manualshive.com logo in svg

Siemens SIMATIC NET CP 1243-1 DNP3, Configuration Manual

Share
Download
Siemens SIMATIC NET CP 1243-1 DNP3 Configuration Manual Download Page 77

 

Configuration 

 

3.17 Security (CP) and certificates 

Configuration - DNP3 
Configuration Manual, 11/2018, C79000-G8976-C508-01 

77

 

Areas of application 

 

Local area networks can be connected together securely via the Internet ("site-to-site" 

connection). 

 

Secure access to a company network ("end-to-site" connection) 

 

Secure access to a server ("end-to-end" connection) 

 

Communication between two servers without being accessible to third parties (end-to-end 

or host-to-host connection) 

 

Ensuring information security in networked automation systems 

 

Securing the computer systems including the associated data communication within an 

automation network or secure remote access via the Internet 

 

Secure remote access from a PC/programming device to automation devices or networks 

protected by security modules via public networks. 

Cell protection concept 

With Industrial Ethernet Security, individual devices or network segments of an Ethernet 

network can be protected: 

 

Access to individual devices and network segments protected by security modules is 

allowed. 

 

Secure connections via non-secure network structures becomes possible. 

Due to the combination of different security measures such as firewall, NAT/NAPT routers 

and VPN via IPsec tunnels, security modules protect against the following: 

 

Data espionage 

 

Data manipulation 

 

Unwanted access 

3.17.4.2

 

Creating a VPN tunnel for S7 communication between stations 

Requirements 

To allow a VPN tunnel to be created for S7 communication between two S7 stations or 

between an S7 station and an engineering station with a security CP (for example CP 1628), 

the following requirements must be met: 

 

The two stations have been configured. 

 

The CPs in both stations must support the security functions. 

 

The Ethernet interfaces of the two stations are located in the same subnet. 

Summary of Contents for SIMATIC NET CP 1243-1 DNP3

Page 1: ...________________ ___________________ SIMATIC NET TeleControl Configuration DNP3 Configuration Manual Configuration and diagnostics 11 2018 C79000 G8976 C508 01 Preface Functions and requirements 1 Communication mechanisms 2 Configuration 3 Diagnostics 4 OUC program blocks CP A SINEMA Remote Connect CP B WBM of the TIM 1531 IRC C Bibliography D ...

Page 2: ...perated only by personnel qualified for the specific task in accordance with the relevant documentation in particular its warning notices and safety instructions Qualified personnel are those who based on their training and experience are capable of identifying risks and avoiding potential hazards when working with these products systems Proper use of Siemens products Note the following WARNING Si...

Page 3: ...ore configuration manuals The documentation for the modules specified above consists of the following manuals and contents Manual Operating instructions Valid for the respective module or module group Application and functions Requirements CPUs configuration software etc Hardware description Installation wiring commissioning operation Diagnostics maintenance Technical specifications approvals acce...

Page 4: ...tive communications modules WBM WBM is the acronym for the Web Based Management the pages of the TIM Web server for configuration and diagnostics data New in this release First issue Current manual release on the Internet You will also find the current version of this manual on the Internet pages of Siemens Industry Online Support Link https support industry siemens com cs ww en ps 21764 man Requi...

Page 5: ...ernet if and to the extent such a connection is necessary and only when appropriate security measures e g firewalls and or network segmentation are in place For additional information on industrial security measures that may be implemented please visit Link http www siemens com industrialsecurity Siemens products and solutions undergo continuous development to make them more secure Siemens strongl...

Page 6: ...Preface Configuration DNP3 6 Configuration Manual 11 2018 C79000 G8976 C508 01 ...

Page 7: ...d network configuration 25 2 2 Communications options 26 2 3 Connection establishment 27 2 4 Acknowledgment 28 3 Configuration 29 3 1 Security recommendations 29 3 2 Communication types 32 3 3 Basic settings Options 33 3 3 1 Basic settings 33 3 3 2 Options 35 3 4 Configuration of interfaces networks and network nodes 36 3 4 1 WAN settings of the interfaces 36 3 4 2 Networking of the interfaces 38 ...

Page 8: ...VPN 76 3 17 4 1 VPN Virtual Private Network 76 3 17 4 2 Creating a VPN tunnel for S7 communication between stations 77 3 17 4 3 VPN communication with SOFTNET Security Client engineering station 79 3 17 4 4 Establishment of VPN tunnel communication between the CP and SCALANCE M 80 3 17 4 5 CP as passive subscriber of VPN connections 80 3 17 5 Certificate manager 81 3 17 6 Handling certificates 81 ...

Page 9: ...unctions 138 4 5 2 2 TIM Diagnostics Memory tab 139 4 5 2 3 TIM Diagnostics Message buffer tab 139 4 5 2 4 TIM Diagnostics Communication tab 141 4 5 2 5 TIM Diagnostics Time Synchronization tab 141 4 5 2 6 TIM Diagnostics Time tab 141 4 5 2 7 TIM Diagnostics Filesystem tab 142 4 5 2 8 TIM diagnostics IP Parameters tab 142 4 5 2 9 TIM diagnostics IP statistics tab 142 4 5 2 10 TIM diagnostics MSC C...

Page 10: ... the TIM 167 C 3 General functions of the WBM 168 C 4 Start page 169 C 5 System 171 C 5 1 Device info 171 C 5 2 SD card 171 C 5 3 System time 172 C 5 4 NTP 172 C 5 5 Web server 172 C 5 6 DNS configuration 173 C 6 Maintenance 173 C 6 1 Firmware 173 C 6 2 Operating status 174 C 7 Diagnostics 176 C 7 1 Events 176 C 7 2 Notifications 177 C 8 LAN 178 C 8 1 Ethernet interface Xn 178 C 9 Telecontrol 180 ...

Page 11: ...er Number of inter faces Station type STEP 7 product Required firmware IE RS Master Node station Station TIM 1531 IRC 6GK7 543 1MX00 0XE0 3 1 X X X STEP 7 Professional V2 0 TIM 4R IE DNP3 TIM 4R IE DNP3 Stand alone 6NH7803 4BA00 0AA0 2 2 X X X STEP 7 Professional V3 2 TIM 3V IE DNP3 6NH7803 3BA00 0AA0 1 1 X X X STEP 7 Professional V3 2 CP 1243 8 IRC 6GK7 243 8RX30 0XE0 1 X STEP 7 Basic Professiona...

Page 12: ...aster You need STEP 7 Professional project to connect the CPs to SIMATIC NET master or node stations configured in STEP 7 Firmware The required firmware versions of the modules relate to the complete configuration described in this manual You can find the required STEP 7 version for this in the section Software requirements Page 15 Modules with lower firmware versions can be configured in older ST...

Page 13: ...nd send e mails due to events The following recipients are possible PCs with an Internet connection Cell phones SIMATIC stations with the appropriate program blocks Inter station communication Direct inter station communication between S7 stations with a TIM is possible via IP based networks Inter station communication in contrast runs via a master station that forwards the frames to the target su...

Page 14: ...owing example the Ethernet interface and the serial interface are used with the TIM 1531 IRC to set up redundant transmission paths Ethernet interface for communication via Ethernet Internet Serial interface for communication via a WAN network dedicated line or dialup network Figure 1 2 Communication via redundant paths Path redundancy is also possible over two Ethernet networks ...

Page 15: ...h PROFINET interface S7 400 All CPUs with PROFINET interface CP 1243 1 CP 1243 8 IRC CPU with firmware version as of V4 2 CP 1542SP 1 IRC CPUs as of firmware version V2 0 CPU 1510SP 1 PN CPU 1510SP F 1 PN CPU 1512SP 1 PN CPU 1512SP F 1 PN You will find more detailed information on the CPUs and the BusAdapters in the manual 5 Page 188 1 4 Software requirements Software for configuration and online ...

Page 16: ... to send e mails can be established during runtime S7 connections Max 4 connection resources for PG OP connections see below PG OP connections 4 connection resources for connections to the engineering station or HMI devices included in the configuration limits of the S7 connections see above PG routing Max 4 connections at the same time Online functions See PG OP connections HTTP HTTPS Max 2 conne...

