ABB AC500 V3 Скачать руководство пользователя страница 76 | Manualshive

Страница: 76 / 119

ABB AC500 V3 Скачать руководство пользователя страница 76

Fig. 22: Security zones

Fig. 22 shows three safety zones, but the number of zones is not necessarily decisive, there can

also be more or less - depending on the safety requirement. The use of multiple zones allows

access between zones of different trust levels to be controlled to protect a trusted resource from

attack by a less trusted one.

High-security zones should be kept small and independent. They need to be physically pro-

tected, i.e. physical access to computers, network equipment and network cables must be

limited by physical means to authorized persons only. A high-security zone should obviously not

depend on resources in a less secure zone for its security. Therefore, it should form its own

domain that is administered from the inside, and not depend on, e.g., a domain controller in a

less secure network.

Even if a network zone is regarded as trusted, an attack is still possible: by a user or compro-

mised resource that is inside the trusted zone, or by an outside user or resource that succeeds

to penetrate the secure interconnection. Trust therefore depends also upon the types of meas-

ures taken to detect and prevent compromise of resources and violation of the security policy.

Security for industrial automation and control systems

7.1.2 Secure operation

The controller must be located in a protected environment in order to avoid accidental or

intended access to the controller or the application.

A protected environment can be:

● Locked control cabinets without connection from outside
● No direct internet connection
● Use firewalls and VPN to separate different networks
● Separate different production areas with different access controls

To increase security, physical access protection measures such as fences, turnstiles, cameras

or card readers can be added.

Follow these rules for the protected environment:

● Keep the trusted network as small as possible and independent from other networks.
● Protect the cross-communication of controllers and the communication between controllers

and field devices via standard communication protocols (fieldbus systems) using appro-

priate measures.

● Protect such networks from unauthorized physical access.
● Use fieldbus systems only in protected environments. They are not protected by additional

measures, such as encryption. Open physical or data access to fieldbus systems and their

components is a serious security risk.

Configuration and programming

Cyber security > Secure operation

2023/03/03

3ADR011074, 1, en_US

76

«
...
74
75
76
77
78
...
»

Содержание AC500 V3

Страница 1: ...SYSTEM MANUAL PLC Automation Automation Builder programmable logic control lers control panels Automation Builder AC500 V3 AC500 eCo V3 AC500 XC V3 AC500 S CP600 CP600 eCo CP600 Pro...

Страница 2: ...net assembly for AC500 Standard 30 5 2 Control cabinet assembly for AC500 eCo 32 5 3 Mounting and demounting general information 33 5 3 1 Optimized mounting of the option boards 34 5 4 Mounting and de...

Страница 3: ...update 86 9 3 Control panel firmware application update 87 9 4 Reset to factory settings 87 10 Troubleshooting 88 11 Maintenance 90 11 1 Replace an AC500 module 90 11 2 Replace an I O module with hot...

Страница 4: ...r download Programming examples available in engineering suite Open Automation Builder menu Help Project examples Application descriptions for specific features and use cases Release notes for the lat...

Страница 5: ...ions in the chapter Additional information of the catalog Both the AC500 control system and other components in the vicinity are operated with dan gerous touch voltages Touching live components can le...

Страница 6: ...For example it looks like this Select the magic button Your current position will be highlighted in the bookmark tab 1 6 Structure of safety notices Throughout the documentation we use the following t...

Страница 7: ...indicates a hazardous situation which if not avoided could result in minor or moderate injury Ensure to take measures to prevent the described dangerous situation NOTICE NOTICE is used to address pra...

Страница 8: ...tools of Automation Builder PS501 Control Builder Plus Only qualified personnel are permitted to work with AC500 S safety PLCs The examples and diagrams in this manual are included solely for illustr...

Страница 9: ...grounding switch cabinet grounding is supplied both by the mains connection or 24 V supply voltage and via the DIN rail The DIN rail must be connected to ground before power is supplied to the device...

Страница 10: ...arc which could create an ignition source resulting in fire or explosion Prior to proceeding make sure that power is been disconnected and that the area has been thoroughly checked to ensure that flam...

Страница 11: ...iderations Recycle exhausted batteries Dispose of batteries in an environmentally con scious manner in accordance with regulations issued by the local authorities Safety instructions 2023 03 03 3ADR01...

