Skip to main content

Using Deterministic Networks for Industrial Operations and Control
draft-km-detnet-for-ocn-04

Document Type Active Internet-Draft (individual)
Authors Kiran Makhijani , Richard Li , Cedric Westphal , Luis M. Contreras , Tooba Faisal
Last updated 2024-07-06
RFC stream (None)
Intended RFC status (None)
Formats
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date (None)
Responsible AD (None)
Send notices to (None)
draft-km-detnet-for-ocn-04
Detnet Group                                                K. Makhijani
Internet-Draft                                               Independent
Intended status: Informational                                     R. Li
Expires: 7 January 2025                             SouthEast University
                                                             C. Westphal
                                                               Futurewei
                                                            L. Contreras
                                                              Telefonica
                                                               T. Faisal
                                                   King's College London
                                                             6 July 2024

   Using Deterministic Networks for Industrial Operations and Control
                       draft-km-detnet-for-ocn-04

Abstract

   This document describes an application programming interface with a
   deterministic network domain.  These APIs are used to select (or map)
   services in the Deterministic Network architecture.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on 7 January 2025.

Copyright Notice

   Copyright (c) 2024 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

Makhijani, et al.        Expires 7 January 2025                 [Page 1]
Internet-Draft               ocn-in-detnets                    July 2024

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents (https://trustee.ietf.org/
   license-info) in effect on the date of publication of this document.
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
   2.  Terminology . . . . . . . . . . . . . . . . . . . . . . . . .   3
     2.1.  Acronyms  . . . . . . . . . . . . . . . . . . . . . . . .   4
   3.  Background on Industrial Control Systems  . . . . . . . . . .   5
     3.1.  Connected Process-Controllers, Sensors and Actuators  . .   6
     3.2.  Generalized Communication Model . . . . . . . . . . . . .   7
     3.3.  Traffic Patterns  . . . . . . . . . . . . . . . . . . . .   8
       3.3.1.  Control Loops . . . . . . . . . . . . . . . . . . . .   8
       3.3.2.  Periodicity . . . . . . . . . . . . . . . . . . . . .   9
       3.3.3.  Ordering  . . . . . . . . . . . . . . . . . . . . . .   9
       3.3.4.  Urgency . . . . . . . . . . . . . . . . . . . . . . .   9
       3.3.5.  Co-existence with non-deterministic flows . . . . . .  10
     3.4.  Communication Patterns  . . . . . . . . . . . . . . . . .  10
     3.5.  Industrial Control Application Interfaces to DetNets  . .  10
   4.  Operation & Control Traffic Types . . . . . . . . . . . . . .  11
     4.1.  Overview  . . . . . . . . . . . . . . . . . . . . . . . .  11
     4.2.  OCN Traffic Type Equivalence  . . . . . . . . . . . . . .  12
       4.2.1.  Isochronous traffic-type  . . . . . . . . . . . . . .  13
       4.2.2.  Cyclic-synchronous traffic-type . . . . . . . . . . .  14
       4.2.3.  Cyclic-Asynchronous traffic-type  . . . . . . . . . .  14
       4.2.4.  Alarms and Events traffic type  . . . . . . . . . . .  15
       4.2.5.  Configuration and diagnostics traffic type  . . . . .  15
       4.2.6.  Network Control . . . . . . . . . . . . . . . . . . .  15
   5.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  16
   6.  Security Considerations . . . . . . . . . . . . . . . . . . .  16
   7.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .  16
   8.  References  . . . . . . . . . . . . . . . . . . . . . . . . .  16
     8.1.  Normative References  . . . . . . . . . . . . . . . . . .  16
     8.2.  Informative References  . . . . . . . . . . . . . . . . .  16
   Appendix A.  Appendix: Potential OCN-EH Extension Header
           Approach  . . . . . . . . . . . . . . . . . . . . . . . .  18
     A.1.  Operation and Control Network Option (OCNO) . . . . . . .  18
     A.2.  OCNO EH Processing  . . . . . . . . . . . . . . . . . . .  20
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  20

Makhijani, et al.        Expires 7 January 2025                 [Page 2]
Internet-Draft               ocn-in-detnets                    July 2024

1.  Introduction

   Process automation systems involve operating equipment (such as
   actuating and/or sensing field devices).  The communication between
   the 'process controllers' and field devices exhibit a well-defined
   set of behaviors and has specific characteristics: delivering a
   control-command to a machine must be executed within the time frame
   specified by a controller or an application to provide reliable and
   secure operation.  A low or zero tolerance to latency and packet
   losses (among other things) is implied.