Page 17: ...transferred per e mail 256 ASCII characters including any value sent at the same time 1 5 2 TIM 4R IE DNP3 TIM 3V IE DNP3 Number of DNP3 connections You will find the connection resources in the form of the table after the following listing TIM configured as DNP3 master station node station TIM 4R IE DNP3 Number in total Max 128 of which Pro Ethernet interface Configured with master station functi...

Page 18: ... connections per TIM in total Interface Network type Max number of connections per interface TIM 4R IE DNP3 Master station 128 Ethernet 1 TCP 64 Ethernet 2 TCP 64 RS232 no 1 Dedicated line 32 Dialup network 32 RS232 no 2 Dedicated line 32 Dialup network 32 Station 32 Ethernet 1 TCP 16 Ethernet 2 TCP 16 RS232 no 1 Dedicated line 16 Dialup network 16 RS232 no 2 Dedicated line 16 Dialup network 16 TI...

Page 19: ...l Max 5 of which 2 configurable S7 connections 2 PG connections 1 OP connection TIM 3V IE DNP3 Number in total Max 3 of which 2 PG connections 1 OP connection No S7 connections can be established via the serial interface Number of MODBUS slaves per station The maximum number of MODBUS slaves that can be connected to the serial interface of a TIM depends on the configured interface standard RS 232 ...

Page 20: ...nfiguration The maximum number of configurable data points is 200 Frame memory send buffer The CP has a frame memory send buffer for the values of data points configured as an event The send buffer has a maximum size of 64000 events The size of the frame memory is divided equally among all configured communications partners It can be set in STEP 7 refer to the section Communication with the CPU Pa...

Page 21: ...telecontrol communication three CP 1243 1 modules can be plugged in per station Connection resources Telecontrol connections The CP can establish connections to the following master station types To up to four non redundant or redundant connected masters S7 connections and TCP UDP ISO on TCP connections Max 14 connection resources can be distributed as required for S7 connections PUT GET Connectio...

Page 22: ... security modules Firewall rules The maximum number of firewall rules in advanced firewall mode is limited to 256 The firewall rules are divided up as follows Maximum 226 rules with individual addresses Maximum 30 rules with address ranges or network addresses e g 140 90 120 1 140 90 120 20 or 140 90 120 0 16 Maximum 128 rules with limitation of the transmission speed Bandwidth limitation 1 5 5 CP...

Page 23: ...including any value sent at the same time Frame memory send buffer The CP has a frame memory send buffer for the values of data points configured as an event The volume of the send buffer is divided equally among all configured communications partners The size of the send buffer can be configured in STEP 7 refer to the section Communication with the CPU Page 62 The maximum size of the send buffer ...

Page 24: ... DNP3 24 Configuration Manual 11 2018 C79000 G8976 C508 01 Module Medium TIM 1531 IRC CP 1243 8 IRC CP 1542SP 1 IRC TIM 1531 IRC Ethernet S7 Ethernet S7 Ethernet S7 CP 1243 8 IRC Ethernet S7 CP 1542SP 1 IRC Ethernet S7 Max number of S7 routing connections 4 ...

Page 25: ... server address es You require the DNS server address if you address the master using a name that can be resolved by DNS Partner number Masters that communicate with a station require the partner number of the station in order to assign the data points to be transferred With S7 1200 CPs that can only function as stations the partner number of the master is assigned by the system Address informatio...

Page 26: ... connections running via the Internet dynamic IP addresses can be used To allow communication in both directions and to ensure that the data is protected during transfer a connection with a VPN tunnel is necessary For this the security modules of the SCALANCE S or SCALANCE M series are available Remember the following points when configuring You configure the IP address of the master station on th...

Page 27: ...lished connection is interrupted a master module tries to re establish the connection Note Connection interrupted by the mobile wireless network provider When using mobile wireless services remember that existing connections can be interrupted by mobile wireless network providers for maintenance purposes Spontaneous mode Enabling the Unsolicited reporting parameter in the Unsolicited responses par...

Page 28: ...the data link layer see section Transmission settings DNP3 Page 53 A station module acknowledges a request from the master with its response frames The acknowledgment of unsolicited frames that a station module sends to the master is configured in the Settings DNP3 station parameter group see section Settings DNP3 station Page 56 Acknowledgment in Open User Communication The successful sending and...

Page 29: ...ind information on Industrial Security here Link http www siemens com industrialsecurity You can find information on security in industrial communication here Link http w3 siemens com mcms industrial communication en ie industrial ethernet security Seiten industrial security aspx You will find a publication on the topic of network security 6ZB5530 1AP0x 0BAx here Link http w3app siemens com mcms i...

Page 30: ...th Avoid weak passwords for example password1 123456789 or similar Make sure that all passwords are protected and inaccessible to unauthorized personnel See also the preceding section for information on this Do not use one password for different users and systems Protocols Secure and non secure protocols Only activate protocols that you require to use the system Use secure protocols when access to...

Page 31: ...nticates the communications partner during access Protocol function Port number protocol Default of the port Port status Authentication DNP3 20000 UDP Closed Open after configuration Yes when secure authentication is ena bled S7 and online connections 102 TCP Open Open after configuration No Online security diagnostics CP 1243 x CP 1542SP 1 IRC 8448 TCP Closed Open after configuration Yes HTTP 80 ...

Page 32: ...EC 60870 5 Enable online functions Enables access to the CPU for the online functions via the CP diagnostics loading project data etc If the function is enabled the engineering station can access the CPU via the CP If the option is disabled you have no access to the CPU via the CP with the online functions Online diagnostics of the CPU with a direct connection to the interface of the CPU remains p...

Page 33: ... interfaces of the communications module Range of values 1024 65535 Default 20000 Max number of registered tags Maximum level of PLC tags registered on the assigned CPU for automatic change control With registered PLC tags the communications module is notified as soon as the value changes in the CPU tag management The PLC tags are registered in the order in which they were created Range of values ...

Page 34: ...on Performance data and configuration limits Page 16 IP routing These parameters are available with the TIM 1531 IRC Note The function is not intended for large data volumes Restrict routing via the TIM to approx 1 Mbit s so that productive operation of the TIM is not impaired IP routing Allow IP routing Enables IP routing via the interfaces of the module Routing method Defines the paths for IP ro...

Page 35: ...t mask Subnet mask Prefix Subnet mask IPv4 or prefix IPv6 of the routing destination Router address 3 3 2 Options The following parameters are only valid for the following modules TIM 3V IE DNP3 TIM 4R IE DNP3 Frame memory Frame memory size Size of the memory in which the frames to be sent are stored for all configured WAN drivers If the value 0 is entered the entire free memory following startup ...

Page 36: ...ycle Number of data points that were assigned to the normal read cycle Assignment in the data point configuration see section General tab Page 112 Number of data points in the fast cycle Number of data points that were assigned to the fast read cycle Assignment in the data point configuration see section General tab Page 112 Read max Maximum number of data points read from the CPU per sampling cyc...

Page 37: ... node type Decides the Network node type of the interface Master station Node station For modules that act as node station the interfaces are configured as follows Interface in the direction of the master station Node station Interface in the direction of the lower level network Master station Station You will find an illustration in the section Networking of the interfaces Page 38 Modem type The ...

Page 38: ... the module interfaces in the STEP 7 device symbol network view corresponds largely to the structure of the respective device For example the interfaces of a TIM 1531 IRC are arranged as follows Figure 3 1 Device symbol of the TIM with interface numbers Networking interfaces To network an interface depending on the initial situation you have different options Creating a subnet Connecting two targe...

Page 39: ...N network Alternatively In the parameter group Network interface with of the interface Using the Add new subnet button On the interface in the device symbol of the module Using the shortcut menu Create subnet Graphically by dragging holding the mouse pointer pressed to the interface symbol of the communications partner A new WAN network is created that adopts the network type from the connected in...

Page 40: ... 3 5 1 Ethernet interface address parameters Ethernet interface Ethernet addresses IP protocol In the following parameter groups configure the IP address parameters of the Ethernet interface You will find information on configuration in the STEP 7 information system Ethernet interface Port Xn P1 You will find information on configuration in the STEP 7 information system See also Configuring WAN ne...

