The Industrial Wi-Fi Shop Podcast

*/ ?>

View Top 200 Chart

Back to Rankings Page

Technology
**The Industrial Wi-Fi Shop Podcast**

Manufacturing and industrial environments provide their own unique
challanges for wireless communications. Harsh conditions, both indoors and
out, create a daunting task for engineers work through. This is where we
come to discuss those challenges, share ideas and help one another out.

My name is Scott McNeil and welcome to the Industrial Wi-Fi Shop

Latest Episodes:

**The Industrial Wi-Fi Shop Podcast – Ep. 13 The One Ring!** Jan 22, 2025

CWIDP Guide Giveaway details

There are two copies of the Certified Wireless IoT Design Professional (CWIDP) study/reference guides

Winners will be drawn randomly on episode 15 (episode title TBD)

ONE winner will be from IT

ONE winner will be from OT

Click the link below to enter the drawing! (One entry per person)

—> https://tinyurl.com/4nbz3rkv ← (its a google forms entry)

Welcome to the 1 Year Anniversary episode of the IWS!!

Upcoming Events!

Wi-Co

-Chapel Hill NC- 5/14 -Scott presenting or maybe another hands on lab

-Nashville 5/29- Jeremy possible presentation on CURWB

WLPC

Jeremy – 10 talk on site surveys in machine cells and entertainment…

For those not familiar, what is Token Ring?

A LAN technology that uses a token to control data transmission between devices. It was created by IBM in the early 1970s and standardized as IEEE 802.5 in 1989

How it works

A token is passed around a logical ring of devices.

A device can only transmit data when it has the token.

When a device has data to send, it captures the token and converts it to a “busy” token.

The device then transmits a data frame, which travels around the ring until it

reaches its destination.

The destination device copies the data and sends an empty frame back around the ring.

When the originating device receives the empty frame, it releases a new token for other devices to use.

Benefits

Token ring ensures that every device gets a chance to transmit data, which makes the network more reliable and predictable.

It eliminates collisions that can occur when multiple devices try to transmit data at the same time.

History of EchoRing and Technology Deep Dive

James Gross and Christian Dombrowski laid the foundations of Echoring technology. James Gross was an assistant professor at RWTH Aachen University from 2008 to 2012 in the DFG-funded research center UMIC (Ultra High-Speed Mobile Information and Communication), working on a wireless, highly available real-time communication solution using the Token Ring protocol. Christian Dombrowski completed his PhD under Gross.

Together, they used mathematical methods to prove the reliability of the technology. Christian Dombrowski started implementing Echoring on an FPGA-based Wireless Open-Access Research Platform (WARP) as part of his PhD thesis in 2010. They mainly used a PTA (Probabilistic Timed Automata) to evaluate the communication protocol. In 2012, a patent application was filed for the Echoring protocol. 2014, the system was stable for the first time and successfully tested in real scenarios in several BMBF-funded projects.

2015 James Gross and Christian Dombrowski founded the company R3 with Mathias Bohge and Florian Bonanati. The Echoring protocol is implemented on a ‘WiLink 8’ Bluetooth chip from Texas Instruments, making it ready for mass production. In 2017, the ‘Echoring Radio Board,’ the first product with Echoring technology, was released in collaboration with Schleicher.

2018, the seamless roaming function was implemented, and a patent was filed. End of 2019, the ‘Bridge E’ was launched at the SPS trade show in Nuremberg, Germany.

EchoRing Technology facts – The Lord of the Ring

Echoring is a highly reliable, decentralized, wireless radio protocol capable of real-time use due to two measures.

The first measure is that Echoring is based on the idea of token ring technology. Each participant in the Echoring network acts both as a sender and as a receiver. In line with the concept behind the token ring, only the token holder can send and effectively prevent collisions. Also, the token ring ensures a deterministic sequence in the system, which is perfect for industrial control systems.

As a second measure, echoring achieves high reliability using an ‘echo system’ to achieve ‘massive cooperative communication .’In this case, should the connection between a sender and a receiver be interrupted, the signal is automatically sent to the actual receiver by a third network participant.

The measures described as core functions allow for calculating the signal runtime and reliability, making Echoring suitable for use in time-critical industrial applications.

An Echoring network consists of at least two network nodes. A third node is recommended as an echo station. The reliability of Echoring networks increases with the number of network nodes. We specify the maximum number of network nodes in one radio channel as 20.

If more extensive networks are to be formed, individual Echoring networks can be operated as sub-networks and connected to create a more extensive network. Applications with mobile network nodes, such as skillets, overhead monorail, or AGV/AMR applications, can seamlessly switch from one sub-network to the next via roaming and handover.

Echoring is transparent to the network technologies used and can be used for a wide range of technologies. Numerous field buses and industrial Ethernet technologies, such as PROFINET, EtherNet/IP, CIP Safety, Ethernet Powerlink, and CC-Link, can be transmitted via an EchoRing network.

This is the first spectrum capture. The radios were set for 5GHz channel 153. For reference, there is a Wi-Fi access point in channel 157 with no clients connected (it’s one of my lab AP’s). It’s about 10 minutes. Can you see the center line I was talking about on the show?

This is the entire 40 minute capture.