Страница 12: ...for flexible application AC500 eCo AC500 eCo PLCs are cost effective high performance compact PLCs that offer total inter operability with the core AC500 range and provide battery free buffering of r...

Страница 13: ...I Os or other communication protocols Depending on the features and functions of the processor module CPU compatible components can be added to a complete AC500 PLC system 01 Terminal base for proces...

Страница 14: ...with up to 16 channels for analog and or digital signals 8 Removable terminal blocks 3 3 AC500 eCo S500 eCo system structure AC500 eCo S500 eCo series is compatible with AC500 S500 The compact AC500 e...

Страница 15: ...e can be expanded by up to 10 I O modules to increase the number of the I O channels Fig 3 I O modules S500 eCo directly connected to an AC500 eCo processor module Up to 10 I O modules can be connecte...

Страница 16: ...s syntax errors in programming To receive the state or data of the site via the input interface and save it into the shadow register or data register To read the user programs in the memory one by one...

Страница 17: ...of the processor module on the same terminal base are directly powered via the internal communication module bus of the terminal base A separate voltage source is not required The terminal base is ne...

Страница 18: ...nce The PLC provides multiple I O interfaces for operation level and drive capability to users for selection such as digital input digital output analog input analog output etc I O interfaces of the P...

Страница 19: ...s mainly include NORflash NANDflash EEPROM memory card etc AC500 PLCs store all user programs in the nonvolatile memory to protect them from power failure The programs are exported to the volatile mem...

Страница 20: ...type up to three option board slots are available for extension Each option board slot supports most existing types of option board module The option board modules provide the following functionality...

Страница 21: ...bject to frequent change and access during PLC operation It is saved in the volatile memory to meet the requirements for random access The work data memory of the PLC has the memory area for input and...

Страница 22: ...le communication options Further information on page 4 3 8 Automation Builder Short description engineering software Details about the Automation Builder license model the features of the editions and...

Страница 23: ...lso helpful for example for setting and entering control parameters Includes color change moving elements bitmaps text display allows input of setpoint values and display of process variables read fro...

Страница 24: ...left side and a bus output at the right side Thus the length of the I O bus increases with the number of attached I O modules Table 1 Maximum number of I O devices which can be connected to the I O b...

Страница 25: ...as been thoroughly checked to ensure that flammable materials are not present The devices must not be opened when in operation The same applies to the network interfaces Table 1 Maximum number of I O...

Страница 26: ...all individual consump tions The two supply voltages with 24 V DC are distinguished in the AC500 platform Supply of the internal logic via terminals L and M on the CPU module or an the AC500 terminal...

Страница 27: ...nication modules I O bus II O bus Number of expansion modules Current consumption through the I O bus per module and IUP IUP1 ILOAD1 IUP2 ILOAD2 IUP3 ILOAD3 IUP4 ILOAD4 IUP5 ILOAD5 IUP6 ILOAD6 IUP7 IL...

Страница 28: ...are exemplary values 4 3 2 Dimensioning of the fuses To be able to select the fuses for the station correctly both the current consumption and the inrush currents melting integral for the series conn...

Страница 29: ...reduce the programming effort and implement quickly your application In our main catalog we offer an overview of the available libraries and software packages Reference documentation for the function...

Страница 30: ...ting and pollution moisture and wetness and mechanical damage control cabinet IP54 for common dry factory floor environment is suitable Maintain spacing from enclosure walls wireways adjacent equipmen...

Страница 31: ...ng plate grounded NOTICE Horizontal mounting is highly recommended Vertical mounting is possible however derating consideration should be made to avoid problems with poor air circulation and overheati...

Страница 32: ...t unauthorized access dusting and pollution moisture and wetness and mechanical damage control cabinet IP54 for common dry factory floor environment is suitable Maintain spacing from enclosure walls c...

Страница 33: ...nd to place end stop terminals at the right and left side of the device to properly secure the modules 5 3 Mounting and demounting general information The control system is designed to be mounted to a...

Страница 34: ...ssipation of the option board the lower the mounting position should be selected The TA5126 2AO UI option board has the highest power dissipation and must always be mounted at the lowest option board...