Page 41: ...nitoring time the module sends a keepalive frame to the communication partner With the setting 0 zero the function is disabled Default setting 180 s Permitted range TIM 1531 IRC 1 65535 s CP 1243 1 CP 1243 8 IRC TIM 3V IE DNP3 TIM 4R IE DNP3 0 65535 s CP 1542SP 1 IRC 0 32767 s TCP keepalive monitoring time After sending a keepalive frame the module expects a response from the communication partner...

Page 42: ...N You will find information on the Web server of the S7 1200 in the manual 7 Page 189 You will find information on the Web server of the ET 200SP in the manual 8 Page 189 3 5 3 2 TIM 1531 IRC Access to the Web server You can activate access to the Web server of the TIM via HTTP HTTPS for each individual Ethernet interface As default access is disabled Refer to the explanations in section Web serve...

Page 43: ... of several modems to the interface of the TIM star shaped network RS 485 termination Enable this option when connecting a terminating resistor for the RS 485 bus when a star shaped network is connected Operating mode Only configurable with TIM 3V IE DNP3 TIM 4R IE DNP3 The operating mode of the interface specifies the mode of the data transfer Range of values Interrupt block for the send and rece...

Page 44: ...eeded the image procedure is used for new frames to prevent the send buffer from overflowing Default setting 50 Permitted range 0 90 If 0 zero is set all spontaneous frames are sent at the call Connection establishment Only configurable with TIM 3V IE DNP3 TIM 4R IE DNP3 Extra transmission time Time offset with slow networks to prevent premature canceling of connection establishment Default settin...

Page 45: ...immediately after sending the last character Value 0 Once the last character has been sent the RTS OFF delay elapses before the module takes back the RTS signal Default setting 0 Permitted range 0 65535 ms Polling monitoring time Only configurable with TIM 3V IE DNP3 TIM 4R IE DNP3 Only for interfaces with the Network node type Station Node station Time s after which the TIM expects to be polled A...

Page 46: ... the network node types Station and Node station Stations per polling sub cycle Only configurable with TIM 3V IE DNP3 TIM 4R IE DNP3 Only for interfaces with the Network node type Master station Number of stations that can be called in the sub cycle per polling cycle of the master station Default setting 0 Permitted range 0 255 With the setting 0 zero the function is disabled Form of transfer Only...

Page 47: ...s connected Max number of spontaneous frames Only with CP 1243 8 IRC Max number of spontaneous frames Only for interfaces with the Network node type Station Node station The parameter decides after how many messages the master station has the opportunity of transferring its pending messages to the station As maximum the configured number of spontaneous frames that are pending at the time of the fi...

Page 48: ...pical entry 0 or 9 or for an alternative telephone provider Permitted range Max 12 digits With direct connection to the dial up network and without an alternative telephone provider this parameter can remain empty Own phone number Entry of your own telephone number for the network node including the area code Permitted values Digits 0 9 Plus character as placeholder for the trunk prefix usually 00...

Page 49: ...ases will a connection be established to send conditional spontaneous messages Threatened overflow of the send buffer Connection establishment by the communications partner Degree of filling The TIM only establishes a connection when the configured fill level of the send buffer for conditional spontaneous messages is exceeded In the input box enter the fill level of the send buffer at which when e...

Page 50: ...en transferred Default setting 5 Permitted range 0 65535 Repetition factor The repetition factor determines how often a data frame that has not been acknowledged positively is repeated Abort delay time Only with CP 1243 8 IRC Duration s a dial up connection is retained when the send buffer of the TIM is full and the TIM can send no further messages or data to the CPU During the abort delay time re...

Page 51: ...7 Configuring WAN networks Parameters of classic WAN networks If you first configure the WAN settings parameter group of the communications module interfaces the most important settings of the interface are taken from the connected WAN network when a new network is generated The classic WAN networks shown in blue in STEP 7 have the following parameter groups General Like for any other network this...

Page 52: ...size of a data frame within the network 240 Network settings Dependence on direction Direction dependency of the network Duplex Half duplex Transmission speed Speed at which the communications module and modem communicate From the drop down list select a value that is supported by all connected modems Time of day synchronization Enable time of day synchronization for WAN When the parameter is enab...

Page 53: ...e master station Station In order for a received command to be sent to the CPU and thereby take effect the device must not receive any further command frames between Select and Operate Range of values 1 65535 Default setting 1 If a master sends an object with function code 7 DIRECT_OPERATE to the station the station does not evaluate the time period configured here Connection monitoring time appli...

Page 54: ...d With Ethernet connections it is recommended that you configure the value 0 since required repetitions are carried out by the protocol implementation Range of values 0 255 Default setting 0 With the setting 0 zero the function is disabled Acknowledgment Condition under which the module requests an acknowledgment of receipt from the partner sending of the CONFIRMED_USER_DATA function code Never No...

Page 55: ...ule set on the Master station network node type Polling basic interval This is where you define the basic interval for station calls by the master station Value range 0 65535 seconds Default 30 With the setting 0 zero the function is disabled No cyclic polling takes place not even for the parameters listed below the calculation of which is based on the polling basic interval Basis for further para...

Page 56: ...ress when a connection is requested If the IP address of the partner does not match the address of a configured partner of the station the station rejects the connection Do not check IP address The station does not check IP addresses for incoming TCP connection requests Event properties Event class for image memory Selection of an event class in which only the last current values are stored in the...

Page 57: ...smission to be configured see below Permitted range 0 65535 With the setting 0 zero the function is disabled Node station This parameter is only available for interfaces for which the network node type is set to Node station Response without current station image With an interface of the Node station network node type the communication module of the node station keeps the station process image in ...

Page 58: ...Setting for dedicated lines When connecting a serial interface to a DNP3 dedicated line with the half duplex setting you must set the parameter to No To avoid collisions you should also use this setting when connecting to full duplex multidrop dedicated lines Max number of retries Maximum number of repetitions of unsolicited frames if no acknowledgment is received from the master After reaching th...

Page 59: ...l security settings The rights for access to the Web server are configured in STEP 7 in the Global security settings Only users created there can log on with the Web server using HTTP HTTPS The following preset roles are relevant for Web server access NET Standard NET Diagnose The required rights for diagnostics access to the Web server and reading and writing data are thus enabled You will find f...

Page 60: ...responding rights must be assigned to the user If the firewall is activated the HTTP HTTPS protocols must be allowed Automatic update Enable automatic update Enables automatic updating of the displayed values If the option is disabled only the values at the time of connecting to the Web server are displayed Update interval Select the interval at which you require an update of the displayed values ...

Page 61: ...TEP 7 project click the Web diagnostics button under the Web diagnostics parameter group to establish the connection to the Web browser of the module The content is supplied by the integrated Web server of the module For information on operation and on the contents see section WBM of the TIM 1531 IRC Page 167 3 11 DNS configuration DNS server A DNS server may be required when the module itself a c...

Page 62: ...r of read jobs Maximum number of low priority read jobs from the CPU memory area within a CPU scan cycle Frame memory size Here you set the size of the frame memory for events send buffer The size of the frame memory is divided equally among all configured communications partners For information on the size of the frame memory see Performance data and configuration limits You will find details of ...

Page 63: ...e current values to the following PLC tags the CP sets the Diagnostics trigger tag to 0 signaling to the CPU that the updated values can be read from the PLC tags Note Fast setting of the diagnostics trigger tag Triggers must not be set faster than at a minimum interval of 500 milliseconds Frame memory overflow warning PLC tag data type Byte for the send buffer overflow pre warning Bit 0 is set to...

Page 64: ... status Byte 1 Path status Byte 0 Partner status Byte 0 codes information on the reachability of the communications partner on the existing connections and connection paths and on the status of the send buffer of the TIM Table 3 1 Assignment of byte 0 Meaning of the bit statuses Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 Path redun dancy Connection mode Temporary connection Re served Frame me...

Page 65: ...of the TIM and the status of the path Byte assignment Byte 1 is assigned as follows Two bits for the interface of the main path Two bits for the interface of the substitute path Two bits for the status of the main path Two bits for the status of the substitute path Table 3 2 Assignment of byte 1 Bits 6 7 Bits 4 5 Bits 2 3 Bits 0 1 Configured interface Path status Coding for substitute path Coding ...