Additional Information

EchoRing Paper – https://ieeexplore.ieee.org/document/7147716

DECT – https://www.linkedin.com/feed/update/urn:li:activity:7269953621620924417

350 m Deployment – https://www.linkedin.com/feed/update/urn:li:activity:7280100469970997248

If you would like to know more about our guests, check them out on LinkedIn:

Florian Bonanati – https://www.linkedin.com/in/florianbonanati/

Curtis Combs – https://www.linkedin.com/in/curtis-combs-148149b3/

Margaret Locascio – https://www.linkedin.com/in/margaret-locascio-8b37a76/

R3 Solutions – https://www.r3.group/en/

If you would like to connect with Scott or learn more about his employer, Global Process Automation (GPA), then check the following:

Scott McNeil – https://www.linkedin.com/in/americanmcneil/

GPA – https://www.global-business.net/

If you would like to connect with Jeremy or learn more about his employer, Prism Systems Inc, then check the following:

Jeremy Baker – https://www.linkedin.com/in/jeremyabaker/

Prism Systems Inc – https://www.prismsystems.com/

The Industrial Wi-Fi Shop Podcast – Ep. 12 Lucky number 7! Dec 17, 2024

Advantech CVE

https://www.infosecurity-magazine.com/news/critical-vulnerabilities/

Wireless and 5g impact on smart manufacturing

https://iebmedia.com/technology/industrial-5g-wireless/industrial-wireless-impact-on-smart-manufacturing/

Cisco CURWB CVE’s

https://thehackernews.com/2024/11/cisco-releases-patch-for-critical-urwb.html

Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418)

Mobility Field Day 12 Announcement

WiFi and CURWB simultaneously

Remove need for parallel infrastructure
Is this a headache? (Yes)
Implications
Local and FlexConnect support

Drones in manufacturing

site surveys
But what else?
RFID inventory like at BMW
LiDar mapping?

Siemens

LTE backwards compatible
CBRS
Private 5G
Public carriers (it depends) certifications in process for some.
WiFi 7 rumblings, I hear it is on the roadmap

Phoenix Contact

2 current Wi-Fi 6 industrial wireless access point models
6e models in the works

Waveriders Collective

ad hoc 5G deployments
will these be usable for bringing plants back online/bridging a permanent infrastructure
POCs

Edge X is 802.11 but has m2 slot and is looking to support echo ring at some point.
soft PLC on board
Edge X is the platform as well.

https://www.r3.group/de/support-downloads/?file=files/media/downloads/products/R3_Edge-X_DataSheet_EN_2024-11.pdf&cid=1911

Fortinet

Products coming out next year will include a host of industrial geared hardware.
WiFi 7 and 5G capabilities.
Leaning on track record and security focus.

Aunex

axe client (data sheet)
Data Eagle (Scott will like this) 2.4/BT/900 MHz time sensitive protocol focus
CIP etc

RTLS? Are any listeners deploying this? Send us an email.

Sub Gig

Meshtastic, is it useable in Industrial or is it still sorta niche/fun (Line of sight)
https://meshtastic.org/

Wi-Fi 7 possibilities in Industry, manufacturing and safety

Are massive gains in throughput a selling point for manufacturing
- 4096 QAM
- Massive channel widths (320 plus non-contiguous)
- What about Multi-Link Operation (MLO), a feature that increases capacity by simultaneously sending and receiving data across different frequency bands and channels. (2.4 GHz, 5 GHz, 6 GHz)
Wi-Fi 7 claims dramatically lower overall latency
Probably going to be great for camera systems.

Oscium/Metageek

Q1 planned discussion around the merger, spectrum analysis, potential new hardware,

old friends

WLAN Pi

App and API
M4 Plus
OTG
Go
HaLow surveying?

WLPC 2025

Surveying private cellular Mark Houtz looks like it is on the horizon. Heatmaps, pcaps, oh my

https://markhoutz.com/
Presenting on this at WLPC Phoenix 2025
WLPC 10 talk on site surveys in machine cells and entertainment…

WiCo

-Chapel Hill NC- 5/14 -Scott presenting on …

-Nashville 5/29- Jeremy possible presentation on CURWB

What’s coming up for the IWS in 2025?

Some great guests lined up
- Oscium – Lord High Commanders of Spectrum Analysis
- Dr. Rick Candell from NIST/IEEE
- Dr. Emmett Brown to discuss 1.21 gigawatt power thresholds
- The gang from Industrial Wireless manufacturers Phoenix Contact
January will be the 1 year anniversary of the IWS!!!
New CWNP study guide giveaway opportunity!

**The Industrial Wi-Fi Shop Podcast – Ep. 11 Cable Guy!** Nov 06, 2024

Contact the guys at the Industrial Wi-Fi Shop!
Scott – scott@industrialwifishop.com
Jeremy – jeremy@industrialwifishop.com

**R-Coax Deep Dive**

**High Level**

What is Radiating Cable? Is it “Wire for a wireless system?” Let’s dig in.

Leaky Coax is an extruded copper core, with an external copper sheath. Featuring slits along one side which allow RF to escape (the matrix).

It is composed of just four components. An inner conductor, a dielectric or low density PE layer, an outer conductor with slots, and a cable jacket. This technology has been around for 40-50 years from what I can tell.

The slits allow emission of certain frequencies.

It goes by several names, but most commonly referred to (by me) as leaky coax. You may have heard of:

Radiant Coax

Radiating Cable

Leaky Coax

Leaky Feeder

RCoax

<expletive deleted>

The standard boiler plate use cases are AGV systems, overhead cranes, rotating machinery, skillet systems, monorails, mining, even tunnels in some cellular applications. We deploy it in these scenarios and also entertainment applications.

This stuff is a pain to get in, stiff and easy to damage if you aren’t careful. Siemens documentation says it has a spatially limited radio link, but the stuff can be detected up to 30 meters away if using enough power from the radio.

The main benefit is that it replaces things like slip rings where constant flexing of ethernet cables leads to wear and failure.

**RF Propagation**

This can work in 2.4GHz, 5GHz and also the new 1.21 Gigawatts band they teased for release in early 2025

Think about it kinda like one of this perforated garden hoses, a little water comes out at every inch of the cable.

I call it the astropop, essentially at the head end, where the most energy comes out it’s the broad base of a cone and tapers to the end of the cable.

Near field 2-10 cm

Far Field: 0 to 3M

Typical loss (approximate) per 100m 17dbm for 2.4 and 27 for 5GHz

Segment length reduces transmission rate.

**Installation**

There is a ridge on the back side of the transmission surface, which is used to align the cable. Make sure your antenna is on the side of the remote antenna.

Not intended to be mounted directly to surfaces, requires standoffs with a minimum of about 5cm.

Secure with a clip at least every meter. There are metal reinforced clips available for more secure mounting and can be interspersed every 10 meters. YMMV

DO NOT MOUNT CLOSE TO BUS BARS!!!

