manualshive.com logo in svg

ABB AC500 V3, System Manual, Page: 76 / 119

Share
Download
ABB AC500 V3 System Manual Download Page 76

Fig. 22: Security zones

Fig. 22 shows three safety zones, but the number of zones is not necessarily decisive, there can

also be more or less - depending on the safety requirement. The use of multiple zones allows

access between zones of different trust levels to be controlled to protect a trusted resource from

attack by a less trusted one.

High-security zones should be kept small and independent. They need to be physically pro-

tected, i.e. physical access to computers, network equipment and network cables must be

limited by physical means to authorized persons only. A high-security zone should obviously not

depend on resources in a less secure zone for its security. Therefore, it should form its own

domain that is administered from the inside, and not depend on, e.g., a domain controller in a

less secure network.

Even if a network zone is regarded as trusted, an attack is still possible: by a user or compro-

mised resource that is inside the trusted zone, or by an outside user or resource that succeeds

to penetrate the secure interconnection. Trust therefore depends also upon the types of meas-

ures taken to detect and prevent compromise of resources and violation of the security policy.

References: 

Security for industrial automation and control systems

7.1.2  Secure operation

The controller must be located in a protected environment in order to avoid accidental or

intended access to the controller or the application.

A protected environment can be:

● Locked control cabinets without connection from outside
● No direct internet connection
● Use firewalls and VPN to separate different networks
● Separate different production areas with different access controls

To increase security, physical access protection measures such as fences, turnstiles, cameras

or card readers can be added.

Follow these rules for the protected environment:

● Keep the trusted network as small as possible and independent from other networks.
● Protect the cross-communication of controllers and the communication between controllers

and field devices via standard communication protocols (fieldbus systems) using appro-

priate measures.

● Protect such networks from unauthorized physical access.
● Use fieldbus systems only in protected environments. They are not protected by additional

measures, such as encryption. Open physical or data access to fieldbus systems and their

components is a serious security risk.

 

Configuration and programming

Cyber security > Secure operation

2023/03/03

3ADR011074, 1, en_US

76

Summary of Contents for AC500 V3

Page 1: ...SYSTEM MANUAL PLC Automation Automation Builder programmable logic control lers control panels Automation Builder AC500 V3 AC500 eCo V3 AC500 XC V3 AC500 S CP600 CP600 eCo CP600 Pro...

Page 2: ...net assembly for AC500 Standard 30 5 2 Control cabinet assembly for AC500 eCo 32 5 3 Mounting and demounting general information 33 5 3 1 Optimized mounting of the option boards 34 5 4 Mounting and de...

Page 3: ...update 86 9 3 Control panel firmware application update 87 9 4 Reset to factory settings 87 10 Troubleshooting 88 11 Maintenance 90 11 1 Replace an AC500 module 90 11 2 Replace an I O module with hot...

Page 4: ...r download Programming examples available in engineering suite Open Automation Builder menu Help Project examples Application descriptions for specific features and use cases Release notes for the lat...

Page 5: ...ions in the chapter Additional information of the catalog Both the AC500 control system and other components in the vicinity are operated with dan gerous touch voltages Touching live components can le...

Page 6: ...For example it looks like this Select the magic button Your current position will be highlighted in the bookmark tab 1 6 Structure of safety notices Throughout the documentation we use the following t...

Page 7: ...indicates a hazardous situation which if not avoided could result in minor or moderate injury Ensure to take measures to prevent the described dangerous situation NOTICE NOTICE is used to address pra...

Page 8: ...tools of Automation Builder PS501 Control Builder Plus Only qualified personnel are permitted to work with AC500 S safety PLCs The examples and diagrams in this manual are included solely for illustr...

Page 9: ...grounding switch cabinet grounding is supplied both by the mains connection or 24 V supply voltage and via the DIN rail The DIN rail must be connected to ground before power is supplied to the device...

Page 10: ...arc which could create an ignition source resulting in fire or explosion Prior to proceeding make sure that power is been disconnected and that the area has been thoroughly checked to ensure that flam...

Page 11: ...iderations Recycle exhausted batteries Dispose of batteries in an environmentally con scious manner in accordance with regulations issued by the local authorities Safety instructions 2023 03 03 3ADR01...

