hilscher NIOT-E-TPI51-EN-RE Page 226 User Manual Download | Manualshive

Page: 226 / 258

background image

Public Key Infrastructure

226/258

16.3.3

Use case 3: Client certificates for specific servers

The Edge Gateway (client) is able to authenticate itself to a specific server.
For this, you can store client certificates in the Edge Gateway. This use
case extends use case 1 (The Edge Gateway uses server certificates, to
identify a server and to encrypt messages). In case, you want to ensure
that the server identifies the Edge Gateway, the Edge Gateway has to send
his client certificate to the server.

From the point of view of the Edge Server, the client certificates relate to
outbound HTTPS and OPC UA connections.

For

each

server the Edge Gateway should send an certificyte for

authentication, you have to upload a pair of files (private key

xyz_key.pem

and certificate

xyz_cert.pem

). The prefix (here

xyz_

) has

to be identical for each file pair (you can freely choose the prefix).

You can upload and use client certificates in the Edge Gateway for Node-
RED only.

Note:

The certificate (containing the public key) and the private key are
stored in two separated files and uploaded individually into the Edge
Gateway. You as the user are solely responsible that the file with
the certificate and the file with the private key fit together, which you
have uploaded into the Edge gateway.. for logical connection
between certificate and private key, i.e. that the public key
contained in thespecified certificate fits to the specified private key.

Node-RED

You can upload several pairs of files (one pair for one server) in order to
use the client certificate functionality. Use the same prefix for one pair of
files. For each server, a separate pair of files is necessary.

For a Node-RED node, you need to use a path to the certification file as
well as to the private key file:

·

Mark the entry

xyz_cert.pem

and then click

Copy path

. Use the

copied path in the Node-RED node for the path to the certificate.

·

Mark the entry

xyz_key.pem

and then click

Copy path

. Use the

copied path in the Node-RED node for the path to the private key.

OPC UA Client in Node-RED

The Edge Gateway is able to communicate with exactly one OPC UA
Server using the authentication based-on client certificates. The file names
are

·

Certificate file

node-opcuaclient_cert.pem

and

·

File with the private key

node-opcuaclient_key.pem

Edge Gateway | NIOT-E-TPI51-EN-RE (Connect)
DOC170502UM04EN | Revision 4 | English | 2018-08 | Released | Public

© Hilscher 2017 – 2018

«
...
224
225
226
227
228
...
»

Summary of Contents for NIOT-E-TPI51-EN-RE

Page 1: ...User manual netIOT Edge Gateway NIOT E TPI51 EN RE Connect V1 1 2 Hilscher Gesellschaft für Systemautomation mbH www hilscher com DOC170502UM04EN Revision 4 English 2018 08 Released Public ...

Page 2: ...ateway 17 6 1 Establishing the IP address communication 17 6 2 Using the web browser to establish a connection with the Edge Gateway 18 6 2 1 Using the host name 18 6 2 2 Access to the Edge Gateway in the Windows network environment 19 7 Edge Gateway Manager 20 7 1 Calling the Edge Gateway Manager 20 7 2 Edge Gateway Manager web page 21 8 Control Panel 23 8 1 Opening the control panel 23 8 1 1 Fir...

Page 3: ...ED 79 9 4 1 Using Git hub repository to store flows projects 81 9 4 2 Menu Deploy 82 9 4 3 Dashboard 84 9 5 List of nodes 94 9 6 MQTT input node 97 9 7 MQTT output node 102 9 8 OPC UA input node 104 9 9 OPC UA output node 110 10 Examples for Node RED 112 10 1 Example 1 Inject and debug node 112 10 2 Example 2 MQTT input node 114 10 3 Example 3 MQTT output node 118 10 4 Example 4 OPC UA input node ...

Page 4: ... configuration 187 13 3 3 Signal definitions overview 196 13 3 4 Download of the EDS file 197 13 3 5 Help 197 14 Edge Server 198 14 1 Function principle 198 14 1 1 Communication with IT network and mobile devices 198 14 1 2 Communication with the OT network 200 14 1 3 Access rights to the REST API 200 14 1 4 Functions of the Edge Server 201 14 1 5 Internal structure of the Edge Server 202 14 2 Edg...

Page 5: ... trusted certification authority store of the Edge Gateway 229 16 5 Working with server certificates for inbound connections 230 16 5 1 Working with certificates for HTTP and OPC UA Server 230 16 5 2 Working with key files for HTTP and OPC UA Server 233 16 6 Working with client authentication certificates for outbound connections 235 16 6 1 Working with certificates for client authentication 235 1...

Page 6: ...lows are deleted Section Using Git hub repository to store flows projects page 81 added Section Isolated application execution with Docker page 210 added 3 2018 06 11 HHe RGö Section OPC UA Server for Edge page 62 added 4 2018 08 13 RGö HHe Section Displaying the system log files page 35 added Section Security page 68 added Section Public Key Infrastructure page 218 added Table 1 List of revisions...

Page 7: ...omation and IT network a secure operating system the execution of signed firmware and packets as well as encryption techniques of the latest standards secure the data integrity and offer protection against data theft The gateway base function forms the web based Thing Wiring editor Node RED which serves to model the flows in the devices Data apps and data profiles are created within minutes with p...

Page 8: ... 3 Fieldbus ERR NS 6 RUN MS APL SYS LED1 LED2 ACT POW 1 LINK L A LINK L A ACT Rx TX ACT Rx TX IN CH0 OUT CH1 7 8 9 10 11 5 4 12 Top view Front view Bottom view Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 9: ...connectors page 10 8 LAN connector RJ45 jacket port 1 Eth0 LAN connectors page 10 9 Real Time Ethernet connector RJ45 jacket channel 0 Real Time Ethernet connectors page 10 10 Real Time Ethernet connector RJ45 jacket channel 1 Real Time Ethernet connectors page 10 11 24 V DC supply voltage connector Mini Combicon Power supply page 10 12 Cover at bottom of device bolted Table 2 Positions of the int...

Page 10: ...scribes how you can set the IP address parameters of the LAN interfaces 4 4 Real Time Ethernet connectors The Edge Gateway has 2 RJ45 connectors to connect the fieldbus to a Real Time Ethernet network OT network positions 9 and 10 see section Positions of the interfaces page 8 For data exchange at the fieldbus use the fieldbus input and output in node Node RED Sections Example 6 Fieldbus input nod...

Page 11: ...onfiguring wireless communication WiFi page 54 describes how you activate the antennas and how to set the Wi Fi operating mode 4 7 HDMI connector The Edge Gateway has an HDMI connection for a monitor position 1 which is not required for the operation of the Edge Gateway The HDMI interface is inactive by default and just outputs boot information during the boot process of the device If you want to ...

Page 12: ...RR NS 3 RUN MS APL SYS LED1 LED2 ACT POW 1 LINK L A LINK L A ACT Rx TX ACT Rx TX IN CH0 OUT CH1 4 5 6 8 9 7 1 2 Figure 3 NIOT E TPI51 EN RE LED positions Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 13: ...See section LEDs of the PROFINET IO Device interface page 14 and section LEDs of the EtherNet IP Adapter interface page 15 APL yellow Application status SYS yellow green System status LED1 yellow GPIO12 can be programmed currently not used LED2 yellow GPIO13 can be programmed currently not used ACT green Activity POW green Voltage supply is OK Table 4 Description of gateway status LEDs 5 3 LEDs of...

Page 14: ...dependent The device sends receives Ethernet frames off Off The device does not send receive Ethernet frames Table 6 LED states for the PROFINET IO Device protocol LED state Definition Flashing 1 Hz 3 s The indicator turns on and off for 3 seconds with a frequency of 1 Hz on for 500 ms followed by off for 500 ms Flashing 2 Hz The indicator turns on and off with a frequency of 2 Hz on for 250 ms fo...

Page 15: ...ion in the device drawing 1 Duo LED red green green On Connected An IP address is configured at least one CIP connection any transport class is established and an Exclusive Owner connection has not timed out green Flashing 1 Hz No connections An IP address is configured but no CIP connections are established and an Exclusive Owner connection has not timed out green red off Flashing green red off S...

Page 16: ... green on for 250 ms then red on for 250 ms then off until the test is completed Flickering load dependant The indicator turns on and off with a frequency of approximately 10 Hz to indicate high Ethernet activity on for approximately 50 ms followed by off for 50 ms The indicator turns on and off in irregular intervals to indicate low Ethernet activity Table 9 LED state definitions for the EtherNet...

Page 17: ...h a network in which a DHCP server is available ð The Edge Gateway obtains an IP address from the DHCP server Access to the Edge Gateway is possible now Note The Edge Gateway sends a request to a DHCP server once after switching on the device or after each connection of the Ethernet cable i e when the Edge Gateway detects a link signal If you want to activate a request of the Edge Gateway to the D...

Page 18: ...evice Where do you find the host name on the device The device is delivered factory setting with a label printed at its bottom In the figure below the host name has a red frame Figure 6 Device label Hostname Establishing a connection with the host name Ø Enter the following address in the address line of your browser https hostname Example For the device with the host name NTB827EB1D9D94 enter htt...

Page 19: ...ge Gateway in the Windows network Ø Open the context menu of this entry and select Properties Ê The menu provides information on the Edge Gateway e g serial number MAC address host name or die IP address Ø Click on the link under Device web page ð The Edge Gateway manager opens Ø To open the Edge Gateway manager you can also double click on the device icon ð The Edge Gateway manager opens You can ...

Page 20: ...es stored in the Edge Gateway Ø To open the Edge Gateway manager enter the following information in the address line of your browser https Host name of the Edge Gateway or https IP address of the Edge Gateway ð Your browser displays the Edge Gateway manager Figure 8 Edge Gateway Manager Note Remember that the secured HTTPS protocol is used here not the widely spread HTTP protocol Edge Gateway NIOT...

Page 21: ...n on the system Opens the wiring editor Node RED Section Node RED The wiring editor page 73 describes how to create applications for the Edge Gateway Opens the Node RED Dashboard graphical user interface Opens the Edge Server Control Center See section Edge Server page 198 Opens the Docker management See section Isolated application execution with Docker page 210 Opens the Edge Gateway documentati...

Page 22: ... the Hilscher homepage in the Internet Requires a connection to the Internet Opens legal information concerning the Edge Gateway Requires a connection to the Internet Table 10 Starting applications with the Edge Gateway Manager Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 23: ...splay device specific information Ø Click the tile Control Panel Ø The login screen for the Control Panel is displayed Ø Enter your user name and your password Ø Click at Login ð The Control Panel will be displayed Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 24: ... the preset password under Current Password With the first commissioning the password is admin Ø Enter the new administrator password It must have at least 7 characters For reasons of safety Hilscher recommends using significantly more characters A strong password consists of upper and lower case letters digits and special characters A quality indicator in the dialog box evaluates the password Wea...

Page 25: ...list of known authorized issuers of certificates Each time the certificate of the server arrives at the browser the browser compares the issuer of the certificate with the issuers stored in the list of known authorized issuers of certificates If the issuer of the certificate is not listed the browser will signal a certificate error and request the user s confirmation to continue because it assumes...