A 480 bus bar is an electrical connection point that distributes and transports electricity.

SHOEs or Induction of current. Think of a trolley.

<— Wanna hear about how I got shocked?

Some radio vendors recommend overlap, some don’t.

Can be installed outdoors. If it is in danger of being stepped on you can protect with something like cable tray. <— Picked this tip up from some smart guys on a carousel installation

A hacksaw file and a few wrenches is all you really need to put the N-Type connectors on the end. Don’t use snips.

You can also use rubber pipe wrenches to help grip for twisting the cable as you lay it or fix misalignments.

**Best Practices**

Keep the antenna within 1” to 2 meters, you can get away with a longer distance though. The signal will degrade the further you get away from the cable. If you can reach out and touch the coax, you should be good to go.

Don’t put it in channels.

Check the alignment with the ridge, then check it again every few weeks after initial install make sure it settles into the installation. This stuff will relax after some time.

Don’t get shocked, or do, but don’t say I didn’t warn you. Keep it the minimum distance from high voltage rails.

Keep the remote antenna in line with the central axis of the EM field.

Mind the bend radius.

Torque stripe the cable at the clips for easy visual inspection. Do this after the cable has settled.

Don’t install the radio in EX zones (Class1, Div 2 – explosive zones),

cable is passive so treat it like an antenna

Be mindful of common outdoor, corrosive environments and follow the same component sealing best practices.

Not sure about direct burial of this stuff, but it might work.

Typically we only use this as SISO, though it appears ProSoft will allow you to install using two tx chains.

You can dual feed and use something like a UNII-1 and UNII-2 channel to send signals from both ends.

This is an exotic application so be wary of the hardware you use.

Angling antennas slightly improves performance.

**Fun Stuff**

My most famous project and probably the only one I can talk about with much detail is the Secret Life of Pets ride in Universal Studios Hollywood. Got it in right before Covid locked everything down.

We won an award for this ride.

It is what is referred to as an omni mover. The cable is installed inside the machine guarding and has tons of bends and turns in it.

A few takeaways, not all unions are the same, which is fun. I learned about the delicate nature of sitting around waiting on someone who has no idea what they are doing install hardware while I scream internally. Mostly good people, so don’t take this as a total knock against union workers.

We made some on the fly brackets after the custom client brackets we built hit some stuff in line of travel which wasn’t supposed to be there. Amazing what you can do with bar stock, a bench vise, a step bit, and a hammer.

We got to figure out how to make the Fluidmesh radios work with this cable. So that was fun.

Acceltex Clear Antennas

**End of show question**

How would you apply RCoax at your site?

How does Fluidity work vs traditional 802.11 communications? Might be a good topic for an upcoming episode.

Links Referenced:

Siemens

Click to access SYH_RCoax_76.pdf

ProSoft

Others

If you would like to connect with me or learn more about my employer, Global Process Automation (GPA), then check the following:

Scott McNeil – https://www.linkedin.com/in/americanmcneil/

GPA – https://www.global-business.net/

If you would like to connect with Jeremy or learn more about his employer, Prism Systems Inc, then check the following:

Jeremy Baker – https://www.linkedin.com/in/jeremyabaker/

Prism Systems Inc – https://www.prismsystems.com/

**The Industrial Wi-Fi Shop Podcast – Ep. 10 Wi-Fi of Steel** Oct 10, 2024

CWISA Guide Giveaway details
There are two copies of the Certified Wireless IoT Solutions Administrator (CWISA) study/reference guides
Winners have been drawn at random
The winner from IT is: Hiten Thakkar from Santa Cruz, CA
The winner from OT is: Jace Allen from Kaysville, UT
(WEST Coast BIAS!!!)

Congratulations!! I have your email addresses and will be reaching out for shipping information!

Let’s dive into the environment first
Outside of the office spaces, what’s it like down in the dark and dirty spaces?
Heat?
Humidity?

Dust, dirt and grime.

To that end, is the dust more metallic and if so does that cause you problems?

Tools of the trade
What is your use of wireless technologies primarily for?
Standard Wi-Fi for user client connections?
Mobility deployments?
Machine to Machine communication?
Specific industrial wireless protocols?
Any special tools for remote support?
What wireless systems are deployed on site?
Example – Cisco or Aruba
Any specialty systems for sensors like LoRaWAN?
Wireless I/O?
Any special tools you use to help solve issues?
Spectrum analysis
Wi-Fi scanners
Etc.

What do you use for planning?

Now for the fun stuff
What are the main issues you have to deal with on siteWhat is the most challenging area at your site?Did you really have an antenna (maybe an AP) or two melt?
If so, story time, we want to know!

Melted antenna (radio isn’t looking to great either)

What kinds of RFI/EMI do you run into?

Is an arc furnace in use?

What are some interesting technologies you have been looking into?

Scott got R3 test units, and we are going to look into their capabilities.
Interesting that they integrate well with Rockwell
Would like to get more familiar with EchoRing protocol
Where do they fit in with low bandwidth capabilities?

HaLow as backhaul

Jeremy submitted a talk for WLPC Phoenix!

IPCAM Power, Moxa POE Splitters
IPCAM is pretty beefy

Resolves issue we saw with Siemens D-Coded pinout not pulling power from Acceltex POE battery

Jeremy is planning an informal documentation round table!

NDA Friendly, please don’t get yourself in trouble even though we really want to know about the secret cool stuff.

Scott, what are you working on?

Started developing a 2 day, hands on industrial wireless class

Heath, what are you working on?