   The endpoints ('process controllers' and field devices) embody
   machine-to-machine communications to facilitate remote and local
   process automation.  Applications using deterministic networks are
   not aware of the details of such networks and, therefore, require an
   interface with DetNets for operations and control of field-devices.
   In this document such interfaces are referred to as Operation and
   Control Network (OCN) interfaces for convenience.  OCN interfaces are
   used by applications to describe requirements for for guaranteed
   delay-aware packet delivery, reliability, and packet loss mitigation.

   Since Deterministic Networks provide extension to Time Sensitive
   Networks (TSN) for large-scale domains, it is reasonable to utilize
   the definitions developed by TSN for Industrial Automation (IA)
   traffic profile [TSN_IA_PROFILE].  The IA endpoints will use this
   profile to access appropriate service and treatment in a DetNet
   domain.

   This document provides a background discussion on the endpoints and
   connectivity in Industrial automation systems (Section 3), IA traffic
   type APIs to be used at IP layer (Section 4).  These APIs are
   implementation and encapsulation agnostic.  Applications may choose,
   either in-band metadata method or P4 base datapath programmability.
   As an example, IPv6 extension header based approach is covered in
   Appendix A.

2.  Terminology

   *  Operational Technology (OT):  Programmable systems or devices that
         interact with the physical environment (or manage devices that
         interact with the physical environment).  These systems/devices
         detect or cause a direct change through the monitoring and/or
         control of devices, processes, and events.  Examples include
         industrial control systems, building management systems, fire
         control systems, and physical access control mechanisms.
         Source: [NIST-OT]

   *  Industrial controller or process controller:  Is a logic control

Makhijani, et al.        Expires 7 January 2025                 [Page 3]
Internet-Draft               ocn-in-detnets                    July 2024

         function used in process automation and control systems.  A
         process controller maintains the operational requirement of a
         process and performs functions similar to programmable logic
         controllers (PLCs) but it can be either a hardware or software
         component.  The term process controller is used through out to
         avoid confusion with 'network controllers' used in network
         infrastructures.

   *  Industrial Automation:  Mechanisms that enable machine-to-machine
         communication by use of technologies that enable automatic
         control and operation of industrial devices and processes
         leading to minimizing human intervention.

   *  Control Loop:  Control loops are part of process control systems
         in which desired process response is provided as input to the
         'process controller', which performs the corresponding action
         (using actuators) and reads the output values.  Since no error
         correction is performed, these are called open control loops.

   *  Feedback Control Loop:  A feedback loop is part of a system in
         which some portion (or all) of the system's output is used as
         input for future operations.

   *  Industrial Control Networks:  Industrial control networks are the
         interconnection of equipment used for the operation, control,
         or monitoring of machines in the industrial environment.  It
         involves a different level of communication - between fieldbus
         devices, digital controllers, and software applications.

   *  Human Machine Interface (HMI):  An interface between the operator
         and the machine.  The communication interface relays I/O data
         back and forth between an operator's terminal and HMI software
         to control and monitor equipment.

2.1.  Acronyms

   *  HMI: Human Machine Interface

   *  OCN: Operations and Control Networks

   *  PLC: Programmable Logic Control

   *  OT: Operational Technology

   *  OC: Operation and Control

   *  OCN: Operation and Control Networks

Makhijani, et al.        Expires 7 January 2025                 [Page 4]
Internet-Draft               ocn-in-detnets                    July 2024

3.  Background on Industrial Control Systems

   An industrial control network interconnects devices used to operate,
   control and monitor physical equipment in industrial environments.
   Figure 1 below shows such systems' reference model and functional
   components.  Closest to the physical equipment are field devices
   (actuators and sensors) that connect to the Programmable Logic
   Controllers (PLCs) or other types of controllers (Note: in this memo
   term 'process controller' will be used to differentiate from other
   meanings of controller) using serial bus technologies (and now
   Ethernet).  Above those 'process controllers' are Human Machine
   Interface (HMI) connecting different PLCs and performing several
   controller functions along with exchanging data with the
   applications.

   A factory floor is divided into cell sites.  The PLCs or other types
   of controllers are physically located close to the equipment in the
   cell sites.  Monitoring, status, and sensing data are collected on
   the site and then transmitted over secure channels to the data
   applications for aggregation and further processing.  These
   applications can be hosted in remote cloud infrastructure but are
   often hosted within a limited domain environment, controlled by a
   single operator, like on-premise, at the edge, or in a private cloud.
   Both options gain from infrastructure that scales out and has elastic
   computing and storage resources so they will be referred to as cloud
   in the following sections.