Page 26: ...with Firefox If you use Firefox as a browser a self signed certificate will cause the following error message Figure 11 Security error message of the Firefox browser 1 To avoid this message caused by a self signed certificate proceed as follows Ø To display the complete message click Advanced Figure 12 Security error message of the Firefox browser 2 Ø To define an exceptional rule that enables the...

Page 27: ...ntly check the box Permanently store this exception Ø To save the rule click Confirm Security Exception ð When you open the control panel in future security messages will no longer be displayed Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 28: ...of Google Chrome 1 Proceed as follows in order to avoid the following message which is caused by a self signed certificate Ø Click at ADVANCED to display the complete message Figure 15 Security error message of Google Chrome 2 Ø In order to continue click at Proceed to unsafe ð The Control Panel is displayed Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Release...

Page 29: ...ion LAN page 51 Network WiFi Configuring the WiFi communication Configuring wireless communication WiFi page 54 Network Field Configuring the operating mode of the fieldbus interface Real Time Ethernet Field page 59 Network Hostname Displaying and configuring the host name identifying the Edge Gateway in the network Hostname page 60 Services Service List Displaying starting and stopping the servic...

Page 30: ...ter displays the following information System info Description Hardware ident Serial number of the Edge Gateway Model name Model designation of the Edge Gateway NIOT E TPI51 EN RE Firmware version Complete version designation of the firmware stored in the Edge Gateway System time Synchronization status of the internal clock of the Edge Gateway When the clock is synchronized via the network the IP ...

Page 31: ...lable memory and the memory that is currently utilized on the integrated Solid State Disk of the Edge Gateway Table 13 Info Center Area Monitoring Temperature Description CPU temperature Display of the temperature of each processor core in the Edge Gateway Table 14 Info Center Area Temperature If the data of the area Monitoring cannot be read this is grayed out Edge Gateway NIOT E TPI51 EN RE Conn...

Page 32: ... You can open it as follows Ø Open the Control Panel Ø Select System License Manager Ê The window of the License Manager opens Figure 18 License Manager with license for the passive mode of operation The table License enabled Software Packages displays the currently available licenses in the example a license for the passive mode of operation of the Edge Gateways is available Open Details window i...

Page 33: ...your e mail 1 The denomination of the desired license 2 The number of your delivery note for reference 3 The LAN MAC address of your device to be taken from the device label 4 The e mail address to which the license download link shall be sent to Specify the following as the subject of your e mail Request for a netIOT Licence Ø Send the e mail to Hilscher vertrieb hilscher com Ø Hilscher creates a...

Page 34: ... LIC Ø Click on OK Ê The license file is transferred into the Edge Gateway If the transfer is successful the following message is displayed Figure 20 Message after the transfer of the license file into the Edge Gateway Ê To activate the license a restart of the Edge Gateways is necessary Ø Click on OK Ê The license is installed now but becomes active after the next restart of the Edge Gateways Ø F...

Page 35: ...ng to a configurable set of rules So for system supervision and safeguarding correct reaction on error situations the file logging daemon syslogd or an improved successor of it runs on every Linux system On the Edge Gateways from Hilscher the widely spread logging daemon Syslog ng is used which had been developped by BalaBit IT Security Ltd now One Identity https syslog ng org Openíng the system l...

Page 36: ...y angled brackets like 45 for instance The priority can be calculated from two numeric values the facility signifying the origin of the message located within the upper 5 Bits the severity signifying the urgence and importance of the message located within the lower 3 Bits The following formula accomplishes this Priority 8 Facility Severity The facility is coded according to the following table Co...

Page 37: ...essage The length of HOSTNAME is limited to 255 characters APPLICATION This part of the message line contains the name of the device or application originally generating the message The length of APPLICATION is limited to 48 characters PID This part of the message line contains the name of the process or the process ID of the syslog application originally sending the message This may not necessari...

Page 38: ...06T13 59 41 00 00 ISOTIMESTAMP localhost HOSTNAME syslog ng APPLICATION 1524 PID Process name or process D ofsyslog application sending the message MESSAGEID meta sequenceId 1 STRUCTURED DATA Meta information syslog ng starting up version 3 8 1 MSG Real message text Table 17 Assignment of parts of message line 8 3 3 2 Log rotation Usually the Edge Gateway is configured for a daily change of the lo...

Page 39: ...ction Method Standard presetting manually Manual selection by entering date and time yes automatically NTP synchronized by means of a time server no Table 18 Setting the system time Figure 22 Time configuration page Note When you change a system time setting always reboot the Edge Gateway afterwards so that all software components in the Edge Gateway take the changed time System Reboot Edge Gatewa...

Page 40: ...hronized Ø Click Add NTP server Ê The dialog box for entering the NTP server is displayed Ø In the input field NTP server enter the address of a server which uses the NTP to synchronize the time E g To add the server for time synchronization of the Physikalisch Technische Bundesanstalt the National Metrology Institute of Germany to the list enter the address ptbtime1 ptb de in the input field NTP ...

Page 41: ...ault value is Universal For Central European Time set CET Note Once the system time has been set system services and Node RED flows which use the system time for synchronization loose their reference time i e they refer to the new time set When you change a system time setting always reboot the Edge Gateway afterwards so that all software components in the Edge Gateway take the changed time Edge G...

Page 42: ...the backup depends on the quantity of data A running backup cannot be interrupted The backup can deteriorate the performance of the Edge Gateway Save the backup on an external data carrier because any existing backup will be overwritten irrevocably without prior notice In order to create a backup of your system proceed as follows Ø Select System Backup and Restore in the control panel Ê The follow...

Page 43: ...h as time expense increased system load and missing possibility of abortion Ø In order to start the backup process click at Yes Ê The following screen indicates the start of the backup process by the text Backup in progress Figure 25 Backup in progress ð If the backup process has successfully been finished the formerly grayed out buttonDownload local backup is activated and the backup file is offe...

Page 44: ... is initiated that this process can last for a significant amount of time and cannot be interrupted that you must not interrupt power supply of the Edge Gateway in any case In order to restore your system from a previous internal backup proceed as follows Ø Select System Backup and Restore within the Control Panel Ê The following screen appears Figure 26 Backup and recovery Ø Click at Restore from...

Page 45: ...d Figure 28 Security query prior to system recovery from internal backup file Ê You are informed about the above mentioned consequences of system recovery Ø If you want to proceed taking into account these consequences then click at Yes Ø The system on your device is restored from the system files stored within the internal backup In any way do not interrupt the power supply of the Edge Gateway du...

Page 46: ... backup file that a new start of the system is initiated that this process can last for a significant amount of time and cannot be interrupted that you must not interrupt power supply of the Edge Gateway in any case In order to restore your system from a previous external backup i e download of an internal backup proceed as follows Ø Select System Backup and Restore within the Control Panel Ê The ...

Page 47: ...ior to starting recovery from external backup Ê You are informed about the above mentioned consequences of system recovery Ø If you want to proceed taking into account these consequences then click at Yes ð The selected file is checked for correctness If the file is no image file does not contain a backup or is defective in any other way an error message is displayed Otherwise your system is recov...

Page 48: ...safety query indicates the danger of possible data loss at deleting the backup if it has not externally been saved via the download function Figure 33 Safety query before deletion of local backup Ø If you are still sure that you really intend to delete the local backup click at Yes ð The local backup is internally deleted Right of Local backup the text No backup is displayed now instead the name o...

Page 49: ...rier 8 3 6 Rebooting the system You have to login as Administrator to use this function In order to reboot the system Ø Within the Control Panel select menu entry System Reboot Ê The following safety query is displayed Figure 35 Reboot safety query Ø If you really intend to reboot the system answer to the safety query with ð The Linux operating system of your Edge Gateway is shut down and then imm...

Page 50: ...hut down the Edge Gateway 8 4 Packet management 8 4 1 Managing packets Open this page with Package Manager Packages In order to access this page you require the following access right Managing packets This page contains the package management of the Linux based operating system of the Edge Gateway This page lists the installed packages including version adds new signed packages or updates already ...

Page 51: ...hernet interface cifx0 see below describes how you can activate this interface For each Ethernet interface you can configure how to set the IP address The Edge Gateway is to obtain the IP address parameters automatically from a DHCP server Option DHCP The IP address parameters are manually entered by the user Option Fixed address The IP address parameters include the IP address the subnet mask the...

Page 52: ...ress IP address parameters entered by the user If you enter the IP address manually also always enter the subnet mask and the Gateway address Domain Name System If you enter the IP address parameters manually enter the IP address of the 1st and 2nd domain name server Table 19 Table LAN Meaning of the columns If you want to save your changes permanent click on Save changes Edge Gateway NIOT E TPI51...

Page 53: ... Service page is displayed Ø If the Node RED service is in the state Stop yellow then mark the service Node RED Ø Set the Autostart to enabled that the Node RED service is started with the next start of the device also Ø Click on Apply Ø Click at Operating status on Start Ê The Node RED service has been started and is displayed green 3 Display Ethernet interface cifx0 Ø Open the LAN page with Netw...

Page 54: ...f operation Operating mode Description Disabled WiFi is deactivated Access Point In the operating mode Access point the Edge Gateway enables other WiFi capable devices to establish a connection with the Edge Gateway and its peripheral devices Client In the operating mode Client the Edge Gateway acts as WLAN Ethernet adapter This allows the integration of the Edge Gateway into an already existing W...

Page 55: ...e mode Ê A safety query whether you want to really change the operation mode appears Ø Confirm the message with OK ð The message WiFi Settings are succcessfully changed is displayed Operating mode Access point Figure 41 WiFi operating mode Access point Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 56: ...nter the SSID to be used in the wireless network WLAN of the Edge Gateway Note Do not use the default SSID To be able to use a WLAN connection you have to enter the SSID on the WiFi client Encryption displays the encryption method used in the radio network Shared key Here you enter the key to be used in the wireless network WLAN of the Edge Gateway To be able to use a WLAN connection you have to e...

Page 57: ... a DHCP server Activated The DHCP server will send the IP address parameters automatically Deactivated You have to enter the IP address parameters manually IP address to enter the IP address of the client manually Subnet mask to enter the subnet mask of the client manually Gateway to enter the IP address of the Gateway manually for the client DNS server 1 and 2 to enter the IP address of the 1st a...

Page 58: ...word is displayed Ø Enter the password and click Connect ð The Edge Gateway tries to establish a WLAN connection with the found client If this does not succeed an error message is displayed Delete stored connection Ø In the table of the connections click Delete in the row to be deleted ð The stored connection is deleted and the message WiFi successfully disconnected is displayed Saving the WiFi se...

Page 59: ...e operating mode Active is required for the typical operation of the Edge Gateway In this operating mode select a firmware PROFINET IO Device or EtherNet IP Adapter Note Do not use the PROFIBUS DP Slave firmware In Node RED use the fieldbus input node to receive data from the fieldbus see section Example 6 Fieldbus input node page 135 and the fieldbus output node to send data to the fieldbus see s...