Страница 35: ...sed order If the terminal base should be mounted with screws wall mounting accessories TA526 must be inserted at the rear side first These plastic parts prevent bending of the terminal base while scre...

Страница 36: ...3 modules e g one terminal base and two terminal units 2 Using the mounted modules as a template carefully mark the center of all module mounting holes on the panel 3 Return the mounted modules to th...

Страница 37: ...ocessor module 2 Press the processor module into the terminal base until it locks in place 3 The demounting is carried out in a reversed order Press above and below then remove the processor module Me...

Страница 38: ...ure the bus connectors are securely locked together to ensure proper connection Max 10 terminal units can be attached 3 Demounting A screwdriver is inserted in the indicated place to separate the term...

Страница 39: ...panel 3 Return the mounted modules to the clean work surface including any previously mounted modules 4 Drill and tap the mounting holes for the screws M4 or 8 recommended 5 Place the modules back on...

Страница 40: ...le into the dedicated holes of the terminal base Then rotate the communication module on the dedicated terminal base slot until it is locked in place NOTICE Risk of malfunctions Unused slots for commu...

Страница 41: ...O modules 1 Press the I O module into the terminal unit until it locks in place 2 The demounting is carried out in a reversed order Press above and below then remove the module Mechanical planning an...

Страница 42: ...r module is grounded via DIN rail The DIN rail must be included into the grounding conception of the plant Mount the processor module at the top of the DIN rail then snap it in below Mechanical planni...

Страница 43: ...I O modules if connected 2 While pressing down processor module pull it away from DIN rail Mechanical planning and installation Mounting and demounting the AC500 eCo processor module Demounting a proc...

Страница 44: ...concept of the plant Do NOT use insulating washers One TA543 wall mounting accessory is needed per processor module 1 Snap in the TA543 at the back side of the processor module 2 Fasten the processor...

Страница 45: ...metal plate 1 Remove I O modules if connected 2 Remove the 2 screws Mechanical planning and installation Mounting and demounting the AC500 eCo processor module Demounting a processor module mounted o...

Страница 46: ...S500 eCo I O modules can be mounted either on a DIN rail or with screws on a metal plate NOTICE Risk of function faults The S500 eCo I O modules are grounded via the DIN rail The DIN rail must be incl...

Страница 47: ...e serial I O bus is connected automati cally 1 Remove I O module by hand if connected Demounting I O modules mounted on a DIN rail Mechanical planning and installation Mounting and demounting the S500...

Страница 48: ...e The metal plate must be included into the grounding concept of the plant Do NOT use insulating washers One TA566 wall mounting accessory is needed per S500 eCo I O module 1 Snap in the TA566 at the...

Страница 49: ...module The serial I O bus is connected automatically 3 Fasten the I O module with two screws diameter 4 mm to the metal plate Mechanical planning and installation Mounting and demounting the S500 eCo...

Страница 50: ...ssories for AC500 Standard This section only describes accessories that are frequently used for system assembly connec tion and construction Demounting I O modules mounted on a metal plate Mechanical...

Страница 51: ...be disturbed 1 Memory card 2 Micro memory card 3 Micro memory card adapter 4 Memory card slot Insert the memory card into the memory card slot of the processor module until locked 1 MC502 or MC5141 me...

Страница 52: ...er the mounting position should be selected The TA5126 2AO UI option board has the highest power dissipation and must always be mounted at the lowest option board slot The optimized mounting position...

Страница 53: ...board out of the slot CAUTION Risk of injury and damaging the product Always plug in the option board slot cover when the option board is not inserted If the option board slot cover is lost please or...

Страница 54: ...pply a 13 pin terminal block and a 12 pin terminal block for I O connectors are used For all CPUs there is a screw and a spring variant available Basic CPU Standard and Pro CPUs Spring terminal TA5211...

Страница 55: ...using unapproved terminal blocks Only use terminal blocks approved by ABB to avoid injury and damage to the module Terminal block set for PM50x2 Processor modules PM50x2 CPU are not delivered with ter...

Страница 56: ...cover 2 Micro memory card 3 Micro memory card slot 1 Open the micro memory card slot cover by turning it upwards 2 Carefully insert the micro memory card into the micro memory card slot as far as it...

