CP 443-1 OPC UA - Siemens AG · CP 443-1 OPC UA Operating ... of the SIMATIC S7-400 to an OPC UA client and server ... of the full product name "CP 443-1 OPC UA". PG Programming device

___________________

___________________

___________________

___________________

___________________

___________________

___________________

___________________

___________________

___________________

SIMATIC NET

S7-400 - Industrial Ethernet CP 443-1 OPC UA

Operating Instructions

01/2017 C79000-G8976-C427-02

Preface

Application and functions 1

LEDs and connectors 2

Installation, connecting up, commissioning

3

Configuration and operation 4

Programming the OPC UA client blocks

5

Diagnostics and maintenance

6

Technical specifications 7

Approvals A

Documentation references B

Siemens AG Division Process Industries and Drives Postfach 48 48 90026 NÜRNBERG GERMANY

C79000-G8976-C427-02 Ⓟ 01/2017 Subject to change

Copyright © Siemens AG 2016 - 2017. All rights reserved

Legal information Warning notice system

This manual contains notices you have to observe in order to ensure your personal safety, as well as to prevent damage to property. The notices referring to your personal safety are highlighted in the manual by a safety alert symbol, notices referring only to property damage have no safety alert symbol. These notices shown below are graded according to the degree of danger.

DANGER indicates that death or severe personal injury will result if proper precautions are not taken.

WARNING indicates that death or severe personal injury may result if proper precautions are not taken.

CAUTION indicates that minor personal injury can result if proper precautions are not taken.

NOTICE indicates that property damage can result if proper precautions are not taken.

If more than one degree of danger is present, the warning notice representing the highest degree of danger will be used. A notice warning of injury to persons with a safety alert symbol may also include a warning relating to property damage.

Qualified Personnel The product/system described in this documentation may be operated only by personnel qualified for the specific task in accordance with the relevant documentation, in particular its warning notices and safety instructions. Qualified personnel are those who, based on their training and experience, are capable of identifying risks and avoiding potential hazards when working with these products/systems.

Proper use of Siemens products Note the following:

WARNING Siemens products may only be used for the applications described in the catalog and in the relevant technical documentation. If products and components from other manufacturers are used, these must be recommended or approved by Siemens. Proper transport, storage, installation, assembly, commissioning, operation and maintenance are required to ensure that the products operate safely and without any problems. The permissible ambient conditions must be complied with. The information in the relevant documentation must be observed.

Trademarks All names identified by ® are registered trademarks of Siemens AG. The remaining trademarks in this publication may be trademarks whose use by third parties for their own purposes could violate the rights of the owner.

Disclaimer of Liability We have reviewed the contents of this publication to ensure consistency with the hardware and software described. Since variance cannot be precluded entirely, we cannot guarantee full consistency. However, the information in this publication is reviewed regularly and any necessary corrections are included in subsequent editions.

CP 443-1 OPC UA Operating Instructions, 01/2017, C79000-G8976-C427-02 3

Preface

Validity of this manual This description contains information on the following product:

CP 443-1 OPC UA Article number 6GK7 443-1UX00-0XE0 Hardware product version 2 Firmware version V1.0.39

Communications processor for connection of the SIMATIC S7-400 to an OPC UA client and server

Legend: ① X = placeholder for hardware product version ② Firmware version ③ LEDs ④ Ethernet interface X1P1: 1 x 8-pin RJ-45 jack ⑤ Label with MAC address

Figure 1 CP 443-1 OPC UA

Preface

CP 443-1 OPC UA 4 Operating Instructions, 01/2017, C79000-G8976-C427-02

Purpose of the manual This manual describes the properties of this device and shows application examples. The manual supports you when installing, connecting up and commissioning the device. The required configuration steps for the device are described. You will also find instructions for operation and information about the diagnostics options of the device.

Required experience To install, commission and operate the device, you require experience in the following areas:

● General electrical engineering

● Automation engineering / STEP 7

● OPC UA

Abbreviations/acronyms This manual often uses the following abbreviations/acronyms:

● CP

The acronym is used instead of the full product name "CP 443-1 OPC UA".

● PG

Programming device (STEP 7 V5)

● ES

Engineering station (STEP 7 Professional)

New in this release ● Configuration in STEP 7 Professional

● Setting the SYA bit when forwarding the time to the CPU

● Editorial revision

Replaced edition Release 07/2016

Current manual release on the Internet You will also find the current version of this manual on the Internet pages of Siemens Industry Online Support.

Link: (https://support.industry.siemens.com/cs/ww/en/view/21862/man)

Cross references In this manual there are often cross references to other sections.

To be able to return to the initial page after jumping to a cross reference, some PDF readers support the command <Alt>+<Left arrow>.

https://support.industry.siemens.com/cs/ww/en/view/21862/man

Preface


Documentation and other literature The documentation for this device consists of these operating instructions.

You will find more information on configuring the CP here:

● Online help of STEP 7 V5.x

● Information system of STEP 7 Professional

● Manual /2/ (Page 133)

There among other things you will find information about the following topics:

– Initial addressing

– Downloading configuration data

– Web diagnostics

– STEP 7 special diagnostics

– Loading firmware

You will find an overview of further reading and references in the Appendix of this manual.

License conditions

Note Open source software

The product contains open source software. Read the license conditions for open source software carefully before using the product.

You will find license conditions in the following document on the supplied data medium:

● OSS_CP4431-OPCUA_86.pdf

Firmware The firmware is signed and encrypted. This ensures that only firmware created by Siemens can be downloaded to the device.

Security information Siemens provides products and solutions with industrial security functions that support the secure operation of plants, systems, machines and networks.

In order to protect plants, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art industrial security concept. Siemens’ products and solutions only form one element of such a concept.

Customer is responsible to prevent unauthorized access to its plants, systems, machines and networks. Systems, machines and components should only be connected to the enterprise network or the internet if and to the extent necessary and with appropriate security measures (e.g. use of firewalls and network segmentation) in place.

Preface


Additionally, Siemens’ guidance on appropriate security measures should be taken into account. For more information about industrial security, please visit Link: (http://www.siemens.com/industrialsecurity)

Siemens’ products and solutions undergo continuous development to make them more secure. Siemens strongly recommends to apply product updates as soon as available and to always use the latest product versions. Use of product versions that are no longer supported, and failure to apply latest updates may increase customer’s exposure to cyber threats.

To stay informed about product updates, subscribe to the Siemens Industrial Security RSS Feed under Link: (http://www.siemens.com/industrialsecurity).

Recycling and disposal The product is low in pollutants, can be recycled and meets the requirements of the WEEE directive 2012/19/EU "Waste Electrical and Electronic Equipment".

Do not dispose of the product at public disposal sites. For environmentally friendly recycling and the disposal of your old device contact a certified disposal company for electronic scrap or your Siemens contact.

Keep to the local regulations.

You will find information on returning the product on the Internet pages of Siemens Industry Online Support: Link: (https://support.industry.siemens.com/cs/ww/en/view/109479891)

SIMATIC NET glossary Explanations of many of the specialist terms used in this documentation can be found in the SIMATIC NET glossary.

You will find the SIMATIC NET glossary here:

● SIMATIC NET Manual Collection or product DVD

The DVD ships with certain SIMATIC NET products.

● On the Internet under the following address:

Link: (https://support.industry.siemens.com/cs/ww/en/view/50305045)

Training, Service & Support You will find information on training, service and support in the multilanguage document "DC_support_99.pdf" on the Internet pages of Siemens Industry Online Support:


http://www.siemens.com/industrialsecurity


https://support.industry.siemens.com/cs/ww/en/view/109479891




Table of contents

Preface ................................................................................................................................................... 3

1 Application and functions ...................................................................................................................... 11

1.1 Application .............................................................................................................................. 11

1.2 Communication services ......................................................................................................... 11

1.3 Security functions .................................................................................................................... 12

1.4 Other services and properties ................................................................................................. 14

1.5 Operating the CP in an H system ........................................................................................... 14

1.6 Performance data ................................................................................................................... 15 1.6.1 Configuration limits - hardware ............................................................................................... 15 1.6.2 Configuration limits - communication ...................................................................................... 16

1.7 Requirements for use.............................................................................................................. 17 1.7.1 CPUs ....................................................................................................................................... 17 1.7.2 Configuration ........................................................................................................................... 19 1.7.3 Programming .......................................................................................................................... 20 1.7.4 Web browser for access using HTTPS ................................................................................... 21

1.8 Configuration examples .......................................................................................................... 21

2 LEDs and connectors ............................................................................................................................ 25

2.1 LEDs ....................................................................................................................................... 25

2.2 Power supply .......................................................................................................................... 28

2.3 Ethernet interface X1P1 .......................................................................................................... 28

3 Installation, connecting up, commissioning ............................................................................................ 29

3.1 Important notes on using the device ....................................................................................... 29 3.1.1 Safety requirements for installation ........................................................................................ 29 3.1.2 Notes on use in hazardous areas ........................................................................................... 29 3.1.3 Notes on use in hazardous areas according to ATEX / IECEx .............................................. 31 3.1.4 Notes on use in hazardous areas according to UL HazLoc ................................................... 31 3.1.5 Notices on use in hazardous areas according to FM ............................................................. 32

3.2 Installing and connecting up the CP ....................................................................................... 32

3.3 Commissioning the CP ........................................................................................................... 33

4 Configuration and operation .................................................................................................................. 35

4.1 Controlling the mode ............................................................................................................... 35

4.2 Security recommendations ..................................................................................................... 35

4.3 Overview of the configuration ................................................................................................. 39

4.4 Access to process data of the CPU ........................................................................................ 39

4.5 Data types ............................................................................................................................... 40

Table of contents


4.6 Interface configuration ........................................................................................................... 43 4.6.1 Network settings..................................................................................................................... 43 4.6.2 Restart after detection of a duplicate IP address in the network ........................................... 44

4.7 Configuration of the CP in STEP 7 V5 ................................................................................... 45 4.7.1 "Addresses" tab ...................................................................................................................... 45 4.7.2 "SNMP" Tab ........................................................................................................................... 45 4.7.3 "Security" Tab ........................................................................................................................ 47 4.7.4 "Diagnostics" Tab ................................................................................................................... 48 4.7.5 "Web" Tab .............................................................................................................................. 49 4.7.6 "Time-of-day synchronization" tab ......................................................................................... 50 4.7.7 "Options" tab: Effects of protection levels .............................................................................. 52 4.7.8 "OPC UA" tab ......................................................................................................................... 53 4.7.9 Configuration in the SCT ........................................................................................................ 55 4.7.10 Handling certificates ............................................................................................................... 59

4.8 Configuration of the CP in STEP 7 Professional ................................................................... 60 4.8.1 "Options " parameter group ................................................................................................... 60 4.8.2 "Ethernet interface“ parameter group .................................................................................... 61 4.8.3 "OPC UA" parameter group ................................................................................................... 62 4.8.4 Parameter group "SNMP" ...................................................................................................... 62 4.8.5 "I/O addresses" parameter group .......................................................................................... 63 4.8.6 Security“ parameter group ..................................................................................................... 63 4.8.7 Security > "Time-of-day synchronization" .............................................................................. 64 4.8.8 Security > "SNMP" ................................................................................................................. 65 4.8.9 Security > "Web server" ......................................................................................................... 66 4.8.10 Security > "OPC UA" .............................................................................................................. 67 4.8.11 Security > "S7 communication" .............................................................................................. 72 4.8.12 Security > "Certificate manager" ............................................................................................ 73 4.8.13 Handling certificates ............................................................................................................... 73

4.9 Properties of the OPC UA server ........................................................................................... 76

5 Programming the OPC UA client blocks ................................................................................................ 79

5.1 Program blocks for the OPC UA client .................................................................................. 79

5.2 Time monitoring of the blocks ................................................................................................ 82

5.3 FB230 UA_Connect ............................................................................................................... 83 5.3.1 Function and call interface - UA_Connect ............................................................................. 83 5.3.2 Parameter - UA_Connect ....................................................................................................... 84 5.3.3 UDT751 UASessionConnectInfo ........................................................................................... 85 5.3.4 UDT752 UAUserIdentityToken .............................................................................................. 87

5.4 FB231 UA_NamespaceGetIndex ........................................................................................... 87 5.4.1 Function and call interface - UA_NamespaceGetIndex ......................................................... 87 5.4.2 Parameter - UA_NamespaceGetIndex .................................................................................. 88

5.5 FB232 UA_NodeGetHandleList ............................................................................................. 89 5.5.1 Function and call interface - UA_NodeGetHandleList ........................................................... 89 5.5.2 Parameter - UA_NodeGetHandleList ..................................................................................... 90 5.5.3 UDT753 UANodeID ............................................................................................................... 92

5.6 FB233 UA_NodeReleaseHandleList ...................................................................................... 92 5.6.1 Function and call interface - UA_NodeReleaseHandleList .................................................... 92 5.6.2 Parameter - UA_NodeReleaseHandleList ............................................................................. 93

Table of contents


5.7 FB234 UA_Disconnect ............................................................................................................ 94 5.7.1 Function and call interface - UA_Disconnect .......................................................................... 94 5.7.2 Parameter - UA_Disconnect ................................................................................................... 95

5.8 FB235 UA_ReadList ............................................................................................................... 95 5.8.1 Function and call interface - UA_ReadList.............................................................................. 95 5.8.2 Parameter - UA_ReadList ....................................................................................................... 96 5.8.3 UDT754 UANodeAdditionalInfo .............................................................................................. 98 5.8.4 UDT755 UAIndexRange ......................................................................................................... 98 5.8.5 UDT757 UAAnyPointer ........................................................................................................... 99 5.8.6 UDT756 UATimeStamp ........................................................................................................ 101

5.9 FB236 UA_WriteList .............................................................................................................. 101 5.9.1 Function and call interface - UA_WriteList ............................................................................ 101 5.9.2 Parameter - UA_WriteList ..................................................................................................... 102 5.9.3 UDT754 UANodeAdditionalInfo ............................................................................................ 104 5.9.4 UDT755 UAIndexRange ....................................................................................................... 104 5.9.5 UDT757 UAAnyPointer ......................................................................................................... 105

5.10 Error numbers ....................................................................................................................... 107

6 Diagnostics and maintenance ............................................................................................................. 119

6.1 Diagnostics options ............................................................................................................... 119

6.2 SNMP .................................................................................................................................... 120

6.3 Upload from device (to PG / ES) .......................................................................................... 122

6.4 Loading new firmware ........................................................................................................... 122

6.5 Memory reset / reset to factory defaults ............................................................................... 124

6.6 Replacing a module without a programming device ............................................................. 125

7 Technical specifications ...................................................................................................................... 127

7.1 Technical specifications of the CP ........................................................................................ 127

7.2 Pinout of the Ethernet interface ............................................................................................ 128

A Approvals ............................................................................................................................................ 129

B Documentation references .................................................................................................................. 133

Index................................................................................................................................................... 135

Table of contents



Application and functions 1 1.1 Application

Application The CP is intended for operation in a SIMATIC S7-400 automation system.