Page 12: ...for flexible application AC500 eCo AC500 eCo PLCs are cost effective high performance compact PLCs that offer total inter operability with the core AC500 range and provide battery free buffering of r...

Page 13: ...I Os or other communication protocols Depending on the features and functions of the processor module CPU compatible components can be added to a complete AC500 PLC system 01 Terminal base for proces...

Page 14: ...with up to 16 channels for analog and or digital signals 8 Removable terminal blocks 3 3 AC500 eCo S500 eCo system structure AC500 eCo S500 eCo series is compatible with AC500 S500 The compact AC500 e...

Page 15: ...e can be expanded by up to 10 I O modules to increase the number of the I O channels Fig 3 I O modules S500 eCo directly connected to an AC500 eCo processor module Up to 10 I O modules can be connecte...

Page 16: ...s syntax errors in programming To receive the state or data of the site via the input interface and save it into the shadow register or data register To read the user programs in the memory one by one...

Page 17: ...of the processor module on the same terminal base are directly powered via the internal communication module bus of the terminal base A separate voltage source is not required The terminal base is ne...

Page 18: ...nce The PLC provides multiple I O interfaces for operation level and drive capability to users for selection such as digital input digital output analog input analog output etc I O interfaces of the P...

Page 19: ...s mainly include NORflash NANDflash EEPROM memory card etc AC500 PLCs store all user programs in the nonvolatile memory to protect them from power failure The programs are exported to the volatile mem...

Page 20: ...type up to three option board slots are available for extension Each option board slot supports most existing types of option board module The option board modules provide the following functionality...

Page 21: ...bject to frequent change and access during PLC operation It is saved in the volatile memory to meet the requirements for random access The work data memory of the PLC has the memory area for input and...

Page 22: ...le communication options Further information on page 4 3 8 Automation Builder Short description engineering software Details about the Automation Builder license model the features of the editions and...

Page 23: ...lso helpful for example for setting and entering control parameters Includes color change moving elements bitmaps text display allows input of setpoint values and display of process variables read fro...

Page 24: ...left side and a bus output at the right side Thus the length of the I O bus increases with the number of attached I O modules Table 1 Maximum number of I O devices which can be connected to the I O b...

Page 25: ...as been thoroughly checked to ensure that flammable materials are not present The devices must not be opened when in operation The same applies to the network interfaces Table 1 Maximum number of I O...

Page 26: ...all individual consump tions The two supply voltages with 24 V DC are distinguished in the AC500 platform Supply of the internal logic via terminals L and M on the CPU module or an the AC500 terminal...

Page 27: ...nication modules I O bus II O bus Number of expansion modules Current consumption through the I O bus per module and IUP IUP1 ILOAD1 IUP2 ILOAD2 IUP3 ILOAD3 IUP4 ILOAD4 IUP5 ILOAD5 IUP6 ILOAD6 IUP7 IL...

Page 28: ...are exemplary values 4 3 2 Dimensioning of the fuses To be able to select the fuses for the station correctly both the current consumption and the inrush currents melting integral for the series conn...

Page 29: ...reduce the programming effort and implement quickly your application In our main catalog we offer an overview of the available libraries and software packages Reference documentation for the function...

Page 30: ...ting and pollution moisture and wetness and mechanical damage control cabinet IP54 for common dry factory floor environment is suitable Maintain spacing from enclosure walls wireways adjacent equipmen...

Page 31: ...ng plate grounded NOTICE Horizontal mounting is highly recommended Vertical mounting is possible however derating consideration should be made to avoid problems with poor air circulation and overheati...

Page 32: ...t unauthorized access dusting and pollution moisture and wetness and mechanical damage control cabinet IP54 for common dry factory floor environment is suitable Maintain spacing from enclosure walls c...

Page 33: ...nd to place end stop terminals at the right and left side of the device to properly secure the modules 5 3 Mounting and demounting general information The control system is designed to be mounted to a...

Page 34: ...ssipation of the option board the lower the mounting position should be selected The TA5126 2AO UI option board has the highest power dissipation and must always be mounted at the lowest option board...