Страница 57: ...rom the micro memory card slot by gripping and pulling with two fingers 3 Close the micro memory card slot cover by turning it downwards 5 13 Control panels CP600 Refer to the installation instruction...

Страница 58: ...nd before power is supplied to the device The grounding may be removed only if it is certain that no more power is being supplied to the control system In case of screw mounting grounding must be ensu...

Страница 59: ...expected strength The devices themselves must not emit electro magnetic noises Advant controller components have a very high noise immunity When the wiring and grounding instructions are met an error...

Страница 60: ...nium parts Do not use sheath wires Do not use toothed lock washers under screw connections Fig 10 Assembly wrong Fig 11 Assembly correct Make a connection between the DIN rails and PE Protective Earth...

Страница 61: ...en the PE bar and the shield bar must have a low impe dance 6 2 4 Control cabinet Installation of configurations in shielded cabinet can be required in shipping applications Follow specific instructio...

Страница 62: ...sary if there are present or expected poten tial differences between parts of your application The impedance of equipotential bonding must be equal or lower than 10 of the shield impedance of the shie...

Страница 63: ...ential bonding between the cabinets min 16 mm2 12 Cable shields grounding 13 Fieldbus connection e g Ethernet 6 3 Connection and wiring This chapter provides general information about the platform Spe...

Страница 64: ...or the processor module is galvanic isolated from the power supply for the I O modules As soon as the power supply for the processor module is present the processor module starts The power supply of t...

Страница 65: ...pply voltage M 0 V Negative pin of the power supply voltage FE Functional earth 6 3 1 3 Connection of wires at the spring terminals 1 2 3 b a conductor driver screw b Screwdriver for Opening for Openi...

Страница 66: ...must be at least 15 mm free of insulation at the tip 4 While erecting the screwdriver insert it until the stop requires a little strength 5 Screwdriver inserted terminal open 6 Strip the wire for 7 m...

Страница 67: ...ation at the tip 3 While erecting the screwdriver insert it until the stop requires a little strength terminal is now open 4 Remove wire from the open terminal 5 Done 6 3 1 4 Terminals for CANopen com...

Страница 68: ...r a transmission rate of 10 Mbit s cables of at least category 3 IEA TIA 568 A 5 Cat3 or class C according to European standards are allowed For fast Ethernet with a transmission rate of 100 Mbit s ca...

Страница 69: ...four pairs of twisted wires Different color codes exist for the coding of the wires the coding according to EIA TIA 568 version 1 being the one most commonly used In this code the individual pairs ar...

Страница 70: ...cond station 12345678 12345678 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 Fig 20 Wiring of a crossover cable For networks with more than two subscribers hubs or switches have to be used additionally for distribu...

Страница 71: ...g type Screw type Spring type Screw type TA5211 TSPF B TA5211 TSCL B TA5212 TSPF TA5212 TSCL Pin Assignment Pin Label Function Description Terminal block inserted 1 FE Functional earth 2 L 24 V DC Pos...

Страница 72: ...ription 1 Tx Transmit Data 2 Tx Transmit Data 3 Rx Receive data 4 NC Not connected 5 NC Not connected 6 Rx Receive data 7 NC Not connected 8 NC Not connected Shield Cable shield Functional earth 6 3 3...

Страница 73: ...in the installation and licensing document All information about the configuration and the programming are available in the software manual contained in PLC Automation manual Detailed information is...

Страница 74: ...rable number of open ports that should be monitored carefully for any threats It has to be considered that online connections to any devices are not secured It is your responsibility to assure that co...

Страница 75: ...nts should be able to quickly discover weaknesses and provide patches Only used services ports should be enabled e g to enable the functionality of an FTPS server References CODESYS Security Whitepape...

Страница 76: ...se of resources and violation of the security policy References Security for industrial automation and control systems 7 1 2 Secure operation The controller must be located in a protected environment...

Страница 77: ...e purposes they should be carefully scanned for viruses immediately before connection All CDs DVDs USB memory sticks and other removable data carriers and files with software or software updates shoul...

Страница 78: ...t the least since such networks are normally further connected to the Internet or other external networks The IS network is therefore a different lower security zone and it should be separated from th...

Страница 79: ...cks by patching vulnerabilities and turning off inessential services Hardening a system involves several steps to form layers of protection Commissioning phase Protect the hardware from unauthorized a...