Migration to Juniper/Mist

If you would like to know more about our guests, check them out on LinkedIn:

Heath Weeks – https://www.linkedin.com/in/heath-weeks-3346a81a/

Gerdau Special Steel – https://gsn.gerdau.com/

If you would like to connect with me or learn more about my employer, Global Process Automation (GPA), then check the following:

Scott McNeil – https://www.linkedin.com/in/americanmcneil/

GPA – https://www.global-business.net/

If you would like to connect with Jeremy or learn more about his employer, Prism Systems Inc, then check the following:

Jeremy Baker – https://www.linkedin.com/in/jeremyabaker/

Prism Systems Inc – https://www.prismsystems.com/

**The Industrial Wi-Fi Shop Podcast – Ep. 9 Wi-Fi Fight Club!** Sep 03, 2024

CWISA Guide Giveaway details

There are two copies of the Certified Wireless IoT Solutions Administrator (CWISA) study/reference guides

Winners will be drawn randomly on episode 10 (episode title TBD)

ONE winner will be from IT

ONE winner will be from OT

Click the link below to enter the drawing! (One entry per person)

—> https://forms.gle/eE4rYtixhbppyMti8 ←- (Link now inactive)

**WiFi6 and Mobile Robots**: AS/RS, Conveyors, AGVs, AMRs, Automotive Skillet Lines, Electrified Monorails…. All have one thing in common: THEY ROAM…. A lot!

*Challenges going to WiFi6*

The OT traffic is different than IT.

Instead of pushing big-huge files through the air, mobile robot applications need to move lots of small files – rapid fire, fast!

PLC-to-PLC communication.

The reliable, uninterrupted, consistent nature of the OT traffic is different with mobile bots.

The OT networks are different.

Think 20ms RPI, so the roam time has to be a fraction of that.

The generation level of the WiFi ***doesn’t necessarily matter***. … except for 6E (that “E” is really nice). How will we handle the common need for “purpose built” antennas/ signal reciprocity. For example a linear stacker crane usually only needs directional/ bi-directional antennas. No external antennas means you waste energy. The power differential is also a concern.

The changes in generation levels focus on more volume of data thru the air.

The changes are not necessarily focused on reliability.

The fast-roaming standard hasn’t changed.

95% of the chips end up in enterprise IT, and the current roaming standard satisfies that IT market.

Adding video, bandwidth, machine learning, etc. is important to enterprise IT, usually not to the bots.

The ProSoft radios do not support multiple SSIDs, on purpose. The idea is to have the SSID dedicated to the robot “fleet” network. Any additional WiFi required nearby will be handled by a completely different AP.

Automotive skillet lines and AS/RS roaming bots don’t need that. They need really, really reliable connections and ultra-fast roams.

Think Safety I/O

Think CIP Safety, ProfiSafe.

Think 20ms RPI and 40ms timeouts.

ProSoft buys the RF modules like everyone else.

Ex: We buy Qualcomm, package it, and sell it with ***our software*** running on it. I don’t know exactly how we do it, but somehow we hijack the chip and take control of many of the low-level decisions.

WiFi4 (802.11n) gave us access to the chip’s low-level functions.

We could monitor data from the RF chip so our software makes the roaming decisions, not the chip. The chip’s roaming standard is too slow.

We run our own calculations. We had ***a lot of control***, resulting in consistent roams under 10ms – often down to 2ms if the client and AP were both the ProSoft RLX2-IHNF-A.

We can roam on the same channel.

These are ProSoft’s killer features for mobile applications.

What is the most common installation case for ProSoft? Were you always geared towards single-band applications? The radios have always offered 2.4 and 5.0. We had another line of 900MHz frequency hoppers, but discontinued them in 2020.

Most common installations are AMRs in automotive, warehousing, oil/gas, cranes.

With WiFi6, the downside is we’ve been locked out by the chip makers, and don’t have access to those low-level functions. We can only do high-level computations.

So the WiFi6 chip handles the roam. Is this part of the standard? Does this lock you out from using the chipset and modified frames? There is a roaming standard, but from a ProSoft point of view, it’s too slow. That’s why we take control of the roaming decision. For whatever reason, we were not locked out of accessing the low-level functions required to take over the roaming decision. Now, with WiFi6, the manufacturers of the chipsets have locked that down.

Unfortunately, the 802.11r standard is ***way too slow***.

Challenge: Can we figure a way to still get to that low-level data? ProSoft is working on it.

Fluid Mesh puts 2 radios in each bot, and this might be the only way to fast-roam with WiFi6. Literally 2-4 radios that link logically. Newer hardware has two internal radios. Similar function. Splitting fleets is also a use case here.

Radio A talks to AP1

Radio B talks to AP2

When radio A is moving out of range of AP1, it starts roaming to AP3… in the meantime Radio 2 is still linked with AP2,

Siemens says IPCF does not currently work with WiFi6 to accomplish fast roaming. They also lost the second radio model from the W788 so those deployments are getting forced into WiFi6 one way or the other. Give and take with RPI and timeouts, some of these applications will have to relax constraints to get it to function. I see that give and take a lot, especially before I start talking to them. Slowing down RPIs and timeouts to allow for the longer roams.

**BENEFITS of WiFi6:**

If you need more bandwidth,

If you have pushing gobs of data,

Machine vision.

video

If you have a huge number of bots (clients) tied to 1 AP.

As the bot count goes up – 700, 800, 1,000 bots all in one warehouse – WiFi6 manages the data and traffic more efficiently.

**WiFi6E** is nice, opening up that 6GHz spectrum, you go from 8-9 channels to almost 60 more channels (at 20MHz)

2.4 is almost never used by ProSoft. It’s there. You can use it. But it’s too crowded with bluetooth, cordless things, microwave ovens, everyone’s cell phone which makes for an unreliable connection handling 20ms RPIs. Unreliable when you’ve got 500+ bots in a warehouse, and there are people there too with cell phones, and airpods, and apple watches. I learned the hard way that airpods really are a no-no when surveying 2.4 :).

We use 5.0, including the DFS channels.

More channels, more likely to get customer’s IT to ***STAY OFF*** a few of them.

Avoids all that saturated 2.4 traffic.

Siemens iPCF will not work on DFS channels.

**WiFi4 is going away, one day. RIP**

We need to get WiFi6 functioning in the OT space similar to how we currently have it with WiFi4, i.e. Ultra Fast Roaming <10ms in the RLX2-IHNF-A

For mobile applications, it has to support Safety I/O, CIP Safety, ProfiSafe, etc., etc.