           +-+-+-+-+-+-+
        ^  | Data Apps |....            External business-logic
        :  +-+-+-+-+-+-+   :                Network
        :        |         :
        v  +-+-+-+-+-+-+  +-+-+-+-+--+
           | vendor A  |  |vendor B  |  Interconnection of
           | controller|  |controller|  controllers
        ^  +-+-+-+-+-+-+  +-+-+-+-+-+   (system integrators)
        :       |         |
        :   +-+-+-+-+  +-+-++-+
        :   | Net X |  | Net Y|
        v   | PLCs  |  | PLCs |--+    device-controllers
        ^   +-+-+-+-+  +-+-+--+  |
        :      |        |        |
        :   +-+-+    +-+-+    +-+-+
        v   |   |    |   |    |   |   Field devices
            +-+-+    +-+-+    +-+-+

             Figure 1: Functions in Industrial Control Networks

Makhijani, et al.        Expires 7 January 2025                 [Page 5]
Internet-Draft               ocn-in-detnets                    July 2024

   Data applications can integrate softwarized process control functions
   to improve automation and make programmatic real-time decisions.  The
   equipment control and collection of data generated by the sensors
   should be possible over small or large-scale deterministic networks
   as illustrated in Figure 2.

                  +-+-+-+-+-+-+-+-+
                  |     Data Apps |      Integrated Apps with
                  | c1 | c2  | c3 |      Remote process control
                  +-+-+-+-+-+-+-+-+
                   \   ,-----.   /
                    +-[  Det- ]-+
                      [Network]
                       `-----'
                  +-+-+-|  |-+-+-+-+
                  |        |       |
                +-+-+    +-+-+   +-+-+
                |   |    |   |   |   |   Field devices
                +-+-+    +-+-+   +-+-+

        Figure 2: Converged Cloud based Industrial Control Networks

   One particular motivation is to provide the behavior of a field bus
   between the cloud and the actuators/sensors. i.e., with the same
   assurance of reliability and latency, albeit over wide area networks
   (WAN).  Many industrial control applications, such as factory
   automation [FACTORY], PLC virtualization [VIRT-PLC], power grid
   operations [PTP-GRID], etc., are now expected to operate in the cloud
   by leveraging virtualization and shared infrastructure wherever
   possible.

3.1.  Connected Process-Controllers, Sensors and Actuators

   Control systems comprise 'process controllers', Sensors and
   Actuators.  The data traffic essentially carries instructions that
   cause machines or equipment to move and do things within or at a
   specific time.  The connectivity exists in the following manner:

   *  A 'process controller' interfaces with the sensors and actuators.
      It knows an application's performance parameters which are
      expressed in terms of network specific requests or resources such
      as tolerance to packet loss, latency limits, jitter variance,
      bandwidth, and specification for safety.  The 'process controller'
      knows all the packet delivery constraints.

   *  An actuator receives specific commands from the 'process
      controllers'.  The Deterministic network between them should
      support control of actuating devices remotely from the 'process

Makhijani, et al.        Expires 7 January 2025                 [Page 6]
Internet-Draft               ocn-in-detnets                    July 2024

      controller' while meeting all the requirements (or key performance
      indicators - KPIs) necessary for successful command execution.
      The actuator participates in a closed control loop as needed.

   *  A sensor emits periodic sensor data.  It may intermittently
      provide asynchronous readings upon request from the 'process
      controller'.  Sensors may report urgent messages regarding
      malfunctioning in certain equipment, cell sites, or zones.

   In many control systems, there is at least one 'process controller'
   (or server) entity on one end and two other entities - the sensors
   and actuators on the other end.  The communication with sensors and
   actuators is through a 'process controller' application; as such data
   applications do not directly interact with the field devices.
   Neither actuators nor sensors perform decision-making tasks.  This
   responsibility belongs to the 'process controller'.

3.2.  Generalized Communication Model

   To describe networked process control behavior, a conceptual
   communication model is used so that the data applications do not
   concern with the details of the networks realizing operations and
   control.  We refer to this model as an operation and control network
   (OCN) model, with the following components:

   *  Logical reference points: identify an endpoint's role or function
      as sensor-point, actuation-point, or operation & control point
      (oc-point for short).  Note: the term 'oc-point' is used to avoid
      confusion with the network controllers and the term 'fd-point' is
      used when both types of field devices are referred to.