Page 66: ...The path status is output via the bits of the main path 1st path Table 3 3 Coding options for the path status Configured interface Path status Coding for substitute path Coding for main path Substitute path 2nd path Main path 1st path 0 0 0 0 Coding for IE1 Irrelevant not redun dant Status IE1 0 0 0 1 Coding for IE2 Status IE1 Status IE2 0 0 1 0 Coding for IE3 Status IE1 Status IE3 0 0 1 1 Coding ...

Page 67: ...ds see below and forward the time of day to the station or the connected WAN networks When an external time source is used the connected S7 station can obtain the current time of day both via the CPU and via a communications module TIM CP Note Recommendation Time of day synchronization only by 1 module Only have the time of day of the station from an external time source synchronized by a single m...

Page 68: ...ynchronization TIM 1531 IRC No time source From NTP server From WAN To local station To WAN TIM 3V IE DNP3 TIM 4R IE DNP3 From NTP server From local station From WAN To local station To WAN CP 1243 1 CP 1243 8 IRC The CP can only be a time slave for the connected subnet Time from partner NTP Time from CPU Forwarding the time to the CPU CP 1542SP 1 IRC The CP can only be a time slave Time from part...

Page 69: ...ver up to 240 characters can be entered From WAN TIM The TIM adopts the time of day from a subscriber in the connected network The following can be time masters A synchronized CPU A subscriber with a time receiver A master station PC connected to the Ethernet network Time from partner CP 1243 1 CP 1243 8 IRC The CP adopts the time of day from the communications partner in the master station Time f...

Page 70: ...CPU Since the CPU automatically adopts the CP time you no longer require the forwarding option using the PLC tag like with CP firmware V3 If the option CPU synchronizes the modules of the device is enabled for the CPU in PROFINET interface Time synchronization all smart modules of the station are synchronized with the CPU time Configuration with the TIM and with WAN networks Parameter groups for t...

Page 71: ...orwarded in the parameter group WAN settings as network node type Master station The function is supported for the Ethernet interface with the MSC protocol and for the serial interface with the setting network type Neutral 3 In the parameter group Send time for the interface from step 2 enable the option Forward time to WAN Via the connected network the time frames are forwarded in the network 4 I...

Page 72: ...e parameter group Time of day synchronization of the network enable the option Enable time of day synchronization for WAN 2 There configure the required synchronization cycle 3 Network the interfaces of all TIM modules involved with the WAN network The settings configured for the WAN network are adopted in the following parameter groups of the connected TIM modules For the time master Master stati...

Page 73: ...TEP 7 You obtain the certificate from your e mail service provider Use the certificate by taking the following steps 1 Save the certificate of your e mail service provider in the file system of the engineering station 2 Import the certificate into your STEP 7 project with Global security settings Certificate manager 3 Use the imported certificate with every module that uses encrypted e mails via t...

Page 74: ...strings see below SNMPv1 Use SNMPv3 Enables the use of SNMPv3 for the device For information on the configuration of the required algorithms see below SNMPv3 SNMPv1 The community strings need to be sent along with queries to the device via SNMPv1 Note the use of lowercase letters with the preset community strings Reading community string The string is required for read access Leave the preset stri...

Page 75: ...rtificates 3 17 1 Parameters DNP3 security options With the CP 1243 1 CP 1542SP 1 IRC the settings on Secure Authentication are configured in the segments of the telecontrol connections as of firmware version V3 1 You will find the description in section Telecontrol connections Page 86 SINEMA Remote Connect You will find the description in the appendix SINEMA Remote Connect CP Page 161 3 17 2 Secu...

Page 76: ...work VPN is a technology for secure transportation of confidential data in public IP networks for example the Internet With VPN a secure connection IPsec tunnel is set up and operated between two secure IT systems or networks via a non secure network The IPsec tunnel forwards all data even from protocols of higher layers HTTP FTP etc The data traffic between two network components is transported u...

Page 77: ...ic networks Cell protection concept With Industrial Ethernet Security individual devices or network segments of an Ethernet network can be protected Access to individual devices and network segments protected by security modules is allowed Secure connections via non secure network structures becomes possible Due to the combination of different security measures such as firewall NAT NAPT routers an...

Page 78: ...N group 5 Configure local VPN properties of the two CPs You will find a detailed description of the individual steps in the following paragraphs of this section Select Activate security features After logging on you need to select the Activate security features check box in the configuration of both CPs You now have the security functions available for both CPs Creating the VPN group and assigning...

Page 79: ...e the telecontrol server is the time master if telecontrol communication is enabled Configure the properties of the VPN group 1 Double click on the newly created VPN group Result The properties of the VPN group are displayed under Authentication 2 Enter a name for the VPN group Configure the settings of the VPN group in the properties These properties define the default settings of the VPN group t...

Page 80: ...ight mouse button select Enable all members in the shortcut menu The lower level node appears again temporarily in the tunnel list 4 Select the lower level node in the tunnel list 5 With the right mouse button select Delete entry in the shortcut menu Result The lower level node is now fully disabled VPN tunnel communication can be established 3 17 4 4 Establishment of VPN tunnel communication betw...

Page 81: ...ported certificates to the module in the table below the local security settings of the module For a description of the procedure refer to the section Handling certificates Page 81 You will find further information in the STEP 7 information system 3 17 6 Handling certificates Certificate for authentication If you have configured secure communication with authentication for the module own certifica...

Page 82: ...tificate manager Global security settings Certificate manager 3 Open the Trusted certificates and root certification authorities tab 4 Click in a row of the table can select the shortcut menu Import 5 In the dialog that opens import the certificate from the file system of the engineering station into the STEP 7 project Assigning certificates locally To be able to use an imported certificate for th...

Page 83: ...arameter Subject Alternative Name Windows Alternative applicant name from the STEP 7 configuration data You can change this parameter of a certificate inn the certificate manager of the global security settings To do this select the a certificate in the table of device certificates and call the shortcut menu Renew Properties of the parameter Alternative name of the certificate owner changed in STE...

Page 84: ... completely protected neither read nor write access to the hardware configuration and blocks is possible If you want to use the functions of the unmarked access levels you will need to enter a password With the legitimization provided by using the password you once again have full access to the module Behavior of a password protected module during operation Protection of the module is effective af...

Page 85: ...ssword only have read access to the module The effect of the password in row 3 No access complete protection is as if the CP was write and read protected Users that know this password only have read access to the module Procedure Follow the steps below to set the parameters for the access levels of the module 1 Open the module properties in the Inspector window 2 Open the Protection entry in the n...

Page 86: ...ou perform the configuration in the following parameter groups Partner stations parameter group or Network data editor Configuration in the Partner stations parameter group For S7 1200 telecontrol CPs up to V2 1 which only function as stations the relationships to the master station or to the master are configured in the Partner stations parameter group This is where you define the communication p...

Page 87: ... you will find the collapsed Network data editor 2 Open the Network data editor using the arrow symbol The editor is displayed with several tabs on the left the Network overview tab 3 Expand the editor until the TeleControl tab appears This tab is further divided into the following tabs ST7 DNP3 IEC 60870 Depending on the protocol used select the corresponding tab to configure the telecontrol conn...

Page 88: ... in the table The column width adapts to the widest entry in this column Some fields of the table can be edited in others you configure the parameter via a drop down list Boxes with a missing or bad configuration are shown with a red background Names of the connections You can adapt the default names of the connections A maximum of 129 characters from the following ASCII character sets numbers dec...

Page 89: ...te connections between endpoints subscribers that are configured in the STEP 7 project Fields are available in the connection table for the address data and interface parameters of both endpoints The endpoint of a connection is always the CPU not the communications module Exception Third party device see below A connection segment must be created for the way there and the way back for each connect...

Page 90: ...ections between two endpoints can run over multiple subscribers A connection segment between two subscribers can be used for multiple connections Individual settings can be configured for specific connection segments and the associated interfaces of the modules For this reason the individual connection segments between the interfaces of two devices are displayed in separate lines in the connection...