Page 60: ...access the Edge Gateway from your PC even without knowing the IP address of the Edge Gateway also see Using the web browser to establish a connection with the Edge Gateway page 18 If the Edge Gateway does not obtain an IP address from a DHCP server the system cannot translate the host name and you cannot access the device Figure 43 Hostname Input field Hostname In order to specify the hostname ent...

Page 61: ...n The service is being executed yellow The service is configured but not executed red The service is neither configured nor executed grey Right for accessing this service is missing Table 25 Operating statuses of the services 8 6 1 1 Node RED service Deleting the current Node RED flows In case the processing of a flow in the Edge Gateway takes a very long time e g due to an endless loop you can de...

Page 62: ...C UA Server for Edge settings within the Control Panel page Network Field The following table describes the parameters of the OPC UA Server for Edge Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 63: ...d communication without encryption Checked not checked Sign Signed communication without encryption Checked not checked Sign Encrypt Signed communication with encryption Checked not checked Security settings Security policies At least one of these options must be checked If multiple options are checked the OPC UA Client may select a suitable of these options For maximum security you should choose ...

Page 64: ...access This mode does not provide any security and an OPC UA Client can connect via anonymous login Otherwise an OPC UA Client can access the den Edge Server via username and password Storing the settings for the OPC UA Server for Edge After you finished making your settings for the OPC UA Server for Edge you have to store these as follows in order to make them effective Ø Click at Save all Ê A me...

Page 65: ...er Management Roles On this page you can determine roles and assign access rights onto resources to these roles The roles Administrator and View are standard and cannot be deleted Figure 46 Page for configuring roles An access right is set per resource Each configuration page of the control panel which contains settable device parameters is a resource Access via REST API see Functions of the Edge ...

Page 66: ...e page 60 Access onto Field network Ethernet network Network Field Services Configure service S The displayed names depend on the installed services Services Service S Starting stopping and configuring services page 61 Security Install security certificates Security SSL TLS Certicate Uploading and installing own security certificates Edge Server Access via REST API Edge Server REST API Functions o...

Page 67: ...es and access rights for this role will be displayed Ø Assign the access right per resource Ø Click at 8 7 2 Managing user accounts Open this page with User Management Accounts On this page you can add process delete user accounts Figure 47 User account page Each user account has a user name a password and an assigned role Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English ...

Page 68: ... display information related to certificates and the associated keys you require access rights for reading on Public Key Infrastructure To add certificates and keys you require access rights for writing on Public Key Infrastructure Figure 48 Public Key Infrastructure for managing of certificates The GUI of the public key infrastructure consists of these areas 1 Selection list for the certificate t...

Page 69: ...2 you can select a PEM file containing information about a certificate or a key In case of selection of a certificate important information about the selected certificate is displayed in the area Certificate Viewer right side Depending on the selected certificate type 1 the file selection area for certificate and key files either displays a list structure or a tree structure On selection of Truste...

Page 70: ...cording to the X 509 standard such as information on the issuer serial number country locality organisation and oganisation unit are displayed see section Structure of a certificate according to X 509 page 220 Note For more information on the foundations of asymmetric encryption techniques and public key infrastructure see sections Asymmetric encryption page 218 and Certificates and keys page 220 ...

Page 71: ... 8 10 Session 8 10 1 User profile Open this page with Session User Profile No access rights are required in order to open this page Figure 52 User profile page On this page you can display the access rights of your user account change your E mail address and change your password Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 72: ...password Ø Specify your password at the input field New Password Ø In order to confirm your input specify your password again at the input field Confirm Password Ø Click on ð The changed password is saved 8 10 2 Logout To log out from the Edge Gateway use Session Logout No access rights are required to select this menu entry Prior to accessing the Edge Gateway again a new login Specifying user nam...

Page 73: ...th drag and drop Node RED is based on node js a platform independent runtime environment to develop Web applications with server side java scripting This manual explains you how to use Node RED for configuration and wiring of nodes within the netIOT Edge Gateway This manual refers to the following versions Node RED version 0 18 node js minimal V4 x Note You can find information about Node RED in t...

Page 74: ...with one another to get flows as shown in the following figure Figure 55 Wiring the nodes The following basic properties apply to one Node RED node A node fulfills a specific defined task A node has entry masks for setting the parameters A node can have inputs and outputs A node can be connected with other nodes via its inputs and outputs A node can modify and overwrite data before passing the dat...

Page 75: ...hboard Nodes offer functions e g Web based communication TCP UDP send receive MQTT publish subscribe Serial send receive Time emitter 9 2 Opening Node RED This section describes how to call Node RED for configuring the flow within the netIOT Edge Gateway Prerequisite To login you have to know your user name and password To open Node RED proceed as follows Ø Open the Edge Gateway manager see Callin...

Page 76: ...space will be displayed Figure 56 Node RED workspace Note Remember that the secured HTTPS protocol is used here not the widely spread HTTP protocol If the Node RED workspace does not open read the following sections in compliance with the browser used Connection without certificate with Microsoft Internet Explorer page 26 Connection without certificate with Firefox page 26 Connection without certi...

Page 77: ...figuration nodes If necessary the display has to be activated first Node RED menu View Configuration nodes 7 Debug output If necessary the display has to be activated first Node RED menu View Debug messages 8 Information output If necessary the display has to be activated first Node RED menu View Information 9 Sidebar The sidebar can be switched on or off 10 Zoom 11 Workspace which contains one or...

Page 78: ...e editable 3 The red triangle shows that a required parameter is not configured yet 4 The blue circle shows that this node has been changed but not transmitted yet 5 Output port if available 6 Node status if available 7 Input port if available Table 30 Node elements Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 79: ...e from the library 2 Configuring node parameters A node may require parameters that you can configure in an edit dialog The fieldbus node is an example for a node which is configured via an edit dialog 3 Connecting nodes to determine the flow In Node RED the data flow is realized as flow 4 Using Deploy to activate the flow in the Edge Gateway The flow in the workspace still has to be activated in ...

Page 80: ...output port of the node in the example called Hello World node to the input port of the other node ð Thus the two nodes are connected by a line wire in the workspace but they are not yet activated in the Edge Gateway 4 Using Deploy to activate the flow in the Edge Gateway Ø Click on Deploy ð The flow will be deployed from the workspace to the Edge Gateway and activated Edge Gateway NIOT E TPI51 EN...

Page 81: ...ct you have to specify or to know the following names User name for Git Email address Project name Description for the project optional Flow file name The key if encryption is used Starting from the Node RED menu use Projects New to create a new project in Git and use Projects Open to open an existing project in Git To open the project settings use Projects Project Settings to display or change th...

Page 82: ...lows which contain modified nodes Modified Nodes deploys only nodes that have been modified Table 31 Commands of menu Deploy Procedure Ø Click on the white arrow located at the right edge of the red button Deploy Ê The menu Deploy opens Ø Click on the menu command to be executed Ê The dialog box Confirm Deploy is displayed Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English ...

Page 83: ...ally want to execute the deploy procedure Ø Click on Cancel to correct any possible errors ð The flow has not been deployed to the Edge Gateway or Ø Click on Confirm deploy to deploy the flow to the Edge Gateway and activate it ð Thus the flow is activated in the Edge Gateway Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 84: ...le text field on the user interface gauge Adds a round gauge display to the user interface chart Adds a chart to the user interface can be configured as line chart bar chart or pie chart notification Displays the contents of a message msg payload as popup notification or as dialog box Options Ok Cancel on the user interface audio out Adds audio output or speech output of text ui control Allows to ...

Page 85: ... displaying messages Layout 4 List field Menu links See section Working with menu links page 92 Layout 5 Selection list Style allows the selection of colors for background display light or dark background or user defined color display Theme 6 Input field Custom Profile allows to put in a name for a theme is only displayed if option Custom has been chosen in selection list Style Theme 7 Color selec...

Page 86: ...onfiguration 9 4 3 2 Display dashboard You can visualize the dashboard currently configured in the active Node RED flow and test it as f9ollows Ø Click at the button right of the input field Title ð In the browser a new register card is opened in which the dashboard is displayed graphically 9 4 3 3 Change title You can change the title of a dashboard as follows Ø Specify the title of the dashboard...

Page 87: ...in the tree structure Ê The icons and get visible Ø Click at the icon right of the name of the according tab ð The dialog Edit dashboard tab node is opened Figure 60 Dialog Edit dashboard tab node Ø Specify the desired name of the tab in field Name Ø If desired specify the icon type within the field Icon for instance Dashboard Ø In order to store click at in dialog Edit dashboard tab node ð The di...

Page 88: ... with groups is described such as creating new groups and changing and deleting groups Adding a group to a tab So you can add a group to the dashboard within a tab Ø Click at the icon right of the name of the according tab ð A new group is added below the already present groups If there is not any group the new group is directly added below the tab Editing a group In this way you can edit a group ...

Page 89: ...tion list Then a new tab is created and the current group is related to this new tab Ø Specify the width of the group in field Width Ø You can control via the checkbox Display Group Name whether the name of the group as displayed in the field Name is displayed on the dashboard or not Ø In order to store click at in dialog Edit dashboard tab node ð The dialog Edit dashboard tab node is closed and t...

Page 90: ...ou can add a widget of your choice to a group Ø Select a node for a widget from the node group dashboard out of the node library for instance for a line chart bar chart or pie chart the node for the widget Chart Ø Pull this node onto your worksheet using Drag Drop Ø Double click onto this node Ê The edit dialog of the node is opened Name and contents of the edit dialog depend on the choice of the ...

Page 91: ...ton dropdown switch slider numeric textinput form colour picker gauge chart audio out notification text template or ui control Note Further information can be found in the documentation of Node RED You can find it athttps github com node red node red dashboard Ø Select the desired settings for your widget Ø Click at ð The edit dialog is closed and the settings of your widget are stored Deleting a ...

Page 92: ...ialog Edit link node Ø Specify the desired name of the tab in field Name Ø Specify the link address in the field Link Protocol http or https Ø Specify in field Icon how the link should be opened Options dashboard or open_in_browser Ø Choose whether the link in the browser should be opened within a new tab Option New Tab or within an iframe Option iframe Ø In order to store click at in dialog Edit ...

Page 93: ... The dialog Edit dashboard tab node is opened Figure 65 Dialog Edit link node Ø In order to delete a link click at in dialog Edit link node ð The dialog Edit link node is closed and the link is removed from the link list Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 94: ...nput inject catch status link mqtt http websocket tcp udp fieldbus I O opc ua client s7comm Watson IoT serial Output debug link mqtt http response web socket tcp udp fieldbus LED I O opc ua client s7comm Watson IoT serial Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 95: ...ail out twitter in twitter out Storage file tail file in sqlite file out Analysis sentiment Advanced watch feedparse exec Cloud azureiothub Modbus Modbus Response Modbus Read Modbus Getter Modbus Flex Getter Modbus Write Modbus Flex Write Modbus Server Modbus Queue Info Modbus Flex Connector Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher...