   *  Interface specification: in terms of associated traffic patterns
      between the endpoints as described below in Section 3.3.  The
      interface may be any type of network (Ethernet, IP, wireless, etc.
      The model assumes that the network is capable of providing network
      services and resources necessary of the application specific
      operations and control.

   Depending on the design of the usecase, the 'process controller'
   functionality (oc-point) may reside as a software module in the data
   application or as a separate module.  When deployed as a separate
   module, another connectivity the interface between the data
   application and oc-point will be needed and is out of the scope of
   this document.

Makhijani, et al.        Expires 7 January 2025                 [Page 7]
Internet-Draft               ocn-in-detnets                    July 2024

   The applications will use a communication interface between oc-point
   and sensor-point to receive sensory data and similarly interface
   between oc-point to actuation point to execute a single or a sequence
   of control instructions.

   This abstraction provides an additional layer of protection in the
   sense that the traffic patterns between the reference points are well
   defined so any exceptions can be easily caught.

3.3.  Traffic Patterns

   For either local or wide areas, the process automation activities
   over the network can generate a variety of traffic patterns between
   the oc-point and field devices such as:

3.3.1.  Control Loops

   The equipment being operated upon is sensitive to when a command
   request actually executes.  An actuator, upon receiving a command
   (say a function code) will immediately perform the corresponding
   action.

   For several such applications, the knowledge of a successful
   operation is equally critical to advance to the next steps;
   therefore, getting the response back in a specified time is required,
   leading to a knowledge of timing.  These types of bounded-time
   request and response mechanisms are called control loops.

   Unlike general-purpose applications, commands cannot be batched; the
   parameters of the command that will follow depends on the result of
   the previous one.  Each request in the control loop takes up a
   minimal payload size (function code, value, device or bus address)
   and will often fit in a single short packet.

   In Detnet-enabled network, it can be imagined as a small series of
   packets with the same flow identifier, but with different latency
   constraints.

   It is required to support control loops where each request presents
   its own latency constraints to the network and where commands are
   small sized packets.

Makhijani, et al.        Expires 7 January 2025                 [Page 8]
Internet-Draft               ocn-in-detnets                    July 2024

3.3.2.  Periodicity

   Sensors emit data at regular intervals; i.e., there may be more
   tolerance to variations in jitter between the measurement intervals.
   Usually, 'process controllers' or applications listening to sensor
   data are programmed to tolerate and record intermittent losses or
   delay variations upto certain number of times.  Therefore, time
   criticality is not always high.

   Notably, industrial software now increasingly rely on sensor data
   collection to monitor the state and behavior of the entire shop
   floor.  Thus, the number of sensors are growing and the combined
   traffic volume generated by sensors is expected to be very high.  In
   fact will contribute to a large percentage of ocn traffic.  Moreover,
   the periodicity of each sensor will also vary based on the equipment.

   It is required that network capacity is planned appropriately for the
   periodic traffic generated from the different sensors.  The periodic
   interval should also be preserved in the network because any
   variations could provide false indications that the equipment is
   misbehaving.

3.3.3.  Ordering

   In real-time process control communications, processing of out-of-
   order related messages will lead to costly operations failures.  For
   example, messages such as request and reply, or a sequence of
   commands to different endpoints may be related in the application
   work flow, therefore, both time constraints and order must be
   preserved.

   The network should be capable of supporting sporadic on-demand short-
   term flows.  This does not imply instantaneous resource provisioning,
   instead it would be more efficient if the provisioned resources could
   be shared for such asynchronous traffic patterns.

   Another consideration with ordering is that both actuators and
   sensors are low-resource devices.  They can not buffer multiple
   packets and execute them in order while maintaining the latency
   bounds of each command execution.  This means the network must pace
   packets that may arrive early.

3.3.4.  Urgency

   Besides latency constrained and periodic messages, sensors also
   report failures as fault notifications, such as pressure valve
   failure, abnormally high humidity, etc.  These messages must be
   delivered immediately and with the utmost urgency.

Makhijani, et al.        Expires 7 January 2025                 [Page 9]
Internet-Draft               ocn-in-detnets                    July 2024

3.3.5.  Co-existence with non-deterministic flows

   A DetNet-enabled network could support traffic other than
   deterministic flows.  Thus a graceful co-existence of any type of
   flows can be expected.  Notably, the characteristics of the
   deterministic flows can influence or impact on the non-deterministic
   flows, as well as the decisions taken by the control loops.