Page 35: ...sed order If the terminal base should be mounted with screws wall mounting accessories TA526 must be inserted at the rear side first These plastic parts prevent bending of the terminal base while scre...

Page 36: ...3 modules e g one terminal base and two terminal units 2 Using the mounted modules as a template carefully mark the center of all module mounting holes on the panel 3 Return the mounted modules to th...

Page 37: ...ocessor module 2 Press the processor module into the terminal base until it locks in place 3 The demounting is carried out in a reversed order Press above and below then remove the processor module Me...

Page 38: ...ure the bus connectors are securely locked together to ensure proper connection Max 10 terminal units can be attached 3 Demounting A screwdriver is inserted in the indicated place to separate the term...

Page 39: ...panel 3 Return the mounted modules to the clean work surface including any previously mounted modules 4 Drill and tap the mounting holes for the screws M4 or 8 recommended 5 Place the modules back on...

Page 40: ...le into the dedicated holes of the terminal base Then rotate the communication module on the dedicated terminal base slot until it is locked in place NOTICE Risk of malfunctions Unused slots for commu...

Page 41: ...O modules 1 Press the I O module into the terminal unit until it locks in place 2 The demounting is carried out in a reversed order Press above and below then remove the module Mechanical planning an...

Page 42: ...r module is grounded via DIN rail The DIN rail must be included into the grounding conception of the plant Mount the processor module at the top of the DIN rail then snap it in below Mechanical planni...

Page 43: ...I O modules if connected 2 While pressing down processor module pull it away from DIN rail Mechanical planning and installation Mounting and demounting the AC500 eCo processor module Demounting a proc...

Page 44: ...concept of the plant Do NOT use insulating washers One TA543 wall mounting accessory is needed per processor module 1 Snap in the TA543 at the back side of the processor module 2 Fasten the processor...

Page 45: ...metal plate 1 Remove I O modules if connected 2 Remove the 2 screws Mechanical planning and installation Mounting and demounting the AC500 eCo processor module Demounting a processor module mounted o...

Page 46: ...S500 eCo I O modules can be mounted either on a DIN rail or with screws on a metal plate NOTICE Risk of function faults The S500 eCo I O modules are grounded via the DIN rail The DIN rail must be incl...

Page 47: ...e serial I O bus is connected automati cally 1 Remove I O module by hand if connected Demounting I O modules mounted on a DIN rail Mechanical planning and installation Mounting and demounting the S500...

Page 48: ...e The metal plate must be included into the grounding concept of the plant Do NOT use insulating washers One TA566 wall mounting accessory is needed per S500 eCo I O module 1 Snap in the TA566 at the...

Page 49: ...module The serial I O bus is connected automatically 3 Fasten the I O module with two screws diameter 4 mm to the metal plate Mechanical planning and installation Mounting and demounting the S500 eCo...

Page 50: ...ssories for AC500 Standard This section only describes accessories that are frequently used for system assembly connec tion and construction Demounting I O modules mounted on a metal plate Mechanical...

Page 51: ...be disturbed 1 Memory card 2 Micro memory card 3 Micro memory card adapter 4 Memory card slot Insert the memory card into the memory card slot of the processor module until locked 1 MC502 or MC5141 me...

Page 52: ...er the mounting position should be selected The TA5126 2AO UI option board has the highest power dissipation and must always be mounted at the lowest option board slot The optimized mounting position...

Page 53: ...board out of the slot CAUTION Risk of injury and damaging the product Always plug in the option board slot cover when the option board is not inserted If the option board slot cover is lost please or...

Page 54: ...pply a 13 pin terminal block and a 12 pin terminal block for I O connectors are used For all CPUs there is a screw and a spring variant available Basic CPU Standard and Pro CPUs Spring terminal TA5211...

Page 55: ...using unapproved terminal blocks Only use terminal blocks approved by ABB to avoid injury and damage to the module Terminal block set for PM50x2 Processor modules PM50x2 CPU are not delivered with ter...

Page 56: ...cover 2 Micro memory card 3 Micro memory card slot 1 Open the micro memory card slot cover by turning it upwards 2 Carefully insert the micro memory card into the micro memory card slot as far as it...