Page 96: ... switch slider numeric text input date picker colour picker form text gauge chart audio out notification ui control template Table 34 List of standard nodes Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 97: ...r always contains a further entry Add new mqtt broker to add a new MQTT broker if no MQTT broker has been defined yet or if already existing brokers are not to be used Topic Input field In the input field Topic you can enter the topic for the MQTT communication If no name has been entered but an input has been made under Topic this input will be used as node name in the Node RED workspace Topic ca...

Page 98: ...ntegrated MQTT broker of the Edge Gateway Port Input field Here you enter the port via which Node RED communicates with MQTT Port 1883 for standard MQTT or 8883 for MQTT with TLS encryption is usually used here Client ID Input field If the box Use clean session is not checked you have to enter the client ID here to identify the client If the box Use clean session is checked no entry is required be...

Page 99: ... checking this box the MQTT protocol will be transmitted to SSL TLS via a secure connection with encryption For reason of data security we recommend checking this box Verify server certificate Checkbox By checking this box the security certificate of the server will be verified which will cause the browser to send security messages in case of problems with the certificate This checkbox is active o...

Page 100: ...he three values 0 1 and 2 The meaning of these values is as follows 0 At most once no acknowledge by the receiver 1 At least once the sender stores the message until it receives an acknowledge from the receiver 2 Exactly once Sender and receiver acknowledge the message using additional acknowledge messages Retain Selection list Here you can set whether the connection is to be maintained after use ...

Page 101: ... set the selection list QoS Quality of Service to one of the three values 0 1 and 2 The meaning of these values is as follows 0 At most once no acknowledge by the receiver 1 At least once the sender stores the message until it receives an acknowledge from the receiver 2 Exactly once Sender and receiver acknowledge the message using additional acknowledge messages Retain Selection list Here you can...

Page 102: ... MQTT protocol using the MQTT function publish Figure 72 MQTT output node Parameters of the MQTT output node This section describes the parameters of the MQTT output node Figure 73 Dialog box Edit MQTT out node Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 103: ...er stores the message until it receives an acknowledge from the receiver 2 Exactly once Sender and receiver acknowledge the message using additional acknowledge messages Retain Selection list Here you can set whether the connection is to be maintained after use TRUE The connection is to be maintained FALSE The connection will be terminated Name Input field Here you enter the name of the MQTT outpu...

Page 104: ...ver always contains an entry Add new OPC UA client to add a new OPC UA server if no OPC UA server has been defined yet or if already existing servers are not to be used Variable Display field Here the name of the variable is displayed the data of which is read The name of a variable will be displayed only after a variable has been selected with the Browse function This requires a connection to the...

Page 105: ...erver Figure 76 Dialog box Add new opcua client config node The address of the OPC UA server is structured as follows opc tcp IP addresse port Example opc tcp 192 168 253 12 4840 Port 4840 is the standard port for unencrypted OPC UA communication The following figure shows a configured Home tab Figure 77 Dialog box Edit opcua in node tab Home Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN...

Page 106: ...dd new opcua client config node see above Ø Transmit the OPC UA input node to the Edge Gateway using Deploy The left window of the tab Browse displays the objects of the server s address space within a tree structure The right window displays the attributes of the object selected in the left window Tab Mode In the tab Mode you select the parameters for the operating mode Subscribe or Polling under...

Page 107: ...value The value is transmitted only The value is transmitted without time stamp specific Only data that you can select by checking one box or several boxes will be transferred The time stamp will be transferred too Table 42 Options of the payload list By selecting the option specific you can select the attributes to be transmitted in the payload Figure 81 OPC UA in specific payload Edge Gateway NI...

Page 108: ...itions of the data transmission via OPC UA at a specific time You can set that the data is transmitted regularly at defined selectable weekdays at a fixed time interval between time Additionally you can limit the space of time in which the periodic repetitions at every take place to an exact time range between and and defined weekdays Table 43 Options of the list Repeat Edge Gateway NIOT E TPI51 E...

Page 109: ...onds Priority Relative priority Keep Alive Number of empty messages sent until the client is informed about timeout of session Sampling Period of time during which the monitored parameters can be processed and analyzed in milliseconds Queue size Number of the elements of the queue Discard old If selected old values are discarded Table 44 Parameters in Subscription Settings and Monitored Items Sett...

Page 110: ...they will be listed here The selection list Server always contains an entry Add new OPC UA client to add a new OPC UA server if no OPC UA server has been defined yet or if already existing servers are not to be used NodeID Display field Here the name of the variable is displayed the data of which is written The name of a variable will be displayed only after a variable has been selected with the B...

Page 111: ...53 12 4840 Port 4840 is the standard port for unencrypted OPC UA communication Tab Browse Figure 87 Dialog box Edit OPC UA out node tab Browse The left window of the tab Browse displays the objects in a tree structure The right window displays the attributes of the object selected in the left window To be able to use the browser function you must have entered the OPC UA server address transmitted ...

Page 112: ...to establish a connection with the Edge Gateway page 18 2 The Node RED workspace is open Step by step instructions 1 Inserting an inject node Ø Drag an inject node from the node library and drop it in the worksheet 2 Showing the sidebar Ø Show the sidebar with the key combination Ctrl spacebar or via the Node RED menu View Show Sidebar Ø Click the tab Info Ø Click the inject node to show its prope...

Page 113: ...e false complete false x 330 y 20 0 wires id b2605825 aea4d type inject z 9deaf786 3854a name topic payload payloadType date repeat crontab once false x 138 y 188 5 wires 46ae085e 4fd768 Testing the flow and displaying messages Ø Click the tab Debugin the sidebar Ø Click the left button at the inject node ð The sidebar should display numbers In the standard default setting the inject node uses the...

Page 114: ...tions 1 Inserting an MQTT input node Ø Drag an MQTT input node from the node library and drop it in the worksheet Ê The red triangle the MQTT input node is displayed with indicates that the node still needs some more parameters which you have to configure in the following steps 2 Showing the sidebar Ø Show the sidebar using the keyboard shortcut Ctrl spacebar or via the Node RED menu View Show Sid...

Page 115: ... Ø Enter the name localhost in the field Server of the tab Connection By means of localhost you address the MQTT broker integrated in the Edge Gateway Ø For this simple example you can adopt the preset parameters without having to enter any further parameters Ø Click Add Ê The MQTT broker is configured Ê The dialog box returns to the first edit dialog Ê Under Server the edit dialog shows the addre...

Page 116: ...rop it in the worksheet 7 Connecting the nodes Ø To connect the MQTT node with the Debug node hold down the left mouse button and draw a connecting line wire from the output port of the MQTT node to the input port of the Debug node ð 8 Deploy Ø Click Deploy to transmit the nodes that have so far existed in the editor only to the device and activate them ð The flow is activated in the Edge Gateway ...

Page 117: ...alse compatmode true keepalive 60 cleans ession true willTopic willQos 0 willPayload birthTop ic birthQos 0 birthPayload Testing the flow and displaying messages Ø Click the tab Debugin the sidebar Ø Use a device that is externally connected to the Edge Gateway to execute a publish with MQTT on topic Timestamp1 or Copy and use the example MQTT output node see section Example 3 MQTT output node pag...

Page 118: ...rting an Inject node Ø Drag an Inject node from the node library and drop it in the worksheet 2 Inserting an MQTT output node Ø Drag an MQTT output node from the node library and drop it in the worksheet Ê The red triangle the MQTT output node is displayed with indicates that the node still needs some more parameters which you have to configure in the following steps 3 Showing the sidebar Ø Show t...

Page 119: ... with step 6 Ê The dialog box Add new mqtt broker config node will be displayed Ø Enter the name localhost in the field Server of the tab Connection By means of localhost you address the MQTT broker integrated in the Edge Gateway Ø For this simple example you can adopt the preset parameters without having to enter any further parameters Ø Click Add Ê The MQTT broker is configured Ê The dialog box ...

Page 120: ...t have so far existed in the editor only to the device and activate them ð The flow is activated in the Edge Gateway The section MQTT output node page 102 describes the parameters of the MQTT output node The example for copying id c28f8355 ed0b7 type inject z 6b03759e b5eb4c name topic payload payloadType date repeat cronta b once false x 187 y 163 wires 9bc7b36a df3c3 id 9bc7b36a df3c3 type mqtt ...

Page 121: ...le MQTT input node see section Example 2 MQTT input node page 114 ð With each click on the button at the Inject node the topic Timestamp1 is sent to the MQTT broker If you use this example together with the example MQTT input node you can display the value of the topic Timestamp1 in the tab Debug Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hil...

Page 122: ...UA server is connected to the Edge Gateway 4 The IP address of the OPC UA server is known to you Step by step instructions 1 Inserting the OPC UA input node Ø Drag an OPC UA input node from the node library and drop it in the worksheet Ê The red triangle the OPC UA input node is displayed with indicates that the node still needs some more parameters which you have to configure in the following ste...

Page 123: ...list displays Add new opcua click Edit to add a new server Ø Enter the server address in the field Server in the form opc tcp IP address 4840 e g opc tcp 192 168 253 12 4840 Port 4840 is the OPC UA standard port Ø Click Add or Update Ê The dialog box returns to the first edit dialog Ê Under Server the edit dialog displays the IP address and the port Edge Gateway NIOT E TPI51 EN RE Connect DOC17050...

Page 124: ...g the IP address the device configuration etc If required repeat a Deploy Ê If the OPC UA node has a connection to the server node status connected will be displayed 6 Selecting the object Ø To open the edit dialog double click the OPC UA input node Ø Click the tab Browse Ê If the OPC UA node has no connection to the server the node can neither read nor display the address space of the server In t...

Page 125: ...ct the operating mode for the data transfer e g polling Ø Under Payload select the scope of payload E g select specific and check the boxes BrowseName and Value to transfer the name and the value with a time stamp Ø Under Repeat select how often and when the object is to be read e g interval and 10 seconds so that the object is read every 10 seconds Edge Gateway NIOT E TPI51 EN RE Connect DOC17050...

Page 126: ...ad_DIN1 Ê The configuration of the OPC UA input node is completed Ø Click Done Ê The configuration of the OPC UA input node is finished and the red triangle has disappeared The blue circle indicates that the modified node has not yet been transferred into the Edge Gateway Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 127: ...des that have so far existed in the editor only to the device and activate them ð The flow is activated in the Edge Gateway The section OPC UA input node page 104 describes the parameters of the OPC UA input node Testing the flow and displaying messages Ø Click the tab Debugin the sidebar ð If the OPC UA input node has a connection to the OPC UA server the Debug node displays every 10 seconds mess...

Page 128: ...e Edge Gateway 4 The IP address of the OPC UA server is known to you Step by step instructions 1 Inserting the first Inject node Ø Drag an Inject node from the node library and drop it in the worksheet 2 Configuring the Inject node Ø To open the edit dialog double click on the Inject node Ê The edit dialog for entering the parameters will be displayed Ø Select the entry number from the Payload lis...