3.4.  Communication Patterns

   Control systems follow a specific communication discipline.  The
   field devices (sensors and actuators) are always controlled, i.e.,
   interact with the system through 'process controllers' in the
   following manner:-

   *  Sensor to 'process controller': data emitted at periodic intervals
      providing status/health of the environment or equipment.  The
      traffic volume for this communication is determined by the payload
      size of each sensor data and the interval.  These are a kind of
      synchronous Detnet flows but with much higher time intervals;
      still the inter-packet gap should be minimal.

   *  Process controller to/from actuator: the commands/instructions to
      write or read.  Actuators generally do not initiate a command
      unless requested by the 'process controller'.  Actuators will
      often execute a command, read the corresponding result, and send
      that in response to the original write command.  The traffic
      profile will be balanced in both directions due to requests/
      response behavior.  These are like asynchronous flows but without
      the observation interval constraint.

3.5.  Industrial Control Application Interfaces to DetNets

   Current industrial automation solutions utilize a split approach.
   Industrial-controllers are placed close to the equipment to achieve
   operational accuracy, whereas actual process instructions are
   received through other means possibly involving human interface.
   Similarly, sensor data is first acquired on-site then transmitted in
   bulk to the enterprise cloud or remote site for further processing.
   Such approaches lead to increase in IT infrastructure costs on the
   shop floors.

Makhijani, et al.        Expires 7 January 2025                [Page 10]
Internet-Draft               ocn-in-detnets                    July 2024

   This document assumes that the deterministic networks are deployed
   between enterprise sites and shop floors.  They have resources
   available to provide latency guarantees, reliability, and link
   capacity over known physical distances.  Thus, they have the
   capabilities to deliver process control and operation instructions
   remotely from an application to field devices over larger distances
   or the Wide Area Networks (WAN) thereby reducing the need for IT
   infrastructure on shop floors.

   Moreover, it may even be the case in which non-deterministic domains
   are traversed by industrial automation applications.  In such
   situations, mechanisms will be in place to provide guarantees in
   terms of the Service Level Objectives (SLOs) defined for the
   deterministic flows.  Means for that could the use of IETF Network
   Slice services [RFC9543], and/or the selection of paths characterized
   by precision metrics [PCE-PAM] and [RFC9544].

   The OCN APIs are defined to leverage such capabilities from diverse
   variety of networks in a uniform manner.  These APIS are discussed
   next.

4.  Operation & Control Traffic Types

4.1.  Overview

   Figure 3, shows application interface to DetNet domain.  Note that
   the interface or APIs are needed for DetNet-unaware endpoints.  The
   PC-App and FD-GW below do not carry DetNet encapsulations, instead
   they interact using OCN APIs with traffic type information with the
   DetNet edges to be mapped to DetNet flows.

   TODO: Synchronization aspects, sync clock details for time-triggered
   operations.

Makhijani, et al.        Expires 7 January 2025                [Page 11]
Internet-Draft               ocn-in-detnets                    July 2024

   DetNet
   End System
      _
    / PC\     +-----+      +-----------+            DetNet
   | App |<-->|MGMT |<====>|DETNET-CTRL|          End System
   /-----\    +-----+      +---+-------+          +------+
   | NIC |                /   |       \           |FD-GW |
   +--+--+ De|tNet       /    |        \          +----+-+
      |    UN|I   +----+    +----+       +----+ DetNet |
      |      v    |    |    |    |-+     | PE |  UNI(U)|
      +-----------U PE +----+ P  | |     |    U--------+
                  |    |    |    | |-----|    |
                  +----+    +--+-+ |     +----+
                               +---+
                |<------DetNet ----------->|

       PC APP: Process Controller Application
       FD-GW:  Field device gateway
       NSP entity: Network service provider controller
                   e,g, DetNet Controller

     Figure 3: A Realistic DetNet Based Industrial Application Network

4.2.  OCN Traffic Type Equivalence

   The table below is equivalent to TSN IA traffic profile; however,
   these are defined as traffic-type code, and the parameters that
   applications would use it to interface with the DetNet.