Via its Ethernet interface (1 x RJ45) the CP allows the S7-400 to function as an OPC UA client and an OPC UA server.

1.2 Communication services The CP supports the following communication services:

OPC UA The CP supports OPC UA according to the specification 1.02 and uses the binary protocol (UA Binary).

The CP can adopt the role of an OPC UA server and an OPC UA client.

● OPC UA server

– Synchronous reading and writing of data

– Asynchronous reading and writing of data

– Makes data available using OPC UA Data Access

– Monitoring variables (MonitoredItems) with the aid of Subscriptions

– Up to 10 sessions with OPC UA clients at the same time

– Hierarchical address browsing

The server function can be enabled or disabled in the configuration.

● OPC UA client

– Asynchronous reading and writing of data

– Setup of up to 5 sessions with OPC UA servers at the same time.

– The connection establishment with the OPC UA servers and the data transfer is implemented using program blocks.

See section Programming the OPC UA client blocks (Page 79) for information on this.

The client function can be enabled or disabled in the configuration.

You will find the detailed configuration limits for the server and client function in the section Configuration limits - communication (Page 16).

Application and functions 1.3 Security functions


For information on configuring the server and client function refer to the section Configuration of the CP in STEP 7 V5 (Page 45).

The CP supports the following specifications:

● IEC/TR 62541-1 (08-2012) OPC Unified Architecture - Part 1: Overview and Concepts

● IEC/TR 62541-2 (02-2009) OPC Unified Architecture - Part 2: Security Model

● IEC 62541-3 (08-2012) OPC Unified Architecture - Part 3: Address Space Model

● IEC 62541-4 (08-2012) OPC Unified Architecture - Part 4: Services

● IEC 62541-5 (08-2012) OPC Unified Architecture - Part 5: Information Model

● IEC 62541-6 (08-2012) OPC Unified Architecture - Part 6: Mappings

● IEC 62541-7 (09-2010) OPC Unified Architecture - Part 7: Profiles

● IEC 62541-8 (08-2012) OPC Unified Architecture - Part 8: Data Access

● PLCopen and OPC Foundation, OPC-UA Client Function Blocks for IEC 61131-3, Release 1.0 (04-2014)

PG/OP communication PG/OP communication (HMI connections) is released for the configuration of the CP.

As protection against unauthorized access, this type of communication can be blocked in the configuration.

S7 routing S7 routing is supported by the CP.

1.3 Security functions

Security As an option you can enable Security functions for the CP.

The Security functions listed below are integrated in STEP 7 Professional and are available when using STEP 7 V5 with the Security Configuration Tool (SCT). The SCT is called up in the STEP 7 configuration.

● NTP (secure)

For secure transfer during time-of-day synchronization

● SNMPv3

For secure transmission of network analysis information safe from eavesdropping

Application and functions 1.3 Security functions


● Authentication using certificates

Authentication of the CP with OPC UA communications partners using certificates.

The check of the certificates of the communications partner that are exchanged during authentication can be set to different levels separately for the server and client function.

The CP supports the security profiles of the specification part 2, 4, 6, 7 und 12 of the OPC Foundation.

● Encryption and signing

The encryption of the OPC UA data can be configured for the following security profiles of the OPC UA specification:

– No security profile

– Basic128Rsa15

– Basic256

– Basic256Sha256

For the server the optional security procedures "Sign". "Encrypt" and "Sign and Encrypt" are available.

● Write protection

You can block write access to the data area of the CPU.

● Protection of the access to diagnostics data of the CP and blocking of S7 communication via the CP

You can block S7 connections via the CP and LAN access to the pages of the special diagnostics on the CP.

● Logging

To allow monitoring, events can be stored in log files that can be read out using the configuration tool or can be sent automatically to a Syslog server.

● User management

In user management you assign individual users a role. The individual roles provide specific rights for various services.

For further information, refer to section Security recommendations (Page 35).

You will find a description of the functions in the following sections:

● STEP 7 V5: Configuration in the SCT (Page 55)

● STEP 7 Professional: Security“ parameter group (Page 63)

Application and functions 1.4 Other services and properties


1.4 Other services and properties

Other services and properties ● IP configuration

The essential features of IP configuration for the CP:

– The CP supports IP addresses according to IPv4.

– Address assignment:

The IP address, the subnet mask and the address of the default router can be set in the configuration.

– DHCP: As an alternative, the IP address can be obtained from a DHCP server.

– DCP (Discovery and Configuration Protocol) is supported.

● Time-of-day synchronization over Industrial Ethernet

Time-of-day synchronization can be configured according to the following NTP method (Network Time Protocol):

– NTP

– NTP (secure)

If time-of-day synchronization via NTP is disabled. the CP can adopt the time from the station in SIMATIC mode.

For more information, refer to the section "Time-of-day synchronization" tab (Page 50).

● Diagnostics

With the following means and methods, you can obtain the diagnostics data of the CP or station:

– LEDs

– Web diagnostics ( only with HTTPS)

– STEP 7 (NCM S7 diagnostics / special diagnostics)

– SNMPv1 / SNMPv3

For SNMP see section SNMP (Page 120).

You will find more information on diagnostics in the section Diagnostics options (Page 119).

1.5 Operating the CP in an H system

Restrictions when operating CP in the H system The CP 443-1 OPC UA can be operated in the H system.

Application and functions 1.6 Performance data


Note the following restrictions:

● The CP does not support H communication.

● The CP does not support redundancy mechanisms.

Operating the CP in an H system Each of the two redundant H CPUs has a CP plugged in which is assigned in each case to one of the two CPUs in the configuration ("General" tab).

Below the cases will be examined where the two CPs function as OPC UA server or as OPC UA client in the H station.

CPs as servers in an H station

Each CP as OPC UA server only allows a client access to the data of its assigned CPU.

So that the client can handle the failure of one of the two H CPUs, the client must access the data of both CPs of the station (OPC UA server). A comparison of the redundant process data by the client must be made by the client application.

CPs as clients in an H station

Both CPs as OPC UA clients access the data of a server.

Which data read from the currently active H CPU (redundancy master) is used must be implemented within the S7 user program via the UDT "UASessionConnectInfo".

1.6 Performance data

1.6.1 Configuration limits - hardware

Equipment of the S7 stations

Number of CPs per station

In each S7-400 station, up to 14 CPs can be plugged in and configured, of which a maximum of one CP 443-1 OPC UA.

Number of supported CPUs per rack

Depending on the system setup, several CPUs can be plugged in in the rack.

For OPC UA communication the CP 443-1 OPC UA can, however, only access the data areas of a single CPU. You assign the CPU to the CP in the configuration, see section "Addresses" tab (Page 45).

Application and functions 1.6 Performance data


1.6.2 Configuration limits - communication

OPC functions - OPC UA server In server mode the CP supports the following configuration limits:

● Number of connections to OPC UA clients

Maximum of 10 connections to OPC UA clients

● Number of items in the CPU data area

For the variables in the data area of the CPU to be written or read as items, the following maximum values apply:

– Maximum number: 64000 Items (symbols / variables)

– Maximum memory requirements 64000 bytes

The maximum memory area is divided among the variables used for OPC UA. As a consequence the following maximum configuration limits apply to the different data types of the variables:

– 64000 variables of the data type BOOL

or

– 64000 variables of the data type BYTE

or

– 32000 variables of the data type WORD

or

– 16000 variables of the data type DWORD

or a combination of the maximum values listed, for example:

– 32000 variables of the data type BYTE + 8000 variables of the data type WORD + 4000 variables of the data type DWORD

● Number of supported subscriptions

– Maximum of 5 subscriptions per session

– In total maximum of 50 subscriptions at the same time

● Number of items per subscription

– Maximum of 900 items per subscription

– Maximum of 45000 items over all subscriptions

● Memory depth for MonitoredItems

Queue size 2

Application and functions 1.7 Requirements for use


OPC functions - OPC UA client In client mode the CP supports the following configuration limits:

● Number of sessions with OPC UA servers

Up to 5 sessions with OPC UA servers at the same time

Per server one or more sessions can be set up at the same time.

● Number of items/node handles

In client mode the CP supports the following number of items:

In total max. 10000, of which:

– Read access: Maximum 10000

– Write access: Maximum 10000

The number of items to be read and written is divided up among the connected servers.

Further connection resources ● TCP connections for HTTPS

For HTTPS access, up to 30 TCP connection resources are available.

When necessary, these TCP connections are used by one or more Web browsers to display data of the CP.

● PG/OP connections

– 2 connection resources for PG connections

– 10 connection resources for OP connections

1.7 Requirements for use

1.7.1 CPUs

Required S7-400 CPUs and firmware versions The CP 443-1 OPC UA is released for operation with the following CPUs:

● Standard CPUs with PROFIBUS interface

CPU 400 as of firmware version V5.3

CPUs with a firmware version <V5.3 must be upgraded.

● Standard CPUs with PROFINET interface

CPU 400 as of firmware version V6.0 / V7.0



● Fault tolerant CPUs

CPU 400H as of firmware version V6.0.5

H-CPUs with a firmware version <V6.0.5 must be upgraded where possible.

● SIMATIC PCS 7 CPUs

SIMATIC PCS 7 CPU 410-5H as of firmware version V8.1

CPUs with a firmware version <V8.1 must be upgraded where possible.

Table 1- 1 Compatible CPUs

CPU Article number As of firmware version Standard CPUs CPU 412-1 6ES7412-1XJ05-0AB0 V5.3 CPU 412-2 6ES7412-2XJ05-0AB0 V5.3 CPU 414-2 6ES7414-2XK05-0AB0 V5.3 CPU 412-2 PN 6ES7412-2EK06-0AB0

6AG1412-2EK06-2AB0 V6.0

CPU 412-2 PN 6ES7412-2EK07-0AB0 V7.0 CPU 414-3 6ES7414-3XM05-0AB0 V5.3 CPU 414-3 PN/DP 6ES7414-3EM05-0AB0 V5.3 CPU 414-3 PN/DP 6ES7414-3EM06-0AB0

6AG1414-3EM06-7AB0 V6.0

CPU 414-3 PN/DP 6ES7414-3EM07-0AB0 V7.0 CPU 414F-3 PN/DP *) 6ES7414-3FM06-0AB0 V6.0 CPU 414F-3 PN/DP *) 6ES7414-3FM07-0AB0 V7.0 CPU 416-2 6ES7416-2XN05-0AB0 V5.3 CPU 416F-2 *) 6ES7416-2FN05-0AB0 V5.3 CPU 416-3 6ES7416-3XR05-0AB0 V5.3 CPU 416-3 PN/DP 6ES7416-3ES06-0AB0

6AG1416-3ES06-7AB0 V6.0

CPU 416F-3 PN/DP *) 6ES7416-3FS06-0AB0 V6.0 CPU 416-3 PN/DP 6ES7416-3ES07-0AB0 V7.0 CPU 416F-3 PN/DP *) 6ES7416-3FS07-0AB0 V7.0 CPU 417-4 6ES7417-4XT05-0AB0

6AG1417-4XT05-4AB0 V5.3

CPU 417-4 6ES7417-4XT07-0AB0 V7.0 H CPUs CPU 412-5H **) 6ES7412-5HK06-0AB0

6AG1412-5HK06-7AB0 V6.0.5

CPU 414-5H **) 6ES7414-5HM06-0AB0 6AG1414-5HM06-7AB0

V6.0.5

CPU 416-5H **) 6ES7416-5HS06-0AB0 6AG1416-5HS06-7AB0

V6.0.5



CPU Article number As of firmware version CPU 417-5H **) 6ES7417-5HT06-0AB0

6AG1417-5HT06-7AB0 V6.0.5

PCS 7 CPUs ***) PCS7 CPU 410 Single 6ES7654-5C...-.... V8.1 PCS7 CPU 410 Single 6ES7654-6C...-.... V8.1 PCS7 CPU 410 Redundancy 6ES7656-5C...-.... V8.1 PCS7 CPU 410 Redundancy 6ES7656-6C...-.... V8.1 *) Fail-safe communication is not supported by the CP.

**) H communication is not supported by the CP. ***) In PCS 7 the CP is only released as an OPC client.

1.7.2 Configuration

STEP 7 configuration software To configure the CP, you require one of following configuration tools (alternatives).

● STEP 7 V5.5 + Service Pack 4 + ≥ HF10 + HSP 1104

● STEP 7 Professional V14 + Update 2

For information on the OPC UA client function of the CP, see section Programming (Page 20)

Security Configuration Tool (SCT) If you use the security functions for the OPC UA server or client, you require the Security Configuration Tool (SCT) in STEP 7 V5. For the version, see below.

SCT is called in the configuration directly from within STEP 7 V5.

Finding the components to be installed for the CP You can find the components on the Siemens Industry Online Support website at the following addresses:

● Service Pack 4 for STEP 7 V5.5


● Hotfix 10 for STEP 7 V5.5 SP 4


Hot fixes > HF10 can be used where available.

● HSP 1104 for STEP 7 V5.5 + SP 4 + HF10







● Update 2 for STEP 7 Professional V14

Link: (https://support.industry.siemens.com/cs/ww/en/ps/14673/dl)

● SCT V4.2


You can find the the current version and additional information on the Siemens Industry Online Support website at the following address:

Link: (https://support.industry.siemens.com/cs/ww/en/ps/15326)

Installation of the HSP In STEP 7 V5 Install the HSP in STEP 7 / HW Config with the "Options" > "Install Hardware Updates" menu command.

You will find further information in the STEP 7 online help (under "HSP" or "Hardware update"). After installing the HSP, close STEP 7. After restarting STEP 7, the CP is in the catalog of HW Config.

1.7.3 Programming

Program blocks For the OPC UA client function there are program blocks available as the interface in your STEP 7 user program. For this you require:

● In STEP 7 V5

Update the block library "SIMATIC_NET_CP"


Note Using current block versions

We recommend that you always use the latest block versions for all module types. You will find information on the current block versions and the current blocks for downloading on the Internet at the following address:

Link: (https://support.industry.siemens.com/cs/ww/en/ps/21862/dl)

● In STEP 7 Professional

Program blocks (instructions) in the folder "Communication > OPC UA"

To display the block directories open the program editor of STEP 7 for example by double-clicking on OB1 of the S7-400 CPU.