Page 129: ...er 2 Ø In the field Topic enter the name of the topic e g Write2 Ø In the field Name enter the name of this node e g Write number 2 Ê All parameters are entered 5 Inserting the OPC UA output node Ø Drag an OPC UA output node from the node library and drop it in the worksheet Ê The red triangle the OPC UA output node is displayed with indicates that the node still needs some more parameters which y...

Page 130: ... Click the OPC UA output node to display its properties and a functional description in the tab Info 7 Editing the OPC UA output node Ø To open the edit dialog double click on the OPC UA output node Ê The edit dialog for entering the parameters will be displayed Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 131: ...ransfer the node At first click Done and then Deploy to transmit the nodes that have so far existed in the editor only to the device and activate them Ê The Edge Gateway executes the OPC UA node The OPC UA node tries to establish a connection to the server Ê If the OPC UA node has no connection to the server node status disconnected will be displayed Objects cannot be read Only after establishing ...

Page 132: ...he OPC UA output node E g check the Ethernet wiring the IP address the device configuration etc If required repeat a Deploy Ø If the OPC UA node has a connection to the server the node reads and displays the address space of the server Ø To select the object to be read e g DOUT1 from the address space open the elements in the tree structure Ø Click Home Ø In the field Topic enter the name of the t...

Page 133: ...ransferred into the Edge Gateway 11 Connecting the nodes Ø To connect the first Inject node with the OPC UA output node hold down the left mouse button and draw a connecting line wire from the output port of the Inject node to the input port of the OPC UA node Ø Connect the second Inject node with the OPC UA output node Ê The nodes are connected Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM0...

Page 134: ...rameters of the OPC UA output node Testing the flow For testing the flow you need a connection to the OPC UA server Ø Click the button to the left of Inject node 1 Ê Value 1 will be written to object DOUT1 in the OPC UA server Ø Click the button to the left of Inject node 2 Ê Value 2 will be written to object DOUT1 in the OPC UA server Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revisi...

Page 135: ... Using the web browser to establish a connection with the Edge Gateway page 18 2 The Node RED workspace is open Step by step instructions 1 Inserting the fieldbus input node Ø Drag a fieldbus input node from the node library and drop it in the worksheet Ê The red triangle the fieldbus node is displayed with indicates that the node still needs some more parameters which you have to configure in the...

Page 136: ...ll be displayed 4 Adding the fieldbus input node Ø If you use a fieldbus node for the first time the fieldbus interface list displays Add new fieldbus interface click Edit to add a new fieldbus interface Ê The fieldbus configuration node will be displayed Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 137: ...plays the entry PROFINET IO Device click Open Fieldbus Configurator Ê A new tab with the PROFINET configuration interface will be displayed 7 Configuring PROFINET Ø Click IO and Signal configuration in the configuration tree left Ê The page IO Configuration with the list of Available IO items will be displayed Ø At first double click the entry 16 send byte inputs in the list of Available IO items ...

Page 138: ...played for each module 9 Defining signals for module 1 Ø Select 001 16 send byte inputs in the configuration tree Ê The signal configuration page with information on module 001 will be displayed Ø Mark the available signal in the signal list Ø Click Delete selected items Ø Click Add new signals Ê The Add new signals dialog box will be displayed Ø Select the data type Signed16 Ø Select the quantity...

Page 139: ...n the Edge Gateway click Project Save in the main menu of the PROFINET configuration Ê A message confirms that the configuration has been saved successfully Ø Click Ok Ê The PROFINET configuration and signal definition are saved in the Edge Gateway but they are not activated yet 12 Returning to Node RED Ø Return to the tab Node RED in your browser Ø To adopt a new changed PROFINET configuration cl...

Page 140: ...Ø Drag a Debug input node from the node library and drop it in the worksheet 17 Connecting the nodes Ø To connect the fieldbus node with the Debug node hold down the left mouse button and draw a connecting line wire from the output port of the fieldbus node to the input port of the Debug node 18 Deploy Ø Click Deploy to transmit the nodes that have so far existed in the editor only to the device a...

Page 141: ...ion 3 9 build 0 revision 6 expectedFirmwarePath selectedChannelNumber 2 selectedD eviceNumber 1291105 selectedSerialNumber 20726 Testing the flow and displaying messages For testing the flow you need a connection to a configured PROFINET IO Controller which cyclicly exchanges I O data with the Edge Gateway At the PROFINET IO Controller you have to set output data so that the fieldbus input node ca...

Page 142: ...s a value for Error that is unequal to 0 i e the PROFINET communication does not work Figure 94 Message of the fieldbus input node with error Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 143: ...e uses the fieldbus output node together with two Inject nodes to send data to the fieldbus Prerequisite 1 A connection to the Edge Gateway is established see section Using the web browser to establish a connection with the Edge Gateway page 18 2 The Node RED workspace is open Step by step instructions 1 Inserting the first Inject node Ø Drag an Inject node from the node library and drop it in the...

Page 144: ...ntry number and enter number 1 Ø Enter in the field Topic the name of the topic e g Send1 Ø Enter in the field Name the name for this node e g Send number 1 Ê All parameters are entered 3 Inserting the second Inject node Ø Drag another Inject node from the node library and drop it in the worksheet Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hi...

Page 145: ...g Send2 Ø Enter in the field Name the name for this node e g Send number 2 Ê All parameters are entered 5 Inserting the fieldbus output node Ø Drag a fieldbus output node from the node library and drop it in the worksheet Ê The red triangle the fieldbus node is displayed with indicates that the node still needs some more parameters which you have to configure in the following steps Edge Gateway NI...

Page 146: ... the fieldbus node Ê The edit dialog for entering the parameters will be displayed 8 Adding a fieldbus interface Ø If you use an fieldbus node for the first time the fieldbus interface list displays Add new fieldbus interface click Edit to add a new fieldbus interface 9 Selecting the fieldbus interface Ø Check whether Currently loaded firmware displays the entry PROFINET IO Device Version Ø If it ...

Page 147: ...uble click the entry 16 send byte inputs Ø Then double click the entry 16 receive byte outputs Ê The list of IO items displays 2 PROFINET modules 12 Defining signal names for modules Ø In the column Tag of the list IO items click send_001 index 001 named 16 send byte inputs Ø Overwrite the available Tagname with the following new Tagname toController Ø In the column Tag of the list IO items click ...

Page 148: ...ion page with information on module 002 will be displayed Ø Mark the available signal in the signal list Ø Click Delete selected items Ø Click Add new signals Ê The Add new signals dialog box will be displayed Ø Select the data type Signed16 Ø Select the quantity 8 Ø Under tag name base enter Set_temperature Ø Click Ok Ê Column Tag displays Set_temperature_1 to Set_temperature_8 If required you ca...

Page 149: ...e the edit dialog with Done and double click to reopen the fieldbus node 19 Finishing the fieldbus input node Ø Click Done ð The configuration of the fieldbus input node is completed but not yet activated in the Edge Gateway 20 Connecting the nodes Ø To connect the first Inject node with the fieldbus output node hold down the left mouse button and draw a connecting line wire from the output port o...

Page 150: ...tedConfigPath currentFir mwareName PROFINET IO Device Version 3 9 build 0 revision 6 currentInterfaceName cifX0 PROFINET IO Device expectedInterfaceName cifX0 PROFINET IO Device expectedFirmwareName PROFINET IO Device Version 3 9 build 0 revision 6 expectedFirmwarePath selectedChannelNumber 2 selectedD eviceNumber 1291105 selectedSerialNumber 20726 Testing the flow and displaying messages For test...

Page 151: ...ives output data from the master Fieldbus master e g PROFINET IO controller fieldbus input node Standard procedure 1 Inserting the fieldbus input node 2 Configuring the fieldbus system e g PROFINET 3 Defining the signals 4 Configuring the fieldbus input node The fieldbus output node fieldbus out sends input data to the master Fieldbus output node fieldbus master e g PROFINET IO controller Standard...

Page 152: ...ration steps Open fieldbus node Open PROFINET configuration Configure modules Fieldbus node configured Project Save Define signals Reconfigure Update Deploy Table 47 Configuration steps Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 153: ...ting and opening the fieldbus node Ø Drag a fieldbus node from the node library and drop it in the workspace Ø Double click the fieldbus node ð The edit dialog Edit fieldbus in node will be displayed Figure 96 Edit dialog Edit fieldbus in node Ø Click on Edit Ê The edit dialog Add new fieldbus interface config node will be displayed 2 Opening the PROFINET configuration Ø Click the square to the ri...

Page 154: ...been defined yet Figure 97 Dialog box Add new fieldbus interface config node Ê If one or several fieldbus interfaces have already been defined the interface s will be offered for selection in the list Figure 98 Dialog box Add new fieldbus interface config node Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 155: ...master If this option is cleared the output data hold their last state during deploy In this case the master has no information that the Edge Gateway does not process the received data anymore Ø Click Open fieldbus configurator ð The user interface for the fieldbus configuration of the Edge Gateway will be opened in a new browser window the example shows the PROFINET configuration Figure 99 PROFIN...

Page 156: ... and outputs to be configured double click the appropriate entry in the upper table Available IO items e g 4 byte input and 8 byte output Note Use the scroll bar to display further entries Figure 100 Available IO items Example in figure PROFINET Ê After each double click the corresponding entry for defining an input or output signal will be displayed immediately in a new line of the lower table IO...

Page 157: ...le data length is used up with the button Ø In the table columns Tag and Description you can enter a short name and a description for each defined signal Note For more information on the signal definition see section Defining signals procedure page 178 5 Saving the signal configuration Ø Save your signal configuration via the menu function Project Save Ø The configuration is prepared Ø Return to t...

Page 158: ... and signal definitions Ø Click the button Add in the dialog Add new fieldbus interface config node Ê This operation causes the transmission of the fieldbus configuration to the device and the update of the signal definitions to the fieldbus node 7 Deploy Ø Perform a Deploy in the Node RED For this purpose select one of the three options of the selection list Deploy in the Node RED window top righ...

Page 159: ...n the example shown but PROFINET IO Device is actually loaded Figure 103 Error message Firmware mismatch In that case check whether the desired firmware is really set under Fieldbus interface If this is not the case select the desired firmware in the list Fieldbus interface and click Reconfigure interface Figure 104 Reconfigure interface Note For a detailed description of what happens when you cli...

Page 160: ...rkspace contains a fieldbus node The node represents the previous fieldbus configuration of the Edge Gateway 1 Opening the fieldbus node for changing Ø In the workspace double click on the fieldbus node to be changed It is assumed that the node shown in the examples is preconfigured for PROFINET Figure 105 Fieldbus node Ê The edit dialog Edit fieldbus in node will be displayed Figure 106 Dialog Ed...