Makhijani, et al.        Expires 7 January 2025                [Page 12]
Internet-Draft               ocn-in-detnets                    July 2024

    +==============+==========+=======+=========+=====================+
    | Traffic Type | TT-Code  | Param | Param   | Description         |
    +==============+==========+=======+=========+=====================+
    | Isochronous  | ISOC_TT  | 0x08  | DL_TIME | Deadline limit      |
    |              |          |       | DL_UNIT | between Src and Dst |
    |              |          |       |         | Optional clock src  |
    |              |          |       |         | info                |
    +--------------+----------+-------+---------+---------------------+
    | Cyclic-      | CSYNC_TT | 0x07  | DL_TIME | -same-              |
    | Synchronous  |          |       | DL_UNIT |                     |
    +--------------+----------+-------+---------+---------------------+
    | Cyclic-      | CASYN_TT | 0x06  | DL_TIME | -same-              |
    | Asynchronous |          |       | DL_UNIT | No clock source     |
    |              |          |       |         | needed              |
    +--------------+----------+-------+---------+---------------------+
    | Network      | NWCTL_TT | 0x05  | -as     |                     |
    | Control      |          |       | above-  |                     |
    +--------------+----------+-------+---------+---------------------+
    | Alarms and   | ALEV_TT  | 0x04  | DL_TIME | Retransmission flag |
    | Event        |          |       | RETRANS |                     |
    +--------------+----------+-------+---------+---------------------+
    | Conf.  Diag  | CFDG_TT  | 0x03  |         |                     |
    +--------------+----------+-------+---------+---------------------+
    | Best Effort  | BEHI_TT  | 0x02  |         |                     |
    | High         |          |       |         |                     |
    +--------------+----------+-------+---------+---------------------+
    | Best Effort  | BELO_TT  | 0x01  |         |                     |
    | Low          |          |       |         |                     |
    +--------------+----------+-------+---------+---------------------+

                                  Table 1

   In the following sections, a brief definition and corresponding
   metadata is explained which is similar to the description in
   [TSN_IA_PROFILE].

   In some cases, endpoints may require details of the synchronization
   clock which maybe managed separately but the DetNet would need to
   know the source for synchronization.

4.2.1.  Isochronous traffic-type

   These are the most time-sensitive cyclic traffic.  This type of
   traffic has specific latency requirements.  This type of traffic is
   normally used in control loop tasks.  The applications specifies:

   *  cycle times in the range of upto tens of milliseconds.  Maybe even
      microseconds.

Makhijani, et al.        Expires 7 January 2025                [Page 13]
Internet-Draft               ocn-in-detnets                    July 2024

   *  Synchronized common clock source identifier: optional.

   *  Network must be engineered to offer zero-congestion

   API format:

      +-- tt_code = ISOC_TT
      +-- dl_time = value
      +-- dl_tmunite = ms |us
      +-- app-flow-ref
      +-- clock-src : ip address

4.2.2.  Cyclic-synchronous traffic-type

   This type of traffic is also transmitted cyclically with latency
   requirements.  These can be specified as a flow (or stream in TSN)

   *  Cycle times in the range of hundreds of microseconds to hundreds
      of milliseconds.

   *  Synchronized common clock source identifier: optional.

   *  Network must be engineered to offer zero-congestion

   API format

        +-- tt_code = CSYNC_TT
        +-- dl_time = value
        +-- dl_tmunit = ms |us
        +-- app-flow-ref
        +-- clock-src : ip address

4.2.3.  Cyclic-Asynchronous traffic-type

   This type of traffic is transmitted acyclically and bounded by the
   application clock.  These can be specified as a flow (or stream in
   TSN)

   *  Cycle times are in the range of milliseconds to seconds.

   *  tolerates congestion loss to specified limit (number of packets
      lost per unit of time).

   API format

Makhijani, et al.        Expires 7 January 2025                [Page 14]
Internet-Draft               ocn-in-detnets                    July 2024

        +-- tt_code = CSYNC_TT
        +-- dl_time = value
        +-- dl_tmunit = ms |sec
        +-- app-flow-ref

4.2.4.  Alarms and Events traffic type

   This type of traffic is acyclic.  This traffic expects bounded
   latency and should follow bandwidth constraints.

   *  Bounded latencies are in the range of milliseconds to hundreds of
      milliseconds.

   *  Allocated bandwidth limits.

   *  Support for retransmission in response to packet loss is expected.

   Networks should be engineered to handle bursts of frames, up to a
   provisioned number of frames.

   API format

        +-- tt_code = ALEV_TT
        +-- dl_time = value
        +-- dl_tmunit = ms |sec
        +-- restrans = yes |no

4.2.5.  Configuration and diagnostics traffic type

   Traffic profile is same as above.

   API format

        +-- tt_code = CFDI_TT
        +-- dl_time = value
        +-- dl_tmunit = sec
        +-- restrans = yes |no

   It is expected that application controller endpoint will periodically
   transmit diagnostics packets and field device configurations.