For programming, see section Programming the OPC UA client blocks (Page 79).

https://support.industry.siemens.com/cs/ww/en/ps/14673/dl


https://support.industry.siemens.com/cs/ww/en/ps/15326


https://support.industry.siemens.com/cs/ww/en/ps/21862/dl

Application and functions 1.8 Configuration examples


Configuration tool for programming You program the user program of the CPU and the program blocks for the OPC UA client function in STEP 7. Refer to the information on the required STEP 7 version in the section Configuration (Page 19).

1.7.4 Web browser for access using HTTPS For access to the HTML pages on the CP via HTTPS (not HTTP) you require one of the following Web browsers, at least in the specified version:

● Microsoft Internet Explorer Version 10

● Mozilla Firefox Version 38.0.2

● Google Chrome Version 43

1.8 Configuration examples Below you will find examples of possible configurations of an S7-400 with CP 443-1 OPC UA.

The communications partner of the CP must always support OPC UA functions that are compatible with those of the CP 443-1 OPC UA.



Logging process data as OPC UA server In this configuration as the OPC UA server, the CP makes manufacturing or process data from S7 stations available to a higher-level system.

Higher level systems can, for example, be PC stations with an OPC UA application, database systems or HMI systems from third-party manufacturers. They must support the OPC UA client service "Read".

Figure 1-1 CP 443-1 OPC UA as OPC UA server



Forwarding of data from the manufacturing planning as OPC UA server and client In this configuration as the OPC UA server, the CP adopts setting data for manufacturing from a higher-level production control system. When necessary the manufacturing data can be preprocessed on the CPU.

As the OPC UA client, the CP then distributes the manufacturing data using the "Write" service. The production systems can be S7-400 stations or programmable controllers from third-party manufacturers.

Figure 1-2 CP 443-1 OPC UA as OPC UA server and client



Horizontal data exchange as OPC UA client and server In this configuration as OPC UA server and client, the CP exchanges data with other process stations or PC stations. The process stations can also be programmable controllers from third-party manufacturers that support the required OPC UA functions.

Figure 1-3 CP 443-1 OPC UA as OPC UA client and server

The CP in H systems The CP 443-1 OPC UA can be operated in H systems. Note the special features and restrictions in section Operating the CP in an H system (Page 14).


LEDs and connectors 2 2.1 LEDs

LEDs The display on the front panel consists of the following LEDs that indicate the operating mode and communications status.

Figure 2-1 LEDs of the CP

The LEDs have the following meaning: LED name Meaning INTF Internal error EXTF External error BUSF Bus fault TXD Frame traffic (sending) over Ethernet RXD Frame traffic (receiving) over Ethernet SERVER OPC UA server CLIENT OPC UA client RUN RUN mode STOP STOP mode X1P1 Connection status of Ethernet port 1

Table 2- 1 Legend for the following tables

Symbol

-

Meaning ON OFF Flashing any

LEDs and connectors 2.1 LEDs


Table 2- 2 Operating statuses, errors/faults, OPC configuration, firmware update

INTF (red)

EXTF (red)

BUSF (red)

SERVER (green)

CLIENT (green)

RUN (green

)

STOP (yel-low)

Meaning

Operating status

Loading the firmware after power ON

- -

Starting up (STOP->RUN)

- -

Running (RUN)

- -

Stopping (RUN->STOP)

- -

Stopped (STOP) In STOP mode, configuring and performing diagnostics on the CP remain possible.

Error/fault states

- -

STOP with internal error or memory reset. (for example IP duplicate addressing detected during startup of the CP in network) If the CP has a valid IP address, the following applies in this status: • The CPU or intelligent modules in the rack remain

accessible using PG functions (over MPI or the ISO protocol).

• Access using SNMP or HTTPS is not possible.

-

- - - - Duplicate IP address detected during CP operation.

- - -

RUN with external error. One or more partner devices are not obtainable.

- -

• A duplicate IP address was detected after the CP was

in the RUN status.

or • Difference in the transmission medium or the network

settings between the configuration and the actual sys-tem

Module fault / system error

OPC UA configuration - - -

- - - OPC server enabled in the configuration

- - -

- - - OPC server disabled in the configuration

- - - -

- - OPC client enabled in the configuration

- - - -

- - OPC client disabled in the configuration

LEDs and connectors 2.2 Power supply


INTF (red)

EXTF (red)

BUSF (red)

SERVER (green)

CLIENT (green)

RUN (green

)

STOP (yel-low)

Meaning

Firmware update

Firmware activation during startup:

- -

Loading using the Firmware Loader is active. Note: Does not apply to loading via the update center in Web diagnostics.

- -

The firmware download was aborted. (STOP LED and RUN LED flash alternately)

Communication status of the CP (TXD, RXD, X1P1) LED Display Meaning TXD (green)

CP sending over Ethernet.

RXD (green)

CP is receiving over Ethernet.

X1P1 (green / yellow)

Port has no connection over Ethernet.

Existing connection of the port to Ethernet

LED flashes yellow (constant light green): Port is sending / receiving.

Permanent data traffic at the port

Module identification with flashing LED With the help of Web diagnostics or the online functions of STEP 7, you can search for and identify the module in the rack. The options for this are as follows:

● In Web diagnostics

You click the "Flash" button in the update center.

● In STEP 7

You click the "Flash" button in the "Browse network" dialog

When the "Identify" or "Flash" button is clicked, the port LED X1P1 flashes briefly.

LEDs and connectors 2.2 Power supply


2.2 Power supply

Power supply The CM is supplied with power from the backplane bus. It does not require a separate power supply.

2.3 Ethernet interface X1P1

Ethernet interface The CP has an Ethernet interface (RJ-45 jack) complying with the gigabit standard IEEE 802.3ab. This supports autocrossing, autonegotiation and autosensing.

For special situations, each port can be set to a fixed mode manually using STEP 7, for example 10 or 100 Mbps half duplex / full duplex.

The pin assignment and other data relating to the Ethernet interface can be found in the section Technical specifications (Page 127).


Installation, connecting up, commissioning 3 3.1 Important notes on using the device

Safety notices on the use of the device Note the following safety notices when setting up and operating the device and during all associated work such as installation, connecting up or replacing the device.

3.1.1 Safety requirements for installation

WARNING

Safety requirements for installation

The devices are "open equipment" according to the standard IEC 61010-2-201or UL 508 / CSA C22.2 No. 142. To fulfill requirements for safe operation with regard to mechanical stability, flame retardation, stability, and protection against contact, the following alternative types of installation are specified: • Installation in a suitable cabinet. • Installation in a suitable enclosure. • Installation in a suitably equipped, enclosed control room.

3.1.2 Notes on use in hazardous areas

WARNING

Safety requirements for installation

The devices are "open equipment" according to the standard IEC 61010-2-201. To fulfill requirements for safe operation with regard to mechanical stability, flame retardation, stability, and shock-hazard protection, the following alternative types of installation are specified: • Installation in a suitable cabinet. • Installation in a suitable enclosure. • Installation in a suitably equipped, enclosed control room.

Installation, connecting up, commissioning 3.1 Important notes on using the device


WARNING

The device may only be operated in an environment with pollution degree 1 or 2 (see IEC 60664-1).

WARNING

EXPLOSION HAZARD

The device must not be opened.

WARNING

Power supply

The equipment is designed for operation with Safety Extra-Low Voltage (SELV) by a Limited Power Source (LPS).

This means that only SELV / LPS complying with IEC 60950-1 / EN 60950-1 / VDE 0805-1 must be connected to the power supply terminals. The power supply unit for the equipment power supply must comply with NEC Class 2, as described by the National Electrical Code (r) (ANSI / NFPA 70).

WARNING

EXPLOSION HAZARD

DO NOT CONNECT OR DISCONNECT EQUIPMENT WHEN A FLAMMABLE OR COMBUSTIBLE ATMOSPHERE IS PRESENT.

WARNING

EXPLOSION HAZARD

SUBSTITUTION OF COMPONENTS MAY IMPAIR SUITABILITY FOR CLASS I, DIVISION 2 OR ZONE 2.

WARNING

When used in hazardous environments corresponding to Class I, Division 2 or Class I, Zone 2, the device must be installed in a cabinet or a suitable enclosure.

Installation, connecting up, commissioning 3.1 Important notes on using the device


3.1.3 Notes on use in hazardous areas according to ATEX / IECEx

WARNING

Requirements for the cabinet

To comply with EC Directive 94/9 (ATEX95) or the conditions of IECEx, this enclosure or cabinet must meet the requirements of at least IP54 in compliance with EN 60529.

WARNING

If the cable or conduit entry point exceeds 70 °C or the branching point of conductors exceeds 80 °C, special precautions must be taken. If the equipment is operated in an air ambient in excess of 50 °C, only use cables with admitted maximum operating temperature of at least 80 °C.

WARNING

Take measures to prevent transient voltage surges of more than 40% of the rated voltage. This is the case if you only operate devices with SELV (safety extra-low voltage).

3.1.4 Notes on use in hazardous areas according to UL HazLoc

WARNING

EXPLOSION HAZARD

DO NOT DISCONNECT WHILE CIRCUIT IS LIVE UNLESS AREA IS KNOWN TO BE NON-HAZARDOUS.

This equipment is suitable for use in Class I, Division 2, Groups A, B, C and D or non-hazardous locations only.

This equipment is suitable for use in Class I, Zone 2, Group IIC or non-hazardous locations only.

Installation, connecting up, commissioning 3.2 Installing and connecting up the CP


3.1.5 Notices on use in hazardous areas according to FM

WARNING

EXPLOSION HAZARD

You may only connect or disconnect cables carrying electricity when the power supply is switched off or when the device is in an area without inflammable gas concentrations.

This equipment is suitable for use in Class I, Division 2, Groups A, B, C and D or non-hazardous locations only.

This equipment is suitable for use in Class I, Zone 2, Group IIC or non-hazardous locations only.

WARNING

EXPLOSION HAZARD

The equipment is intended to be installed within an ultimate enclosure. The inner service temperature of the enclosure corresponds to the ambient temperature of the module. Use installation wiring connections with admitted maximum operating temperature of at least 30 ºC higher than maximum ambient temperature.

3.2 Installing and connecting up the CP

Rack / slots The CP can be plugged into all racks with slots for P and K bus attachment.

With the exception of the slots reserved for the power supply, the CP can be operated in all slots with a P and K bus attachment.

When using the universal rack UR1 or UR2 as an expansion rack, a communication bus coupling is necessary!

Installing and connecting up the CP Follow these steps:

Note Note the installation guidelines

When installing and connecting up the CP note the instructions in the manual /3/ (Page 134).

1. Turn off the power supply to the station.

2. Fit in the CP onto the rack from the top and push in at the bottom.

Installation, connecting up, commissioning 3.3 Commissioning the CP


3. Secure the CP with screws.

4. Turn on the power supply.

5. Connect the CP to Industrial Ethernet via the RJ-45 jack.

For operation on the Ethernet network, not section Network settings (Page 43).

Result: The CP is installed in the rack and the interface has been networked.

3.3 Commissioning the CP

Commissioning the CP

Requirements

Requirements for the full commissioning of the CP are as follows:

● Configuration

You have configured the CP in a STEP 7 project for the properties and services you want to use.

See section Configuration and operation (Page 35) for information on this.

● Programming

If you want to use the OPC client function of the CP, you need to have created and programmed the program blocks required for this on the CPU.

See section Programming the OPC UA client blocks (Page 79) for information on this.

Commissioning

Commissioning involves the following:

● The initial addressing of the CP via LAN (node initialization)

● Downloading configuration data via LAN

Use the diagnostic functions of the CP during commissioning and to analyze problems, see section Diagnostics options (Page 119).

Initial addressing and downloading To download, follow the steps outlined below:

Connect the CP to the PG for initial addressing and for downloading via the LAN.

The PG / PC requires a LAN attachment, for example via a CP 1613 or CP 1411 and must have the necessary software (for example the S7-1613 package or SOFTNET IE). The TCP/IP protocol must be installed. The protocol used must then be applied to the S7ONLINE access point.

You will find further details in the manual /2/ (Page 133).

If you assign the IP address to the CP via DHCP, note the information in the section "Options" tab: Effects of protection levels (Page 52).

Installation, connecting up, commissioning 3.3 Commissioning the CP



Configuration and operation 4 4.1 Controlling the mode

Changing the mode You can change the mode of the CP between RUN and STOP using STEP 7 or using STEP 7 special diagnostics.

STOP → RUN

During startup, the CP adopts configured and/or downloaded data in the work memory and then changes to RUN mode.

RUN → STOP

The CP changes to STOP (transitional phase with LED display "Stopping").

The reaction is as follows in STOP:

● Established connections (OPC UA) are terminated

● The following the functions are disabled:

– Time-of-day synchronization

● The following functions remain enabled:

– The configuration and diagnostics of the CP (system connections for configuration, diagnostics, and PG channel routing are retained);

– Web diagnostics

4.2 Security recommendations Keep to the following security recommendations to prevent unauthorized access to the system.

General ● You should make regular checks to make sure that the device meets these

recommendations and other internal security guidelines if applicable.

● Evaluate your plant as a whole in terms of security. Use a cell protection concept with suitable products.

● Do not connect the device directly to the Internet. Operate the device within a protected network area.

Configuration and operation 4.2 Security recommendations


● Keep the firmware up to date. Check regularly for security updates of the firmware and use them.

● Check regularly for new features on the Siemens Internet pages.

– Here you will find information on network security:

Link: (http://www.siemens.com/industrialsecurity)

– Here you will find information on Industrial Ethernet security:

Link: (http://w3.siemens.com/mcms/industrial-communication/en/ie/industrial-ethernet-security/Seiten/industrial-security.aspx)

– You will find an introduction to the topic of industrial security in the following publication:

Link: (http://w3app.siemens.com/mcms/infocenter/dokumentencenter/sc/ic/InfocenterLanguagePacks/Netzwerksicherheit/6ZB5530-1AP02-0BA4_BR_Network_Security_en_112015.pdf)

Physical access Restrict physical access to the device to qualified personnel.

Network attachment Do not connect the PC directly to the Internet. If a connection from the CP to the Internet is required, arrange for suitable protection before the CP, for example a SCALANCE S with firewall.

Security functions of the product Use the options for security settings in the configuration of the product. These includes among others:

● Protection levels

– Configure a protection level of the CPU.

– Configure the protection level "Status-dependent".

● Security function of the communication

– Enable the Security functions of the CP (HW Config).

– Enable secure OPC UA communication via a Security profile (SCT).