Page 57: ...rom the micro memory card slot by gripping and pulling with two fingers 3 Close the micro memory card slot cover by turning it downwards 5 13 Control panels CP600 Refer to the installation instruction...

Page 58: ...nd before power is supplied to the device The grounding may be removed only if it is certain that no more power is being supplied to the control system In case of screw mounting grounding must be ensu...

Page 59: ...expected strength The devices themselves must not emit electro magnetic noises Advant controller components have a very high noise immunity When the wiring and grounding instructions are met an error...

Page 60: ...nium parts Do not use sheath wires Do not use toothed lock washers under screw connections Fig 10 Assembly wrong Fig 11 Assembly correct Make a connection between the DIN rails and PE Protective Earth...

Page 61: ...en the PE bar and the shield bar must have a low impe dance 6 2 4 Control cabinet Installation of configurations in shielded cabinet can be required in shipping applications Follow specific instructio...

Page 62: ...sary if there are present or expected poten tial differences between parts of your application The impedance of equipotential bonding must be equal or lower than 10 of the shield impedance of the shie...

Page 63: ...ential bonding between the cabinets min 16 mm2 12 Cable shields grounding 13 Fieldbus connection e g Ethernet 6 3 Connection and wiring This chapter provides general information about the platform Spe...

Page 64: ...or the processor module is galvanic isolated from the power supply for the I O modules As soon as the power supply for the processor module is present the processor module starts The power supply of t...

Page 65: ...pply voltage M 0 V Negative pin of the power supply voltage FE Functional earth 6 3 1 3 Connection of wires at the spring terminals 1 2 3 b a conductor driver screw b Screwdriver for Opening for Openi...

Page 66: ...must be at least 15 mm free of insulation at the tip 4 While erecting the screwdriver insert it until the stop requires a little strength 5 Screwdriver inserted terminal open 6 Strip the wire for 7 m...

Page 67: ...ation at the tip 3 While erecting the screwdriver insert it until the stop requires a little strength terminal is now open 4 Remove wire from the open terminal 5 Done 6 3 1 4 Terminals for CANopen com...

Page 68: ...r a transmission rate of 10 Mbit s cables of at least category 3 IEA TIA 568 A 5 Cat3 or class C according to European standards are allowed For fast Ethernet with a transmission rate of 100 Mbit s ca...

Page 69: ...four pairs of twisted wires Different color codes exist for the coding of the wires the coding according to EIA TIA 568 version 1 being the one most commonly used In this code the individual pairs ar...

Page 70: ...cond station 12345678 12345678 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 Fig 20 Wiring of a crossover cable For networks with more than two subscribers hubs or switches have to be used additionally for distribu...

Page 71: ...g type Screw type Spring type Screw type TA5211 TSPF B TA5211 TSCL B TA5212 TSPF TA5212 TSCL Pin Assignment Pin Label Function Description Terminal block inserted 1 FE Functional earth 2 L 24 V DC Pos...

Page 72: ...ription 1 Tx Transmit Data 2 Tx Transmit Data 3 Rx Receive data 4 NC Not connected 5 NC Not connected 6 Rx Receive data 7 NC Not connected 8 NC Not connected Shield Cable shield Functional earth 6 3 3...

Page 73: ...in the installation and licensing document All information about the configuration and the programming are available in the software manual contained in PLC Automation manual Detailed information is...

Page 74: ...rable number of open ports that should be monitored carefully for any threats It has to be considered that online connections to any devices are not secured It is your responsibility to assure that co...

Page 75: ...nts should be able to quickly discover weaknesses and provide patches Only used services ports should be enabled e g to enable the functionality of an FTPS server References CODESYS Security Whitepape...

Page 76: ...se of resources and violation of the security policy References Security for industrial automation and control systems 7 1 2 Secure operation The controller must be located in a protected environment...

Page 77: ...e purposes they should be carefully scanned for viruses immediately before connection All CDs DVDs USB memory sticks and other removable data carriers and files with software or software updates shoul...

Page 78: ...t the least since such networks are normally further connected to the Internet or other external networks The IS network is therefore a different lower security zone and it should be separated from th...

Page 79: ...cks by patching vulnerabilities and turning off inessential services Hardening a system involves several steps to form layers of protection Commissioning phase Protect the hardware from unauthorized a...