For mobile applications, it has to support high client density (bot swarms), 6E is the answer, if we could only now just get it to fast roam.

If you would like to know more about our guests, check them out on LinkedIn:

Vic Paraenglo – https://www.linkedin.com/in/victorparangelo/

Prosoft Technology wireless products – https://www.prosoft-technology.com/Products/Industrial-Wireless

If you would like to connect with me or learn more about my employer, Global Process Automation (GPA), then check the following:

Scott McNeil – https://www.linkedin.com/in/americanmcneil/

GPA – https://www.global-business.net/

If you would like to connect with Jeremy or learn more about his employer, Prism Systems Inc, then check the following:

Jeremy Baker – https://www.linkedin.com/in/jeremyabaker/

Prism Systems Inc – https://www.prismsystems.com/

**The Industrial Wi-Fi Shop Podcast – Ep. 8 Respect My Securit-ahh!** Jul 30, 2024

CWISA Guide Giveaway details

There are two copies of the Certified Wireless IoT Solutions Administrator (CWISA) study/reference guides

Winners will be drawn randomly on episode 10 (episode title TBD)

ONE winner will be from IT

ONE winner will be from OT

Click the link below to enter the drawing! (One entry per person)

—> https://forms.gle/eE4rYtixhbppyMti8 ←- (link now inactive)

Let’s talk security – Owning your industrial airspace

Three things you need to consider

Situational awareness of your site

Understanding the current RF landscape

Securing your wireless assets

Situational awareness

Where is your site

Is it in an industrial park?

Is it in an urban area close to other buildings and businesses?

Is it out in the middle of “nowhere”?

What is around your site

Residential?

Commercial?

Industrial / manufacturing?

Who is around your site

Static residential

High volume transient population

Lions, tigers and bears, oh my!

What is your risk

Understand your RF landscape

What other structured wireless networks are operating on your site?

802.11

802.15.4

Proprietary wireless

Are there transient wireless networks

Mobile hotspots

Transportation and fleet management

Are there and sources of EMI / RFI

How bad

What frequencies

What is your risk?

Securing your wireless assets

802.11 security

Obviously, do not use WEP or WPA (granted I do know that there are still legacy devices in production environments out there and that sometimes you have no choice. Be sure to document what you cannot mitigate!)

WPA2 still the most common, enable Protected Management Frames if you can/have the option

WPA3 the most preferable

Advanced and improved encryption

MFP is mandatory

802.15.4 security

128-bit AES encryption is built into the standard

After layer 2 in the OSI, these compliant devices often implement other security options from onboarding to CRCs, it depends on the vendor

Want to know more about Bluetooth security – check out episode 6

Want to know more about WirelessHART or ISA100 security – check out episode 4

Proprietary wireless security

Usually have encryption options

Unique onboarding processes for mesh devices

Contextless data transfer

Management access

Disable Over-the-air (OTA) management

Use HTTPS/SSH whenever possible

VLAN/segment out management IP addresses whenever possible

NEVER use default passwords and security settings

Key takeaways

Owning your industrial airspace is much more than simply encrypting wireless traffic

You need to look at your site as a whole to fully realize and understand your overall risk

You do not have the luxury of deciding whether or not you are a target

This is what my 900MHz signal generator looks like in spectrum analysis. It’s definitely a unique signature from the Density view at the top to the Waterfall view in the middle. You can also see in the bottom panel how it just eats up airtime utilization.

If you would like to know more about our guests, check them out on LinkedIn:

Jeremy Baker – https://www.linkedin.com/in/jeremyabaker/

If you would like to connect with me or learn more about my employer, Global Process Automation (GPA), then check the following:

Scott McNeil – https://www.linkedin.com/in/americanmcneil/

GPA – https://www.global-business.net/

The Industrial Wi-Fi Shop Podcast – Ep. 7 Industrial Wi-Fi Gets The ax! Jul 04, 2024

Wi-Co event
- Event was held in Chapel Hill NC on June 12th
- Lots of great presentations
- 2 hour hands on industrial wireless lab
  - Participants got to physically wire up 24v power supplies and the corresponding industrial radios
  - Full configuration lab followed the physical wiring
- Great people there from all over NC and even the Washington DC area!
- https://wi-co.org/
Wi-Fi 6 comes to Industrial radios!
- Will the expanded spectrum (6GHz) find a home in the industrial universe?
- While spectrum use is up in the air, I know the enhanced stability of the ax protocol is sure to make a difference
- Phoenix Contact skipped Wi-Fi5 all together
  - Phoenix Contact WLAN 1020 and 1120 series
- Prosoft also skipped Wi-Fi5
  - Just released the ELXM-SW6, a Wi-Fi6 wireless bridge
  - Looking to release full Wi-Fi6 AP by Q4 2024
  - Adding 6 GHz early 2025
- Siemens is transitioning from Wi-Fi5 into Wi-Fi6
  - Siemens SCALANCE WAM763-1
  - Siemens SCALANCE WUM763-1
- Aunex AMC2X8-A-SL-WK8
- How will Wi-Fi6 affect radial coax? (“leaky coax”) Protocol level
- Customers demanding WiFi6/newer features. Actually, pushing for WPA3
Trends:
- Industrial IoT trends/predictions
  - Increasing importance on
    - Condition monitoring & predictive maintenance
    - Sensor advances and innovations
  - Digital Twins
  - Fog Computing
    - “This technology relocates intelligence to the edge of the network, where the machinery exists. This enables real-time control as well as enhanced security and greater manageability. It’s easy to see how fog computing in IIoT should become standard practice throughout the industry.”
  - Largest manufacturer of industrial wireless devices worldwide (in descending order)
    - Emerson (over 10% themselves)
    - Honeywell International (Honeywell & Siemens combined are another 10%)
    - Siemens (Honeywell & Siemens combined are another 10%)
    - ABB
    - GE
    - Eaton
    - Cisco
    - Yokogawa
    - Rockwell Automation
    - Advantech
    - Arris
  - Top industrial verticals for wireless (in descending order)
    - Chemical
    - Oil & Gas
    - Pulp & Paper
    - Electric Power
    - Water & Wastewater
    - Metallurgy & Mining
    - Food & Beverage
    - Pharma & Biotech
    - Then everyone else
  - Worldwide, Chemical, oil & gas and the Pulp & Paper industries are the three largest consumers of Industrial Wireless Devices which are responsible for about 38 percent of Industrial Wireless Device consumption.
  - Largest markets for industrial wireless devices (in descending order)
    - North America (S., Mexico & Canada)
    - Europe (Germany, UK, France, Italy, Russia and Turkey)
    - Asia-Pacific (China, Japan, Korea, India, Australia, Indonesia, Thailand, Philippines, Malaysia and Vietnam)
    - South America (Brazil, Argentina, Columbia)
    - Middle East and Africa (Saudi Arabia, UAE, Egypt, Nigeria and South Africa)

