The Badische Staatsbrauerei Rothaus AG (Rothaus) has been brewing beer in the Black Forest since 1791. In order to remain fit for the future, this traditional company knows that a reliable production network is essential. This includes redundant ring structures, high data transmission rates and protected access. To achieve this ultra-modern form of communication, Rothaus has worked closely with Siemens and HWI IT. The jointly developed concept was implemented during operation and supports the digital transformation of the brewery. Rothaus now benefits from a fast, access-protected, failsafe, and highly available production network, which is open for future developments and expansions.
For Rothaus it was not only important to integrate existing and new machines and equipment into the production network even faster than before; access to systems also had to be secure – both on site and externally – in order to save time, travel and costs. The existing network was segmented and linearly followed the individual brewery processes; from the malt intake through bottling to the energy supply and the brewery’s own wastewater treatment plant.
The problem was that if a network device failed, this could lead to the failure of entire areas for subsequent processes. In addition, the previous data rate was limited to 100 megabits per second (Mbps). This greatly restricted modernization. For planning and implementation, Rothaus engaged HWI IT GmbH, an engineering company based in Malterdingen, Germany that specializes in Scalance network technology from Siemens.
Comprehensive security measures
Replacing conventional fieldbus systems such as Profibus (standard for fieldbus communication) with Profinet (open Industrial Ethernet standard) makes it possible to perform commissioning, diagnostics and system maintenance over the network. Industrial Security is playing an increasingly important role, as only authorized users are allowed access to systems.
Throughout production, around 60 secure, standardized points of access to the automation level were set up. Specifically, these are Simatic S7-300, S7-400 and S7 1500 controllers. Access protection is provided by the Scalance S615 Industrial Security Appliance, which monitors network traffic as a firewall. An additional security instance is provided by the higher-level Sinema Remote Connect server, the Siemens management platform for remote networks.
Maximum reliability and availability
The network for the process control system has also been reorganized and the existing linear structure converted into three ring segments. New Scalance X network components networked via redundant fiber optic rings increase network performance as well as providing access protection and reliability. A central redundant backbone ring will connect all devices in the future and acts as the bridge between Information Technology (IT) and Operation Technology (OT) for the company. In order to make the interaction between OT and IT even more efficient, Siemens works closely with Aruba, a Hewlett Packard Enterprise company.
At Rothaus, too, the switches in IT come from Aruba and in OT from Siemens – both portfolios complement each other, and the interoperability of the devices is also ensured. At the heart of this OT backbone (main network) are two Scalance XR526-8C managed Industrial Ethernet switches with integrated Layer 3 functionality (routing). Both devices are linked to a logical virtual router via the Virtual Router Redundancy Protocol (VRRP), which increases the availability of important gateways in local networks. If one device fails, the other takes over all tasks within milliseconds.
Ready for the future
“With high-performance network technology and the bundled competence of all those involved, we have achieved our goals throughout and implemented a fast, access-protected, failsafe – and thus highly available production network,” says Adriano Pederiva, Head of Automation at Rothaus. “Right from the start, we were keen to design structures and processes in a way that keeps open all paths for future developments.” This includes the virtualization of the production control system and the option of configuring the production network via the Sinec NMS Network Management System.