Page 80: ...r of the control panel HMI Decommissioning phase Delete all credentials stored in the device like certificates and user data Chapter 12 Decommissioning on page 96 References Hardening in Wikipedia 202...

Page 81: ...iles tab 6 Click the refresh button 7 Open the cert folder in the PLC 8 Open the export folder 9 Copy the certificate request file 1_IoDrvFTPServer csr to any folder on your PC 10 This file here 1_IoD...

Page 82: ...communication policy accordingly so that only encrypted connections are allowed An application can be encrypted and signed in order to protect a running application in an AC500 V3 PLC and to protect a...

Page 83: ...tocol Description 1217 TCP CODESYS Gateway V3 1210 TCP CODESYS Gateway V2 1211 TCP CODESYS Gateway V2 22350 TCP UDP CodeMeter License Server runtime license 22352 HTTP CodeMeter License Server runtime...

Page 84: ...pplication on a very new processor module is the same process than updating a firmware and an application on a CPU Chapter 9 2 PLC firmware application update on page 86 The PLC starts with the new fi...

Page 85: ...panel included Commis sioning example The PLC has an integrated diagnosis system to output diagnosis messages e g parameter setting is wrong or battery low A diagnosis message is indicated by ERR LED...

Page 86: ...ious operating elements provided on the front panel can be used to control the devices of the PLC system and or to change the operating mode Operating elements Status LEDs Indicates the availability o...

Page 87: ...d on page 108 Fig 26 The Version information tab of a device in Automation Builder 9 3 Control panel firmware application update The system components can be updated via Panel Builder software or via...

Page 88: ...ore Check power supply Replace the module or HMI I O module on a hot swap ter minal unit does not respond and is not available for online connection I O module is not plugged or damaged As soon as the...

Page 89: ...the display of the processor module shows Grace for 5 min PLC runs in grace mode because at least one feature license which has been available disappeared If the grace time expires PLC will go to stop...

Page 90: ...before you connect or disconnect any signal or terminal block remove mount or replace a module Disconnecting any powered devices while energized in a hazardous location could result in an electric arc...

Page 91: ...ing of attached I O modules Communication interface modules CI5xx as of index F0 Processor modules PM56xx 2ETH with firmware version as of V3 2 0 NOTICE Risk of damage to I O modules Hot swapping is o...

Page 92: ...allation improperly NOTICE Risk of damage to I O modules Hot swapping is only allowed for I O modules Processor modules and communication interface modules must not be removed or inserted during opera...

Page 93: ...0 14 is part of the I O configuration For min required device index see table below Device Min required device index for I O module as of FW Version 3 0 14 AC522 XC F0 AI523 XC D2 AI531 D4 AI531 XC D...

Page 94: ...p Hot swap is not supported by AC500 eCo V3 CPU Central I O on V3 CPU I O module on TU5xx H connected to I O bus master AC500 V3 CPU types PM56xx 2ETH Required version of I O bus master Firmware as of...

Page 95: ...des an overview of the modules on the I O bus including the position of hot swap terminal units in the I O bus In the application program this can be detected with a func tion block IoModuleHotSwapInf...

Page 96: ...and battery from CPU 6 Delete all user accounts and user data 7 Demount and dispose the hardware modules Chapter 13 Recycling on page 97 If you can not access the data stored in the CPU e g because t...

Page 97: ...s responsibility to dispose of this product by taking it to a designated WEEE collection facility for the proper collection and recycling of the waste equipment The separate collection and recycling o...

Page 98: ...play and the buttons Fig 27 Example battery is empty or missing Err 1 Total number of active diagnosis messages here 1 E4 bat Error severity here 4 and location of error here battery Id 1 In the list...

Page 99: ...E2 FLd flash disk 12 19 0 0 n 0 n Flash memory is temporary protected read only panic mode E2 iob I O bus 17 14 0 0 0 Error setting I O bus master parameter E2 diS display 23 21 0 0 0 Wrong version of...

Page 100: ...ror Check wiring and sensor If this error persists replace I O module Contact ABB tech nical sup port E3 iob I O bus 18 Module number 1 Channel number 0 Test error E3 diS display 22 21 0 0 0 Error at...

