When our team first walked into the automotive parts factory, the network engineer pointed at the floor and said:
"Every machine has a cable. Every cable is a liability."
He wasn't being dramatic. In that factory, 340 CNC machines were wired with Cat6 across a 12,000 m² floor. Every six months, a forklift would snap a cable. Production would stop. Someone would spend two days tracing the fault.
They wanted to go wireless. But the last time they tried — with Wi-Fi 6 access points — latency spikes during shift changes caused enough PLC timeouts to make the floor supervisor veto the whole project.
So we tried 5G industrial routers instead. Here's what we learned.
The Real Problem: It's Not Bandwidth, It's Determinism
Most engineers assume the hard part of industrial wireless is speed. It isn't. A CNC machine sending status data and receiving G-code corrections doesn't need gigabit throughput. It needs predictable, low-jitter delivery — every 10 ms, without fail.
Wi-Fi's CSMA/CA access mechanism introduces variable contention delay. In a factory with 300+ devices all transmitting simultaneously, that jitter becomes a real problem for time-sensitive PLC communication.
5G's air interface uses a scheduled OFDMA approach — the base station allocates slots deterministically. Under 5G SA (Standalone) architecture with URLLC (Ultra-Reliable Low-Latency Communication) configured, end-to-end latency can stay under 5 ms with jitter under 1 ms — which is within tolerance for most industrial control loops.
What the Architecture Looked Like
[CNC Machine + PLC]
|
[5G Industrial Router] ← per machine, DIN-rail mounted
|
(5G SA Network — private on-premises gNB)
|
[Edge Server / MES Gateway]
|
[Cloud SCADA / ERP]
Each machine got a dedicated industrial 5G router mounted directly on the control cabinet. Key specs that mattered in practice:
- Operating temperature: -40°C to +70°C (the floor near the furnaces runs hot)
- Vibration resistance: IEC 60068-2-64 tested — CNC machines vibrate constantly
- Dual SIM with automatic failover: primary = private 5G, failover = public LTE
- Hardware watchdog: auto-reboot on process hang, no manual intervention needed
The routers terminated the 5G connection and exposed a local Ethernet/serial port to the PLC. From the PLC's perspective, it was just talking to a wired gateway — no firmware changes needed.
The Private 5G vs Public 5G Decision
This is where most projects get stuck. Public 5G (carrier SIM) is easy to set up but gives you zero control over QoS, and your manufacturing data routes through a third-party core network — a non-starter for most OT security teams.
We went with a private 5G deployment:
- Deployed 4 × indoor gNBs (base stations) covering the full floor
- Ran a local 5G core (UPF + AMF/SMF stack) on an edge server on-site
- Traffic never left the building — the data plane was entirely local
- Spectrum: used CBRS (Citizens Broadband Radio Service) in the 3.5 GHz band
Total RF planning took about 3 days. The main challenge was multipath interference from the metal machine bodies — we ended up doing a proper site survey with a spectrum analyzer before finalizing antenna placement.
Latency Numbers, Before and After
| Metric | Wi-Fi 6 (previous attempt) | 5G SA Private |
|---|---|---|
| Average RTT (PLC ping) | 4.2 ms | 2.8 ms |
| P99 latency | 47 ms | 6.1 ms |
| Jitter (std dev) | 8.3 ms | 0.4 ms |
| PLC timeout events / week | 23 | 0 |
The P99 number is what sold the floor supervisor. The average looked fine with Wi-Fi too — it was the tail latency that was killing them.
The Security Piece (OT Teams Will Ask)
Industrial OT networks are air-gapped for a reason. Going wireless raised immediate concerns from the security team. Here's how we addressed them:
Network segmentation: Each 5G router was assigned to a dedicated network slice (or VLAN at the MES layer). CNC machine traffic was completely isolated from office IT.
Authentication: SIM-based mutual authentication (5G AKA) — no passwords, no certificates to manage on 340 devices.
VPN overlay: Despite the private core, we still ran IPSec tunnels from each router to the MES gateway. Belt and suspenders.
No internet access from OT devices: Firewall policy on the UPF dropped any packet destined outside the factory subnet. The routers could only reach the edge server.
What Didn't Work (Honest Post-Mortem)
- Initial handover during AGV movement: Autonomous guided vehicles moving between gNB coverage zones hit a 200–400 ms gap during handover. We fixed this with X2 handover configuration between base stations, but it took two weeks of tuning.
- Older PLCs with RS-232 serial output: Some legacy Fanuc controllers only had RS-232. The 5G routers supported serial-to-IP conversion, but we had to configure raw TCP socket mode carefully to avoid framing errors.
- Heat in the control cabinet: A few routers mounted inside sealed cabinets near the spindle motors hit thermal throttling. We moved those to external DIN-rail mounts with ventilation cutouts.
When Does 5G Actually Make Sense?
5G industrial routers aren't the right answer for every deployment. Here's a rough heuristic:
Use 5G when:
- You have mobile or semi-mobile equipment (AGVs, robotic arms on tracks)
- Cabling is physically difficult or expensive (large floors, hazardous areas)
- You need sub-10 ms deterministic latency at scale
- OT security requires traffic to stay on-premises (private 5G)
Stick with wired when:
- Equipment is fixed and cable runs are already in place
- Budget doesn't support private 5G infrastructure (~$150K–$400K for a floor deployment)
- Your PLCs are legacy serial-only and conversion adds too much complexity
Closing Thought
The factory floor supervisor, six months later: "I haven't thought about the network once."
That's the goal. Industrial connectivity infrastructure should be invisible — reliable enough that the people running production never have to think about it.
If you're working through a similar deployment — private 5G, industrial routing, OT/IT convergence — happy to dig into specifics in the comments.
For reference, the 5G industrial routers used in this deployment are from Wavetel's industrial router line: waveteliot.com
Top comments (0)