EN 62439-1:2010

SLOVENSKI STANDARD
01-maj-2010
1DGRPHãþD
SIST EN 62439:2008
,QGXVWULMVNDNRPXQLNDFLMVNDRPUHåMD]DDYWRPDWL]DFLMR]YLVRNRUD]SRORåOMLYRVWMR
GHO6SORãQLNRQFHSWLQPHWRGHL]UDþXQDYDQMD,(&
Industrial communication networks - High availability automation networks - Part 1:
General concepts and calculation methods (IEC 62439-1:2010 )
Industrielle Kommunikationsnetze - Hochverfügbare Automatisierungsnetze - Teil 1:
Grundlagen und Berechnungsmethoden (IEC 62439-1:2010 )
Réseaux de communication industrielle - Réseaux d’automatisme à haute disponibilité -
Partie 1 : Concepts généraux et méthodes de calcul (CEI 62439-1:2010 )
Ta slovenski standard je istoveten z: EN 62439-1:2010
ICS:
25.040.01 Sistemi za avtomatizacijo v Industrial automation
industriji na splošno systems in general
35.110 Omreževanje Networking
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EUROPEAN STANDARD
EN 62439-1
NORME EUROPÉENNE
March 2010
EUROPÄISCHE NORM
ICS 25.040; 35.040 Supersedes EN 62439:2008 (partially)

English version
Industrial communication networks -
High availability automation networks -
Part 1: General concepts and calculation methods
(IEC 62439-1:2010)
Réseaux de communication industrielle – Industrielle Kommunikationsnetze -
Réseaux d’automatisme à haute Hochverfügbare Automatisierungsnetze -
disponibilité – Teil 1: Grundlagen
Partie 1 : Concepts généraux et méthodes und Berechnungsmethoden
de calcul (IEC 62439-1:2010)
(CEI 62439-1:2010)
This European Standard was approved by CENELEC on 2010-03-01. CENELEC members are bound to comply
with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard
the status of a national standard without any alteration.

Up-to-date lists and bibliographical references concerning such national standards may be obtained on
application to the Central Secretariat or to any CENELEC member.

This European Standard exists in three official versions (English, French, German). A version in any other
language made by translation under the responsibility of a CENELEC member into its own language and notified
to the Central Secretariat has the same status as the official versions.

CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus,
the Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy,
Latvia, Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia,
Spain, Sweden, Switzerland and the United Kingdom.

CENELEC
European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung

Central Secretariat: Avenue Marnix 17, B - 1000 Brussels

© 2010 CENELEC - All rights of exploitation in any form and by any means reserved worldwide for CENELEC members.
Ref. No. EN 62439-1:2010 E
Foreword
The text of document 65C/583/FDIS, future edition 1 of IEC 662439-1, prepared by SC 65C, Industrial
networks, of IEC TC 65, Industrial-process measurement, control and automation, was submitted to the
IEC-CENELEC parallel vote and was approved by CENELEC as EN 62439-1 on 2010-03-01.
This EN 62439-1 together with EN 62439-2, EN 62439-3, EN 62439-4, EN 62439-5 and EN 62439-6
supersedes EN 62439:2008.
This EN 62439-1:2010 includes the following significant technical changes with respect to
EN 62439:2008:
– adding a calculation method for RSTP (rapid spanning tree protocol, IEEE 802.1Q),
– adding two new redundancy protocols: HSR (High-availability Seamless Redundancy) and DRP
(Distributed Redundancy Protocol),
– moving former Clauses 1 to 4 (introduction, definitions, general aspects) and the Annexes (taxonomy,
availability calculation) to EN 62439-1, which serves now as a base for the other documents,
– moving Clause 5 (MRP) to EN 62439-2 with minor editorial changes,
– moving Clause 6 (PRP) was to EN 62439-3 with minor editorial changes,
– moving Clause 7 (CRP) was to EN 62439-4 with minor editorial changes, and
– moving Clause 8 (BRP) was to EN 62439-5 with minor editorial changes,
– adding a method to calculate the maximum recovery time of RSTP in a restricted configuration (ring)
to EN 62439-1 as Clause 8,
– adding specifications of the HSR (High-availability Seamless Redundancy) protocol, which shares the
principles of PRP to EN 62439-3 as Clause 5, and
– introducing the DRP protocol as EN 62439-6.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN and CENELEC shall not be held responsible for identifying any or all such patent
rights.
The following dates were fixed:
– latest date by which the EN has to be implemented
at national level by publication of an identical
(dop) 2010-12-01
national standard or by endorsement
– latest date by which the national standards conflicting
(dow) 2013-03-01
with the EN have to be withdrawn
Annex ZA has been added by CENELEC.
__________
- 3 - EN 62439-1:2010
Endorsement notice
The text of the International Standard IEC 62439-1:2010 was approved by CENELEC as a European
Standard without any modification.
In the official version, for Bibliography, the following notes have to be added for the standards indicated:
IEC 61158 series NOTE  Harmonized in EN 61158 series (not modified).
IEC/TR 61158-1 NOTE  Harmonized as CLC/TR 61158-1.
IEC/TR 61158-6 series NOTE  Harmonized in EN 61158-6 series (not modified).
IEC 61784-2:2007 NOTE  Harmonized as EN 61784-2:2008 (not modified).
IEC 62439-2 NOTE  Harmonized as EN 62439-2.
IEC 62439-3 NOTE  Harmonized as EN 62439-3.
IEC 62439-4 NOTE  Harmonized as EN 62439-4.
IEC 62439-5 NOTE  Harmonized as EN 62439-5.
IEC 62439-6 NOTE  Harmonized as EN 62439-6.
IEC 61918:2007 NOTE  Harmonized as EN 61918:2008 (modified).
__________
Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications

The following referenced documents are indispensable for the application of this document. For dated
references, only the edition cited applies. For undated references, the latest edition of the referenced
document (including any amendments) applies.

NOTE  When an international publication has been modified by common modifications, indicated by (mod), the relevant EN/HD
applies.
Publication Year Title EN/HD Year

IEC 60050-191 1990 International Electrotechnical Vocabulary - -
(IEV) - Chapter 191: Dependability and quality
of service
IEC 61158 Series Fieldbus standard for use in industrial control EN 61158 Series
systems
IEC 61158-6-10 - Industrial communication networks - Fieldbus EN 61158-6-10 -
specifications -
Part 6-10: Application layer protocol
specification - Type 10 elements

ISO/IEC 8802-3 2000 Information technology - Telecommunications - -
and information exchange between systems -
Local and metropolitan area networks -
Specific requirements -
Part 3: Carrier sense multiple access with
collision detection (CSMA/CD) access method
and physical layer specifications

IEEE 802.1D 2004 IEEE Standard for Local and Metropoitan - -
Area Networks - Media Access Control (MAC)
Bridges
IEEE 802.1Q - IEEE Standard for Local and Metropolitan - -
Area Networks - Virtual Bridged Local Area
Networks
IETF RFC 791 - Internet Protocol - DARPA Internet Program - -
Protocol Specification
IEC 62439-1 ®
Edition 1.0 2010-02
INTERNATIONAL
STANDARD
colour
inside
Industrial communication networks – High availability automation networks –
Part 1: General concepts and calculation methods

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
PRICE CODE
XA
ICS 25.040, 35.040 ISBN 2-8318-1081-1
– 2 – 62439-1 © IEC:2010(E)
CONTENTS
FOREWORD.5
INTRODUCTION.7
1 Scope.8
2 Normative references .8
3 Terms, definitions, abbreviations, acronyms, and conventions.9
3.1 Terms and definitions .9
3.2 Abbreviations and acronyms.16
3.3 Conventions .17
3.3.1 General conventions.17
3.3.2 Conventions for state machine definitions.17
3.3.3 Conventions for PDU specification.17
3.4 Reserved network addresses .18
4 Conformance requirements (normative) .18
4.1 Conformance to redundancy protocols.18
4.2 Conformance tests .19
4.2.1 Concept.19
4.2.2 Methodology.19
4.2.3 Test conditions and test cases.20
4.2.4 Test procedure and measuring .20
4.2.5 Test report.20
5 Concepts for high availability automation networks (informative) .21
5.1 Characteristics of application of automation networks.21
5.1.1 Resilience in case of failure.21
5.1.2 Classes of network redundancy .22
5.1.3 Redundancy maintenance .22
5.1.4 Comparison and indicators .23
5.2 Generic network system .24
5.2.1 Network elements.24
5.2.2 Topologies.26
5.2.3 Redundancy handling .32
5.2.4 Network recovery time .32
5.2.5 Diagnosis coverage .32
5.2.6 Failures .32
5.3 Safety .34
5.4 Security.34
6 Classification of networks (informative) .34
6.1 Notation .34
6.2 Classification of robustness.35
7 Availability calculations for selected networks (informative) .35
7.1 Definitions .35
7.2 Reliability models .36
7.2.1 Generic symmetrical reliability model.36
7.2.2 Simplified symmetrical reliability model.38
7.2.3 Asymmetric reliability model .38
7.3 Availability of selected structures .39
7.3.1 Single LAN without redundant leaves .39