Страница 80: ...r of the control panel HMI Decommissioning phase Delete all credentials stored in the device like certificates and user data Chapter 12 Decommissioning on page 96 References Hardening in Wikipedia 202...

Страница 81: ...iles tab 6 Click the refresh button 7 Open the cert folder in the PLC 8 Open the export folder 9 Copy the certificate request file 1_IoDrvFTPServer csr to any folder on your PC 10 This file here 1_IoD...

Страница 82: ...communication policy accordingly so that only encrypted connections are allowed An application can be encrypted and signed in order to protect a running application in an AC500 V3 PLC and to protect a...

Страница 83: ...tocol Description 1217 TCP CODESYS Gateway V3 1210 TCP CODESYS Gateway V2 1211 TCP CODESYS Gateway V2 22350 TCP UDP CodeMeter License Server runtime license 22352 HTTP CodeMeter License Server runtime...

Страница 84: ...pplication on a very new processor module is the same process than updating a firmware and an application on a CPU Chapter 9 2 PLC firmware application update on page 86 The PLC starts with the new fi...

Страница 85: ...panel included Commis sioning example The PLC has an integrated diagnosis system to output diagnosis messages e g parameter setting is wrong or battery low A diagnosis message is indicated by ERR LED...

Страница 86: ...ious operating elements provided on the front panel can be used to control the devices of the PLC system and or to change the operating mode Operating elements Status LEDs Indicates the availability o...

Страница 87: ...d on page 108 Fig 26 The Version information tab of a device in Automation Builder 9 3 Control panel firmware application update The system components can be updated via Panel Builder software or via...

Страница 88: ...ore Check power supply Replace the module or HMI I O module on a hot swap ter minal unit does not respond and is not available for online connection I O module is not plugged or damaged As soon as the...

Страница 89: ...the display of the processor module shows Grace for 5 min PLC runs in grace mode because at least one feature license which has been available disappeared If the grace time expires PLC will go to stop...

Страница 90: ...before you connect or disconnect any signal or terminal block remove mount or replace a module Disconnecting any powered devices while energized in a hazardous location could result in an electric arc...

Страница 91: ...ing of attached I O modules Communication interface modules CI5xx as of index F0 Processor modules PM56xx 2ETH with firmware version as of V3 2 0 NOTICE Risk of damage to I O modules Hot swapping is o...

Страница 92: ...allation improperly NOTICE Risk of damage to I O modules Hot swapping is only allowed for I O modules Processor modules and communication interface modules must not be removed or inserted during opera...

Страница 93: ...0 14 is part of the I O configuration For min required device index see table below Device Min required device index for I O module as of FW Version 3 0 14 AC522 XC F0 AI523 XC D2 AI531 D4 AI531 XC D...

Страница 94: ...p Hot swap is not supported by AC500 eCo V3 CPU Central I O on V3 CPU I O module on TU5xx H connected to I O bus master AC500 V3 CPU types PM56xx 2ETH Required version of I O bus master Firmware as of...

Страница 95: ...des an overview of the modules on the I O bus including the position of hot swap terminal units in the I O bus In the application program this can be detected with a func tion block IoModuleHotSwapInf...

Страница 96: ...and battery from CPU 6 Delete all user accounts and user data 7 Demount and dispose the hardware modules Chapter 13 Recycling on page 97 If you can not access the data stored in the CPU e g because t...

Страница 97: ...s responsibility to dispose of this product by taking it to a designated WEEE collection facility for the proper collection and recycling of the waste equipment The separate collection and recycling o...

Страница 98: ...play and the buttons Fig 27 Example battery is empty or missing Err 1 Total number of active diagnosis messages here 1 E4 bat Error severity here 4 and location of error here battery Id 1 In the list...

Страница 99: ...E2 FLd flash disk 12 19 0 0 n 0 n Flash memory is temporary protected read only panic mode E2 iob I O bus 17 14 0 0 0 Error setting I O bus master parameter E2 diS display 23 21 0 0 0 Wrong version of...

Страница 100: ...ror Check wiring and sensor If this error persists replace I O module Contact ABB tech nical sup port E3 iob I O bus 18 Module number 1 Channel number 0 Test error E3 diS display 22 21 0 0 0 Error at...