Sources/Resources:

Precision Reports: 2024 Industrial Wireless Devices Market Trends Research Report to 2032
- https://www.linkedin.com/pulse/2024-industrial-wireless-devices-market-trends-shkye/?published=t
Advanced Tech: iiot trends
- https://www.advancedtech.com/blog/iiot-trends/
- https://www.advancedtech.com/blog/fog-computing-industrial-iot/
Siemens Links
Phoenix Contact Links
- External Antenna model 1020 https://www.phoenixcontact.com/en-pc/products/wireless-module-fl-wlan-1020-2702992
- Internal Antenna model 1120 https://www.phoenixcontact.com/en-pc/products/wireless-module-fl-wlan-1120-1386091

If you would like to know more about our guests, check them out on LinkedIn:

Jeremy Baker – https://www.linkedin.com/in/jeremyabaker/

If you would like to connect with me or learn more about my employer, Global Process Automation (GPA), then check the following:

Scott McNeil – https://www.linkedin.com/in/americanmcneil/

GPA – https://www.global-business.net/

If you would like to know more about our guests, check them out on LinkedIn:

Jeremy Baker – https://www.linkedin.com/in/jeremyabaker/

If you would like to connect with me or learn more about my employer, Global
Process Automation (GPA), then check the following:

Scott McNeil – https://www.linkedin.com/in/americanmcneil/

GPA – https://www.global-business.net/

**The Industrial Wi-Fi Shop Podcast – Ep. 6 Bluetooth!** May 16, 2024

The Basics

The IEEE standardized Bluetooth as 802.15.1 but no longer maintains the standard

Bluetooth is managed by the Bluetooth Special Interest Group of which there are over 35,000 member companies

As of 2021 over 4 BILLION Bluetooth integrated chipsets are shipped annually

Geek Stuff

Frequencies used:
2.400 GHz through 2.4835 GHz
However, there are “guard” or buffer bands at the top and bottom of this range with the bottom being 2 MHz wide and the top being 3.5 MHz wide

Actual used frequency range is 2.402 GHz through 2.480 GHz

Channels:
Versions prior to 4.0, what is referred to as “Bluetooth Classic”
79 channels at 1 MHz wide

Versions 4.0 and up, better known as Bluetooth Low Energy (BLE)

40 channels at 2 MHz wide
3 channels are referred to as primary advertisement channels which are channels 37, 38 & 39
37 = 2.402 GHz, 38 = 2.426 GHz, 39 = 2.480 GHz

That leaves 37 channels to use for data

Data rates:
Bluetooth Classic
Original Bluetooth using GSFK (*Gaussian frequency-shift keying*) modulation, said to be operating in basic rate (BR) up to 1Mbit per second
Later versions (2.0+) using DPSK (*Differential phase-shift keying*) modulation, described as Enhanced Data Rate or EDR
EDR2 – 2Mbit per second
EDR3 – 3Mbit per second
2019 Apple published an extension referred to as HDR using DQPSK (*Differential quadrature phase-shift keying*)
HDR4 – 4Mbit per second
HDR8 – 8Mbit per second

Bluetooth Low Energy (BLE)

Bluetooth 4 – up to 1Mbit per second

Bluetooth 5 – up to 2Mbit per second

Range for the most part is based upon class, and class is based upon power levels. However, there is lots of conflicting data on this due to sales and media hype of various device manufacturers
Class 1 devices
Power ranges from 10 to 100 mW
Range considered up to approximately 100 meters
BD/EDR devices loosely called class 1.5 are technically considered class 1 with power ranging from 2.5 to 10 mW. Max theoretical range being approximately 50 meters
Class 2 devices
Power ranges from 1 to 2.5 mW
Range considered up to approximately 10 meters (or 33 feet)
BLE
BLE 4 – approximate max theoretical range – 100 meters
BLE 5 – approximate max theoretical range – 400 meters

***It is important to note that in all cases, no matter the class of the device, the environment plays an important role in real world range and data throughput***

Reliability

Adaptive Frequency Hopping
Adaptive frequency hopping helps ensure data successfully makes its way through the noise. Individual messages are broken into small data packets, which are sent over different channels in a pre-defined sequence, known only to the transmitting and receiving devices. As many as 1600 channel-switches can take place every second. Any data packets that don’t reach their destination correctly are re-sent, and if the problem was caused by the channel, this gets flagged up so it can be avoided in the future.
In noisy environments, or where data is transmitted over longer distances (more on this below), there’s a chance of bit errors slipping into messages. Bluetooth can detect these, and take action to avoid unreliable channels, if they’re the cause.

It can also use what’s called ‘forward error correction’ (FEC) to rectify errors once data arrives at the receiver.