Page 101: ...ow for channels Check channel wiring and sensor con figuration E3 iob I O bus 524 Module number 1 Channel number 0 Stuck at error E3 iob I O bus 525 Module number 1 Channel number 0 Readback error Che...

Page 102: ...0 0 Wrong parameter value check config uration E3 iob I O bus 8979 Module number 0 0 Checksum error has occured in iPara meter or F Parame ters E3 iob I O bus 8986 Module number 0 0 Invalid configura...

Page 103: ...I O module If this error persists increase PROFIsafe watchdog time E3 iob I O bus 16154 Module number 0 0 Parameter error Check con figuration E3 iob I O bus 16156 Module number 0 0 F Parameter config...

Page 104: ...sor power supply E4 iob I O bus 263 Module number 1 Channel number 0 Measurement under flow at analog input Check channel wiring and sensor power supply E4 iob I O bus 266 Module number 1 Channel numb...

Page 105: ...m hot swap ter minal unit E4 iob I O bus 9500 Module number 0 0 Wrong I O module replugged on hot swap terminal unit Remove wrong I O module and plug pro jected I O module E4 iob I O bus 9514 Module n...

Page 106: ...Invalid value of parameter LED E11 CPU 21 0 2 0 1 too big or 2 too small Invalid value of parameter Battery E11 CPU 24 0 2 0 1 too big or 2 too small Invalid value of parameter Diag nosis stop on err...

Page 107: ...11 iob I O bus 16145 0 0 0 0 Error setting I O bus master parameter E11 iob I O bus 16146 0 0 0 0 Failed to start the parameterization of modules E11 iob I O bus 16147 Module number 0 0 0 Failed setti...

Page 108: ...terface Ex Et1 or Et2 Ethernet ETH1 or ETH2 14 2 PLC firmware application update via memory card 14 2 1 Preparation of memory card Firmware packages can be downloaded from ABB website or exported from...

Page 109: ...t project and firmware or Export Firmware 3 Choose a location for the export folder Select Make New Folder and type in MEMORY CARD 4 Select OK to add the folder Appendix PLC firmware application updat...

Page 110: ...d The copy process can be performed with the Automation Builder software with the memory card inserted in the processor module or with the PC with a suitable memory card slot 1 Insert memory card into...

Page 111: ...of the MEMORY CARD folder but not the MEMORY CARD folder itself and copy them 3 Select the memory card and paste the copied subfolders and files 14 2 2 Execution of update via memory card Precondition...

Page 112: ...boot project and firmware Chapter 14 2 1 Preparation of memory card on page 108 1 Switch off the device 2 Insert the memory card 3 Switch on the device The alternate flashing of the RUN and the ERR L...

Page 113: ...cation visualizations Data buf fering Data buffering i e maintaining data after power ON OFF is only possible if a battery is connected for AC500 CPU and the buffering will take place in FLASH with AC...

Page 114: ...et Performs a START STOP process Preparation for program restart i e the variables VAR exception RETAIN varia bles are set to their initialization values Reset is performed using the menu item Online...

Page 115: ...rogram in the PLC s RAM using the menu item Online Start in the programming system If a user program is loaded into RAM execution is continued i e variables will not be set to their initialization val...

Page 116: ...cription 22 B block diagrams grounding concept 58 C central I O extension 13 15 centralized I O expansion 13 15 centralized I O extension 13 centralized IO extension 15 CI 19 CM 16 communication modul...

Page 117: ...rewall protection 75 firmware update control panel 87 PLC 86 108 FM 19 function module terminal base mounting and demounting 35 38 G grounding concept block diagrams 58 H hardware protection 79 HMI 22...

Page 118: ...Safety devices 21 safety notice 6 SD card 51 56 108 SD memory card 51 56 108 secure operation 76 security 8 74 security notice 6 serial I O bus 24 services 83 SM560 S 21 SM560 S FD 1 21 SM560 S FD 4...

Page 119: ...0 6221 701 1444 E mail plc support de abb com new abb com plc new abb com plc automationbuilder new abb com contact centers We reserve all rights in this document and in the information contained the...

Reviews:

No comments