62439-1 © IEC:2010(E) – 3 –
7.3.2 Network without redundant leaves .40
7.3.3 Single LAN with redundant leaves .41
7.3.4 Network with redundant leaves .41
7.3.5 Considering second failures .42
7.4 Caveat .44
8 RSTP for High Availability Networks: configuration rules, calculation and
measurement method for deterministic recovery time in a ring topology .44
8.1 General .44
8.2 Deployment and configuration rules for the ring topology .44
8.3 Calculations for fault recovery time in a ring .45
8.3.1 Dependencies and failure modes.45
8.3.2 Calculations for non-considered failure modes.45
8.3.3 Calculations for the considered failure modes.45
8.4 Timing measurement method .46
8.4.1 Measurement of T .46
PA
8.4.2 Measurement of T .47
L
8.4.3 Measurement of (T + T ).48
TC F
8.4.4 System test example .50
Bibliography.52

Figure 1 – Conformance test overview .19
Figure 2 – General network elements (tree topology) .24
Figure 3 – Link Redundancy Entity in a Doubly Attached Node (DAN).26
Figure 4 – Example of tree topology.27
Figure 5 – Example of linear topology.28
Figure 6 – Example of ring topology.28
Figure 7 – Example of a partially meshed topology .29
Figure 8 – Example of fully meshed topology .30
Figure 9 – Single LAN structure without redundant leaf links.30
Figure 10 – Single LAN structure with redundant leaf links.31
Figure 11 – Redundant LAN structure without redundant leaf links.31
Figure 12 – Redundant LAN structure with redundant leaf links .31
Figure 13 – General symmetrical fault model .37
Figure 14 – Simplified fault model.38
Figure 15 – Asymmetric fault model .39
Figure 16 – Network with no redundancy .40
Figure 17 – Network with no single point of failure .41
Figure 18 – Network with resiliency to second failure.43
Figure 19 –Test rig for T measurement.47
PA
Figure 20 –Test rig for T measurement.48
L
Figure 21 –Test rig for (T + T ) measurement .49
TC F
Figure 22 –Test rig for system test.50

Table 1 – Examples of application grace time .21
Table 2 – Examples of redundancy protocols .23

– 4 – 62439-1 © IEC:2010(E)
Table 3 – Code assignment for the field .34
Table 4 – Code assignment for the field .34
Table 5 – Code assignment for the field.35
Table 6 – Code assignment for the field .35

62439-1 © IEC:2010(E) – 5 –
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
INDUSTRIAL COMMUNICATION NETWORKS –
HIGH AVAILABILITY AUTOMATION NETWORKS –

Part 1: General concepts and calculation methods

FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
International Standard 62439-1 has been prepared by subcommittee 65C: Industrial Networks,
of IEC technical committee 65: Industrial-process measurement, control and automation.
This standard cancels and replaces IEC 62439 published in 2008. This first edition constitutes
a technical revision.
This edition includes the following significant technical changes with respect to IEC 62439
(2008):
– adding a calculation method for RSTP (rapid spanning tree protocol, IEEE 802.1Q),
– adding two new redundancy protocols: HSR (High-availability Seamless Redundancy)
and DRP (Distributed Redundancy Protocol),
– moving former Clauses 1 to 4 (introduction, definitions, general aspects) and the
Annexes (taxonomy, availability calculation) to IEC 62439-1, which serves now as a
base for the other documents,
– moving Clause 5 (MRP) to IEC 62439-2 with minor editorial changes,