Page 91: ...ith the selected starting point and endpoint highlighted and click on the Add new connection path icon The dialog for defining connection paths opens Dialog Add connection paths The possible connection paths are searched for automatically which is indicated by the progress bar at the bottom of the dialog The status and result of the search are displayed in the Information field below The connectio...

Page 92: ... find the description of the parameters in the section Connection table Page 92 The Properties tab which shows additional parameters for each connection segment is displayed below the connection table Properties tab of the connections In the parameter groups you can check the connection segment correct it if necessary and configure additional properties You can find a description of the parameter ...

Page 93: ...in the first cell Note If you have created connections and set a filter you cannot create any new connections You need to reset the filter first in order to create new connections Parameters If parameters are already used by the configuration the values are transferred to the respective columns Name You can change the default name of the connection segment between two subscribers See section Netwo...

Page 94: ... multiple connections the station address of all destination subscribers is entered Note Manual entry for third party device For a third party device that is not configured in the STEP 7 project you must enter the station address manually The station addresses are entered separated by commas End interface address Interface of the endpoint module through which the connection runs For a third party ...

Page 95: ...nection paths between two partners configure the same time for both paths Range of values 0 65535 With the setting 0 zero the function is disabled Transport prot Relevant for all subscriber types Select the transport protocol TCP UDP Spontaneous Transfer mode for events For modules of the STEP 7 project the value is taken from the configuration and cannot be changed For information on the paramete...

Page 96: ... call this station Even if data is still pending for transmission in the station after this time the calls from the master station are canceled This means that the master station is once again available to other stations The value configured for the station is transferred to the master station and stored there Range of values 0 65535 Default 10 With the setting 0 zero the function is disabled in o...

Page 97: ...ed in the same way as the main paths The parameters of the redundant connection paths are distinguished by the following suffix red The parameters of the redundant connection paths have the same functions as those for the main path See above for the meaning Examples Start interface red Interface of the starting point module through which the redundant connection runs End interface red Interface of...

Page 98: ...roperties of the telecontrol connections for each connection segment TCP connection monitoring time Function If no data traffic takes place within the TCP connection monitoring time the module sends a keepalive frame to the communication partner With the setting 0 zero the function is disabled Default setting 180 s Permitted range TIM 1531 IRC 1 65535 s CP 1243 1 CP 1243 8 IRC TIM 3V IE DNP3 TIM 4...

Page 99: ...n pre shared key after the first connection establishment between master and station session keys are agreed that are then renewed cyclically Renewal of the session keys is initiated by the master The criteria for renewing the key are specified in the following parameters Key exchange interval Authentication requests before key exchange As soon as one of these conditions is met the session key is ...

Page 100: ...module may use the secure hash algorithm SHA 1 if SHA 256 was configured as the Secure hash algorithm and the master does not support SHA 256 Range of values SHA 1 mode not allowed The module must not use SHA 1 If the master does not support SHA 256 no connection will be established SHA 1 mode allowed The module can use SHA 1 if the master does not support SHA 256 Default setting SHA 1 mode not al...

Page 101: ...d the master The interval must be matched up on both communications partners Range of values 0 65535 min at 0 zero the key is never changed function disabled Default setting 15 min Recommendation Set the key exchange interval for the station module twice as high as for the master Authentication timeout Maximum wait time of the module after an authentication request to the master If the waiting tim...

Page 102: ... the same data type as described in the DNP3 specification see above is lost This form is primarily intended for control systems that archive events strictly chronologically Default Type specific 3 19 5 5 Third party device parameters Third party device parameters Only valid for partners that are not configured in the STEP 7 project Network node type third party device Network node type third part...

Page 103: ...ly on the CPU to allow configuration of the data points The PLC tags for data point configuration can be created in the standard tag table or in a user defined tag table All PLC tags intended to be used for data point configuration must have the attribute Visible in HMI Address areas of the PLC tags are input output or bit memory areas on the CPU Note Number of PLC tags Observe the maximum possibl...

Page 104: ...roject navigation Project directory of the relevant station Local modules required communications module By double clicking on the entry the data point or message editor opens Figure 3 7 Configuring data points and messages After opening the editor window using the two entries to the right above the table you can switch over between the data point and message editor Figure 3 8 Switching over betwe...

Page 105: ...displayed Select the required data source with the mouse or keyboard Click the symbol A selection list of the configured PLC Tags and the blocks is displayed From the relevant table select the required data source In the name box of the PLC tag enter part of the name of the required data source All configured PLC tags and tags of the data blocks whose names contain the letters you have entered are...

Page 106: ...header the following symbol appears When it does click immediately on the column header The column width adapts itself to the broadest entry in this column Showing hiding columns You call this function using the shortcut menu that opens when you click on a column header with the right mouse key Copying data points and messages As with many other programs you can copy and paste objects in the data ...

Page 107: ...f certain data point types is not identical However the import works when missing parameters see the following parameter descriptions are added in the CSV file Export When you call the export function the export dialog opens Here you select the module or modules of the project whose data point information needs to be exported When necessary you can export the data points of all modules of the proj...

Page 108: ...ames English of the data points This line must not be changed Lines 5 n Values of the parameters according to line 4 of the individual data points You can change the parameter values for the particular station Importing into a module Before importing the data points make sure that the PLC tags required for the data points have been created Note that when you import a CSV file all the data points e...

Page 109: ...as configured for the module The telecontrol protocol used by the module differs from that of the original module Modules with the same telecontrol protocol are compatible with each other Only when importing into several modules The import is aborted when a module or CPU name is different from the data in the CSV file Assignment repair If you have named the PLC tags in a station into which you wan...

Page 110: ...nary Output Event 1 11 1 2 out Bool Bool Q M DB Binary Command 12 1 out Bool Byte Q M DB Integer 16 bits Counter 20 2 in UInt Word Word I Q M DB Frozen Counter 2 21 2 6 in UInt Word Word I Q M DB Counter Event 22 2 6 in UInt Word Word I Q M DB Frozen Counter Event 3 23 2 6 in UInt Word Word I Q M DB Analog Input 30 2 in Int Int I Q M DB Analog Input Event 32 2 in Int Int I Q M DB Analog Output Sta...

Page 111: ...STEP 7 using the substitute object group 20 3 This object group can be configured in the Data point editor of STEP 7 using the substitute object group 22 4 This object group can be configured in the Data point editor of STEP 7 using the substitute object group 41 5 With these data point types contiguous memory areas up to a size of 64 bytes can be transferred All S7 data types with a size between ...

Page 112: ... data point configuration General tab Remember that to use the mirror back function you need to interconnect the local values in the controller with the relevant PLC tag of the data point Time stamp of the data with the DNP3 protocol in UTC format Time stamps are transferred in UTC format 48 bits and contain milliseconds 3 20 3 General tab General You will also the most important parameters in the...

Page 113: ...ral requests If the function is disabled the value of the data point is not sent to the communications partner following a general request 3 20 4 Rules for configuring the data point index Configuration of the data point index The following rules apply to configuring the data point index Data point indexes must be unique within each of the following object groups Binary Input Binary Input Event Bi...

Page 114: ... sent The frame memory operates chronologically in other words the oldest frames are sent first FIFO principle If a frame was transferred to the communications partner the transferred value is deleted from the send buffer If frames cannot be transferred for a longer period of time and the send buffer is threatening to overflow the response is as follows If the send buffer reaches a fill level of 8...

Page 115: ...able Every value triggered Each value change is entered in the send buffer in chronological order Current value triggered Only the last current value is entered in the send buffer It overwrites the value stored there previously For information on the different trigger types see section Trigger tab Page 116 3 20 6 Read cycle Input data points are assigned to the read cycle of the CPU in the data po...

Page 116: ...arameter group with the Max number of read jobs parameter The tags that exceed this value and can therefore not be read in one cycle are then read in the next or one of the following cycles Cycle idle time This waiting time between two scan cycles is used to reserve adequate time for other processes that access the CPU 3 20 7 Trigger tab Trigger Data points are configured as a static value or as a...

Page 117: ...hardware triggers via the user program Transmission time Whether the value of an event is transmitted to the communication partner immediately after activating the trigger or with a delay depends on whether spontaneous sending or asymmetric communication is possible in the network You set the spontaneous transfer of events in the Network data editor of the telecontrol connections for each connecti...