– Disable access to the Web server of the CPU (CPU configuration) and on the CP (SCT).


http://w3.siemens.com/mcms/industrial-communication/en/ie/industrial-ethernet-security/Seiten/industrial-security.aspx

http://w3.siemens.com/mcms/industrial-communication/en/ie/industrial-ethernet-security/Seiten/industrial-security.aspx

http://w3app.siemens.com/mcms/infocenter/dokumentencenter/sc/ic/InfocenterLanguagePacks/Netzwerksicherheit/6ZB5530-1AP02-0BA4_BR_Network_Security_en_112015.pdf





● Protection of the passwords of the OPC UA client program blocks

Protect the passwords stored in data blocks for the client blocks from being viewed. The procedure is described below.

● Logging function

Enable the function in the Security configuration and check the logged events regularly for unauthorized access.

Know-how protection of blocks (STEP 7 V5)

You can prevent the contents of data blocks (e.g. passwords) being read out by protecting the block with the "KNOW_HOW_PROTECT" option. Follow the steps outlined below in STEP 7:

1. Select the DB in the block folder.

2. Open the block in the editor.

3. Close the block in the editor.

4. Generate a source from the block in the editor.

5. Select the source of the DB in the sources folder.

6. Open the source.

7. Insert an empty line in the header of the source and write "KNOW_HOW_PROTECT" in this line.

8. Compile the source.

Result: The block is protected. You can recognize this by the padlock symbol in the block folder.

If you want to change parameters, for example a password, in a DB later, remember the following; The contents of a DB with know-how protection are no longer visible and can only be changed via the source or by direct assignment of parameters.

Know-how protection of blocks (STEP 7 Professional)

You will find information on the procedure in the STEP 7 information system under the keyword "Know-how protection".

Passwords ● Define rules for the use of devices and assignment of passwords.

● Regularly update the passwords to increase security.

● Only use passwords with a high password strength. Avoid weak passwords for example "password1", "123456789" or similar.

● Make sure that all passwords are protected and inaccessible to unauthorized personnel.

See also the preceding section for information on this.

● Do not use one password for different users and systems.



Protocols

Secure and non-secure protocols

● Only activate protocols that you require to use the system.

● Use secure protocols when access to the device is not prevented by physical protection measures.

The NTP protocol provides a secure alternative with NTP (secure).

Table: Meaning of the column titles and entries

The following table provides you with an overview of the open ports on this device.

● Protocol / function

Protocols that the device supports.

● Port number (protocol)

Port number assigned to the protocol.

● Default of the port

– Open

The port is open at the start of the configuration.

– Closed

The port is closed at the start of the configuration.

● Port status

– Open

The port is always open and cannot be closed.

– Open according to configuration

The port is open if it has been configured.

– Open (login, when configured)

As default the port is open. After configuring the port, the communications partner needs to log in.

● Authentication

Specifies whether or not the protocol authenticates the communications partner during access.

Protocol / function Port number (pro-

tocol) Default of the port Port status Authentication

DHCP 67 (UDP) Open Open No DCP 93 (UDP) Open Open No DCE 135 (TCP) Open when the

server is enabled. Open after configuration (server) Yes, when security is

enabled. OPC UA server port

4840 (or individual-ly confgured) (TCP)

Open when the server is enabled.

Open after configuration (server) Yes, when security is enabled.

Configuration and operation 4.3 Overview of the configuration


Protocol / function Port number (pro-tocol)

Default of the port Port status Authentication

NTP 123 (TCP) Closed Open after configuration No HTTPS 443 (TCP) Closed Open after configuration Yes SNMP 161 (UDP) Open Open after configuration Yes (with SNMPv3)

4.3 Overview of the configuration

Configuration in STEP 7 You configure the CP in STEP 7 V5 or STEP 7 Professional. You will find the required version in the section Configuration (Page 19).

Overview of configuration of the CP 1. Create a STEP 7 project.

2. Create the required S7-400 stations and networks.

3. Insert the suitable CPUs and the remaining required modules.

4. Insert the CPs in the relevant stations.

5. Configure the CPs.

The online help or the information system of STEP 7 supports you when doing this.

You will find special features of the configuration of the OPC UA functions and further specific properties of the CP described in the following sections.

The OPC UA client communication is handled using program blocks. See section Programming the OPC UA client blocks (Page 79) for information on this.

4.4 Access to process data of the CPU

Process data in the memory areas of the CPU The process data that the CP makes available to the OPC UA services is located in the memory areas of the assigned CPU of the station in question.

The you will find the permitted memory areas of the CPU and the supported data types in the section Data types (Page 40).

Addressing the process values using symbols The process data to be transferred via the OPC UA services, can be addressed as symbols. Process data for the OPC UA services must be created as symbols in the symbol table of the CPU.

Configuration and operation 4.5 Data types


The symbol name is included in the NodeID of an item as part of the identifier, see section Properties of the OPC UA server (Page 76).

Syntax of the symbol names For the names of symbols to be used for OPC UA, the ASCII characters no. 32 .. 126 (0x20 .. 0x7e) are permitted.

ASCII characters are converted to the format UTF-8 in the server application of the CP.

Configuration of PLC tags / symbols for OPC UA applications To be able to use PLC tags / symbols for OPC UA these are indicated as being "visible" (STEP 7 V5) or "can be reached from HMI/OPC UA" (STEP 7 Professional)

Each PLC tag configured with this attribute is included in the maximum supported configuration limits of the CP. Remember this particularly when configuring entire arrays.

4.5 Data types

Data types and memory areas The CP 443-1 OPC UA supports the data types listed below for process data.

The corresponding symbols on the CPU are permitted for the operand areas listed. The memory areas have the following abbreviations. The short forms in brackets are abbreviations depending on the mnemonics set (German/English).

● I = Process input image (E/I)

● Q = Process output image (A/Q)

● PI = I/O area inputs (PE/PI)

● PQ = I/O area outputs (PA/PQ)

● M = Memory bit

● DB = Data block / system data block / instance data block

Note

I/O areas

I/O areas are only supported by the OPC UA server.

I/O areas are supported only when configuring with STEP 7 V5.



Table 4- 1 Data types

Size [bit], type

Area Data type Remark Operand area of the CPU SIMATIC S7 IEC 61131-3 OPC UA

1 0 .. 255 BOOL BOOL Boolean 0 = false 1 .. 255 = true

I, Q, PI, PQ, M, DB

Numbers 8, UInt8 0 .. 255 BYTE BYTE,

USINT Byte I, Q, PI, PQ, M,

DB 8, UInt8 0 .. 255 CHAR CHAR Byte ASCII characters

32 .. 255 I, Q, PI, PQ, M, DB

16, UInt16 0 .. 65535 WORD WORD, UINT

UInt16 I, Q, PI, PQ, M, DB

16, Int16 -32768 .. 32767 INT INT Int16 I, Q, PI, PQ, M, DB

32, UInt32 0 .. 4294967295 DWORD DWORD, UDINT

UInt32 I, Q, PI, PQ, M, DB

32, Int32 2147483648 .. 2147483647

DINT DINT Int32 I, Q, PI, PQ, M, DB

32, Float ±1.175 495e-38 .. 3.402823e+38

REAL REAL Float DB

Time and date 16, UInt16 0 .. 999 S5TIME TIME UInt16 SIMATIC time

For the coding see online help of STEP 7.

DB

16, UInt16 D#1990-1-1 .. D#2168-12-31 (0 .. 65378)

DATE DATE UInt16 IEC date [d] DB

32, UInt32 TOD#0:0:0.0 .. TOD#23:59:59.999 (0 .. 86399999)

TIME_OF_ DAY (TOD)

TIME_OF_ DAY

UInt32 Time of day [ms] DB

32, UInt32 -24D_20H_31M_ 23S_648MS .. T#24D_20H_31M_ 23S_647MS (-2147483648 .. 2147483647)

TIME TIME UInt32 IEC time [ms] DB

Complex data types 64 1990-1-1-0:0:0.0 ..

2089-12-31-23:59:59.999

DATE_AND_ TIME

DT DATE_ AND_TIME

UInt32+ UInt32

Date and time of day For the coding see online help of STEP 7.

DB

254 * 8 STRING * STRING String Max. 254 bytes user data DB ARRAY * Multidimensional field of

elementary or complex data types

DB

UDT * User-defined data type for specific parameter groups

DB

* For the coding see below.



You will find a general description of the coding of the data types in the STEP 7 online help.

Special features of complex data types

With the complex data types used by the OPC UA function of the CP. the special coding rules apply that are described below.

STRING A STRING can contain a maximum of 254 characters.

ASCII characters from the range 32 (0x20) .. 255 (0xFF) are permitted.

Of these, the following characters are not permitted: 127 (0x7F), 129 (0x81), 141 (0x8D), 143 (0x8F), 144 (0x90), 157 (0x9D)

Special features of the OPC UA server

The characters are coded in the format UTF-8 in the OPC UA server of the CP.

Special features of the OPC UA client

With process data with the data type STRING that are referenced by the "UAAnyPointer", the data type "2" (BYTE) is specified.

As the repetition factor in the UAAnyPointer always select the maximum value of 256 (0x100); 254 for the user data + 2 for the header.

ARRAY

Special features of the OPC UA client

The client program blocks support only the transfer of one dimensional arrays from the memory area "DB".

The transfer of the data type "ARRAY of BOOL" is not supported by the client program blocks.

With a ARRAY of STRING, with the limits of the dimension of every string element the maximum length (256) must be specified "n" times, where "n" is the number of strings in the array.

Special features of the OPC UA server

The data type "ARRAY of BOOL" is readable in all cases.

The data type "ARRAY of BOOL" can only be written when the length is a multiple of 8.

UDT You will find the structure of the UDTs required by the program blocks for the OPC UA client function in the description of the relevant block, see for example UDT757 UAAnyPointer (Page 99).

Configuration and operation 4.6 Interface configuration


Parameter types The parameter types "TIMER" and "COUNTER" are only supported for the OPC UA server of the CP.

4.6 Interface configuration

4.6.1 Network settings

Transmission speed If you want to use transmission speed 1 Gbps, leave the interface set to "Automatic setting".

The connection partner must also be configured with "1 Gbps full duplex" or with "Automatic setting". If the connection partner does not support gigabit Ethernet, the data will be transferred at the next lower speed (100 or 10 Mbps).

Automatic setting or individual network settings The port of the CP supports autosensing.

In normal situations, the basic setting ensures troublefree communication. You should only change this in exceptional situations.

If you create a manual configuration for the CP and disable the autonegotiation option, the automatic negotiation of the network settings (autonegotiation) is no longer effective. If, on the other hand, the communications partner works with autonegotiation, it is not certain that communication will be established.

Autocrossing mechanism With the integrated autocrossing mechanism of the interface, it is possible to use a standard cable for the connection between the CP and the PC/PG. A crossover cable is not necessary.

Note Manual configuration

If you have set the port to manual configuration and select the "Disable autonegotiation" option, the autocrossing mechanism is also disabled for the port. For this reason to connect an end device that does not have the autocrossing mechanism do not use a crossover cable.

STEP 7 special diagnostics and Web diagnostics display the network setting Diagnostics of the port settings for the CP described here is possible using the entries in the diagnostics buffer using SNMP, using special diagnostics, and the LED displays.

Configuration and operation 4.6 Interface configuration


You will find information on the currently used network settings here:

● In special diagnostics under the diagnostics object "Industrial Ethernet" in the "Network Connection" group box

● in STEP 7 with the menu command "PLC > Module Information"

● In Web diagnostics

Further notes: ● 10/100 Mbps network components without "autonegotiation"

If you use 10/100 Mbps network components that do not support "Autonegotiation", it is possible that you will have to set the mode manually.

● Fixed mode instead of "Automatic setting"

If for certain applications, you require fixed network settings instead of the automatic setting, you will need to match up the partner devices.

● No reaction to Autonegotiation query with manual configuration

Remember that if you configure the CP manually and the "Autonegotiation" option is disabled, it will not react to an autonegotiation query! As a result, a connected partner may not be able to set the required mode and communication will not be ideal.

● Recommendation: Load individual network settings only using MPI

If you modify the network settings in the properties dialog of the port ("Options" tab) using the "Transmission medium / Duplex" drop-down list, these changes will be adopted by the CP and activated when the configuration data is downloaded to the target system. In some situations, the device may then no longer be obtainable over Ethernet or the running load action is not completed due to configuration changes taking immediate effect and an inconsistent configuration is reported.

If you have set network properties manually we therefore recommend that you download configuration data to the S7 station over an MPI connection.

4.6.2 Restart after detection of a duplicate IP address in the network To save you timeconsuming troubleshooting in the network, the CP detects double addressing in the network.

Behavior during operation (CP in RUN) If the CP detects double addressing on the network (new node with an IP address that has already been assigned), a message is generated in the diagnostics buffer and the bus fault LED lights up.

To acknowledge the bus fault LED in RUN mode, set the CP to STOP and then restart it.

After the device with the duplicate IP address has been removed from the network, the bus fault LED goes off automatically.

Configuration and operation 4.7 Configuration of the CP in STEP 7 V5


Behavior when the CP starts up If duplicate addressing is detected when the CP starts up, the CP remains in STOP. The bus fault LED is lit and a diagnostics buffer entry is generated. The CP only starts up after the duplicate addressing problem has been eliminated.

4.7 Configuration of the CP in STEP 7 V5

4.7.1 "Addresses" tab

Assignment to the CPU If you operate several CPUs in the station in which the CP 443-1 OPC UA is located, you need to assign the CP to a specific CPU.

To do this in the table "CPU assignment" select the CPU that the CP will be assigned to for OPC UA communication.

4.7.2 "SNMP" Tab

SNMP The CP supports the following SNMP versions:

● SNMPv1

Available with security functions disabled.

Note that with this read and write access to the module is possible. In this case, other settings are not possible.

In the presettings, the CP uses the following community strings to authenticate access to its SNMP agent via SNMPv1:

Type of access Community string for authentication *) Read access public Read and write access private *) Note the use of lowercase letters!

Free configuration of the community strings is only possible if the security functions are enabled.

● SNMPv3

Available only when security functions are enabled

The range of functions of the CP can be found in the section SNMP (Page 120).



Configuration Requirement for configuring the parameters described below is the activation of the security functions, see section "Security" Tab (Page 47).

If the security functions are enabled, you have the following selection and setting options.

"Enable SNMP"

If the option is enabled, communication via SNMPv1 is enabled on the device.

If the option is disabled, queries from SNMP clients are not replied to either via SNMPv1 or via SNMPv3.

To be able to make further settings, click the "Run" button under the following entry.

"Start of SNMP configuration"

If you click the "Run" button, the SCT window for SNMP configuration opens.

● "Use SNMPv1"

Enables the use of SNMPv1 for the CP. The following community strings need to be sent along with access to the CP via SNMPv1.

– "Read community string"

The string is required for read access. Leave the preset string or configure a string.

– "Allow write access"

If the option is enabled write access to the CP is released and the corresponding community string can be edited.