– 6 – 62439-1 © IEC:2010(E)
– moving Clause 6 (PRP) was to IEC 62439-3 with minor editorial changes,
– moving Clause 7 (CRP) was to IEC 62439-4 with minor editorial changes, and
– moving Clause 8 (BRP) was to IEC 62439-5 with minor editorial changes,
– adding a method to calculate the maximum recovery time of RSTP in a restricted
configuration (ring) to IEC 62439-1 as Clause 8,
– adding specifications of the HSR (High-availability Seamless Redundancy) protocol,
which shares the principles of PRP to IEC 62439-3 as Clause 5, and
– introducing the DRP protocol as IEC 62439-6.
The text of this standard is based on the following documents:
FDIS Report on voting
65C/583/FDIS 65C/589/RVD
Full information on the voting for the approval of this standard can be found in the report on
voting indicated in the above table.
A list of the IEC 62439 series can be found, under the general title Industrial communication
networks – High availability automation networks, on the IEC website.
This publication has been drafted in accordance with ISO/IEC Directives, Part 2.
The committee has decided that the contents of this amendment and the base publication will
remain unchanged until the stability date indicated on the IEC web site under
"http://webstore.iec.ch" in the data related to the specific publication. At this date, the
publication will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
A bilingual version of this standard may be issued at a later date.

IMPORTANT – The “colour inside” logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct understanding
of its contents. Users should therefore print this publication using a colour printer.

62439-1 © IEC:2010(E) – 7 –
INTRODUCTION
The IEC 62439 series specifies relevant principles for high availability networks that meet the
requirements for industrial automation networks.
In the fault-free state of the network, the protocols of the IEC 62439 series provide
ISO/IEC 8802-3 (IEEE 802.3) compatible, reliable data communication, and preserve
determinism of real-time data communication. In cases of fault, removal, and insertion of a
component, they provide deterministic recovery times.
These protocols retain fully the typical Ethernet communication capabilities as used in the
office world, so that the software involved remains applicable.
The market is in need of several network solutions, each with different performance
characteristics and functional capabilities, matching diverse application requirements. These
solutions support different redundancy topologies and mechanisms which are introduced in
IEC 62439-1 and specified in the other Parts of the IEC 62439 series. IEC 62439-1 also
distinguishes between the different solutions, giving guidance to the user.
The IEC 62439 series follows the general structure and terms of IEC 61158 series.

– 8 – 62439-1 © IEC:2010(E)
INDUSTRIAL COMMUNICATION NETWORKS –
HIGH AVAILABILITY AUTOMATION NETWORKS –

Part 1: General concepts and calculation methods

1 Scope
The IEC 62439 series is applicable to high-availability automation networks based on the
ISO/IEC 8802-3 (IEEE 802.3) (Ethernet) technology.
This part of the IEC 62439 series specifies
• the common elements and definitions for other parts of the IEC 62439 series;
• the conformance test specification (normative);
• a classification scheme for network characteristics (informative);
• a methodology for estimating network availability (informative);
• the configuration rules, calculation and measurement method for a deterministic recovery
time in RSTP.
2 Normative references
The following referenced documents are indispensable for the application of this document.
For dated references, only the edition cited applies. For undated references, the latest edition
of the referenced document (including any amendments) applies.
IEC 60050-191:1990, International Electrotechnical Vocabulary – Chapter 191: Dependability
and quality of service
IEC 61158 (all parts), Industrial communication networks – Fieldbus specifications
IEC 61158-6-10, Industrial communication networks – Fieldbus specifications – Part 6-10:
Application layer protocol specification – Type 10 elements
ISO/IEC 8802-3:2000, Information technology – Telecommunications and information
exchange between systems – Local and metropolitan area networks – Specific requirements –
Part 3: Carrier sense multiple access with collision detection (CSMA/CD) access method and
physical layer specifications
IEEE 802.1Q, IEEE standards for local and metropolitan area network. Virtual bridged local
area networks
IEEE 802.1D:2004, IEEE standard for local Local and metropolitan area networks Media
Access Control (MAC) Bridges
http://www.ietf.org>
IETF RFC 791, Internet Protocol; available at <

