.net. [73.202.182.183]) by smtp.gmail.com with ESMTPSA id j15sm1562072pjn.28.2021.07.05.23.37.52 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 05 Jul 2021 23:37:52 -0700 (PDT)
From: Kiran Makhijani <kiran.ietf@gmail.com>
To: Michael Richardson <mcr+ietf@sandelman.ca>, iotops@ietf.org, lijun.dong@futurewei.com
Date: Tue, 06 Jul 2021 06:37:51 +0000
Message-Id: <em5eaf55bd-9aa5-4e45-aafd-dedf976d9438@kmak-book2>
In-Reply-To: <8742.1624305316@localhost>
References: <em6035cf61-edd2-4960-b5f6-e6c4601d91d6@tromso.local> <8742.1624305316@localhost>
Reply-To: Kiran Makhijani <kiran.ietf@gmail.com>
User-Agent: eM_Client/8.2.1473.0
Mime-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/iotops/SHV63LzEkmxbW4_qEDJEhvoNpnk>
Subject: Re: [Iotops] Fw: I-D Action: draft-km-industrial-internet-requirements-00.txt
X-BeenThere: iotops@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IOT Operations <iotops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/iotops>, <mailto:iotops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/iotops/>
List-Post: <mailto:iotops@ietf.org>
List-Help: <mailto:iotops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/iotops>, <mailto:iotops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Jul 2021 06:38:00 -0000

Hello Micheal,
Apologies for late reply. I did not see this up until now. Please see 
inline [KM].

------ Original Message ------
From: "Michael Richardson" <mcr+ietf@sandelman.ca>
To: "Kiran M (ietf)" <kiran.ietf@gmail.com>; iotops@ietf.org; 
lijun.dong@futurewei.com
Sent: 6/21/2021 12:55:16 PM
Subject: Re: [Iotops] Fw: I-D Action: 
draft-km-industrial-internet-requirements-00.txt

>
>Kiran M (ietf) <kiran.ietf@gmail.com> wrote:
>     > Title           : Requirements and Scenarios for Industry Internet Addressing
>     > Authors         : Kiran Makhijani
>     > Lijun Dong
>     > Filename        : draft-km-industrial-internet-requirements-00.txt
>     > Pages           : 13
>     > Date            : 2021-06-10
>
>Thank you for the interesting document.
>If you ran it through xml2rfc --v2v3 mydraft.xml and submitted "mydraft.v2v3.xml"
>then you'd get the way more readable HTML generated as well the traditional TXT.
>
[KM] OK, will do. I can generate a readable html file locally, will try 
to upload generated -v2v3.xml.
>
>     > Abstract:
>     > Industry Control Networks host a diverse set of non-internet
>     > protocols for different purposes.  Even though they operate in a
>     > controlled environment, one end of industrial control applications
>     > run over internet technologies (IT) and another over operational
>     > technology (OT) protocols.  This memo discusses the challenges and
>     > requirements relating to converegence of OT and IT networks.  One
>     > particular problem in convergence is figuring out reachability
>     > between the these networks.
>
>About: Modbus, Profibus, CANbus, Profinet, etc.
>I understood that more and more these are running over "Ether/IP", which many
>of us just call IP.   This eliminates the physical connectivity challenges,
>but opens up significant risk due to converged network and addressing.
>

>  [KM] That is right. Most of this protocols are over IP when they talk to IT-world applications and services. Certainly security is one aspect and is a challenge for both the cases - when applications are outside a site or on-site. Today, only form of protection we have is through  firewalls. But there is an  operational aspect to it as well in which communication between different bus protocols is pretty expensive and indirect (having to go through encap/decap over IP) or proprietary. For the sake of automation, improvements in inter-operation mechanisms can simplify factory operations by reducing gateway configurations.
>
>In the automotive space, ethernet (10baseT1S) seems to poised to win over
>CANbus. My observation is that the question is which year will it win,
>rather than if.  Are you seeing CANbus used outside the automobile itself, in
>industrial settings?  (Do automotive plants use CANbus in the factory?)
>
[KM] Yes, ethernet will see higher adoption overtime. But industry 
control networks are legacy networks, there is a certain level of 
comfort and confidence in fieldbus technologies. Functionally, the 
behavior for many devices is easily satisfied by I/O bus interfaces.  
Unfortunately, I don't have a clear answer to use of CANbus in the 
factory. But we can still safely assume that the number of protocols in 
industry control are quite high and will remain that way.
>
>It feels like your document ended just as it was getting into the question
>you ask about how to arrange connectivity, addressing, etc.
>Is there more to your document that you had in mind to write?
>It's hard to know what your next step in the document would be.
>
[KM] I looked at Industry control problem from service and connectivity 
aspect. As of now i believe the services related work should be in 
DETNET territory. the second part - providing a standard and efficient 
form of inter-protocol connection on a factory floor can be discussed in 
Iotops.
>
>Some thoughts I have are:
>
>1) the XYZ-over-IP would be best if they were either XYZ-over-TLS, or perhaps
>    XYZ-over-QUIC.  Sprinkle in DETNET as needed.  QUIC eliminates
>    head-of-queue blocking issues, and so allows for higher priority commands
>    to pass lower priority ones in the queue.
>    {Of course, it should have been XYZ-over-SCTP-over-IPsec, and it could be
>    so in a greenfield plant, but mindshare is not there}
>
>    The challenge in the TLS based AKE is that we have to get the certificates
>    installed, and then we have to arrange for mutual trust.
>    I think that OPC UA currently deals with this kind of thing in it's
>    configuration model, but I'm not priviledged to see those documents.
>    (You may be?)
>
>    Is that a gap you are interesting in?
[KM]  It will be great to have a discussion on the transport and 
security of industry control operations. I think OPC-UA does have TLS 
support between the application and a server in the factory - But  I 
would guess that it does not extend all the way to end devices (simply 
because fieldbus devices only perform I/O commands and do not have 
sophisticated transport).
>
>
>2) since many of the other protocols use significant shorter identifiers,
>    creating an overlay spec that embeds them in IPv6 IIDs would be
>    interesting.
>
>    This would allow IP based controllers to address Modbus, profibus,
>    profinet, sensors/actuators directly, and if the underlying gateways and
>    wiring allows, in a stateless way.
>    Stateless is good because it means that the redundancy in the wiring can
>    be exploited.
>
>    This would be interesting work, but probably the IETF does not have the
>    right people here (AT THIS TIME), to make progress on that.
>  [KM] Hmm, that's fair to certain extent. But , the IPv6 IID design type of expertise is very much here in the IETF. There are also other things of industry control relating to long-term use cases (I tried to avoid those in first draft) but we can talk about which ones are interesting to the group.

[KM] Thanks for the feedback. I will modify the document to make it 
clearer for more discussion.
>-Kiran
>--
>Michael Richardson <mcr+IETF@sandelman.ca>   . o O ( IPv6 IøT consulting )
>            Sandelman Software Works Inc, Ottawa and Worldwide

v2.23.0 | Report a Bug | By Email