What is FEC? – FEC is a digital signal processing method that reduces the bit error rate of communication by adding parity bits to the data at the transmitter side so that the receiver side then uses those parity bits to detect and correct errors that may have been introduced over the course of the transmission

Security
adaptive frequency hopping that we talked about earlier sees the transmitter send out data on a pseudo-random sequence of channels. Only the transmitter and the receiver know which channels these will be
Bluetooth 4.2 and up use pairing mechanisms. These mechanisms prevent data in transit from being vulnerable to man-in-the-middle attacks
Once connected/paired to target devices, BLE can then be put into a hidden/invisible mode that turns off local scanning for other BLE devices and makes the configured BLE device non-discoverable

Security levels (source – https://www.allaboutcircuits.com/technical-articles/bluetooth-le-security-modes-and-procedures-explained/)
Sec Lvl 1 – No security
No authentication, no encryption. Easy to use/set up, vulnerable to everything
Sec Lvl 2 – Unauthenticated pairing with encryption
No authentication but adds encryption – easy to use, data in transit is secured with 128-bit AES but pairing is vulnerable to everything
WiFi comparison – WPA2 with no management frame protection
Sec Lvl 3 – Authenticated pairing with encryption
Pairing is protected by using either out of band associations OR a passkey method then followed up with 128-bit AES encryption
Eliminated man in the middle type attacks

Sec Lvl 4 – “Authenticated LE Secure Connections Pairing with Encryption Using a 128-Bit Strength Encryption Key”

“Devices at this level implement pairing via the *LE Secure Connections* pairing method, superseding the legacy method. This pairing process incorporates the *Numeric Comparison* association model and requires a robust 128-bit strength encryption key.”

Functionality & use cases for industry and manufacturing

Serial ports are widely used in industrial applications.
Serial Port Profile (SPP) emulates a full serial interface, complete with hardware handshaking via Bluetooth.
serial cables can be replaced with a wireless Bluetooth link, with either multi-point or point-to-point operation

can be used in remote I/O applications in industry and manufacturing in a similar fashion as WirelessHART or ISA100 Wireless

its reliability makes it ideal for a variety of wireless sensor types from tank farm levels to preventive maintenance applications like vibration, temperature and moisture sensors

Smart building sensors (that’s right, more sensors…)
HVAC connections with central controller capturing all types of information
Temperature
Humidity
Air quality
Even occupancy sensing data
Wireless thermostats

Automated lighting controls

RTLS and other location tracking
Personnel tracking in hazardous locations

Industrial truck / fork truck tracking and association with “hit-not” devices for foot traffic

Robotics and industrial mobility
Automated Guided Vehicles (AVG’s)
Autonomous Mobile Robots (AMR’s)
Collaborative Robots (cobots)

These machines require local connectivity for safe navigation within dynamic environments. Robot tasks or routes can be updated at any time with a direct Bluetooth connection between the machine and the user’s mobile device or industrial Human-Machine Interface (HMI)

Sources and other related material:

https://semfionetworks.com/blog/ble-advertisment-channels/ (Francois from Clear to Send)

https://www.phoenixcontact.com/en-us/technologies/communication-technologies/industrial-bluetooth

https://www.allaboutcircuits.com/technical-articles/bluetooth-le-security-modes-and-procedures-explained/

https://response.nordicsemi.com/the-complete-guide-to-bluetooth-low-energy

https://blog.nordicsemi.com/getconnected/things-you-should-know-about-bluetooth-range

https://www.u-blox.com/en/blogs/insights/seven-reasons-why-bluetooth-perfect-industrial-iot

If you would like to know more about our guests, check them out on LinkedIn:

Jeremy Baker – https://www.linkedin.com/in/jeremyabaker/

If you would like to connect with me or learn more about my employer, Global Process Automation (GPA), then check the following:

Scott McNeil – https://www.linkedin.com/in/americanmcneil/

GPA – https://www.global-business.net/

The Industrial Wi-Fi Shop Podcast – Ep. 5 Wireless Design – Industrial vs. Enterprise Roundtable part 2 Apr 13, 2024

Wireless network design can be very challenging. However there are distinct differences in design depending on the environment. This is part two of a round table discussion of four wireless engineers, two who work primarily in the enterprise realm and two from the world of industry and manufacturing.

The discussion covers the differences and similarities across multiple topics, including:

Assessment tools
Environmental challenges
Location Access
Safety
Design
Reporting
Project adversities

We discuss many of our favorite tools, most of which are linked below:

https://www.hamina.com

https://www.metageek.com/chanalyzer

https://ibwave.com

https://ekahau.com

https://www.eino.ai

https://www.wlanpi.com

https://www.printables.com/model/265668-wlan-pi-r4-fascia-essentials

If you would like to know more about our guests, check them out on LinkedIn:

Mark Houtz – https://www.linkedin.com/in/markhoutz/

Ali Mohammad – https://www.linkedin.com/in/mali77/

Jeremy Baker – https://www.linkedin.com/in/jeremyabaker/

If you would like to connect with me or learn more about my employer, Global Process Automation (GPA), then check the following:

Scott McNeil – https://www.linkedin.com/in/americanmcneil/

GPA – https://www.global-business.net/

The Industrial Wi-Fi Shop Podcast – Ep. 5 Wireless Design – Industrial vs. Enterprise Roundtable part 1 Mar 26, 2024

Wireless network design can be very challenging. However there are distinct differences in design depending on the environment. This is part one of a round table discussion of four wireless engineers, two who work primarily in the enterprise realm and two from the world of industry and manufacturing.

The discussion covers the differences and similarities across multiple topics, including:

Assessment tools
Environmental challenges
Location Access
Safety
Design
Reporting
Project adversities

We discuss many of our favorite tools, most of which are linked below:

https://www.hamina.com

https://www.metageek.com/chanalyzer

https://ibwave.com

https://ekahau.com

https://www.eino.ai

https://www.wlanpi.com

https://www.printables.com/model/265668-wlan-pi-r4-fascia-essentials

If you would like to know more about our guests, check them out on LinkedIn:

Mark Houtz – https://www.linkedin.com/in/markhoutz/

Ali Mohammad – https://www.linkedin.com/in/mali77/

Jeremy Baker – https://www.linkedin.com/in/jeremyabaker/

If you would like to connect with me or learn more about my employer, Global Process Automation (GPA), then check the following:

Scott McNeil – https://www.linkedin.com/in/americanmcneil/

GPA – https://www.global-business.net/

**The Industrial Wi-Fi Shop Podcast – Ep. 4 Industrial Wireless Protocols: WirelessHART and ISA100** Feb 26, 2024

WirelessHART and ISA100.11a are two wireless protocols designed specifically for industrial applications. Based on the IEEE 802.15.4 wireless standards and utilizing Direct Sequence Spread Spectrum, these protocols provide robust and reliable low data rate wireless communications for a variety of industrial sensors and sometimes even controls.

While I dont have captures of these two protocols specifically, I do have several examples of what Frequency Hoping Spread Spectrum (FHSS) and DSSS looks like in spectrum analysis. The images below are examples of FHSS and DSSS from several different device deployments. While these are FHSS and DSSS, they are running on top of proprietary protocols as opposed to IEEE 802.15.4.

FHSS wireless camera system

The image above is from a deployment of Lorex LW2232 wireless cameras utilizing FHSS across the 2.4GHz spectrum. The deployment consisted of twelve cameras and transceivers all transmitting at their full power capacity of 16dBm. As you can see, at these levels they were disrupting the coexisting Wi-Fi due to the high utilization.

DSSS Phoenix Contact RAD900 Wireless IO

This is a capture I took in my lab while testing several Phoenix Contact RAD900 Wireless IO devices. These run on a proprietary protocol on 900MHz, but still used DSSS for frequency transmission. You can see the communication is very organized and while there is a lot of data going back and forth, the actual bursts of communication are very small. This helps dramatically with contention for airtime.

DSSS Banner Engineering 900MHz sensors

This capture was from a network of Banner Engineering 900MHz sensors around a waste water treatment facility. Though there were over twenty devices in the network, you can see that there is plenty of airtime and no contention. Though Banner uses proprietary protocols, DSSS keeps the data flowing reliably and continuously.

If you would like to learn more about WirelessHART, check out these links:

PxC – https://www.phoenixcontact.net/microsites/wireless-hart/895.htm#:~:text=A%20key%20attribute%20of%20WirelessHART,installed%20range%20of%2050%2D100m.

FieldComm Group: https://www.fieldcommgroup.org/technologies/wirelesshart

If you would like to learn more about ISA100 wireless, check out these links:

Yokogawa – https://web-material3.yokogawa.com/fld-field-test-report-vol01.pdf

Rfwireless-world – https://www.rfwireless-world.com/Tutorials/ISA100-wireless-tutorial.html

ISA100 and the OSI Model – https://isa100wci.org/about-isa100-wireless/isa100-and-the-osi-model

If you would like to connect with me or learn more about my employer, Global Process Automation (GPA), then check the following:

Scott McNeil – https://www.linkedin.com/in/americanmcneil/

GPA – https://www.global-business.net/

The Industrial Wi-Fi Shop Podcast – Ep. 3 RF, Antennas & Microwave Burritos Feb 08, 2024

Jim Palmer came into the shop to talk about Radio Frequency (RF), how antennas work and propagate RF energy. Jim packs quite a bit of knowledge into this conversation and I had to take notes!

The conversation gets fairly deep into Equivalent Isotropic Radiated Power, or EIRP, which is the total radiated power from a transmitter antenna times the numerical directivity of the antenna in the direction of the receiver, or the power delivered to the antenna times the antenna numerical gain.

At one point in the discussion, we talk about the Tacoma Narrows bridge and how it collapsed due to a phenomena known as harmonics. Here is a link to a video of that event: https://youtu.be/j-zczJXSxnw?si=zCXid0Pr8ZJ97knu .

If you would like to know more about the incident, check the Wikipedia page here: https://en.wikipedia.org/wiki/Tacoma_Narrows_Bridge_(1940)

Jim can be found on both LinkedIn and Twitter/X: https://www.linkedin.com/in/james-palmer-09363615a/ and at @WirelessJimP respectively. He also blogs extensively and is considered an authority on RF and antennas by those in the wireless community. You can find his blog at: https://jimswirelessworld.wordpress.com/

If you would like to know more about Ruckus Wireless, you can find them on the web at: https://www.ruckusnetworks.com/

If you would like to connect with me or learn more about my employer, Global Process Automation (GPA), then check the following:

Scott McNeil – https://www.linkedin.com/in/americanmcneil/

GPA – https://www.global-business.net/

The Industrial Wi-Fi Shop Podcast – Ep. 2 Industrial Wireless Safety & Mobility Jan 15, 2024

Episode 2 brings Jeremy Baker into the shop to talk with me about industrial wireless safety and mobility. From theme park rides to heavy industrial equipment, we cover a lot of material so be sure to pay attention.

One of the places we discuss is Kelly Slaters Surf Ranch. If you would like to see what that place is like, check out the link: https://youtu.be/AXtVnLe2SUc?si=W4iOo17xdmDXcsOX

If you would like to connect with Jeremy on LinkedIn and know more about his employer, Prism Systems, see below:

Jeremy Baker – https://www.linkedin.com/in/jeremyabaker/

Prism Systems – https://www.prismsystems.com/

Finally, if you would like to connect with me or learn more about my employer, Global Process Automation (GPA), then check the following:

Scott McNeil – https://www.linkedin.com/in/americanmcneil/

GPA – https://www.global-business.net/

The Industrial Wi-Fi Shop Podcast – Ep. 1 Industrial Wireless Assessments Jan 04, 2024

In this first episode, I joined by Justin Shade from Phoenix Contact to discuss the importance of wireless assessments in industrial and manufacturing and how they should be an essential part of any new wireless projects.

Justin can be found on LinkedIn at – https://www.linkedin.com/in/justin-shade-a44817b/

If you would like to learn more about Phoenix Contact and their line of industrial wireless gear, check them out at https://www.phoenixcontact.com/en-us/products/industrial-communication/industrial-wireless

Thanks for listening and I hope you hang around for the next episode!

The Industrial Wi-Fi Shop Podcast – Teaser 1 Dec 13, 2023