62439-1 © IEC:2010(E) – 9 –
3 Terms, definitions, abbreviations, acronyms, and conventions
3.1 Terms and definitions
For the purposes of this document, the terms and definitions given in IEC 60050-191, as well
as the following, apply
3.1.1
availability (performance)
ability of an item to be in a state to perform a required function under given conditions at a
given instant of time or over a given time interval, assuming that the required external
resources are provided
NOTE 1 This ability depends on the combined aspects of the reliability performance, the maintainability
performance, and the maintenance support performance.
NOTE 2 Required external resources, other than maintenance resources, do not affect the availability
performance of the item.
[IEV 191-02-05]
3.1.2
channel
layer 2 connection between two end nodes which consists of one or more paths (for
redundancy) between end nodes
3.1.3
common mode failure
failure that affects all redundant elements for a given function at the same time
3.1.4
complete failure
failure which results in the complete inability of an item to perform all required functions
[IEV 191-04-20]
3.1.5
connection
logical relationship between two nodes
3.1.6
coverage
probability that a failure is discovered within a time short enough for redundancy to handle it,
also expressing the percentage of failures caught up by redundancy vs. total number of
failures
3.1.7
cut-through switching
a technology in which a switching node starts transmitting a received frame before this frame
has been fully received
3.1.8
degradation failure
failure which is both a gradual failure and a partial failure
[IEV 191-04-22]
– 10 – 62439-1 © IEC:2010(E)
3.1.9
dependability
collective term used to describe the availability performance and its influencing factors:
reliability performance, maintainability performance and maintenance support performance
NOTE Dependability is used only for general descriptions in non-quantitative terms.
[IEV 191-02-03]
3.1.10
device
physical entity connected to the network composed of communication element and possibly
other functional elements
NOTE Devices are for instance nodes, routers and switches.
3.1.11
doubly attached node
node that has two ports for the purpose of redundant operation
3.1.12
edge port
port of a switch connected to a leaf link
3.1.13
end node
node which is producer or consumer of application data
NOTE For the purpose of the IEC 62439 series, further specification is given in 0.
3.1.14
error
discrepancy between a computed, observed or measured value or condition and the specified
or theoretically correct value or condition
NOTE 1 An error can be caused by a faulty item, e.g. a computing error made by faulty computer equipment.
NOTE 2 The French term “erreur” may also designate a mistake (see IEV 191-05-25).
[IEV 191-05-24, modified]
3.1.15
failure
termination of the ability of an item to perform a required function
NOTE 1 After a failure, the item has a fault.
NOTE 2 "Failure" is an event, as distinguished from "fault", which is a state.
NOTE 3 This concept as defined does not apply to items consisting of software only.
[IEV 191-04-01]
3.1.16
fault
state of an item characterized by its inability to perform a required function, excluding the
inability during preventive maintenance or other planned actions, or due to lack of external
resources
NOTE A fault is often the result of a failure of the item itself, but may exist without prior failure.
[IEV 191-05-01]
62439-1 © IEC:2010(E) – 11 –
3.1.17
fault recovery time
time from the fault event, to the time when the network regains its required communication
function in the presence of the fault
NOTE After fault recovery, the network is operating in a degraded mode using some of the redundancy elements,
so it has reduced fault resilience, and may not be able to recover from a second fault.
3.1.18
frame
unit of data transmission on an ISO/IEC 8802-3 MAC (Media Access Control) that conveys a
protocol data unit (PDU) between MAC service users
[IEEE 802.1Q, modified]
3.1.19
(instantaneous) failure rate
limit, if it exists, of the quotient of the conditional probability that the instant of a failure of a
non-repaired item falls within a given time interval (t, t + Δt) and the duration of this time
interval, Δt, when Δt tends to zero, given that the item has not failed up to the beginning of
the time interval
[IEV 191-12-02]
NOTE The failure rate is the reciprocal number of the MTTF when the failure rate is constant over the lifetime of
one item.
3.1.20
inter-switch link
link between two switches
3.1.21
inter-switch port
port of a switch connected to another switch via an inter-switch link
3.1.22
LAN
A layer 2 broadcast domain in which MAC addresses are unique and can be addressed from
any other device belonging to that broadcast domain
NOTE 1 A VLAN allows multiplexing several LANs on the same network infrastructure.
NOTE 2 In the context of redundancy, a network may consist of several LANs operated in redundancy, in which
case it is called a redundant LAN.
3.1.23
leaf link
link between an end node and the LAN
NOTE For the purpose of the IEC 62439 series, further specification is given in 5. 2. 1. 3.
3.1.24
linear topology
topology where the switches are connected in series, with two switches each connected to
only one other switch and all other switch each connected to two other switches (that is,
connected in the shape of a line)
NOTE 1 This topology corresponds to that of an open ring.
NOTE 2 This configuration is sometimes named “daisy chain”. The IEC 62439 series does not use the term “daisy
chain” because of possible confusion with the term “daisy chain” used elsewhere for busses. From the wiring point
of view they require two different implementations.