Page 161: ...nfigured In addition to that there is an entry Add new fieldbus interface for adding a new fieldbus interface Figure 107 Dialog Edit fieldbus in node Ø Select the interface to be changed in the example this is cifX0 PROFINET Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 162: ... signals on deploy if during deploy the fieldbus node should set the output data received by the master to 0 In this case the Edge Gateway can signal no valid data to the master If this option is cleared the output data hold their last state during deploy In this case the master has no information that the Edge Gateway does not process the received data anymore Ø Click Open fieldbus configurator F...

Page 163: ...odules Ø Make your changes in the fieldbus configuration The possibilities you have for this purpose are described in the chapters Configuration tree page 171 and Menu commands page 168 4 Defining signals Ø If required adapt the signal definitions as you desire 5 Saving the signal configuration Ø Once you have made all desired changes save your fieldbus configuration as described in section Projec...

Page 164: ...of the output signals of the fieldbus node during the deploy process Select Clear output signals on deploy if during deploy the fieldbus node should set the output data received by the master to 0 In this case the Edge Gateway can signal no valid data to the master If this option is cleared the output data hold their last state during deploy In this case the master has no information that the Edge...

Page 165: ...dge Gateway and the new configuration will be applied in the Edge Gateway If the GUI in step 4 could not successfully be started a message similar to the following appears Figure 112 Error message Firmware mismatch That means that the expected firmware and the actually determined firmware do not match Check your settings in such a case Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revisi...

Page 166: ...tuation If the same firmware is selected under Currently loaded firmware and Fieldbus interface the following message box appears Figure 113 Message box firmware already on board Ê That means that the firmware has not been exchanged The currently loaded firmware as well as its version number build number and revision number are displayed in the message box If the firmware loaded under Currently lo...

Page 167: ... OK ð Clicking OK triggers the following actions 1 The previous firmware will be deleted 2 The bootloader will be loaded into the Edge Gateway 3 The bootloader will be executed to load the selected firmware into the Edge Gateway 4 The new firmware loaded will be started Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 168: ...er interface 12 2 Menu commands The menu bar of the PROFINET configuration of the netIOT Edge Gateway allows you to save the configuration in the Edge Gateway see Project Save page 169 download the GSDML file from the Edge Gateway see GSDML Download page 169 print the configuration see Printing the configuration page 169 call the help page see Help Contents page 170 and display the software versio...

Page 169: ...T controller To download the GSDML file proceed as follows Ø Click Download GSDML ð A dialog to save the GSDML file is displayed Ø Select a folder and click Save Ø Use the saved GSDML file to configure the PROFINET Controller 12 2 3 Printing the configuration To print configuration and signal definition proceed as follows Ø Click Print Print configuration ð The print dialog box will be displayed Ø...

Page 170: ... ð The integrated documentation is displayed 12 2 5 Help Information To display the version of the PROFINET configuration software of the netIOT Edge Gateway proceed as follows Ø Click Help Info ð The version will be displayed Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 171: ...ignal names GSDML file download Download and displaying the GSDML file Download of the GSDML file page 182 Help Contents Displaying help Help page 182 Info Displaying current software version Table 49 PROFINET configuration tree 12 3 1 PROFINET configuration This page only contains a note on the setting of the PROFINET device name Figure 116 Note Name of station Note In the factory setting of the ...

Page 172: ...the lower table are the basis for the signal definition Figure 117 List of the possible input and output modules Figure 118 List of the configured input and output modules The table IO items shows you the configured PROFINET input or output modules Column name Description Index Shows the module index Name Shows the name of the module Tag Editable short name required for the signal name The signal ...

Page 173: ...plicates the marked IO item module Note This changes the PROFINET configuration of the Edge Gateway and has to be taken into account when configuring the PROFINET controller Deletes the marked IO item module Note This changes the PROFINET configuration of the Edge Gateway and has to be taken into account when configuring the PROFINET controller This selection allows you to filter the IO items Send...

Page 174: ...ule name Tag Shows the short name required for the signal name Length in bytes Shows the module length in bytes Length in bits Shows the module length in bits Byte offset Shows the start address of the module offset in bytes in the input and output data memory The offset will be calculated automatically Table 52 Contents of table IO item In the table Signals you can configure the signals for an IO...

Page 175: ...s 0 9 and underscore Do not enter two ore more underscores in succession The following table lists the controls of the table Signals Controls Description Moves the marked signal upward by one line Moves the marked signal downward by one line Adds a new signal A dialog box for selecting the data type is displayed You can set the data type of the signal in this dialog box only Deletes the marked sig...

Page 176: ... of the signal names Signal names address the fieldbus data General structure of the signal names Signal names have the following structure input module_tag signal_tag output module_tag signal_tag For a bit list the signal names have the following structure input module_tag bitlist_signal_tag output module_tag bitlist_signal_tag Parts of the signal name 1 The prefix input or output is produced aut...

Page 177: ...or the signal name to address the data 3 Entering the description of the IO item optional Ø In the column Description you can enter a text e g temperature sensor which helps you describe the use of the data Ê This description is used only if you print the signal list 4 Configuring PROFINET Ø Repeat steps 1 3 until all required IO items modules are inserted into the IO Item list ð The PROFINET conf...

Page 178: ...fine a new signal for this purpose Example 1 The IO item contains 16 bytes If you want to access each single byte define 16 signals of data type byte each Example 2 The IO item contains 2 bytes that correspond to 16 digital input or outputs If you want to access each single bit define 16 signals of data type bit each Defining your own new signals 1 Selecting the IO item module Ø Select the IO item...

Page 179: ...r all signal names enter a text in the input field Tag name base The extension _1 _2 etc will be added automatically if you have entered a value greater than 1 under Quantity Ø Click OK ð The new signal s is are defined and will be displayed in the table Signals 5 Modifying signals subsequently Ø If required you can subsequently modify the signal names in the column Tag of the table Signals Ø If r...

Page 180: ...ate in the fieldbus node so that the fieldbus node reads the signal definition again Ø To activate the configuration click Reconfigure in the fieldbus node as soon as you have finished or changed the configuration The name in the column Tag is a part of the signal name and is described as Signal_tag or Bitlist_signal_tag in section Structure of the signal names page 176 Edge Gateway NIOT E TPI51 E...

Page 181: ...gnal 1 to 3 digits Name Shows the name of the module or signal Tag Short name required for the signal name The signal name addresses the data Data type Sows the data type of the module or signal Length in bits Shows the length of the module or signal in bits Byte offset Shows the start address offset in bytes for a module in the input or output data memory The offset will be calculated automatical...

Page 182: ...e GSDML file is represented in different colors Violet Names of elements Black Texts Black and bold Names of attributes Red Values of attributes Download of the GSDML file Ø click on the ZIP file The ZIP file contains the device description file GSDML V2 31 HILSCHER NIOT E TPI51 EN RE xxxxxxxx xml Ê Your PC displays a dialog for saving the GSDML file Ø Select a folder and click Save Ø Use the save...

Page 183: ...ation user interface 13 2 Menu commands The menu bar of the EtherNet IP configuration of the netIOT Edge Gateway allows you to save the configuration in the Edge Gateway see Project Save page 184 print the configuration see Printing the configuration page 185 download the EDS file from the Edge Gateway see EDS Download page 184 call the help page see Help Contents page 185 and display the software...

Page 184: ... and is required for configuring the Ethernet IP Scanner Download the EDS file from the Edge Gateway in order to use it in the configuration tool of the Ethernet IP Scanner To download the EDS file proceed as follows Ø Click Download EDS A dialog for saving the EDS file will be displayed Ø Select a folder and then click Save Ø Use the saved EDS file to configure the EtherNet IP Scanner Edge Gatewa...

Page 185: ... current configuration and signal definition will be printed 13 2 4 Help Contents The Edge Gateway contains integrated documentation Ø Click Help Contents ð The integrated documentation is displayed 13 2 5 Help Information To display the version of the EtherNet IP configuration software of the netIOT Edge Gateway proceed as follows Ø Click Help Info ð The version will be displayed Edge Gateway NIO...

Page 186: ...efined receive signal names EDS file download Download of EDS file and contents of EDS file Download of the EDS file page 197 Help Contents Displaying online help Help page 197 Info Displaying current software version Table 58 EtherNet IP configuration tree 13 3 1 EtherNet IP configuration Figure 124 IP Settings This page allows to define the method used for assigning an IP address to the Edge Gat...

Page 187: ...re the send and receive assemblies for EtherNet IP within the Edge Gateway The Edge Gateway works as an EtherNet IP Adapter In the context of EtherNet IP an IO Item corresponds to an EtherNet IP send or receive assembly The upper table Available IO items displays the list of the possible selectable send and receive assemblies The Send Assembly IO item Send Instance ID usually 100 acts as a produce...

Page 188: ...l name addresses the data Description Editable description of the assembly Data length Contains the length of the assembly in bytes Byte offset Shows the start address of the assembly offset in bytes in the input and output data memory The offset is calculated automatically Table 60 Contents of the table IO items The column Tag is editable for each assembly The Tag is an essential part of the sign...

Page 189: ...er function again delete any text entered in the filter input field and press the Enter key Table 61 Controls of the table IO Items 13 3 2 1 Signal definition page On this page you can define the signals for the input and output assemblies of the EtherNet IP for the Edge Gateway Signal names are required for the fieldbus node to address EtherNet IP data The table IO item provides information on th...

Page 190: ...ription Editable description of the assembly Data type Data type of the signal You can set the data type only when you add a new signal Length in bits Shows the assembly length in bits Bit offset Shows the configured start address for a signal within the assembly offset in bytes Table 63 Contents of the table IO items The column Tag is editable for each signal The Tag is an essential part of the s...

Page 191: ...text you have entered in the filter input field and press the Enter key Table 64 Controls of the table Signals 13 3 2 2 Data types for signal names The following table lists the data types for signal names Name of data type Description Length in bits Allowed value range bit list List of single bits The number of bits in the list must be a multiple of 8 1 0 false 1 true octetString String of octets...

Page 192: ...nd the signal_tag or the assembly_tag and the bitlist_signal_tag 5 You can enter the name for signal_tag or bitlist_signal_tag as described in section Defining signals procedure page 193 13 3 2 4 Configuring I O The upper table Available IO items displays the list of the possible selectable send and receive assemblies The lower table IO items displays the EtherNet IP configuration and is empty at ...

Page 193: ...P configuration In the next step define the signal names as described in section Defining signals procedure page 193 13 3 2 5 Defining signals procedure Each IO item assembly contains one or more bytes for input or output data To enable the fieldbus node to access the input or output data you have to select a signal at the fieldbus node You can use the predefined signal name or define your own sig...

Page 194: ...Select the quantity The possible values you can select depend on the selected data type and the number of input or output bytes to which no signal name has been assigned yet Ø To have an identical beginning for all signal names enter a text in the input field Tag name base The extension _1 _2 etc will be added automatically if you have entered a value greater than 1 under Quantity Ø Click OK ð The...

Page 195: ...pdate in the fieldbus node so that the fieldbus node reads the signal definition again Ø To activate the configuration click Reconfigure in the fieldbus node as soon as you have finished or changed the configuration The name in the column Tag is a part of the signal name and is described as Signal_tag or Bitlist_signal_tag in section Structure of the signal names page 192 Edge Gateway NIOT E TPI51...