Страница 101: ...ow for channels Check channel wiring and sensor con figuration E3 iob I O bus 524 Module number 1 Channel number 0 Stuck at error E3 iob I O bus 525 Module number 1 Channel number 0 Readback error Che...

Страница 102: ...0 0 Wrong parameter value check config uration E3 iob I O bus 8979 Module number 0 0 Checksum error has occured in iPara meter or F Parame ters E3 iob I O bus 8986 Module number 0 0 Invalid configura...

Страница 103: ...I O module If this error persists increase PROFIsafe watchdog time E3 iob I O bus 16154 Module number 0 0 Parameter error Check con figuration E3 iob I O bus 16156 Module number 0 0 F Parameter config...

Страница 104: ...sor power supply E4 iob I O bus 263 Module number 1 Channel number 0 Measurement under flow at analog input Check channel wiring and sensor power supply E4 iob I O bus 266 Module number 1 Channel numb...

Страница 105: ...m hot swap ter minal unit E4 iob I O bus 9500 Module number 0 0 Wrong I O module replugged on hot swap terminal unit Remove wrong I O module and plug pro jected I O module E4 iob I O bus 9514 Module n...

Страница 106: ...Invalid value of parameter LED E11 CPU 21 0 2 0 1 too big or 2 too small Invalid value of parameter Battery E11 CPU 24 0 2 0 1 too big or 2 too small Invalid value of parameter Diag nosis stop on err...

Страница 107: ...11 iob I O bus 16145 0 0 0 0 Error setting I O bus master parameter E11 iob I O bus 16146 0 0 0 0 Failed to start the parameterization of modules E11 iob I O bus 16147 Module number 0 0 0 Failed setti...

Страница 108: ...terface Ex Et1 or Et2 Ethernet ETH1 or ETH2 14 2 PLC firmware application update via memory card 14 2 1 Preparation of memory card Firmware packages can be downloaded from ABB website or exported from...

Страница 109: ...t project and firmware or Export Firmware 3 Choose a location for the export folder Select Make New Folder and type in MEMORY CARD 4 Select OK to add the folder Appendix PLC firmware application updat...

Страница 110: ...d The copy process can be performed with the Automation Builder software with the memory card inserted in the processor module or with the PC with a suitable memory card slot 1 Insert memory card into...

Страница 111: ...of the MEMORY CARD folder but not the MEMORY CARD folder itself and copy them 3 Select the memory card and paste the copied subfolders and files 14 2 2 Execution of update via memory card Precondition...

Страница 112: ...boot project and firmware Chapter 14 2 1 Preparation of memory card on page 108 1 Switch off the device 2 Insert the memory card 3 Switch on the device The alternate flashing of the RUN and the ERR L...

Страница 113: ...cation visualizations Data buf fering Data buffering i e maintaining data after power ON OFF is only possible if a battery is connected for AC500 CPU and the buffering will take place in FLASH with AC...

Страница 114: ...et Performs a START STOP process Preparation for program restart i e the variables VAR exception RETAIN varia bles are set to their initialization values Reset is performed using the menu item Online...

Страница 115: ...rogram in the PLC s RAM using the menu item Online Start in the programming system If a user program is loaded into RAM execution is continued i e variables will not be set to their initialization val...

Страница 116: ...cription 22 B block diagrams grounding concept 58 C central I O extension 13 15 centralized I O expansion 13 15 centralized I O extension 13 centralized IO extension 15 CI 19 CM 16 communication modul...

Страница 117: ...rewall protection 75 firmware update control panel 87 PLC 86 108 FM 19 function module terminal base mounting and demounting 35 38 G grounding concept block diagrams 58 H hardware protection 79 HMI 22...

Страница 118: ...Safety devices 21 safety notice 6 SD card 51 56 108 SD memory card 51 56 108 secure operation 76 security 8 74 security notice 6 serial I O bus 24 services 83 SM560 S 21 SM560 S FD 1 21 SM560 S FD 4...

Страница 119: ...0 6221 701 1444 E mail plc support de abb com new abb com plc new abb com plc automationbuilder new abb com contact centers We reserve all rights in this document and in the information contained the...

Отзывы:

Нет отзывов