– 12 – 62439-1 © IEC:2010(E)
[IEC 61918, 3.1.39, modified]
3.1.25
link
physical, point-to-point, generally duplex connection between two adjacent nodes
[ISO/IEC 11801, 3.1.51, modified]
NOTE “Link” is different from “bus”, which is a broadcast physical medium.
3.1.26
Link Redundancy Entity
entity at layer 2 that hides port redundancy from the upper layers, by forwarding to the upper
layers the frames received from the active redundant ports as if they came from a single port,
and by forwarding to the active redundant ports a frame coming from the upper layers
3.1.27
link service data unit
data transported within a protocol layer on behalf of the upper layer
NOTE The link service data unit in an Ethernet frame is the content of the frame located between the Length/Type
field and the Frame Check Sequence.
3.1.28
mean failure rate
mean of the instantaneous failure rate over a given time interval λ(t , t ).
1 2
[IEV 191-12-03]
NOTE The IEC 62439 series uses “failure rate” for the meaning of “mean failure rate” defined by IEV 191-12-03.
3.1.29
mean operating time between failures
MTBF
expectation of the operating time between failures
[IEV 191-12-09]
3.1.30
mean time to failure
MTTF
expectation of the time to failure
[IEV 191-12-07]
3.1.31
mean time to recovery
MTTR
expectation of the time to recovery
[IEV 191-13-08, modified]
3.1.32
mesh topology
topology where each node is connected with three or more inter-switch links
3.1.33
message
ordered series of octets intended to convey information
NOTE Normally used to convey information between peers at the application layer.