Page 196: ...x Shows the index of the assembly 3 digit or signal 1 to 3 digits Name Shows the name of the assembly or signal Tag Short name required for the signal name The signal name addresses the data Data type Shows the data type of the assembly or signal Length in bits Shows the length of the assembly or signal in bits Byte offset Shows the start address offset in bytes for an assembly in the input or out...

Page 197: ...DS file Ø Click the file with the extension ZIP The ZIP file contains the device description file HILSCHER NIOT E TPI51 EN RE EIS V1 1 EDS Ê A dialog for saving the ZIP file is displayed Ø Select Save and then click on OK Ø Select a folder and click Save Ø Extract the ZIP file to get the EDS file Ø Use this EDS file to configure the EtherNet IP Scanner 13 3 5 Help Contents Opens a page offering ac...

Page 198: ...rect access to the OT network which would counteract the security concept of the Edge Gateway is not possible allows access to processes having been prepared in an automated way e g the scan of the field devices of the OT network automation network or the identification of the topology is used for acquiring the status of the OT network and the field devices connected with this network and to provi...

Page 199: ...ver structure Note For more information on the protocol HTTPS see https en wikipedia org wiki HTTPS on REST APIs see https en wikipedia org wiki Representational_State_Transfer Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 200: ...ork_Management_Protocol Concerning ARP see https de wikipedia org wiki Address_Resolution_Protocol 14 1 3 Access rights to the REST API Access to the REST API is governed by rights as follows 1 In order to request data from the Edge Server using the REST API HTTP method GET read access rights are required 2 In order to make changes within the Edge Server using the REST API HTTP methods PUT and POS...

Page 201: ... POST device processData List of process data GET device processData list FILE file handling File upload firmware configuration device description files general data PUT file GATEWAY information on the gateway Information on installed packages and internal modules GET gateway package info Access to product data GET gateway info PROGRESS information on progress Request of progress information on ru...

Page 202: ...Server for the Edge Gateways Figure 132 Edge Server environment The following figure shows the internal structure of the Edge Server for the Edge Gateways Figure 133 Internal structure of the Edge Server Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 203: ... within the Edge Gateway Manager see Edge Gateway Manager page 20 Figure 134 netIOT Edge Server icon within the Edge Gateway Manager 14 2 2 Functions The Edge Server Control Center provides the following functions Information on the Edge Server Configuration of the Edge Server List of services Scan protocols of field devices Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 Englis...

Page 204: ...l Center The left part of the window lists all services with their name and a symbol indicating the current state of operation of the service Symbol Meaning Running Service is running Info For this service an informative message has been stored see below Warning For this service a warning message has been stored Error For this service an error message has been stored Table 68 Symbols for the state...

Page 205: ...he right part of the window additionally shows the following data concerning the selected service Name of service component Operating status displayed as text Last information Version Description Information on the author Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 206: ...ee Selecting the protocols to scan for field devices page 209 14 3 1 The configuration of IP address area To configure the IP address range used proceed as follows Ø Open the menu System in the Edge Server Control Center and select menu entry Configuration Ê The configuration screen page displays the settings for the server configuration Figure 136 Server configuration Edge Gateway NIOT E TPI51 EN...

Page 207: ...w the scanning of the connected devices Ø Under Start address enter the start address of the IP address range e g 192 168 0 1 Ø Under End address enter the end address of the IP address range e g 192 168 0 8 Note For configuring the Edge Gateway we strongly recommend you to set cifX0 to the IP address 192 168 0 8 For the correct configuration of the IP address range the entered IP addresses must f...

Page 208: ...dge Server click ð Now the screen page for the scan settings should look like that Figure 138 Correct configuration of the scan settings Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 209: ...can set the scan protocols to be active or inactive individually for each address of the configured IP address range For the basic registration of the field devices you should activate the scan protocols SNMP and ARP Note Check the boxes IO Link or PROFINET for IP addresses in the configured IP address range only if the corresponding IO Link master devices or PROFINET devices are connected and con...

Page 210: ...ntainer Docker Docker offers a platform for the isolated execution of applications within protected environments and moreover a standard for the distribution of software This platform allows Edge Gateway users to run their own applications within the protected Linux operating system without being able to weaken or evade its safety mechanisms For realizing containers Docker internally uses techniqu...

Page 211: ... e g x86 x64 or ARM If a container is generated from an image make sure that the image is suitable for the hardware platform used For distributing images via the Internet the Docker organization provides a so called repository under https hub docker com Images stored there are freely accessible Users can also manage their own repositories Note For more information on images see the Docker document...

Page 212: ...t Access to resources of the host system as e g host files and ports occurs only if explicitly configured A container consists of a Docker image a runtime environment and a standard command architecture The runtime environment contains e g current information on configuration and status For storing this information Docker generates a virtual drive in the container a so called volume Docker can sta...

Page 213: ...working with the containers To start the portainer io interface proceed as follows Ø Open the Edge Gateway Manager if it is not already open For this purpose see Calling the Edge Gateway Manager page 20 Ø Click the tile Docker Management in the Edge Gateway Manager Figure 140 Tile Docker in the Edge Gateway Manager Ê The portainer io login screen will be displayed In the field Username admin is al...

Page 214: ...he page Dashboard ð The page Container list will be displayed This list contains the names and statuses of all currently known containers and provides the functions for controlling the code execution Figure 142 Container list portainer io Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 215: ... io is open see The portainer io interface page 213 Steps Ø On the page Container list click Ê The page Create container will be displayed Ø In the field Name enter the name of your container e g MyFirstContainer Ø In the field Image of the zone Image configuration enter the name of the image to be executed in the container nginx Ê The system will automatically search for the image in the official...

Page 216: ...host Enter the port e g 8080 where the NGINX can be accessed via the web browser Ø Field container Enter the port e g 80 that NGINX uses within the container Figure 143 NGINX example screen page Create container Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 English 2018 08 Released Public Hilscher 2017 2018 ...

Page 217: ...er will first load the image from the registry duration 2 3 minutes deposit it in the Edge Gateway and transform it into a container thereafter This container will then appear in the container list and its status changes to running To check the correct installation of NGINX proceed as follows Ø Enter the following address in the adress line of your web browser http IP address of your device 8080 ð...

Page 218: ...y creation distribution and checking The Edge Gateway stores and prüft digital certificates and can be integrated into a Public Key Infrastructure 16 1 Asymmetric encryption Asymmetric encryption uses a pair of keys consisting of a public key and a private key The private key is used to create signatures and decrypt messages Der public key is used to verify signatures and encrypt messages A server...

Page 219: ...trustworthy certificates stored in its local directory of trustworthy certificates Only if the authenticity check is ok the client uses the received public key 4 The client encrypts the message using the public key and sends the encrypted message to the server 5 The server decrpyt the message using his private key 6 Client and server continue its encrypted communication using one new created prote...

Page 220: ...s a certificate has the following constituents Version Serial number Algorithm ID Time period of validity specifications of begin and end Specifications concerning the issuer of the certificate see below Specifications concerning the owner of the certificate see below Key information concerning the certificate owner Optional Unique ID of the issuer of the certificate Optional Unique ID of the owne...

Page 221: ... or companies Consequently the authenticity check of a certificate is practically done in that way that the complete hierarchy of trust is tracked up to the root certificate whose issuer is determined and a list of well known trustworthy root certificates is searched whether it contains the root certificate at the end of the hierarchy of trust Such lists are maintained by all browser manufacturers...

Page 222: ...he PEM format by following these steps Ø Surround the Base64 coded genuine certificate data with BEGIN CERTIFICATE at the beginning and END CERTIFICATE at the end Ø Surround the Base64 coded genuine key data with BEGIN RSA PRIVATE KEY at the beginning and END RSA PRIVATE KEY at the end Ø DChange the file extension CER or CRT to PEM 16 3 Use cases There are three use cases for working with root cli...

Page 223: ...tion Authorities You can add more trustworthy certificates or delete them The preinstalled certificates are from the Mozilla CA Store https www mozilla org en US about governance policies security group certs e g List of included root certificates Figure 145 Use case 1 Verification of the authenticity of the communication partner Server A trustworthy certificate can require another trustworthy cer...

Page 224: ...of the Edge Gateway uses a separate pair consisting of private key and certificate This certificate contains the public key a signature and furthermore information From the point of view of the Edge Gateway server certificates apply to inbound HTTPS and OPC UA connections Figure 146 Use case 2 Server certificates for Edge Gateway services The file name for the private key is key pem The file name ...

Page 225: ...private key are stored in two separated files and uploaded individually into the Edge Gateway You as the user are solely responsible that the file with the certificate and the file with the private key fit together which you have uploaded into the Edge gateway for logical connection between certificate and private key i e that the public key contained in thespecified certificate fits to the specif...

Page 226: ...teway You as the user are solely responsible that the file with the certificate and the file with the private key fit together which you have uploaded into the Edge gateway for logical connection between certificate and private key i e that the public key contained in thespecified certificate fits to the specified private key Node RED You can upload several pairs of files one pair for one server i...

Page 227: ...ge 236 4 Newly creating a certificate for client authorization for a specific server on the Edge Gateway page 237 5 Copying the path to a certificate for client authorization for a specific server on the Edge Gateway page 237 With the related key files you can do the following actions 1 Uploading a key file for client authorization for a specific server into the Edge Gateway page 238 2 Downloading...

Page 228: ...nce policies security group certs Ø Select the desired entry within window Certificates ð The window Certificate Viewer now shows the data of the selected certificate Structure according to X 509 16 4 2 Upload a trustworthy certificate into the Edge Gateway To upload a trustworthy certificate from a file to the Root Certificate Store of the Edge Gateways proceed as follows Ø Select option Root cer...

Page 229: ...ustworthy To remove a certificate no longer considered as trustworthy from the Linux Trust Store of the Edge Gateway proceed as follows Ø Select option Selection list Root Service Certificates in selection list Selection list Root Service Certificates Ê In window Certificates the Root Certificate Store is displayed in the shape of a list containing certificates originating from the Mozilla CA Cert...

Page 230: ... have uploaded into the Edge gateway for logical connection between certificate and private key i e that the public key contained in thespecified certificate fits to the specified private key 16 5 1 Working with certificates for HTTP and OPC UA Server 16 5 1 1 Uploading the server certificate from a file into the Edge Gateway Note If at one point in time you intend to upload both a server certific...

Page 231: ... communication with the HTTP server Node RED the Edge Server or the REST API fromthe Edge Gateway into a file proceed as follows Ø Select option Service certificates in selection list Selection list Root Service Certificates Ê In window Certificates a tree structure is displayed instead of the former display of the contents of the Linux trust store If the server certificate applies to the communic...

Page 232: ...elow opcua Ê The window Certificate Viewer now displays the data associated to cert pem Ø Click at button Delete in the header of window Certificates Ê A confirmation prompt Are you sure you want to delete the selected file Cert pem is displayed Ø If you are really sure to need the current certificate file not any longer click at Yes ð The selected certificate file is being removed from the Edge G...