Page 118: ...utside the threshold value band The current threshold value band results from the last saved value and the amount of the configured threshold value Upper limit of the threshold value band Last saved value threshold value Lower limit of the threshold value band Last saved value threshold value As soon as the process value reaches the upper or lower limit of the threshold value band the value is sav...

Page 119: ...deviation is at 2 1 The new process value stored in the send buffer is 19 9 In this example if a deviation of the process value of approximately 0 5 should fire the trigger then with the behavior of the process value shown here a threshold value of approximately 1 5 2 5 would need to be configured 3 20 9 Analog value preprocessing The TIM supports analog value preprocessing For analog value data p...

Page 120: ... Configuration Manual 11 2018 C79000 G8976 C508 01 Sequence of the analog value preprocessing options The values of analog inputs configured as an event are processed on the TIM according to the following scheme Figure 3 11 Sequence of the analog value preprocessing ...

Page 121: ...nt are read in a 100 millisecond cycle and totaled The number of read values per time unit depends on the read cycle of the CPU and the CPU sampling cycle of the TIM The mean value is calculated from the accumulated values as soon as the transfer is triggered by a trigger Following this the accumulation starts again so that the next mean value can be calculated The mean value can also be calculate...

Page 122: ...ble if values from the underrange should not be transferred as real measured values Exception With process data from input modules the value 32768 8000h for wire break of a live zero input is transferred With a software input on the other hand all values lower than zero are corrected to zero Fault suppression time Requirements for the function Configuration of the threshold trigger for this data p...

Page 123: ...se finished values also adopt the values listed above 32767 7FFFh or 32768 8000h in the overflow or underflow range If this is not the case the parameter should not be configured for preprocessed values For finished values preprocess in the CPU the limits for the overflow and underflow can be freely assigned Smoothing factor Requirements for the function Configuration of the threshold trigger for ...

Page 124: ...rection of the end of the measuring range You can also evaluate the limit values for example as the start or end of the measuring range Configuration of the limit value The limit value is configured as a whole decimal number The range of values is based on the range of values of the raw value of analog input modules Please note The entry of the value 0 zero is interpreted as a deactivated limit va...

Page 125: ...le one or both options and configure a value and then disable the option later the grayed out value is nevertheless evaluated To disable the two options delete the previously configured values limit values from the input boxes and then disable the relevant option Recommendation for quickly fluctuating analog values If the analog value fluctuates quickly it may be useful to smooth the analog value ...

Page 126: ...ontrol Code of the object Control Code Operation Type field OP Type Volume 6 Part 2 Objects The master sends the information Trip Close Count On time Off time and Pulse count with the command frame to the station The station data point evaluates the information and checks it for consistency with the parameters Max pulse duration Pulse duration replacement time and Max number of pulses The TIM 1531...

Page 127: ...and is rejected TIM 1531 IRC The output is set to 1 for the duration of On time The output is set to 0 0x41 CLOSE PULSE_ON CP The command is rejected TIM 1531 IRC The output is set to 1 for the duration of On time CP The command is rejected TIM 1531 IRC The output is set to 1 0x81 TRIP PULSE_ON CP The command is rejected TIM 1531 IRC The output is set to 1 for the duration of On time CP The comman...

Page 128: ...n Name Puls Steuerung Range of val ues NUL CLOSE TRIP Explanation Trip Close Code for Control Code PULSE_ON The data point sends the configured code to the corresponding data point of the station See above for the meaning Name Pulse ON duration Range of val ues 0 4294967295 Default 10 Explanation Duration milliseconds for On time The data point sends the configured time to the corresponding data p...

Page 129: ...ion replace ment time is configured or when the received pulse duration is 0 the Pulse duration replacement time is used Name Pulse duration replacement time s Range of val ues 0 65535 Default 0 Explanation Replacement value for the pulse duration The replacement value is used in the following cases The pulse duration received from the master exceeds the value configured under Max pulse duration T...

Page 130: ...nfigured in the transmission settings of the respective interface 3 20 11 Partner stations Activating the partners of the data point All partners with which a telecontrol connection has been configured are shown in the table Enable the partner or partners with which the selected data point is to exchange data using the check box 3 21 Configuring messages 3 21 1 Messages Calling the editor You conf...

Page 131: ...e the recipient the subject and the text of the message Trigger In the Trigger parameter group you configure triggering for sending the message and other parameters E mail trigger Specifies the event for which the sending of the message is triggered Use PLC tag For the trigger signal to send the message the edge change 0 1 of the trigger bit PLC tag for trigger that is set by the user program is e...

Page 132: ...s a value for the placeholder from the memory area of the CPU in the message To do this enter as a placeholder for the value to be sent in the message text Select a PLC tag whose value will be integrated in the message The value is entered in the message text instead of the placeholder can be a placeholder for data point types with a simple data type up to a size of 32 bits Note that the number of...

Page 133: ...ine functions you can read various diagnostic information from the relevant module from an engineering station on which the STEP 7 project is stored and perform maintenance functions You will find additional information on the diagnostics functions of STEP 7 in the STEP 7 information system Online access This is where you establish the online connection to the module For the procedure refer to the...

Page 134: ...eral seconds With the function Disable protocol trace the logging is stopped and the data is written to a logging file With the function Save you can save the log file on the engineering station To evaluate the file you need to rename it to the format 7dt You can decode and analyze the renamed file using the TIM frame monitor of the SINAUT diagnostics tool Time Specification of the current time in...

Page 135: ...unctions refer to the section SNMP Page 136 4 2 Online security diagnostics via port 8448 CP Security diagnostics without opening port 102 If you want to perform security diagnostics without opening port 102 follow the steps below 1 Select the CP in STEP 7 2 Open the Online diagnostics shortcut menu 3 In the parameter group Security click the Connect online button In this way you perform the secur...

Page 136: ...ng the Disconnect button 4 4 SNMP SNMP Simple Network Management Protocol SNMP is a protocol for management and diagnostics of networks and nodes in the network To transmit data SNMP uses the connectionless UDP protocol The information on the properties of SNMP compliant devices is entered in MIB files MIB Management Information Base Scope of performance of the module as SNMP agent Not all functio...

Page 137: ...sName is sent as the host name using DHCP option 12 to the DHCP server to register with a DNS server For all other MIB objects MIB object groups only read access is possible for security reasons The modules do not support traps For more detailed information about the MIB files and SNMP refer to the manual 10 Page 189 Configuration For information on the configuration refer to the section SNMP Page...

Page 138: ... for messages Communication tab Displays the installed communication drivers on the various interfaces of the TIM Time synchronization tab Status of the time of day synchronization on the interfaces of the TIM Time tab Information on the system clock of the TIM Filesystem tab Displays all the files in the flash file system or if installed on the RAM disk of the TIM IP Parameters tab TIM 4R IE only...

Page 139: ...the flash or RAM disk 4 5 2 3 TIM Diagnostics Message buffer tab Message buffer tab The Message buffer tab is available only for TD7onTIM capable TIM modules for example TIM 3V IE The tab displays the current diagnostic data on the size and utilization of the buffer areas for messages on the selected TIM module With TD7onTIM compliant TIM modules the message buffer is divided into various buffer a...

Page 140: ...ames Total number of stored frames for the relevant source and destination subscriber If a frame buffer is selected on the left with the mouse in the Buffers box the following detailed information is displayed in the Buffer info list From Subscriber number of the source subscriber To Subscriber number of the destination subscriber Type 2 Buffer for organizational messages hand shake messages or me...

Page 141: ...M Diagnostics Communication tab Communication tab The Communication tab displays information on the status of communication of the TIM with information on interfaces drivers available not available and baud rate The data is displayed in the lower part of the dialog when you select one of the communication interfaces 4 5 2 5 TIM Diagnostics Time Synchronization tab Time synchronization tab The Time...

Page 142: ...ubnet mask Configured subnet mask of the module Default router If a default router was specified during configuration the IP address of the default router is displayed here MAC address MAC address of the module IP settings Indicates where the module obtained the IP parameters from Link status Indicates whether or not a physical connection to Ethernet exists Link settings Shows the setting for dete...