4.2.6.  Network Control

   Network control traffic will be generated by application controller
   and is comprised of services required to maintain network operation
   such as time synchronization, loop prevention, and topology
   detection.

Makhijani, et al.        Expires 7 January 2025                [Page 15]
Internet-Draft               ocn-in-detnets                    July 2024

   API format:

        +-- tt_code = NWCTL_TT
        +-- dl_time = value
        +-- dl_tmunit = sec
        +-- restrans = yes |no

   It is expected that the controller endpoint can transmit network
   control packets.

5.  IANA Considerations

   None

6.  Security Considerations

   Application flows can be protected at the network layer as described
   in the [RFC9055] Section 10.  In case applications provide additional
   data (metadata) to the network layer, the integrity of metadata has
   to be protected from the application endpoint to the DetNet edges
   using existing layer 3 admission control and encryption mechanisms.

7.  Acknowledgements

   The contribution of L.M.  Contreras to this work has been partially
   funded by the European Commission Horizon Europe SNS JU PREDICT-6G
   (GA 101095890) and DESIRE6G (GA 101096466) projects.

8.  References

8.1.  Normative References

   [RFC9055]  Grossman, E., Ed., Mizrahi, T., and A. Hacker,
              "Deterministic Networking (DetNet) Security
              Considerations", RFC 9055, DOI 10.17487/RFC9055, June
              2021, <https://www.rfc-editor.org/rfc/rfc9055>.

   [RFC9544]  Mirsky, G., Halpern, J., Min, X., Clemm, A., Strassner,
              J., and J. François, "Precision Availability Metrics
              (PAMs) for Services Governed by Service Level Objectives
              (SLOs)", RFC 9544, DOI 10.17487/RFC9544, March 2024,
              <https://www.rfc-editor.org/rfc/rfc9544>.

8.2.  Informative References

Makhijani, et al.        Expires 7 January 2025                [Page 16]
Internet-Draft               ocn-in-detnets                    July 2024

   [FACTORY]  Westphal, C., Makhijani, K., Dev, K., and L. Foschini,
              "OCN Use Cases for Industry control Networks", Work in
              Progress, Internet-Draft, draft-wmdf-ocn-use-cases-00, 7
              July 2022, <https://datatracker.ietf.org/doc/html/draft-
              wmdf-ocn-use-cases-00>.

   [NIST-OT]  "Risk management framework for information systems and
              organizations:: a system life cycle approach for security
              and privacy", National Institute of Standards and
              Technology, DOI 10.6028/nist.sp.800-37r2, December 2018,
              <https://doi.org/10.6028/nist.sp.800-37r2>.

   [PCE-PAM]  Contreras, L. M., Agraz, F., and S. Spadaro, "Path
              Computation Based on Precision Availability Metrics", Work
              in Progress, Internet-Draft, draft-contreras-pce-pam-02,
              13 February 2024, <https://datatracker.ietf.org/doc/html/
              draft-contreras-pce-pam-02>.

   [PTP-GRID] "IEC/IEEE International Standard - Communication networks
              and systems for power utility automation – Part 9-3:
              Precision time protocol profile for power utility
              automation", IEEE, DOI 10.1109/ieeestd.2016.7479438,
              ISBN ["9781504420174"], August 2016,
              <https://doi.org/10.1109/ieeestd.2016.7479438>.

   [RFC9543]  Farrel, A., Ed., Drake, J., Ed., Rokui, R., Homma, S.,
              Makhijani, K., Contreras, L., and J. Tantsura, "A
              Framework for Network Slices in Networks Built from IETF
              Technologies", RFC 9543, DOI 10.17487/RFC9543, March 2024,
              <https://www.rfc-editor.org/rfc/rfc9543>.

   [TSN_IA_PROFILE]
              "IEC/IEEE 60802 TSN Profile for Industrial Automation",
              n.d., <https://1.ieee802.org/tsn/iec-ieee-60802/>.

   [VIRT-PLC] Makhijani, K. and L. Dong, "Virtualization of PLC in
              Industrial Networks - Problem Statement", Work in
              Progress, Internet-Draft, draft-km-iotops-iiot-frwk-02, 5
              March 2022, <https://datatracker.ietf.org/doc/html/draft-
              km-iotops-iiot-frwk-02>.

