Typical Remote Mine Application Network,
an open pit uranium mine in western Canada
Architecture rationale
The diagram follows the IEC 62443 zone-conduit model, which is mandatory for a Canadian Nuclear Safety Commission (CNSC)-licensed uranium mine. There are five distinct security zones separated by enforced boundaries:
The DMZ / comms hub is the single controlled chokepoint where both LEO satellite paths terminate. Primary (Starlink) and secondary (OneWeb or equivalent) links enter here and are load-balanced or failed-over by the SD-WAN appliance. No WAN traffic reaches the OT or safety zones without passing through the next-generation firewall implementing zero-trust policy.
The Safety / SIS zone is intentionally air-gapped from the WAN in normal operation. Emergency shutdown systems, fire and gas panels, personnel mustering, and the satellite EPIRB backup operate independently of whether the WAN link is up. This is a CNSC licensing requirement, not a design choice.
The private LTE/5G mesh is the on-site access network that connects everything on the pit floor to the zones above. For a large open pit this typically means four to six Rajant BreadCrumb or equivalent nodes on benches, with a repeater node aimed at the pit floor where the geometry creates shadowing.
What requirements would look like for HQ-to-mine connectivity
A properly structured requirements document for this application would cover these quantified parameters:
Availability and resilience
| Application class | Required availability | Max permitted outage |
|---|---|---|
| SCADA / safety alarm | 99.99% | 52 min/year |
| Autonomous truck control | 99.95% | 4.4 hr/year |
| Video surveillance | 99.9% | 8.7 hr/year |
| Crew welfare / voice | 99.5% | 43 hr/year |
| Administrative IT | 98% | 175 hr/year |
The dual-LEO architecture with SD-WAN failover is specifically sized to meet the SCADA and truck-control tiers. A single LEO link cannot deliver 99.99% — dual independent paths through geometrically separated ground stations can approach it.
Latency budgets by traffic class
Autonomous haul truck control loops require end-to-end round-trip latency under 100 ms, with jitter under 20 ms. At 20–50 ms one-way for LEO, this budget is achievable with properly prioritized QoS but leaves little margin for congestion. SCADA polling for pump and valve status is tolerant of up to 500 ms. Video analytics can tolerate up to 2 seconds of latency before the HQ operator's situational awareness degrades. Crew voice over IP requires under 150 ms one-way.
Bandwidth envelope
A minimal-manning site with approximately 20 workers, four autonomous haul trucks, a survey drone, and full SCADA telemetry would drive roughly: SCADA/OT data 2–5 Mbps sustained; video surveillance (compressed) 15–30 Mbps sustained; drone video during operations 10–20 Mbps burst; autonomous truck telemetry 4–8 Mbps; crew data/voice 5–10 Mbps; administrative IT 5–15 Mbps. Total sustained demand approximately 40–90 Mbps, with peaks during drone operations or shift changeover exceeding 100 Mbps. This shapes the LEO terminal selection — a single Starlink Standard terminal at 50–200 Mbps is marginal; the Starlink Performance terminal or a parallel dual-terminal configuration is the correct specification.
Environmental and physical requirements
Northern Saskatchewan operates at temperatures from −45°C to +35°C. All outdoor hardware must be rated to at least −40°C operating and −55°C storage. IP66 minimum for dust/weather ingress. The LEO flat-panel antenna must be on a heated mount with automatic snow-clearing or tilt capability, because wet snow accumulation at 0°C is the primary cause of winter link outages in this geography. Generator-backed UPS with at minimum 4-hour runtime on all comms and safety systems to bridge generator start/transfer events.
CNSC regulatory requirements specific to uranium
Unlike a gold or copper mine, a uranium mine in Saskatchewan operates under a CNSC Class I or II mine licence. The licence requires continuous radiation monitoring data to be transmitted to CNSC on a defined schedule, tamper-evident logging of all radiation readings, and the ability for CNSC inspectors to access monitoring data remotely. These requirements translate directly into network specifications: the CNSC regulatory link must be on a separate, logged, encrypted channel with defined retention and integrity guarantees. This channel's availability requirement is set by the licence, not by the operator.
Recovery time objectives
The requirement that is most often omitted from commercial specifications: how fast must the system recover after each failure mode? For this application the answer would be: WAN link failover (primary to secondary LEO) under 30 seconds with no manual intervention; generator transfer to comms UPS under 10 seconds; full site network restoration after comms hub hardware failure under 4 hours with on-site spare equipment. That last number drives the spare parts list and technician training requirement, which are themselves deliverables of a properly scoped integration contract.
No comments:
Post a Comment