Page 143: ...ration DNP3 Configuration Manual 11 2018 C79000 G8976 C508 01 143 4 5 2 10 TIM diagnostics MSC Communication tab MSC communication tab This tab exists only for a TIM 4R IE as MSC master station Figure 4 1 SINAUT diagnostics dialog MSC communication tab ...

Page 144: ...e Blue and red The network provider cannot be reached When the MSC Communication tab is opened the icons of all stations are gray The change to green or blue and red takes place only after the data has been updated see below Subscriber number Station Signal quality see below Quality of the received signal Sent current month Received current month Sent received volume of data since the last change ...

Page 145: ...ons No station selected The data of all stations is updated One station selected The data of the selected station is updated The requested data can take up to 1 2 a minute Print Opens a follow on dialog from which you can print the displayed information Save Opens a follow on dialog from which you can save the displayed information in a text file 4 5 3 TIM subscriber diagnostics 4 5 3 1 TIM Subscr...

Page 146: ...ab of the CPU selected in the list of known subscribers on the left of the dialog Dialing list external tab optional Dial up service and command of the connected TIM module Polling list tab optional Data of the station call of the partners of the connected TIM module connected over a dedicated line with the option of disabling or enabling a connected partner The colored symbols in the selection li...

Page 147: ...e connected TIM module In the General field Reachability of the known subscriber Entries indicating problems are highlighted in color Any connection disruptions Information on gateways to the known subscriber subscriber local remote In the Connection field Interface of the connection Type of connection Connection enable Information on calling Status of data communication In the Special field Infor...

Page 148: ...ation partners of the CPU selected in the list on the left of the dialog With TIM modules Display of the communication partners of the connected TIM module selected in the subscriber list prior to opening the dialog If different subscribers are selected on the left in the dialog the same subscribers are always displayed in the list of communication partners With TIM modules partners are only displ...

Page 149: ... tab The Subscriber no Special service Dialing enabled and Dialing command parameters are displayed for the listed TIM modules An X in the Dialing enabled column indicates that the connection is enabled The following functions are available only for the TIM 4R IE By double clicking on a subscriber in the dialing list the Disable Enable subscribers dialog opens in which the configured and current e...

Page 150: ...Polling list internal tab By double clicking on a subscriber in the polling list the Disable Enable subscribers dialog opens in which the configured and current enable status of the selected subscriber is displayed from the perspective of the master TIM The current enable status can be changed If you change the state to Disable in this dialog the configured state is adopted again next time the mas...

Page 151: ... for the TD7onTIM software for example TIM 3V IE TD7onTIM diagnostics provides information on the status of the data transmission of the TD7onTIM software package of the TIM module selected in the SINAUT subscriber list Figure 4 6 TD7onTIM diagnostics dialog with system object parameters based on the example of WatchDog In keeping with the parameter assignment of the TD7onTIM the diagnostic functi...

Page 152: ...ccessively expanded System objects blue symbols Data objects yellow symbols The cycle time Send and receive channels Properties This box displays the following properties of an object selected in the directory tree Parameter name Value Comment The Parameter name column lists the individual parameters with colored symbols indicating the following status Blue symbols Configured data Red symbols Onli...

Page 153: ...mple of the Send analog value channel 4 6 Processing status of the messages e mail Processing status of messages If this option is enabled in the Trigger tab of the message configuration of STEP 7 a status is output on the CP that provides information about the processing status of the sent message The status is written to a PLC tag of the type DWORD Select this tag via the PLC tag for processing ...

Page 154: ... was denied 8408 The client could not obtain a socket for creating a TCP IP connection to the mail server 8409 It is not possible to write via the connection Possible cause The communications partner reset the connection or the connection aborted 8410 It is not possible to read via the connection Possible cause The communications partner terminated the connection or the connection was aborted 8411...

Page 155: ...the following configuration data Alarm configuration E mail data Content Email address sender 8535 SMTP authentication incomplete Check the User name and Password parameters in the configuration 8550 SMTP server cannot be reached You have no access rights Check the following configu ration data Module configuration E mail configuration User name Password Email address sender Alarm configuration E ...

Page 156: ...Diagnostics 4 7 Maintenance Configuration DNP3 156 Configuration Manual 11 2018 C79000 G8976 C508 01 ...

Page 157: ...cks need to be created for this You will find details on the program blocks in the information system of STEP 7 Note Different program block versions Note that in STEP 7 you cannot use different versions of a program block in a station Supported program blocks for OUC The following instructions in the specified minimum version are available for programming Open User Communication TSEND_C V3 0 TRCV...

Page 158: ..._C uses the parameter MAIL_ADDR_PARAM The connection description is stored in a data block whose structure is specified by the system data type SDT Creating an SDT for the data blocks Create the SDT required for every connection description as a data block global DB The SDT type is generated by entering the name in the declaration table of the block manually not by selecting an entry from the Data...

Page 159: ...or each connection A separate connection must be established for each communications partner even if identical blocks of data are being sent After a successful transfer of the data a connection can be terminated A connection is also terminated by calling TDISCON Note Connection abort If an existing connection is aborted by the communications partner or due to disturbances on the network the connec...

Page 160: ...243 1 CP firmware V2 1 7x CPU firmware V4 2 CP 1542SP 1 IRC CP firmware V1 CPU firmware V2 0 CPU 151xSP Program blocks Program controlled changing of the IP parameters is supported by program blocks The program blocks access address data stored in a suitable system data type SDT The following program blocks and system data types can be used T_CONFIG Along with IF_CONF_V4 IF_CONF_NTP IF_CONF_V6 IF_...

Page 161: ...C Server application provides end to end connection management of distributed networks via the Internet This also includes secure remote access to lower level stations Communication between SINEMA RC Server and the remote devices takes place via a VPN tunnel with consideration of the stored access rights SINEMA RC uses OpenVPN for encryption of the data The center of the communication is SINEMA RC...

Page 162: ...y for remote maintenance via SINEMA RC 3 CP for telecontrol communication only 4 CP uses telecontrol communication but SINEMA RC only for remote maintenance 5 CP uses SINEMA RC for telecontrol communication and remote maintenance The table provides an overview of the applications with the respective parameter settings On means that the parameter is activated Off means that the parameter is deactiv...

Page 163: ...l communication via SINEMA RC 1 In the Communication types parameter group activate telecontrol communication and select the protocol The option for communication via SINEMA RC is not yet visible 2 Change to the Security parameter group and enable the security functions In the Communication types parameter group the SINEMA RC option appears disabled and grayed out 3 Open the Security VPN parameter...

Page 164: ...rs must be configured in the SINEMA RC Server Exporting the CA certificate optional If you want to use the server certificate as authentication method of the communication module during connection establishment export the CA certificate from SINEMA RC Server Then import the CA certificate from SINEMA RC Server to the engineering station Alternatively you can use the fingerprint of the server certi...

Page 165: ...cation Here you select the authentication method of the communication module during connection establishment CA Certificate Under CA certificate select the CA certificate from SINEMA RC Server that was previously imported and activated in the local certificate manager The module generally checks the CA certificate of the server and its validity period The two options cannot be changed Fingerprint ...

Page 166: ...N connection is retained until the connection parameters are changed by the SINEMA Remote Connect Server If the connection is interrupted the CP automatically re establishes the connection If the connection parameters are changed by the SINEMA Remote Connect Server the CP requests the new connection data after the update interval configured above has elapsed PLC trigger The option is intended for ...

Page 167: ...tablishing a connection to the WBM of the TIM Possible connections You can establish a connection between a PC and the TIM using the HTTP HTTPS protocol LAN connection With a local connection from the PC to the TIM you can connect directly Connection via WAN Internet mobile wireless The TIM must be reachable via a fixed IP address With connections via the Internet mobile wireless network you need ...

Page 168: ...that you have entered the correct address ignore the message If necessary add the connection to the exceptions depending on the Web browser The logon window of the TIM opens 3 In the User name input box enter the name of a user or administrator configured in STEP 7 The rights assigned in Global security settings of the STEP 7 project apply 4 Enter the corresponding password in the Password input b...