Makhijani, et al.        Expires 7 January 2025                [Page 17]
Internet-Draft               ocn-in-detnets                    July 2024

Appendix A.  Appendix: Potential OCN-EH Extension Header Approach

   An interface from application to network using IPv6 operation and
   control Extension header (EH) option is proposed as means for app-
   flow to express network resources with a fine granularity.  Other
   options as YANG based provisioning do not scale, nor are easy to
   change dnamically.  Since applications generating app-flows use IP,
   an IPv6 EH option provide are a more natural fit than other
   encapsulations and is specifically suitable for DetNet unaware end
   systems.

   OCN-EH solution is an in-band interface to the DetNets from OT
   applications with a programmable and dynamic process automation
   capabilities.  Once the network is engineered for DetNet services, it
   can map the incoming traffic with OCN-EH with in its(DetNet Domain)
   capabilities.

A.1.  Operation and Control Network Option (OCNO)

   The OCN Option (OCNO) is a hop-by-hop option that can be included in
   IPv6 for OCN traffic control specification.

       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
                                      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
                                      |  Option Type  |  Opt Data Len |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      | OCN Code                    |   OCN-TC-Flowlet nonce         |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      | OCN Param | len |       value                                |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      | OCN Param | len |       value                                |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      | OCN Param | len |       value                                |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

               Figure 4: Explicit Traffic Control HBH Options

   Option Type:
      8-bit identifier of the type of option.  The option identifier for
      the OCN Option (0x??) to be allocated by the IANA.  First two bits
      will be 00 (skip over this option and continue processing the
      header.)

   Option Length:
      8-bit unsigned integer.  Multiple of 8-octets.

   OCN Code:

Makhijani, et al.        Expires 7 January 2025                [Page 18]
Internet-Draft               ocn-in-detnets                    July 2024

      16-bit Traffic type code

   Flowlet nonce:
      16-bit.  Identifies that a packet is associated with a group of
      packets and shares fate.  For example, an application can set the
      same nonce for a set of actuators and sensors.  When set to 0,
      flow-id is set to the same value in related flows.  When flow-id
      is also 0, no relationship exists.

   OCN Parameters:
      described as parameter code, length and value

   The workflow of traffic with EH option happens in the following
   steps:

   1.  An end system (industrial controller) uses the format described
       in Appendix A.1 to provide traffic type and constraints.  It
       fills option type, len fields along with OCN parameters if
       needed.

   2.  Platform logic related deterministic processing is not part of
       the network latency in EH; Packet is tranmitted on interface
       connected to DetNet relay node.

   3.  DetNet relay node processes parameters, and source/destination
       addresses associate an app-flow to DetNet flow.  It may or may
       not remove EH see Appendix A.2, and inserts its own DetNet
       encapsulation (technology specific).

   4.  In case of known exceptions or errors, the relay node could reply
       to application with traffic type ALEV_TT.

   5.  DetNet delivers the packet with guarantees of traffic type
       requested to the endsystem gateway connecting to field devices.

   6.  Field device gateway performs protocol translation and deliver
       packet to the field device.

   7.  Observable errors, such as late delivery or inconsistent OCN
       header may be sent to the application from the gateway.

   8.  Similarly, gateways insert new OCN headers for messages
       originating from field devices, such as alarms or other sensor
       data.

Makhijani, et al.        Expires 7 January 2025                [Page 19]
Internet-Draft               ocn-in-detnets                    July 2024

A.2.  OCNO EH Processing

   *  OCNO EH can be extended for conveying errors from DetNet to the
      industrial controller application.  For example, when a service
      violation happened in the DetNet, relay node will set an error
      flag in OCNO EH.

   *  Field devices are considered resource-constrained and are not
      expected to insert or process extension headers.

   Two different approaches of hop-by-hop options processing are
   feasible.

   1.  EH is inserted by the application.  The relay node performs
       mapping to DetNet flow.

   2.  if the DetNet data plane is IPv6 end to end, then EH can be
       carried and processed on each hop to the last relay node, which
       acts as a gateway for the fld device and performs EH processing.

   Currently only the first option is assumed.

Authors' Addresses

   Kiran Makhijani
   Independent
   Email: kiran.ietf@gmail.com

   Richard Li
   SouthEast University
   Email: richard.li.internet@gmail.com

   Cedric Westphal
   Futurewei
   Email: cedric.westphal@futurewei.com

   Luis M. Contreras
   Telefonica
   Email: luismiguel.contrerasmurillo@telefonica.com

   Tooba Faisal
   King's College London
   Email: tooba.hashmi@gmail.com

Makhijani, et al.        Expires 7 January 2025                [Page 20]