Dennis BrandlVirtualization can simplify system upgrades, and that is a major reason to virtualize. Additional reasons and issues include cost reduction, additional uptime, unique peripherals, industrial networks, and vendor support.

The first Tuesday of every month is a significant date for most IT departments, the day that Microsoft releases patches. On the first Wednesday of each month an army of IT workers at vendor companies start testing the patches on their installed systems and applications. With luck and no compatibility problems, the vendors release advice to their customers about the patches. Meanwhile, end-user companies start performing tests on their systems and applications before they roll out the patches to their production systems. A major problem with this model is the requirement to keep exact copies of production systems available for the patch testing. When changes or updates are made to the production systems, the same changes must be identically applied to the patch test systems. This doubles the hardware cost of a system and doubles the maintenance costs.

Virtualization simplifies this through the use of snapshots. Snapshots are an exact copy of a system’s memory, databases, and installed applications. A snapshot can be loaded on a virtual machine (VM) to give you an exact copy to use in patch testing. There are two common methods to use: snapshot as rollback/backup and snapshot as test copy. The rollback/backup model is used when short-term unavailability of a system is acceptable. A snapshot is taken of the production systems before the patch is installed, the patch is installed, the system is restarted, if necessary, and then it is quickly tested. If no problems occur, then production continues with the patched system. If problems occur, then the system is rolled back to the snapshot.

Snapshot patch testing

The “snapshot as test copy” method is used when production system downtime is not acceptable and a patch reboot is not needed. A snapshot is taken of the production system and then installed in a test VM environment. The patch is applied to the test environment and tested. If the patched system passes the acceptance tests, then the patch is applied to the production system.

Another advantage of visualization is the ability to move a VM from one host server to a new host server without shutting down the VM. This functionality provides a method to upgrade hardware without shutting down applications and impacting production. This also provides a method to increase the CPU power available to an application on an on-demand basis. Not all hypervisor VM systems provide this functionality, so it is important to see what your virtualization system provides. It is also important to test this feature prior to implementing it in production because not all hypervisors handle the switchover in the same manner.

3 virtualization issues to watch

There are three issues in using VMs in manufacturing IT systems: unique peripherals, industrial networks, and vendor support. VM systems have two unique characteristics: all communication must be through an Ethernet network connection, and no special devices can be used. This means that most USB devices, printers, and license dongles must be connected through Ethernet. Also, industrial networks must be connected through Ethernet, special video cards cannot be used, and special keyboards cannot be used. Some virtualization servers will allow you to dedicate a USB port or communication port to a VM, but then the ability to move the VM to different hosts on an on-demand basis is lost.

There are off-the-shelf solutions for simulating USB devices, printers, and license dongles across Ethernet, but you will have to test the required drivers and network connected devices in your environment. Industrial networks are a bigger problem. Any Ethernet TCP/IP based protocol will probably work in the VM environment, but industrial networks that require proprietary network cards and non-10/100/1000 MB Ethernet cabling will probably not work in a VM. Fortunately, many Ethernet-to-industrial network convertors are available. For example, Ethernet-to-Modus devices allow 30-year-old Modbus connectivity to VMs. The newer OPC protocols (OPC-UA and OPC.Net) are Ethernet compatible and usable in the VM environment. OPC-UA is suitable for tag-based data and complex data, and OPC.Net is suitable for tag-based data. While there may be some concern about the use of Ethernet because of the nondeterministic nature of the protocol, the availability of 1000 MB (gigabit) networks has essentially eliminated this as a valid concern.

Push for vendor support

Dennis Brandl discusses insights on engineering and manufacturing IT integration for Control Engineering.

The final major issue is vendor support. Check with your vendors to understand their support policies for virtualization. Many have some support but may require that you run unvirtualized if a problem develops that they need to duplicate. However, once you move to virtualization, backing out for troubleshooting may be impossible. The little secret that many vendors have is that most are using virtualization in their own development and test environment. Apply pressure to your vendors to support virtualization. It is a technology and solution that is good for manufacturing and helps us apply IT solutions to more industrial problems.

Dennis Brandl is president of BR+L Consulting in Cary, NC, His firm focuses on manufacturing IT. Contact him at

- Edited by Mark T. Hoske, Control Engineering,