Page 169: ...BM display Switches off the automatic update of the WBM display Prints out the current WBM page C 4 Start page After logging in to the WBM the start page appears On the left you will find the navigation area with the main levels of the WBM Navigation in the WBM By clicking on an entry in the navigation area on the left open the WBM page you want for further information or on which you want to conf...

Page 170: ...e module General Station name Parameter configured in STEP 7 Module name Parameter configured in STEP 7 Module type Article number Status Operating status Current operating status of the TIM Status Status of the firmware startup of the TIM TIM started up free of errors Startup aborted with error Firmware date Date the firmware currently being used was generted Format MMM DD YYYY hh mm ss ...

Page 171: ... Hardware product version Firmware version Rack Slot Module information Module name Parameter configured in STEP 7 Vendor information Vendor Serial number Serial number of the device C 5 2 SD card SD card SD card SD card inserted yes no Free memory space total Display of the free memory space still available and the total usable memory capacity Content Display of the messages and files saved on th...

Page 172: ...epted as 03 or as 3 Apply time of day When you click this button you transfer the time entered above to the TIM Adopt PC time When you click this button the TIM adopts the time of day from the connected PC C 5 4 NTP NTP NTP server list Shows the addresses of the configured NTP servers C 5 5 Web server Web server Disable Web server Disables the Web server of the TIM The setting is adopted in the co...

Page 173: ...erver list List of configured DNS servers Servers configured in STEP 7 C 6 Maintenance C 6 1 Firmware Firmware This page displays the most important version data of the firmware currently being used If a new firmware version is available for the TIM you will find this on the Internet pages of Siemens Industry Online Support Link https support industry siemens com cs ww en ps 21764 dl If a new firm...

Page 174: ...Date the firmware was generated Firmware update Download the firmware file to the file system of your connected PC File After selecting a firmware file stored on the PC using the Browse button the file name is displayed here Browse Searches the file system of the PC for a firmware file saved there that is intended to be loaded on the TIM Load on device By clicking the button download the selected ...

Page 175: ...ts If you use an SD card and you want to reset the TIM to the factory settings you must pull the SD card while disconnected from the power before resetting If the SD card remains inserted the TIM starts up again with the configuration data on the SD card Resetting to factory settings Effect Note Configuration data is deleted Resetting to factory settings deletes all configuration data in the TIM D...

Page 176: ...special event WARNING Warning of a possibly unwanted event ERROR Internal error The TIM starts up FATAL Serious error that impairs or interrupts the operation of the TIM Event Plain text of the diagnostics event Copy of the diagnostics buffer Using the button you save the content of the diagnostics buffer on the PC The diagnostics buffer The diagnostics buffer receives diagnostics messages for int...

Page 177: ...ay synchronization Power failure C 7 2 Notifications Messages Table The table lists the last messages of the TIM with the following information Number Consecutive number Time Time of sending Trigger Trigger that fired generation of the message Recipient Configured recipient of the message Message Message text Processing status Status of the sending of the message You will find an overview of the p...

Page 178: ...ics IPv4 parameters Network attachment MAC address IP parameters IP address Current IP address Subnet mask Default or last configured subnet mask Default router Configured default router Address assignment Shows how obtaining the IP address is configured in STEP 7 Set IP address in the project IP address from DHCP server Set IP address on the device The IP address obtained using other services out...

Page 179: ...sses of up to two gateways Statistics Statistics The following statistical data of the interface since the TIM last started up is displayed Bytes received Received frames discarded Number of messages that were discarded on receipt due to address protocol or data errors Error on receipt Number of internal errors on receipt Frames with unknown protocol Number of messages with the wrong protocol Byte...

Page 180: ...CPU and to the remote partners is shown as follows Green Connected All connections are established Yellow Connected Some of the possible connections are established Red Disconnected None of the possible connections is established Partner Possible partner types Local CPU The CPU assigned to the TIM in the configuration Application e g WinCC TIM TIM of the remote station Partner CPU CPU of the remot...

Page 181: ... and local CPU Remote partner Partner type Application e g WinCC CPU CPU of the remote station TIM CP Subscriber number Subscriber number of the partner Time master Display of the option configured on the partner Yes No Security options Display of the active access level protection ON OFF Connection status Connected Not connected For the meaning of the colors see above Connection overview Frame me...

Page 182: ...hernet interface of the TIM for connection with the local CPU X1 ETH1 X2 ETH2 X3 ETH3 CPU type Type of the local CPU Connection status Connected Not connected CFB reference Local ID decimal of the S7 connection Local TSAP Local TSAP of the S7 connection Remote TSAP Remote TSAP of the S7 connection IP address IP address of the CPU Remote partner Address IP address or WAN address of the interface of...

Page 183: ...ion Read write connection to the local CPU that does not require an S7 connection X connection Unconfigured S7 connection that uses the SFCs X_SEND and X_RCV Permanent temporary Permanent or temporary telecontrol connection GPRS no GPRS GPRS connection or no GPRS connection local remote Connection to a local or remote partner Connection status Connected Disconnected C 9 1 2 Send buffer The tab pro...

Page 184: ...er of configured events of the source subscriber Parameters When you click on the icon in a table row the relevant parameters are displayed Unconditional spontaneous Number of stored frames to be sent unconditionally and spontaneously only relevant in dial up networks Prioritized Number of stored frames to be sent with high priority Identification Hexadecimal value that codes the information below...

Page 185: ...ta points The tab shows you information on the configures data points of the TIM Data points Data point number Consecutive number Name type Name and type of the data point When you hold the cursor over the column entries additional properties of the data points are displayed in tooltips Type identifier Type of the data point Object number Object number of the ST7 data point Object group Object gro...

Page 186: ... PC and can be evaluated with the Wireshark program for example Options Ethernet Interface X1 X2 X3 Enable the interfaces for which you want to record data Data volume kB Via the input box you specify the overall size of the logging file Maximum file size 10000 kB Recording acc to time If the option is enabled the recording is made for a configurable time Via the input box you specify the recordin...

Page 187: ...iemens Industry Mall at the following address Link https mall industry siemens com Manuals on the Internet You will find SIMATIC NET manuals on the Internet pages of Siemens Industry Online Support Link https support industry siemens com cs ww en ps 15247 man Go to the required product in the product tree and make the following settings Entry type Manuals Manuals on the data medium You will find m...

Page 188: ...rt industry siemens com cs ww en view 103948898 4 SIMATIC NET CP 1243 8 IRC Operating Instructions Siemens AG Link https support industry siemens com cs ww en ps 21162 man 5 SIMATIC CP 1542SP 1 CP 1542SP 1 IRC CP 1543SP 1 Operating instructions Siemens AG Link https support industry siemens com cs ww en ps 22144 man Link https support industry siemens com cs ww en ps 22143 man 6 SIMATIC NET TIM DN...

Page 189: ...nual Siemens AG Link http support automation siemens com WW view en 58649293 9 SIMATIC NET Industrial Ethernet PROFINET System manual Siemens AG Industrial Ethernet Link https support industry siemens com cs ww en view 27069465 Passive network components Link https support industry siemens com cs ww en view 84922825 10 SIMATIC NET Diagnostics and configuration with SNMP Diagnostics manual Siemens ...

Page 190: ...Bibliography 0 10 Configuration DNP3 190 Configuration Manual 11 2018 C79000 G8976 C508 01 ...

Page 191: ...Forced image mode 114 140 Frame memory 16 G Gateway 80 Glossary 5 I IIN1 6 56 Image memory 114 Importing a certificate e mail 73 Internet connections 26 Inter station communication 13 IP address master 25 IP address station 25 IPsec 76 L LATCH_ON OFF 126 M MIB 136 MODBUS slaves configuration limits 19 N Node station 12 NTP secure 69 O Online diagnostics 32 Online functions 134 OUC Open User Commun...

Page 192: ...00 G8976 C508 01 select before operate 53 Send buffer 16 114 SIMATIC NET glossary 5 SMTPS 72 SNMP 136 SNMPv3 74 Spontaneous 117 SSL TLS 72 STARTTLS 72 STEP 7 version 15 SYSLOG 76 T Trigger tag resetting 116 131 V VPN 26 76 W WAN creating a network 39 Web server 42 ...

Reviews:

No comments

Brands by name

Popular brands

Load more brands