– "Writing community string"

The string is required for write access and can also be used for read access. Leave the preset string or configure a string.

● "Use SNMPv3"

Enables the use of SNMPv3 for the CP. The following algorithms need to be configured for encrypted access to the CP via SNMPv3.

– "Authentication algorithm"

Select the authentication method to be used from the drop-down list.

– "Encryption algorithm"

Select the encryption method to be used from the drop-down list.

Note the information on security of the possible algorithms in the online help of the SCT.

"Start of user administration"

If you click the "Run" button the SCT user management opens. There assign the role to the various users.

Below the properties of the roles you can see the rights list of the particular role, for example the various types of access using SNMP. For new roles, you can freely configure individual rights.

You will find information on users, roles and the password policy in the online help of the SCT.



See also Configuration in the SCT (Page 55)

4.7.3 "Security" Tab

Enabling the Security functions In this tab, you can enable the Security functions of the CP.

The enabling of the Security functions releases additional parameters in the following further tabs of the properties dialog.

● SNMP

● Web (The entire tab is blocked if the Security functions are siabled.)

● Time-of-day synchronization

● OPC UA

Requirement for configuring the Security functions The Security Configuration Tool (SCT) is installed. You will find the required version in the section Configuration (Page 19).

"Security configuration"

Enable security

If the option is disabled, the Security parameters in other tabs are disabled. As a result only non secure protocol variants (NTP, SNMPv1, HTTP) are supported.

To be able to make Security settings, select the "Enable security" check box. Result:

● The Security functions in the individual tabs become active.

● The "Edit" > "Security Configuration Tool" menu becomes active.

You configure further Security functions in the SCT.

Note Loss of the Security configuration

If you disable the "Activate security" check box again after saving a Security configuration, this has the following effects: • Alll theSecurity settings you have made are lost and you will need to make them again if

you enable the check box again. • The CP is no longer displayed in the SCT. • The settings for users and time-of-day synchronization that existed prior to enabling

Security are restored.



Start of security configuration

If you click the "Run" button, the SCT opens.

Security settings in SCT

Relevant SCT tab

Make the Security settings of the CP in the SCT in the flowing tabs:


Configuration of the server and parameters for NTP and NTP (secure).

● Log settings

● SNMP

Configuration of the parameters of SNMPv1 or SNMPv3

● OPC UA

Configuration of

– Authentication of the OPC UA server

– Encryption of the data

– Write protection for the data areas of the CPU

● Certificate validation

Settings for checking the certificates

● S7 communication

Settings for protecting access to diagnostics data and the backplane bus

For details, see section Configuration in the SCT (Page 55).

4.7.4 "Diagnostics" Tab From the "Diagnostics" tab, you have the alternative of starting the following for the CP:

● Special diagnostics

● Web diagnostics

You will find more detailed information on the functions in the manual /2/ (Page 133).

Requirement Establish a physical connection between the programming device and the SIMATIC S7 station and set the PG/PC interface so that the CP is accessible. Further help is available in the "Set PG/PC Interface..." function (Start menu > Setting the PG-PC Interface).



"Start of special diagnostics" When you click the "Run" button NCM Diagnostics is started as a separate program.

As an alternative to starting the program from the Properties dialog, open the program with:

Windows Start menu> Program group Siemens Automation > SIMATIC > STEP 7 > NCM S7 > Diagnostics

"Start of Web diagnostics" When you click the "Run" button the result of the module diagnostics is displayed in the Web browser. The content is supplied by the integrated HTTP server of the CP.

● "Access via"

Select the interface via which the CP can be reached. The configured IP address of the CP is shown.

You can also enter an IP address.

Notes on Security configuration

● If the Security functions are disabled, the Web server of the CP is dsiabled.

If the Web server is enabled, the following applies:

● The data is transferred encrypted.

● The "Access to Web diagnostics" right must be activated for the user.

4.7.5 "Web" Tab

Requirement A requirement for the configuration and use of the Web functions of the CP is the activation of the Security functions.

"Activate Web server" The CP provides you with the functionality of a web server for access by means of a web browser. On these HTML pages you will find diagnostics information and service functions.

Enable this option in order to be granted access to these HTML pages. This enables port 443 (HTTPS) of the CP.

You will find more information on Web diagnostics in the manual /2/ (Page 133).



"Options of Web diagnostics" ● "Download firmware via Web"

By enabling the option, the function for downloading the firmware of the CP from the download center is enabled in the Web server.

● "Reload of language files for the diagnostics displays via Web"

Diagnostics displays of the CP are shown in plain language in the Web diagnostics buffer. These displays are language speecific.

Enable the option, to enable the function for reloading missing language files from the download center in the Web server.

"Automatic update" ● "Enable"

If the option is enabled, the CP updates the displayed Web pages regularly.

● "Update interval"

If the option is enabled, enter the interval here at which the CP updates the displayed Web pages.

Range of values: 1..999 s

"Security configuration" ● "Allow access only via HTTPS"

If the option is enabled Web data is only transferred encrypted vai HTTPS. The option is enabled as default and cannot be disabled.

● "Start of user administration"

If you click the "Run" button the SCT user administration opens. In the rights administration, specify which users with which roles have access to the module via HTTPS.


4.7.6 "Time-of-day synchronization" tab

Synchronization method

Note Recommendation for setting the time

If the infrastructure of your project allows, synchronization with a external clock at intervals of approximately 10 seconds is recommended. This achieves as small a deviation as possible between the internal time and the absolute time.



The CP supports the following methods of time-of-day synchronization:

● SIMATIC mode

The SIMATIC mode cannot be configured.

If you leave the time-of-day synchronization via NTP disabled, the SIMATIC mode is enabled automatically on the CP. In this case, the CP can only adopt the time of day from the station.

Note that with the CP as OPC UA server when using the SIMATIC mode the time is not displayed as UTC but as the local time of the station.

● NTP

If the option is enabled and the Security functions disabled, the CP synchronizes its time of day via NTP.

When NTP is enabled, the CP as OPC UA server displays the time of day in the UTC format.

You configure the synchronization method, the local time zone of the station, the synchronization interval and the addresses of the NTP servers.

● NTP (secure)

If the security functions are enabled, the time of day can be synchronized via NTP (secure).

The secure method NTP (secure) uses authentication with symmetrical keys according to the hash algorithms MD5 or SHA-1.

NAT configuration: Unsynchronized NTP server

If the "Accept time of day from non-synchronized NTP servers" option is enabled, the CP also accepts the time from NTP servers that are not synchronized with a stratum 16.

If the option is disabled, the response is as follows:

If the CP receives a time of day frame from an unsynchronized NTP server with stratum 16, the time of day is not set according to the frame. In this case, none of the NTP servers is displayed as "NTP master" in the diagnostics; but rather only as being "reachable".

Setting the SYA bit when synchronizing via NTP

If the time is forwarded to the CPU, with each time frame the CP sets bit 0 of the time status word (SZL-ID 132, index 8). The status bit indicates on the CPU whether the time is synchronized with the external time master.

If you evaluate the time status using SFC 51 "RDSYSST", configure a synchronization cycle shorter than 3 minutes. This avoids the status bit being reset cyclically by the CPU after 3 minutes if NTP servers are unreachable or not synchronized.



"Security configuration" If the security functions are enabled, further settings are possible.

● "Expanded NTP configuration"

Enable this option to be able to configure the security functions for time-of-day synchronization.

● "Run..."

If you click the button, the SCT opens with the dialog box for NTP configuration. In this dialog box, NTP servers already created in STEP 7 are displayed that can also be edited there. You can also create and configure NTP servers of the type NTP (secure).


4.7.7 "Options" tab: Effects of protection levels

Module access protection on the CP With this option, you can protect the CP from accidental or unauthorized access. The following options can be selected in the drop-down list:

● Not locked

● Status-dependent

In this setting read access for diagnostic purposes is possible.

The following actions are only possible when either the CPU or the CP is in the STOP state:

– Changing the operating status of the CP (RUN → STOP)

– Resetting / memory reset

Note the additional restriction if a protection level of the CPU is enabled.

– Loading firmware using the Firmware Loader.

Further restrictions on access to the CP result from configuring a protection level for the CPU.

Protection levels of the CPU If you configure a protection level ≥ 2 in the configuration of the CPU ("Options” tab), this has the following effects on the operation of the CP:

● Initialization of the CP / assigning an IP address using a different method

Using the Primary Setup Tool (PST) you can only assign an IP address to the CP once.

● No PST with IP configuration using DHCP

If you have configured the setting of the IP addresses of the CP from a DHCP server, you cannot assign an IP address to the CP with the Primary Setup Tool (PST).



● Resetting / memory reset

It is not possible to reset or to reset the memory of the CP.

Remove the protection level of the CPU to take this action.

4.7.8 "OPC UA" tab In this tab, you enable the OPC UA server or client function of the CP. You also configure the parameters of the server function.

"Enable OPC UA server" Enable this option to enable the function of an OPC UA server on the CP.

"Enable OPC UA client" Enable this option to enable the function of an OPC UA client on the CP.

You specify the remaining settings for the client function using the program blocks FB230 to FB236 of the library "SIMATIC_NET_CP" see section Programming the OPC UA client blocks (Page 79).

"Application name" Name of the OPC UA application of the CP. The application name is required to identify the OPC UA name space of the station and must be unique within the project for every CP.

The default application name for the CP is:

Siemens:SIMATIC-S7-CP443-1:OPC-UA

Change the application name so that the name is unique for every CP in the STEP 7 project.

"Server settings" Here, you configure the parameters of the server application.

● "URL"

Display of the URL with the following parts: <Protocol part>://<IP address>:<Port number>

If obtaining the IP address via DHCP was enabled for the interface of the CP, the IP address displayed in the URL is replaced by <dynamic>.

● "URI of the application"

Display of the server URI of the CP with the following parts: <Protocol part>:<Application name of the server>:<Globally Unique Identifier (GUID)>



● "Default port"

Here, you can change the port number of the application. As default port number 4840 is used, the standard TCP port for the OPC UA binary protocol.

Permitted port numbers are as follows:

– 2000 .. 4499

– 4501 .. 34963

– 34965 .. 49151

● "Minimum sampling interval"

Here you set the minimum sampling interval at which the CP scans the process data of the configured CPU symbols. The sampling interval is limited to a minimum value of 100 milliseconds to reserve adequate time for other processes that access the CPU via the backplane bus of the station.

Range of values: 100 .. 65535 ms

Default setting: 500 ms

● "Minimum supported publishing interval"

Here you set the minimum publishing interval that the server application of the CP should support. Lower values set by an OPC UA client are not taken into account.



"Use symbols" Here, you specify the symbols of the CPU that the server application may access.

● "All symbols"

If you select this option, all symbols are available to the server application.

● "Configured symbols"

If you enable this option, only the configured CPU symbols are available to the server application. If the option is enabled, the "Configure" button becomes operable.

● "Configure ..."

With this button you open the dialog for specifying the OPC-specific properties of the symbols to be used by the OPC UA server.

Here you can configure the following among other things for the individual symbols (variables):

– Visibility

Symbols without visibility are excluded from OPC applicationa.

– Access rights (read/write)

With the consistency check of STEP 7, you can recognize whether or not you have reached the maximum permitted number of sysmbols.



"Security configuration" ● "Start of the OPC UA security settings"

With the "Run" button, you open the SCT dialog for configuring the Security functions of the server application.


4.7.9 Configuration in the SCT

Setting security functions In the tabs of the SCT described below configure the Security functions of the CP.

The signing and encryption of the data frames are set differently for the server and client function of the CP:

● For the OPC UA server

In the "OPC UA" tab

● For the OPC UA client

In the connection information (UDT "UASessionConnectInfo") for the client program block "UA_Connect"

You should also note the special features of certificate validation, see below.

Opening SCT fro STEP 7 You open the SCT tabs described below using buttons in the various tabs of the STEP 7 properties dialog of the CP.

You also reach the SCT tabs if you open the SCT from HW Config:

1. "Edit" menu > "Security Configuration Tool"

2. Select the required CP in the offline view under the folder "All modules".

3. Select "Properties..." in the shortcut menu (right mouse button).

"Time-of-day synchronization" Here, NTP servers already created in STEP 7 are displayed that can also be edited there.

You can also create and configure NTP servers of the type NTP (secure).

"Log settings" The "Log settings" tab is displayed only if you have enabled the SCT option "Advanced mode".

Here you configure the logging functions for the Security properties of the CP.



The settings made here are downloaded to the station with the configuration data and take effect when the station starts up.

For information on authentication with a logging server, refer to the section Handling certificates (Page 59).

"SNMP" You can select whether you release the protocol version SNMPv1 or SNMPv3 for the CP.

For SNMPv1 you can assign the community strings and enable write access to the CP using SNMPv1.

For SNMPv3 specify the authentication and the encryption algorithm.

"OPC UA" The tab is only available for CPs on which the OPC UA server function was enabled.

Here you specify the Security profiles and access options for the UA server of the CP.

● Security profile


The CP uses no procedure.

– Basic128Rsa15

This corresponds to the Security profile "Basic128Rsa15" of the OPC UA specification.

The CP uses signing and, if configured, 128-bit encryption.

– Basic256

This corresponds to the Security profile "Basic256" of the OPC UA specification.


– Basic256Sha256

This corresponds to the Security profile "Basic256Sha256" of the OPC UA specification.

The CP uses signing and, if configured, 256-bit encryption using the hash algorithm SHA-256.

If you enable several options, then depending on the settings on the communications partner (client), the CP selects the profile with the the highest possible security.

● Security procedure of the server

– Sign

The CP only allows communication with signed frames.

– Sign and encrypt

The CP only allows communication with signed and encrypted frames.



– Best possible procedure

Depending on the settings on the communications partner (client), the CP selects the procedure with the the highest possible security. This may be: - Sign or - Sign and encrypt

● Anonymous access

– Allow read access

The CP allows read access to the data of its OPC UA server.

– Allow write access

The CP allows write access to the data of its OPC UA server.

Note No connection with disabled options

When the Security functions are enabled and for the option "Anonymous access" neither read nor write access is enabled, with an anonymous login, no connection is established. It is also not possible to browse the address space.

In this case, a connection can only be established with a user name and password.

"Certificate validation" In this tab you set the options for checking the certificates of the communications partner. You can set the options for the UA client and UA server function of the CP separately.

● Checking the certificate

The CP always checks the certificate of the communications partner.

If the partner certificate is invalid or is not trustworthy, communication is aborted.

● No strict certificate validation

If the option is enabled, the CP allows communication in the following situations:

– The IP address of the communications partner is not identical to the IP address in its certificate.

Note: The OPC UA server does not check the IP address of the communications partner (client).