Page 233: ...P server Node RED the Edge Server or the REST API Ø Within window Certificates select the entry key pem below nginx Alternatively If the server certificate applies to the communication with the OPC UA Server or mosquitto Ø Within window Certificates select the entry key pem below opcua Ê The window Certificate Viewer is empty Ø Click at button Uploadin the header of window Certificates Ê A file se...

Page 234: ...ates select the entry key pem below opcua Ê The window Certificate Viewer is empty now Ø Click at button Delete in the header of window Certificates Ê A confirmation prompt Are you sure you want to delete the selected file Key pem is displayed Ø If you are really sure to need the current key file not any longer click at Yes ð The selected key file is being removed from the Edge Gateways Root Certi...

Page 235: ...s and uploaded individually into the Edge Gateway You as the user are solely responsible that the file with the certificate and the file with the private key fit together which you have uploaded into the Edge gateway for logical connection between certificate and private key i e that the public key contained in thespecified certificate fits to the specified private key 16 6 1 Working with certific...

Page 236: ... Viewer now shows the data of node opcuaclient_cert pem Ø Click at button Download in the header of window Certificates ð The Download Manager of your Web browser downloads the file from the Edge Gateway and offers you options for further processing of the downloaded file such as Open Open directory 16 6 1 3 Removing a certificate for client authorization for a specific server on the Edge Gateway ...

Page 237: ... for client authorization for a specific server from the Edge Gateway into a file proceed as follows Ø Select option Service certificates in selection list Selection list Root Service Certificates Ø Within window Certificates instead of the list of preinstalled certificates a tree structure is displayed Ø In window Certificates select the entry node opcuaclient_cert pem below node red Ê The window...

Page 238: ...ection list Root Service Certificates Ê In window Certificates a tree structure is displayed Ø In window Certificates select the entry node opcuaclient_key pem below node red Ê The window Certificate Viewernow shows the data of node opcuaclient_key pem Ø Click at button Upload in the header of window Certificates Ê A file selection dialog appears Ø Within that dialog select the key file to be uplo...

Page 239: ...le for client authorization for a specific server from the Edge Gateway proceed as follows Ø Select option Service certificates in selection list Selection list Root Service Certificates Ê Within window Certificates instead of the list of preinstalled certificates from the Linux trust store a tree structure is displayed Ø In window Certificates select the entry node opcuaclient_key pem below node ...

Page 240: ...ection list Selection list Root Service Certificates Ø Within window Certificates instead of the list of preinstalled certificates a tree structure is displayed Ø In window Certificates select the entry node opcuaclient_key pem below node red Ê The window Certificate Viewer now shows the data of node opcuaclient_key pem Ø Click at buttonCopy path in the header of window Certificate Viewer ð The pa...

Page 241: ...Voltage 24 V DC 6 V DC Current at 24 V DC Without USB 170 mA typical With USB max 400 mA Power of the used power supply unit Min 4 2 W no USB 9 W USB with 1 A Connector 3 pin terminal block 3 5 mm IT interface Interface type 1 x 10 100 Mbit Mircochip LAN9514 LAN connector 1 x RJ45 socket OT interface Interface type 10BASE T 100BASE TX potential free Hilscher netX 51 Connector 2 x RJ45 socket OT ne...

Page 242: ...directives CE sign Yes Emission EN 55011 2009 Immunity IEC 61000 6 2 3 EN 61131 2 Electrostatic discharge ESD air and contact discharge method EN 61000 4 2 Fast transient interferences Burst EN 61000 4 4 Surge voltage EN 61000 4 5 Tests Shock IEC 60068 2 27 Ea Vibration IEC 60068 2 6 Fc Table 72 Technical data NIOT E TPI51 EN RE Edge Gateway NIOT E TPI51 EN RE Connect DOC170502UM04EN Revision 4 En...

Page 243: ... Data transport layer Ethernet II IEEE 802 3 PROFINET IO specification V2 2 legacy startup and V2 3 but advanced startup only for RT are supported Limitations RT over UDP not supported Multicast communication not supported DHCP is not supported FastStartUp is not supported The amount of configured IO data influences the minimum cycle time that can be reached Only 1 Input CR and 1 Output CR are sup...

Page 244: ...Link Objekt TCP IP Objekt Topology Tree Line Ring DLR Device Level Ring Beacon based Ring Node ACD Address Conflict Detection Supported DHCP Supported BOOTP Supported Baud rate 10 and 100 MBit s Data transport layer Ethernet II IEEE 802 3 Switch function Supported integrated Quick Connect not supported The Edge Gateway is designed for cyclic data exchange Acyclic communication for user data transf...

Page 245: ...llation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one or more of the following measures Reorient or relocate the receiving antenna Increase the separation between the equipment and receiver Connect the equipment into an outlet on a circui...

Page 246: ...eration of the device L émetteur récepteur exempt de licence contenu dans le présent appareil est conforme aux CNR d Innovation Sciences et Développement économique Canada applicables aux appareils radio exempts de licence L exploitation est autorisée aux deux conditions suivantes 1 L appareil ne doit pas produire de brouillage 2 L appareil doit accepter tout brouillage radioélectrique subi même s...

Page 247: ...ut a screw driver into the slot of the latch at the bottom of the device Ø To disengage the lock of the hook pull down the latch with the screw driver Ø Take the device off the top hat rail 19 3 Disposal of waste electronic equipment Important notes from the European Directive 2012 16 EU Waste Electrical and Electronic Equipment WEEE Waste electronic equipment Art und Quelle der Gefahr This produc...

Page 248: ...be ruled out Therefore we cannot assume any guarantee or legal responsibility for erroneous information or liability of any kind You are hereby made aware that descriptions found in the user s manual the accompanying texts and the documentation neither represent a guarantee nor any indication on proper use as stipulated in the agreement or a promised attribute It cannot be ruled out that the user ...

Page 249: ...the hardware and or software in connection with Flight control systems in aviation and aerospace Nuclear fusion processes in nuclear power plants Medical devices used for life support and Vehicle control systems used in passenger transport shall be excluded Use of the hardware and or software in any of the following areas is strictly prohibited For military purposes or in weaponry For designing en...

Page 250: ...tions or is due to violations against our operating regulations or against rules of good electrical engineering practice or if our request to return the defective object is not promptly complied with Costs of support maintenance customization and product care Please be advised that any subsequent improvement shall only be free of charge if a defect is found Any form of technical support maintenanc...

Page 251: ...information to his own advantage or for his own purposes or rather to the advantage or for the purpose of a third party nor must it be used for commercial purposes and this confidential information must only be used to the extent provided for in this agreement or otherwise to the extent as expressly authorized by the disclosing party in written form The customer has the right subject to the obliga...

Page 252: ...mode of operation 32 Figure 19 License information in window Details 33 Figure 20 Message after the transfer of the license file into the Edge Gateway 34 Figure 21 Control Panel page System Syslog 35 Figure 22 Time configuration page 39 Figure 23 Backup and recovery 42 Figure 24 Warning message 43 Figure 25 Backup in progress 43 Figure 26 Backup and recovery 44 Figure 27 Recovery dialog 44 Figure ...

Page 253: ... Edit dashboard tab node 89 Figure 63 Dialog Edit dashboard tab node 90 Figure 64 Dialog Edit link node 92 Figure 65 Dialog Edit link node 93 Figure 66 MQTT input node 97 Figure 67 Dialog box Edit MQTT in node 97 Figure 68 Dialog box MQTT broker config node tab Connection 98 Figure 69 Dialog box MQTT broker config node tab Security 99 Figure 70 Dialog box MQTT broker config node tab Birth Message ...

Page 254: ...ode 158 Figure 103 Error message Firmware mismatch 159 Figure 104 Reconfigure interface 159 Figure 105 Fieldbus node 160 Figure 106 Dialog Edit fieldbus in node 160 Figure 107 Dialog Edit fieldbus in node 161 Figure 108 Dialog Edit fieldbus interface config node 162 Figure 109 Button Open fieldbus configurator 162 Figure 110 Start screen of the user interface for fieldbus configuration of the netI...

Page 255: ...er icon within the Edge Gateway Manager 203 Figure 135 Edge Server Control Center 204 Figure 136 Server configuration 206 Figure 137 Configuration of the scan settings 207 Figure 138 Correct configuration of the scan settings 208 Figure 139 Scan protocol configuration 209 Figure 140 Tile Docker in the Edge Gateway Manager 213 Figure 141 View of portainer io dashboard 214 Figure 142 Container list ...

Page 256: ...e 38 Table 18 Setting the system time 39 Table 19 Table LAN Meaning of the columns 52 Table 20 WiFi modes of operation 54 Table 21 WiFi 54 Table 22 Parameters of the operating mode Access point 56 Table 23 Parameters of the operating mode Client 57 Table 24 Operating mode fieldbus interface 59 Table 25 Operating statuses of the services 61 Table 26 Parameters of the OPC UA Server for Edge 63 Table...

Page 257: ...nterface 183 Table 58 EtherNet IP configuration tree 186 Table 59 Parameters for setting the IP addresses 187 Table 60 Contents of the table IO items 188 Table 61 Controls of the table IO Items 189 Table 62 Contents of the table IO items 189 Table 63 Contents of the table IO items 190 Table 64 Controls of the table Signals 191 Table 65 Data types for signal names 191 Table 66 Columns of the table ...

Page 258: ... 8888 750 777 E mail info hilscher in Italy Hilscher Italia S r l 20090 Vimodrone MI Phone 39 02 25007068 E mail info hilscher it Support Phone 39 02 25007068 E mail it support hilscher com Japan Hilscher Japan KK Tokyo 160 0022 Phone 81 0 3 5362 0521 E mail info hilscher jp Support Phone 81 0 3 5362 0521 E mail jp support hilscher com Korea Hilscher Korea Inc Seongnam Gyeonggi 463 400 Phone 82 0 ...

Reviews:

No comments

Related manuals for NIOT-E-TPI51-EN-RE

Brand: IDEETRON Pages: 12

Brand: Duemmegi Pages: 11

Anybus Modbus-TCP/RTU Gateway

Brand: HMS Pages: 20

Brand: Telco Systems Pages: 30

Brand: Dispel Pages: 17

FieldServer ProtoNode

Brand: SMC Sierra Monitor Pages: 4

Brand: Synway Pages: 7

Brand: RTA Pages: 73

Brand: Arris Pages: 2

Brand: SpectraLink Pages: 15

Brand: Telos Pages: 258

Link Gate GSM ISDN

Brand: Linkcom Pages: 22

Brand: Avid Technology Pages: 152

Brand: Planet Networking & Communication Pages: 38

VGW 20FS Series

Brand: Planet Networking & Communication Pages: 84

Brand: Inovonics Pages: 13

Brand: David Clark Pages: 11

Brand: David Clark Pages: 13

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands