SIEMENS

Gas pipelines are equipped with sensors to detect pressure anomalies. Without such sensors, maintenance teams would have to search hundreds of kilometers of pipeline for leaks in the event of a pressure drop. However, wiring these sensors is complicated. That’s why, in the future, such data will be transmitted wirelessly from one sensor to the next. But a traditional WLAN-based wireless transmission standard, such as the one used for the Internet in homes, which Siemens has refined for industrial facilities, isn’t suitable here because pipeline-monitoring sensors must consume very little energy.

“Energy conservation is a key trend in industrial wireless data transmission; and it’s not just an issue that affects pipelines,” says Alexander Smirnov from Siemens Corporate Technology (CT) in St. Petersburg, Russia. Smirnov, an expert in wireless data transfer, relies on the IEEE 802.15.4 standard, which was developed to simplify the creation of finely-meshed sensor networks. The data transmission rate of such networks is low, but so is their electricity demand. The reason: Each sensor node acts as a transmitter and a receiver, and can pass information on to neighboring nodes

With such sensors in mind, the 13 people in Siemens’ Reliable Embedded Systems research group have developed software for energy-saving, battery-powered, small computers that use the Linux operating system and transmit sensor data via the IEEE standard. The sensors can be mounted on pipelines at hundred-meter intervals,, while associated computers can be installed in compressor stations. There is no need for complicated wiring, while associated computers can be installed in compressor stations. There is no need for complicated wiring

Whereas Smirnov’s work focuses on reducing energy demand in an already hacker-immune standard, his colleague Maxim Nikolaev faces a different challenge. Nikolaev wants his systems to comply with the tough requirements of Safety Integrity Level 3 of the IEC 61508 standard. The problem is that rapid advances in computer hardware produce new potential sources of errors – for example, when old computers are replaced with new ones or a new software version is installed.

Of particular importance here are embedded systems – computers that are hidden inside machines, such as locomotives or X-ray units. Because software and hardware are often closely linked, hackers can infect a sub-system, for example, and use it as a springboard to attack other systems. Replacing a defective computer also harbors risks because the exact same hardware from the old unit is often no longer manufactured. The transition from microprocessors with one processing unit (called a “core”) to faster multi-core processors is a major problem for security experts. In such cases, researchers have to develop and certify new software – a laborious and costly process.

Nikolaev’s answer to this problem is to use something called a hypervisor, which is a piece of software that creates a layer between application programs and physical hardware. In this way, it fools such programs into functioning as if they’re running on hardware that doesn’t actually exist. The programs no longer see which microprocessor is actually present, how many cores it contains, or how much storage capacity is available. This enables older programs that require a processor with only one core to run on multi-core processors. Specialists refer to this approach as virtualization. It’s nothing new, but because the issue is crucial for security-related products from Siemens, the company decided to develop a virtualizer on its own.

Although hypervisor make things easier for maintenance and IT support staff, that was not its purpose. “Our platform has much higher error tolerance than other systems,” says Sergey Sobolev, who heads the research group. Because hypervisor separates programs from associated hardware, developers can define areas of a computer system that are fully protected against outside access – by hackers, for example. Such areas might include controlling the power of an X-ray tube or the emergency stop function of a robot arm. Other areas of the system could remain accessible to customers – for example, for remote maintenance. Both areas would run on the same computer, but the programs would have no influence over each other.
Siemens’ new hypervisor is still in the basic research stage. A prototype is scheduled to be available by fall 2013, says Nikolaev. “We will prove that the hypervisor meets the IEC certification requirements for a secure product.”