– The use stored in the certificate (OPC UA client/server) differs from the function (OPC UA client/server) of the communications partner.

– The current time on the CP is outside the period of validity of the partner certificate.



Regardless of these exceptions, to establish a connection, at least the following requirements must be met:

– The application URI sent by the requesting client must match the URI of the server application of the CP.

– If the partner certificate is not trustworthy, the CP must at least have stored a self-signed certificate of the partner.

– If the partner certificate was issued by several CAs, all CAs must be saved in the certificate store of the CP.

● Do not check period of validity

If the option is enabled, the CP checks the certificate of the communications partner. The CP also allows communication in the following situation:


If none of the options is enabled, no certificates are checked.

Note the information in the section Handling certificates (Page 59) on the establishment of communication.

Special features for the client application

If you use the client function of the CP, note the following:

The value of the parameter "CheckServerCertificate" that you programmed in the connection information (UASessionConnectInfo) for the client program block "UA_Connect" is overwritten by the settings for the certificate check in the SCT. If the client is to check the certificates of the communications partner (server), you can ignore the parameter in the UDT "UASessionConnectInfo". For the certificate check only the settings in the SCT tab "Certificate validation" are relevant.

"S7 communication" In this tab you make the settings for S7 communication via the CP and for protecting LAN access to the pages of the S7 special diagnostics.

● Disable S7 communication

If the option is enabled, S7 communication via the CP is blocked.

● Disable online diagnostics via LAN

If the option is enabled, access via LAN to the diagnostics pages of the S7 special diagnostics is blocked.

"User management" Apart from access via the STEP 7 tabs "SNMP" and "Web", you can access user management in the open SCT with the menu command "Options" > "User management...".

In user management you assign individual users a role. The individual roles provide specific rights for various services.

You will find information on individual parameters in the online help of the SCT.



4.7.10 Handling certificates

Certificate for authentication If you have configured secure OPC UA communication with authentication for the CP in the "Security" tab, own certificates and certificates of the communications partner will be required for communication to take place.

All nodes of a STEP 7 project with enabled security functions are supplied with certificates. The Security Configuration Tool (SCT) is the certification authority of the STEP 7 project.

For the server and client application of the CP a common certificate is created. It is displayed in the SCT as "OPC UA client / server certificate of the module <CP name>". You see the use of the certificate when you display the certificate in the SCT and select "Enhanced key usage" in the "Details" tab of the certificate dialog.

If the CP communicates with non-Siemens partners when the security functions are enabled, the relevant certificates must be exchanged. You do this with the SCT.

Opening SCT Open the SCT in one of the following alternative ways:

● From the Windows Start menu: Siemens Automation > SIMATIC > Security > Security Configuration Tool

● From STEP 7 / HW Config "Edit > Security Configuration Tool".

Open the certificate manager in the SCT with the menu "Options > Certificate manager".

Importing certificates of communications partners into STEP 7 / SCT Import the certificates of the communications partners from third-party vendors using the certificate manager of the SCT. Follow the steps outlined below:

1. Save the certificate in the file system of the connected PG/PC.

2. Open the SCT as described above.

3. Open the certificate manager of the SCT with "options" >"Certificate mananger".

4. Import the certificate from the file system of the PC with "Import".

Exporting certificates for communications partners from SCT You export the certificate of an S7 module for communications partners from third-party vendors using the certificate manager of the SCT. Follow the steps outlined below:

1. Open the certificate manager of the SCT with "options" >"Certificate mananger".

2. Export the certificate into the file system of the PC with "Export".

3. Transfer the certificate to the system of the third-part vendor.

If you use a logging server in your system, export the SSL certificate for the authentication of the CP from the SCT.

Configuration and operation 4.8 Configuration of the CP in STEP 7 Professional


No certificate when the Security functions are disabled. If the Security functions of the CP are disabled in the STEP 7 project, no certificate will be generated for the CP.

If you use the CP as an OPC UA server, check whether the UA clients you are using necessarily demand a certificate. In this case, you need to enable the Security functions of the CP in STEP 7.

Client: Communications partner (server) without turning off the certificate blocking list If you configure the CP as OPC UA client without security functions the CP does not receive a certificate. If the CP as client is to to communicate with a server, on which the certificate blocking list cannot be turned off, no connection will be established. In this case you need to generate a self-signed certificate in the SCT.

Change certificate: Alternative applicant name The Security Configuration Tool (SCT) applies the properties "DNS name", "IP address", and "URI" from the parameter "Alternative applicant name" in the STEP 7 configuration data.

You can modify this parameter for an OPC UA certificate in the SCT certificate manager. To do this, select the corresponding certificate and call the shortcut menu "Renew certificate".

Properties modified in SCT for the "Alternative applicant name" are not applied to the STEP 7 project.

If you delete all of the "Alternative applicant name" properties in SCT, SCT then applies the corresponding data from the STEP 7 project.

4.8 Configuration of the CP in STEP 7 Professional

4.8.1 "Options " parameter group

Module access protection

Protection level

With this option, you can protect the CP from accidental or unauthorized access. The following options can be selected in the drop-down list:

● Not locked

● Status-dependent

In this setting read access for diagnostic purposes is possible.



The following actions are only possible when either the CPU or the CP is in the STOP state:

– Changing the operating status of the CP (RUN → STOP)

– Resetting / memory reset

Note the additional restriction if a protection level of the CPU is enabled.

– Loading firmware using the Firmware Loader.

Further restrictions on access to the CP result from configuring a protection level for the CPU.

Protection levels of the CPU If you configure write or read protection for the CPU ("Protection" parameter group) , this has the following effects on the operation of the CP:

● Initialization of the CP / assigning an IP address using a different method

Using the Primary Setup Tool (PST) you can only assign an IP address to the CP once.

● No PST with IP configuration using DHCP

If you have configured the setting of the IP addresses of the CP from a DHCP server, you cannot assign an IP address to the CP with the Primary Setup Tool (PST).

● Resetting / memory reset

It is not possible to reset or to reset the memory of the CP.

Remove the protection level of the CPU to take this action.

4.8.2 "Ethernet interface“ parameter group Configure the Ethernet interface as usual.

Advanced options ● Use IEC V2.2 LLDP mode

If the option is enabled, the device uses LLDP in the IEC version V2.2 (PROFINET V2.2). Although the device supports a higher version of the protocol, you can make this setting for reasons of compatibility with other parts of the plant.

● Keepalive connection monitoring

With this option, you monitor the connection to the communications partner.



Time synchronization ● Security disabled

If the security functions are disabled, configure time-of-day synchronization of the CP at this point. If the CP cannot be synchronized with NTP, the SIMATIC method is used automatically.

● Security enabled

If security functions are enabled, you will find the parameter group under "Security". In this case in addition to NTP and the SIMATIC method, the secure method NTP (secure) can be configured.

For information on the configuration, refer to the section Security > "Time-of-day synchronization" (Page 64).

4.8.3 "OPC UA" parameter group

OPC UA In this parameter group you configure the OPC UA server or client function of the CP.

If security functions are enabled, you will find the parameter group under "Security".

For information on the configuration, refer to the section Security > "OPC UA" (Page 67).

4.8.4 Parameter group "SNMP"

SNMP The CP supports the following SNMP versions:

● SNMPv1

Available with security functions disabled.

Note that with this read and write access to the module is possible. In this case, other settings are not possible.

The configuration of the community strings is only possible if the security functions are enabled.

The CP uses the following community strings to authenticate access to its SNMP agent via SNMPv1:

Access to the SNMP agent in the CP Community string for authentication in SNMPv1 *)

Read access public Read and write access private *) Note the use of lowercase letters!



● SNMPv3

Available only when security functions are enabled

For information on the configuring SNMPv3, refer to the section Security > "SNMP" (Page 65).

Configuration ● "Enable SNMP"

If the option is enabled, communication via SNMPv1 is enabled on the CP.

If the option is disabled, queries from SNMP clients are not replied to by the CP either via SNMPv1 or via SNMPv3.

See also SNMP (Page 120)

4.8.5 "I/O addresses" parameter group

Start address Here when necessary you can change the automatically assigned diagnostics address of the CP.

4.8.6 Security“ parameter group

Security functions After enabling the security functions, the following parameter groups are available. The configuration is described in the following sections or in the information system of STEP 7.


● Log settings

Here you configure the logging functions for the security properties of the CP.

The settings made here are downloaded to the station with the configuration data and take effect when the station starts up.

For information on authentication with a logging server, refer to the section Handling certificates (Page 73).

● SNMP

● Web server

● OPC UA



● S7 communication

● Certificate manager

Via the local certificate manager, you can import and export certificates for the CP.

You will find help on the certificate manager in the STEP 7 information system ate following location: "Editing devices and networks >Configuring devices and networks >Configure networks > Industrial Ethernet Security > Configuring security > General > Managing certificates"

4.8.7 Security > "Time-of-day synchronization"

Synchronization method

Note Recommendation for setting the time

If the infrastructure of your project allows, synchronization with a external clock at intervals of approximately 10 seconds is recommended. This achieves as small a deviation as possible between the internal time and the absolute time.

if the security functions are enabled, the CP supports the following methods of time-of-day synchronization:

● SIMATIC mode

The SIMATIC mode cannot be configured.

If you leave the time-of-day synchronization via NTP disabled, the SIMATIC mode is enabled automatically on the CP. In this case, the CP can only adopt the time of day from the station.

Note that with the CP as OPC UA server when using the SIMATIC mode the time is not displayed as UTC but as the local time of the station.

● NTP

If the option is enabled and the Security functions disabled, the CP synchronizes its time of day via NTP.

When NTP is enabled, the CP as OPC UA server displays the time of day in the UTC format.

You configure the synchronization method, the local time zone of the station, the synchronization interval and the addresses of the NTP servers.

● NTP (secure)

If the Security functions are enabled, the time of day can be synchronized using NTP (secure),

The secure method NTP (secure) uses authentication with symmetrical keys according to the hash algorithms MD5 or SHA-1.



NTP configuration

You will find help on the parameters in the STEP 7 information system.

● NTP server

You configure the NTP servers in the table of NTP servers.

If you use "NTP (secure)", the servers of the type NTP (secure) that you configured in the global security settings are also displayed here.

● Accept time from non-synchronized NTP servers

If the option is enabled, the CP also accepts the time-of-day from non-synchronized NTP servers with stratum 16.

If the option is disabled, the response is as follows: If the CP receives a time-of-day frame from an unsynchronized NTP server with stratum 16, the time of day is not set according to the frame. In this case, none of the NTP servers is displayed as "NTP master" in the diagnostics; but rather only as being "reachable".

Setting the SYA bit when synchronizing via NTP

If the time is forwarded to the CPU, with each time frame the CP sets bit 0 of the time status word (SZL-ID 132, index 8). The status bit indicates on the CPU whether the time is synchronized with the external time master.

If you evaluate the time status using SFC 51 "RDSYSST", configure a synchronization cycle shorter than 3 minutes. This avoids the status bit being reset cyclically by the CPU after 3 minutes if NTP servers are unreachable or not synchronized.

4.8.8 Security > "SNMP"

SNMP The range of functions of the CP for SNMP can be found in the section SNMP (Page 120).

If the security functions are enabled, you have the following selection and setting options.

SNMP

● "Enable SNMP"

If the option is enabled, communication via SNMP is released on the device. As default, SNMPv1 is enabled.

If the option is disabled, queries from SNMP clients are not replied to either via SNMPv1 or via SNMPv3.

● "Use SNMPv1"

Enables the use of SNMPv1 for the CP. For information on the configuration of the required community strings see below (SNMPv1).

● "Use SNMPv3"

Enables the use of SNMPv3 for the CP. For information on the configuration of the required algorithms see below (SNMPv3).



SNMPv1

The community strings need to be sent along with queries to the CP via SNMPv1.

● "Reading community string"

The string is required for read access.

Leave the preset string "public" or configure a string.

● "Allow write access"

If the option is enabled write access to the CP is released and the corresponding community string can be edited.

● "Writing community string"

The string is required for write access and can also be used for read access.

Leave the preset string "private" or configure a string.

Note the use of lowercase letters with the preset community strings!

SNMPv3

The algorithms need to be configured for encrypted access to the CP via SNMPv3.

● "Authentication algorithm"

Select the authentication method to be used from the drop-down list.

● "Encryption algorithm"

Select the encryption method to be used from the drop-down list.

Note the information on security of the possible algorithms in the online help of the SCT.

User management

In the user management that you will find in the global security settings, assign the various users their role.

Below the properties of the roles you can see the rights list of the particular role, for example the various types of access using SNMP. For new roles, you can freely configure individual rights.

You will find information on users, roles and the password policy in the information system of STEP 7.

4.8.9 Security > "Web server"

"Web server" The CP provides you with the functionality of a web server for access by means of a web browser. On these HTML pages you will find diagnostics information and service functions.

● Enable Web server on this module

Enable this option in order to be granted access to these HTML pages. This enables port 443 (HTTPS) of the CP.




"Settings for Web diagnostics" ● Download firmware via web server

By enabling the option, the function for downloading the firmware of the CP from the download center is enabled in the Web server.

● Download language file for diagnostic view via web server

Diagnostics displays of the CP are shown in plain language in the Web diagnostics buffer. These displays are language speecific.

Enable the option, to enable the function for reloading missing language files from the download center in the Web server.

"Automatic update" ● Enable automatic updates

If the option is enabled, the CP updates the displayed Web pages regularly.

● Update interval

If the option is enabled, enter the interval here at which the CP updates the displayed Web pages.

Range of values: 1..999 s

4.8.10 Security > "OPC UA" Here you configure the OPC UA server or client function of the CP.

Application name Name of the OPC UA application of the CP. The application name is required to identify the OPC UA name space of the station and must be unique within the project for every CP.

The default application name for the CP is:


Change the application name so that the name is unique for every CP in the STEP 7 project.



OPC UA server

General

● Activate OPC UA server

Enable this option to enable the function of an OPC UA server on the CP.

The following parameters are displayed:

– Server URL

URL with the following parts: <Protocol part>://<IP address>:<Port number>

If obtaining the IP address via DHCP was enabled for the interface of the CP, the IP address displayed in the URL is replaced by <dynamic>.

– URI of the application

Server URI of the CP with the following parts: <Protocol part>:<Application name of the server>:<Globally Unique Identifier (GUID)>

Load PLC tags of the CPU

Here, you specify the PLC tags (symbols) of the CPU that the server application may access.

● All PLC tags

If you select this option, all CPU tags are available to the server application.

● Only configured PLC tags

If you enable this option, only the configured CPU tags are available to the server application.

You configure the PLC tags under the CPU: STEP 7 project navigation > Station > PLC tags

For the PLC tags enable the options "Accessible from HMI/OPC" and "Writable from HMI/OPC" to be able to use them for the OPC applications.