62439-1 © IEC:2010(E) – 13 –
[IEC 61784-2, 3.1.14]
3.1.34
network
communication system consisting of end nodes, leaf links and LAN(s)
NOTE A network may have more than one LAN for the purpose of redundancy.
3.1.35
node
network entity connected to one or more links
NOTE Nodes may be either a switch or an end node or both.
[IEC 61784-2, 3.1.16, modified]
3.1.36
partial failure
failure which results in the inability of an item to perform some, but not all, required functions
3.1.37
path
set of links and switches joined in series
NOTE There may be two or more paths between two switches to provide redundancy.
3.1.38
plant
system that depends on the availability of the automation network to operate
EXAMPLE Plants can be power plants, printing machines, manufacturing systems, substations, vehicles.
3.1.39
port
connection point of a node to the network
[ISO/IEC 8802-3, modified]
NOTE 1 This definition is different from a TCP port or a UDP port, which the IEC 62439 series qualifies explicitly
if necessary.
NOTE 2 A port includes the layer 1 and 2 implementation.
3.1.40
recovery
event when the network regains the ability to perform its required communication function
after a disruption
NOTE Examples of disruptions could be a fault or removal and reinsertion of a component.
3.1.41
recovery time
time period between disruption and recovery
3.1.42
redundancy
existence in an item of two or more means for performing a required function
[IEV 191-15-01]
NOTE In the IEC 62439 series, the existence of more than one path (consisting of links and switches) between
end nodes.
– 14 – 62439-1 © IEC:2010(E)
3.1.43
reinstatement recovery time
time to reinstate the original, or pre-fault, network configuration, including original operating
and management states in each device
3.1.44
reliability
ability of an item to perform a required function under given conditions for a given time
interval
[IEV 191-02-06]
NOTE 1 It is generally assumed that the item is in a state to perform this required function at the beginning of the
time interval.
NOTE 2 The term “reliability” is also used as a measure of reliability performance (see IEV 191-12-01).
3.1.45
repair
action taken for the re-establishment of the specified condition
3.1.46
repair recovery time
delay between the start of the repair action and the completion of repair of the faulty element
such that the network has regained both its required communication function and its required
fault resilience
NOTE 1 This time includes any network down time caused by the repair process, for example a network outage to
replace a switch with several good ports and one faulty port.
NOTE 2 This time does not include re-instatement time to return the network from its backup mode of operation to
the original mode of operation.
3.1.47
ring link
link that connects two switches of a ring
3.1.48
ring port
port of a switch to which a ring link is attached
3.1.49
ring topology
topology in which each node is connected in series to two other nodes
NOTE 1 Nodes are connected to one another in the logical shape of a circle.
NOTE 2 Frames are passed sequentially between active nodes, each node being able to examine or modify the
frame before forwarding it.
3.1.50
robustness
behaviour of the network in face of failures
3.1.51
root bridge
switch with the lowest value of an RSTP Bridge Identifier parameter in the network
[IEEE 802.1D]
62439-1 © IEC:2010(E) – 15 –
3.1.52
route
layer 3 communication path between two nodes
3.1.53
single failure criterion
capacity of a system that includes redundant components to maintain its full functionality upon
one failure of any of its components, prior to maintenance or automatic recovery
3.1.54
single point of failure
single failure point
component whose failure would result in failure of the system and is not compensated for by
redundancy or alternative operational procedure
NOTE A single point of failure or single failure point causes a common mode failure. It may be caused by a
design error in the redundant elements or by an external cause that affects all redundant elements in the same way,
e.g. extreme temperature.
3.1.55
singly attached node
node that has only one port to a LAN
3.1.56
stand-by redundancy
redundancy wherein a part of the means for performing a required function is intended to
operate, while the remaining part(s) of the means are inoperative until needed
[IEV 191-15-03]
NOTE This is also known as dynamic redundancy.
3.1.57
star topology
topology in which all devices are connected to a central node
3.1.58
store-and-forward switching
a technology in which a switching node starts transmitting a received frame only after this
frame has been fully received.
3.1.59
switch
switch node
MAC bridge as defined in IEEE 802.1D
NOTE The term “switch” is used as a synonym for the term “switch node”.
3.1.60
switching end node
an end node and a switch combined in one device
3.1.61
systematic failure
failure related in a deterministic way to a certain cause, which can only be eliminated by a
modification of the design or of the manufacturing process, operational procedures,
documentation or other relevant factors
NOTE 1 Corrective maintenance without modification will usually not eliminate the failure cause.
NOTE 2 A systematic failure can be induced by simulating the failure cause.

– 16 – 62439-1 © IEC:2010(E)
[IEV 191-04-19]
3.1.62
topology
pattern of the relative positions and interconnections of the individual nodes of the network
[derived from IEC 61918, 3.1.67]
NOTE Additional aspects such as the delay, attenuation and physical media classes of the paths connecting
network nodes are sometimes also considered to be properties of the topology.
3.1.63
tree topology
topology in which any two nodes have only one path between them and at least one switch is
attached to more than two inter-switch links
3.1.64
trunk portion
part of a switched LAN that carry traffic for several end nodes
3.1.65
upper layer entity
parts of the protocol stack immediately above the redundancy handling layer
3.1.66
worst case recovery time
maximum expected recovery time amongst all faults and for all allowed configurations
NOTE This delay is important for a network designer to indicate which aspects of the network need special
treatment to minimize communication disruption.
3.2 Abbreviations and acronyms
BRP Beacon Redundancy Protocol, IEC 62439-5
BPDU Bridge management Protocol Data Unit, according to IEEE 802.1D
CRP Cross-network Redundancy Protocol, see IEC 62439-4
DAN Doubly Attached Node
DRP Distributed Redundancy Protocol, see IEC 62439-6
DUT Device Under Test
HSR High-availability Seamless Redundancy, see IEC 62439-3
IP Internet Protocol, layer 3 of the Internet Protocol suite
IT Information Technology
LAN Local Area Network
LRE Link Redundancy Entity
MAC Media Access Control
MRP Medium Redundancy Protocol, see IEC 62439-2
MTBF Mean Time Between Failure
MTTF Mean Time To Failure
MTTFN Mean Time To Failure of Network

62439-1 © IEC:2010(E) – 17 –
MTTFS Mean Time To Failure of System
MTTR Mean Time To Repair
MTTRP Mean Time To Repair Plant
OUI Organizational Unique Identifier
PDU Protocol Data Unit
PICS Protocol Implementation Conformance St
...