Server settings

● Port

Here, you can change the port number of the application. As default port number 4840 is used, the standard TCP port for the OPC UA binary protocol.

Permitted port numbers are as follows:

– 2000 .. 4499

– 4501 .. 34963

– 34965 .. 49151



● Minimum sampling interval

Here you set the minimum sampling interval at which the CP scans the process data of the configured CPU symbols. The sampling interval is limited to a minimum value of 100 milliseconds to reserve adequate time for other processes that access the CPU via the backplane bus of the station.



● Minimum publishing interval

Here you set the minimum publishing interval that the server application of the CP should support. Lower values set by an OPC UA client are not taken into account.



Export

Here you can export the PLC tags configured for OPC UA as an XML file, for example to make them available to an OPC UA client.

● Export

Saves the PLC tags configured for OPC UA as an XML file in the file system of the ES.

Depending on the option enabled in "OPC UA server > Load PLC tags of the CPU" all or only the configured PLC tags are exported.

Security policy

In the table you specify the Security profiles and access options for the UA server of the CP.

● Enable

Select the required check box in the "Enable" column whose security policy the CP will use.


Here, select one or more options of the security procedure:

– No access

The CP does not use any security procedure.

– BasicXXX...

Required security procedure.



The security policy is a combination of one of the following security profiles and a security procedure.



– Basic128Rsa15

This corresponds to the Security profile "Basic128Rsa15" of the OPC UA specification.


– Basic256

This corresponds to the Security profile "Basic256" of the OPC UA specification.


– Basic256Sha256

This corresponds to the Security profile "Basic256Sha256" of the OPC UA specification.

The CP uses signing and, if configured, 256-bit encryption using the hash algorithm SHA-256.

If you enable several options, then depending on the settings on the communications partner (client), the CP selects the profile with the the highest possible security.

● Security procedure

– Sign

The CP only allows communication with signed frames.

– Sign and encrypt

The CP only allows communication with signed and encrypted frames.

● Anonymous access

– No access

The CP allows no access to the data of its OPC UA server.

– Read-only

The CP allows read access to the data of its OPC UA server.

– Read and write

The CP allows write access to the data of its OPC UA server.

Note No connection with the "No access" option

When the Securityfunctions are enabled and the option "No access" is enabled with an anonymous login, no connection is established. It is also not possible to browse the address space.

In this case, a connection can only be established with a user name and password.



Certificate validation

Here you set the options for checking the certificates of the communications partners for the UA server function of the CP.

● Check certificates

The CP always checks the certificate of the communications partner.

If the partner certificate is invalid or is not trustworthy, communication is aborted.

● No strict certificate validation

If the option is enabled, the CP allows communication in the following situations:

– The IP address of the communications partner is not identical to the IP address in its certificate.

Note: The OPC UA server does not check the IP address of the communications partner (client).

– The use stored in the certificate (OPC UA client/server) differs from the function (OPC UA client/server) of the communications partner.


Regardless of these exceptions, to establish a connection, at least the following requirements must be met:

– The application URI sent by the requesting client must match the URI of the server application of the CP.

– If the partner certificate is not trustworthy, the CP must at least have stored a self-signed certificate of the partner.

– If the partner certificate was issued by several CAs, all CAs must be saved in the certificate store of the CP.

● Do not check period of validity

If the option is enabled, the CP checks the certificate of the communications partner. The CP also allows communication in the following situation:


If none of the options is enabled, no certificates are checked.

Note the information in the section Handling certificates (Page 73) on the establishment of communication.

OPC UA client

OPC UA client

● OPC UA client

Enable this option to enable the function of an OPC UA client on the CP.

You specify the remaining settings for the client function using the program blocks FB230 to FB236 of the library "SIMATIC_NET_CP" see section Programming the OPC UA client blocks (Page 79).



Certificate validation

For information on the certificate validation, refer to the relevant table of the OPC UA server above.

Note Special features for the client application

The value of the parameter "CheckServerCertificate" that you programmed in the connection information (UASessionConnectInfo) for the client program block "UA_Connect" is overwritten by the settings configured here for the certificate check.

If the client is to check the certificates of the communications partner (server), you can ignore the parameter in the UDT "UASessionConnectInfo". For the certificate check only the settings made here are relevant.

"Use symbols" With the consistency check of STEP 7, you can recognize whether or not you have reached the maximum permitted number of symbols.

4.8.11 Security > "S7 communication"

S7 communication Here you make the settings for S7 communication via the CP and for protecting LAN access to the pages of the S7 special diagnostics.

● Disable S7 communication

If the option is enabled, S7 communication via the CP is blocked.

Note No loading if S7 communication is disabled

If S7 communication is disabled, you can no longer load the station via the CP.

● Disable diagnostics via LAN

If the option is enabled, access via LAN to the diagnostics pages of the S7 special diagnostics is blocked.



4.8.12 Security > "Certificate manager"

Assignment of certificates If you use OPC UA communication with authentication for the CP, you need to import certificates of the communications partner into the STEP 7 project and download them to the CP with the configuration data:

1. If applicable import the third-party certificates of all communications partners using the certificate manager in the global security settings.

2. Then assign the certificates of all its communications partners to the CP using the table below the local security settings of the CP.

In this table also include the certificates of communications partners whose certificates were generated in the same STEP 7 project.

For a description of the procedure, refer to the section Handling certificates (Page 73).

4.8.13 Handling certificates

Certificate for authentication If you have configured secure OPC UA communication with authentication for the CP, own certificates and certificates of the communications partner will be required for communication to take place.

All nodes of a STEP 7 project with enabled security functions are supplied with certificates. The STEP 7 project is the certification authority.

Note No certificate with security functions disabled.

If the security functions of the CP are disabled in the STEP 7 project, no certificate will be generated for the CP.

For the server and client application of the CP a common certificate is created. It is displayed as follows (alternatives) in STEP 7 in "Global security settings > Certificate manager > Device certificates".

● OPC UA client certificate of the module <CP name>

● OPC UA server certificate of the module <CP name>

● OPC UA client- / server certificate of the module <CP name>

The issuer, validity, use of the certificate (service/application) and the use of a key are shown in the tale. You can call up further information about the certificate by selecting the certificate in the table and selecting the shortcut menu "Show".

The "Device certificates" table also shows all other certificates generated by STEP 7 and all imported certificates.



If the CP communicates with non-Siemens partners when the security functions are enabled, the relevant certificates of the communications partners must be exchanged. To do this, follow the steps below:

1. Import third-party certificates from communications partners

⇒ Global security settings of the project (certificate manager)

2. Assign certificates locally

⇒ Local security settings of the CP ("Certificate manager" table)

These two steps are described in the next two sections.

Import third-party certificates from communications partners Import the certificates of the communications partners of third-party vendors using the certificate manager in the global security settings. Follow the steps outlined below:

1. Save the third-party certificate in the file system of the PC of the connected ES.

2. In the STEP 7 project open the global certificate manager:

Global security settings > Certificate manager

3. Open the "Trusted certificates and root certification authorities" tab.

4. Click in a row of the table can select the shortcut menu "Import".

5. In the dialog that opens, import the certificate from the file system of the ES into the STEP 7 project.

Assign certificates locally To be able to use an imported certificate for the CP, you need to specify it in the "Security" parameter group of the CP. Follow the steps outlined below:

1. In the STEP 7 project select the CP.

2. Navigate to the parameter group "Security > Certificate manager".

3. In the table, double-click on the cell with the entry "<Add new>".

The "Certificate manager" table of the Global security settings is displayed.

4. In the table. select the required third-party certificate and to adopt it click the green check mark below the table.

The selected certificate is displayed in the local table of the CP.

Only now will the third-party certificate be used for the CP.

Exporting certificates for applications of third-party vendors (e.g. logging server) For communication with applications of third-party vendors, the third-party application generally also requires the certificate of the CP.



You export the certificate of the CP for communications partners from third-party vendors in much the same way as when importing (see above). Follow the steps outlined below:

1. In the STEP 7 project open the global certificate manager:

Global security settings > Certificate manager

2. Open the "Device certificates" tab.

3. In the table select the row with the required certificate (here the OPC UA certificate) and select the shortcut menu "Export".

4. Save the certificate in the file system of the PC of the connected ES.

Now you can transfer the exported certificate of the CP to the system of the third-party vendor.

Certificate for logging server

If you use a logging server in your system, export the SSL certificate for the authentication of the CP on the server.

CP as UA server: The communications partner (client) requires a certificate If you use the CP as an OPC UA server and leave the security functions disable, check whether the UA clients you are using demand a certificate. If the communications partner (client) demands a certificate, you will need to enable the security functions of the CP in STEP 7.

CP as UA client: Communications partner (server) without turning off the certificate blocking list If you configure the CP as OPC UA client without security functions the CP does not receive a certificate. If the CP as client is to to communicate with a server, on which the certificate blocking list cannot be turned off, no connection will be established. In this case you need to generate a self-signed certificate for the CP in STEP 7

Change certificate: Subject Alternative Name STEP 7 adopts the properties "DNS name", "IP address", and "URI" from the parameter "Subject Alternative Name" (Windows: "Alternative applicant name") from the STEP 7 configuration data.

You can change this parameter of an OPC UA certificate in the certificate manager of the global security settings. To do this, select the OPC UA certificate in the table of device certificates and call the shortcut menu "Renew". Properties of the parameter "Subject Alternative Namer" changed in STEP 7 are not adopted by the STEP 7 project.

Configuration and operation 4.9 Properties of the OPC UA server


4.9 Properties of the OPC UA server

Identification characteristics of the server. Below you will find the most important identification characteristics of the OPC UA server of the CP.

● Namespace index

The CP as UA server makes the namespace index 3 available.

● Namespace

Example of the name space of the CPU symbols in the S7-400 with CP 443-1 OPC UA:

http://www.siemens.com/simatic-classic-s7-opcua

● Application name

The name of the server application preset by STEP 7 is:


The name must must e adapted for every CP in the STEP 7 project individually (unique).

● Server URL

The URL consists of the following parts:

<Protocol part>://<IP address>:<Port number>

● URI of the application

The server URL of the CP consists of the following parts:

<Protocol part>:<Application name>:<Globally Unique Identifier (GUID)>

Example: urn:Siemens:SIMATIC-S7-CP443-1:OPC-UA:<GUID>

● Port number of the application

Default port number: 4840

For configuring the parameters refer to the section "OPC UA" tab (Page 53).

NodeID - Identifier The identifier of the NodeIDs is formed by the server application from the name of the CPU and the symbol name:

<CPU name>.<Symbol name>

Subscriptions For the number of subscriptions supported by the CP as OPC UA server, see section Configuration limits - communication (Page 16).

The data management of the subscriptions is stored in the RAM of the CP. This means that failures of the data network do not have any further consequences.



If there is power down, all data and connection information of subscriptions is lost. After restarting the server, the client needs to re-establish the connection and set up the subscriptions again.

Connection abort If a connection between the CP as UA server and an OPC UA client aborts, the session is retained according to the OPC specification.

Deadband When monitoring items for the "DataChangeFilter" the OPC UA server of the CP uses the parameter type "AbsoluteDeadband".

Speed of the data transfer

Note Speed of the data transfer

Where possible read and write tags in in data blocks block by block per DB to achieve a higher speed.




Programming the OPC UA client blocks 5 5.1 Program blocks for the OPC UA client

Overview of the program blocks for the OPC UA client function The program blocks (FBs) listed below are available in the following block library for the OPC UA client function of the CP.

● STEP 7 V5 : SIMATIC_NET_CP

Use the blocks on the CPU.

● STEP 7 Professional : Communication > OPC UA

Display of the block directories after opening the program editor (double-click on OB1 of the S7-400 CPU)

Some blocks require special user data types (UDTs) that you will find in the following below the relevant program block. The UDTs are available as pre-assembled data types in the block library “SIMATIC_NET_CP“. Copy the UDTs from the block library to the block folder of the CPU of the station that uses the CP as an OPC UA client.

● FB230 UA_Connect

Establishes a connection for a session with an OPC UA server.

– UDT751 UASessionConnectInfo

Contains connection information for the block parameter "SessionConnectInfo".

– UDT752 UAUserIdentityToken

Contains the data of the user authentication for the block parameter "UserIdentityToken".

For its function, UA_Connect also requires an SFC51.

● FB231 UA_NamespaceGetIndex

Fetches the name space index of a name space URI.

● FB232 UA_NodeGetHandleList

Registers nodeIDs on the connected server and fetches the node handles in the form of a list.

– UDT753 UANodeID

Contains the parameters for identifying the target node for the block parameter "NodeID".

● FB233 UA_NodeReleaseHandleList

Releases the node handles of the used list on the server.

Programming the OPC UA client blocks 5.1 Program blocks for the OPC UA client


● FB234 UA_Disconnect

Terminates the connection of a current session with an OPC UA server.

● FB235 UA_ReadList

Using the list of node handles, reads the data from nodes of the connected server.

– UDT754 UANodeAdditionalInfo

Specifies the item attribute and the index range for the block parameter "NodeAddInfos".

– UDT755 UAIndexRange

Specifies the start and end index for the block parameter "IndexRange”.

– UDT756 UATimeStamps

Contains the time stamps of the elements of the data area of the block parameter “Variables”.

– UDT757 UAAnyPointer

References the memory area of the CPU in which the process data for the block parameter “Variables” will be stored.

● FB236 UA_WriteList

Using the list of node handles, writes data to nodes of the connected server.

– UDT754 UANodeAdditionalInfo

Specifies the item attribute and the index range for the block parameter "NodeAddInfos".

– UDT755 UAIndexRange

Specifies the start and end index for the block parameter "IndexRange”.

– UDT757 UAAnyPointer

References the memory area of the CPU in which the process data for the block parameter “Variables” is stored.

Additionally required system functions SFC For the full functionality of the program blocks for the OPC UA client the following system functions are required:

● BLKMOV / SFC20

● TIME_TCK / SFC64

For its function, UA_Connect also requires:

● LGC_GADR / SFC49

● RDSYSST / SFC51

Creating the SFCs in STEP 7 V5

In addition to the required program block copy the SFCs from the standard block library to the block container of the CPU and supply the parameters of the SFCs.

Programming the OPC UA client blocks 5.1 Program blocks for the OPC UA client


Creating the SFCs in STEP 7 Professional

1. Create the system functions by opening an organization block in the block directory of the CPU, for example OB1.

2. In the block catalog that is displayed by opening OB1, expand the corresponding block group.

You will find the SFCs in the following block folders:

– BLKMOV (SFC20): "Simple instructions" group > "Move" folder

– TIME_TCK (SFC64): "Extended instructions" group > "Date and time" folder

– LGC_GADR (SFC 49): "Extended instructions" > "Addressing" folder

– RDSYSST (SFC 51): "Extended instructions" group > "Diagnostics" folder

3. Drag the SFCs to the network of the organization block and supply the parameters of the SFCs.

Calling the program blocks and their interaction

Note General notes on the program blocks and instance DBs

Each program block must be called cyclically until the status parameter “Done” or "Error" changes to 1.

Within a session only a single block can be called at any one time. Different blocks can only be processed one after another in a session.

In the properties of the instance DBs of the FBs listed above, always enable the option "Non-Retain" so that the data of the instance DBs is correctly initialized after STOP > START (SIMATIC Manager > select block > shortcut menu "Object properties" > "General -Part 2" tab).

With UA_Connect you establish a connection from the CP as OPC UA client to a UA server and open a session. The block must be called for every connection to a UA server. When necessary for more than one connection to a UA server, the block can be called more than once with different Instance DBs. You can use this, for example, to read via one connection and to write via another connection or to read or write different data via multiple connections.

For connections to more than one UA server, the UA_Connect block must be called several times with different input parameters. As a UA client, the CP can establish connections to up to five UA servers.

To query the name space index of a name space URI of the UA server, call a UA_NamespaceGetIndex within a session. To query multiple name space URIs you can call the block more than once with different input parameters.

To create a handle list as preparation for the read and write services call up UA_NodeGetHandleList. The block is called separately with suitable information at the “NodeIDs” input parameter for each target node.

Following this you can use the blocks UA_ReadList und UA_WriteList to read and write the data of the items. You can call these two blocks as often as necessary within a session.

Programming the OPC UA client blocks 5.2 Time monitoring of the blocks


Figure 5-1 Calling the client program blocks and their interaction

If the connection is no longer required, release the handles on the server again using the block UA_NodeReleaseHandleList. This deletes the handles on the server.

The connection is terminated with UA_Disconnect and the session is ended.

5.2 Time monitoring of the blocks

Parameters for the time response of the blocks To control and monitor the time response of the program blocks, the the following three parameters are available:

● Timeout

Input parameter in all blocks for the OPC UA client

● SessionTimeout

Input parameter in the block UA_Connect

● MonitorConnection

Input parameter in the block UA_Connect

Since the parameters influence the running of the OPC UA communication as a whole, below notes on these parameters precede the block description.

Timeout With this input parameter you monitor every block call. If a block call cannot be completed within the configured maximum permissible time, the status parameter "Error" is set to 1 and processing aborted.

SessionTimeout With this input parameter you monitor the duration of a session without data traffic without the block "UA_Disconnect" being called to terminate a connection.

Programming the OPC UA client blocks 5.3 FB230 UA_Connect


The minimum value of SessionTimeout" is 30 seconds. If the value is exceeded, the connection is terminated.

The parameter allows a server to to reduce bound resources if the client does not use the session for a longer period of time.

An adequate time, however, ensures that the session is not terminated immediately if, for example, data cannot be transferred immediately due to network disruptions.

The value of "SessionTimeout" should generally be higher than the values of "Timeout" for the "UA_Connect" blocks used.

MonitorConnection With this input parameter the status of a connection without data traffic is checked. When this connection monitoring time elapses, a frame is sent to check the status of the connection to the server.

So that when there is no data traffic and the reaction of the connection monitoring time does not terminate the session immediately using the "SessionTimeout" parameter it is recommended that you select a value for "MonitorConnection" that is ´lower than half of "SessionTimeout".

5.3 FB230 UA_Connect

5.3.1 Function and call interface - UA_Connect

Function of the block With the block you establish a connection from the CP as OPC UA client to a UA server and open a session.

As the target address, you specify the URL of the UA server at the "ServerEndpointUrl” parameter.

You store the connection information at the "SessionConnectInfo” parameter in a data block.

For its function, UA_Connect also requires SFC49 and SFC51. Copy the SFCs from the standard block library to the UA_Connect in the block container of the CPU and supply the parameters of the SFCs.



Call interface

Figure 5-2 Call interface in FBD representation

5.3.2 Parameter - UA_Connect

Block parameters The following table explains the formal parameters of the program block.

Table 5- 1 Parameters of the block UA_Connect

Parameter Declaration S7 data type Range of values Meaning Execute IN BOOL 0, 1 A rising edge 0 → 1 at the parameter starts

processing of the block. ServerEndpointUrl IN STRING Max. 254 charac-

ters Address (URL) of the connection partner (serv-er). Only IPv4 addresses are permitted.

SessionConnectInfo IN UDT See “Meaning” Connection information, see UDT751 UASes-sionConnectInfo (Page 85).

Timeout IN TIME 5000 .. 120000 Maximum time for establishing the connection in milliseconds. If the value is exceeded, pro-cessing of the block is aborted with error num-ber B0007001. If a value is entered outside the permitted range, the default value of 60000 (60 seconds) is used.

ConnectionHdl OUT DWORD 1 .. 5 Unique identifier of an established connection It is required by other blocks as an input pa-rameter.

Done OUT BOOL 0, 1 Status parameter for block processing • 0: Block execution aborted, not yet complet-

ed or not yet started • 1: Block processing completed without er-

rors

Busy OUT BOOL 0, 1 Status parameter for block processing • 0: Block not being processed • 1: Block currently executing



Parameter Declaration S7 data type Range of values Meaning Error OUT BOOL 0, 1 Error code

• 0: No error • 1: An error has occurred. See "" parameter

"ErrorID".

ErrorID OUT DWORD See “Meaning” Output of the error number when "Error" = 1. For the significance of the numbers, refer to the section Error numbers (Page 107). Note: If the error code B000F002 is output, the OPC UA session is not yet established. Call the block again.

5.3.3 UDT751 UASessionConnectInfo

UASessionConnectInfo The following table shows the meaning of the connection information for the parameter "SessionConnectInfo" of the UA_Connect block.

Table 5- 2 Parameters of UA_ConnectUDT UASessionConnectInfo

Parameter S7 data type Range of val-ues

Meaning

SessionName STRING 0 .. 254 char-acters

Name of the session If the string remains empty, the following is entered by the system as the session name: <Connection>+<decimal value of "Connec-tionHdl">

ApplicationName STRING 0 .. 254 char-acters

The parameter is given the application name of the CP (OPC UA client) configured In HW Config by STEP 7.

SecurityMsgMode WORD 0 .. 3 Security process • 0 = Best possible procedure • 1 = No security process • 2 = Authenticate • 3 = Authenticate and encrypt

SecurityPolicy WORD 0 .. 4 Securityprofile • 0 = Best possible security profile • 1 = No security profile • 2 = Basic128Rsa15 • 3 = Basic256 • 4 = Basic256Sha256

CertificateStore STRING 0 .. 254 char-acters

Certificate store of the CP (OPC UA client) The parameter is inserted by STEP 7.




Meaning

ClientCertificate-Name

STRING 0 .. 254 char-acters

Name of the client certificate The parameter is inserted by STEP 7.

ServerUri STRING 0 .. 254 char-acters

Server address (URI) that is also stored in the server certificate. Example: urn:<ApplicationName>:GUID The parameter must not be left empty.

CheckServerCer-tificate

BOOL 0, 1 Comparison (check) of the certificate sent by the server with the server certificate stored in the certificate store of the client CP: • 0 = No check • 1 = Check Note The settings of this parameter are overwritten by the security settings in the configuration. If you enable the check (1) but the security functions are disabled in the configuration of the CP, connection establishment is aborted with an error message. Recommendation: Leave the parameter at the default setting (0) since the security functions are enabled by the configuration of the CP.

TransportProfile WORD 1 1 = UATP_UATcp According to the PLCopen specification, only this transport profile is supported.

UserIdentityToken UDT See “Meaning” Data of the user authentication, see UDT752 UAUserIdentityToken (Page 87).

VendorSpecificPa-rameter

WORD See “Meaning” Entry of the logical address of the CP 443-1 OPC UA. You will find this in STEP 7 proper-ties dialog of the CP as an input address in the "Addresses" tab.

SessionTimeout TIME 30000 .. 86 400 000

Maximum time that a session remains estab-lished when there is no data traffic (millisec-onds). If the value is exceeded, the session (connec-tion) is aborted. In this case, you will need to re-establish the connection by calling UA_Connect. If you program values outside the permitted range of values (30 seconds ... 1 day) the value 1200000 (20 minutes) is used.

Programming the OPC UA client blocks 5.4 FB231 UA_NamespaceGetIndex



Meaning

MonitorConnection TIME 5000 .. 86 400 000

Connection monitoring time (milliseconds) Time without data traffic after which the client checks the connection to the server by send-ing a frame. Default setting: 15000 (15 seconds)

LocaleIDs ARRAY[1..5] of String[6]

Examples: en-US, de-DE, zh-CHS ...

Optional language and regional identifier acc. to RFC 3066. 0 = no or unknown LocaleID.

5.3.4 UDT752 UAUserIdentityToken

UAUserIdentityToken The following table shows the meaning of the user authentication data that supplies the UserIdentityToken parameter of the UDT "UASessionConnectInfo".

Table 5- 3 Parameters of UDT UAUserIdentityToken


Meaning

UserIdentity TokenType

WORD 0, 1 0 = No authentication 1 = Authentication When the communications partner (server) demands authentication with a user name and password, set this parameter to 1 and the two following according to the requirements of the server.

TokenParam1 STRING 1 .. 254 char-acters

User name

TokenParam2 STRING 1 .. 254 char-acters

Password

5.4 FB231 UA_NamespaceGetIndex

5.4.1 Function and call interface - UA_NamespaceGetIndex

Function of the block With the block you fetch the name space index of the name space URI of the connected UA server.

Programming the OPC UA client blocks 5.4 FB231 UA_NamespaceGetIndex


Call interface


5.4.2 Parameter - UA_NamespaceGetIndex


Table 5- 4 Parameters of the block UA_NamespaceGetIndex


processing of the block. As long as Execute = 1, the other input parameters cannot be changed.

ConnectionHdl IN DWORD 1 .. 5 Connection identifier supplied by UA_Connect NamespaceUri IN STRING Max. 254 charac-

ters Specifies the address (name space URI) of the target server Example of the name space of the CPU sym-bols in the S7-400 with CP 443-1 OPC UA: http://www.siemens.com/simatic-classic-s7-opcua


NamespaceIndex OUT WORD 0 .. 65535 Output of the name space index of the name space specified by the "NamespaceUri" param-eter. The namespace indexes 0 and 1 are reserved and specified by the OPC Foundation.

Programming the OPC UA client blocks 5.5 FB232 UA_NodeGetHandleList


Parameter Declaration S7 data type Range of values Meaning Done OUT BOOL 0, 1 Status parameter for block processing

• 0: Block execution aborted, not yet complet-ed or not yet started

• 1: Block processing completed without er-rors


Error OUT BOOL 0, 1 Error code • 0: No error • 1: An error has occurred. See "" parameter

"ErrorID".

ErrorID OUT DWORD See “Meaning” Output of the error number when "Error" = 1. For the significance of the numbers, refer to the section Error numbers (Page 107).

5.5 FB232 UA_NodeGetHandleList

5.5.1 Function and call interface - UA_NodeGetHandleList

Function of the block With the block, you register nodeIDs on the connected UA server.

The UA server returns the handles. These are output by the block with the "NodeHdls" parameter. You access the items of the node handles with the blocks "UA_ReadList" and "UA_WriteList" at their input parameter "NodeHdls".

The nodeIDs of the target server that you specify in the "NodeIDs" input parameter must be known to you. You store these in a UDT "UANodeIDs".

The number of target nodes at the input parameter "NodeIDCount" is always 1 so you need to call the block separately for each nodeID



Call interface


5.5.2 Parameter - UA_NodeGetHandleList


Table 5- 5 Parameters of the block UA_NodeGetHandleList


processing of the block. ConnectionHdl IN DWORD 1 .. 5 Connection identifier supplied by UA_Connect NodeIDCount IN WORD 1 Number of elements in the data area von "No-

deIDs". The number of must be 1. NodeIDs IN ARRAY of

UDT See “Meaning” Structure of the parameters of the target node

of the OPC server. The number of nodeIDs (1) must be identical to the number at the output parameter "Node-Hdls". For information on the structure of the UDT, refer to section UDT753 UANodeID (Page 92).




Parameter Declaration S7 data type Range of values Meaning NodeHdls OUT ARRAY of

DWORD 0 .. 4 294 967 295 Array of the handles that the OPC UA server

assigns as the reply to the client's query. The handles serve to uniquely identify the item on the server. The handles remain valid until they are re-leased by calling the UA_NodeReleaseHandleList block, in other words become invalid. When a session is terminated, the CP cancels all registered node handles of this session. The parameter is used for the input parameter "NodeHdls" of the "UA_ReadList" and "UA_WriteList" blocks.



rors



"ErrorID".


NodeErrorIDs OUT ARRAY of DWORD

See “Meaning” Contains the error numbers for all elements of the data area of "NodeIDs". For the significance of the numbers, refer to the section Error numbers (Page 107).

Programming the OPC UA client blocks 5.6 FB233 UA_NodeReleaseHandleList


5.5.3 UDT753 UANodeID

UANodeID The following table shows the meaning of the parameters of UANodeID to identify the target node on the OPC UA server. UANodeID supplies the parameter "NodeIDs" of the UA_NodeGetHandleList" block.

Table 5- 6 Parameters of UDT UANodeID

Parameter S7 data type

Range of values

Meaning

NamespaceIndex WORD 0 .. 65535 Index of the name space of the server Identifier STRING Max. 254 Specifies the nodeID in the name space index. IdentifierType WORD 1 .. 2 Specifies the format and the area of application

(generally the server) of the node ID. Supported types: • 1: UAIdentifierType_String

String identifiers distinguish upper and lower case.

• 2: UAIdentifierType_Numeric Numeric identifier

5.6 FB233 UA_NodeReleaseHandleList

5.6.1 Function and call interface - UA_NodeReleaseHandleList

Function of the block With the block you release the node handles of the current session on the connected UA server. This deletes the list.

The input parameter "NodeHdls" references the data block to which the handles of the output parameter "NodeHdls" of the "UA_NodeGetHandleList" block are written.

The number of handles at the input parameter "NodeHdlCount" is always 1 so you need to call the block separately for each handle.

Programming the OPC UA client blocks 5.6 FB233 UA_NodeReleaseHandleList


Call interface


5.6.2 Parameter - UA_NodeReleaseHandleList


Table 5- 7 Parameters of the block UA_NodeReleaseHandleList

Parameter Declaration S7 data type Range of values Meaning / remarks Execute IN BOOL 0, 1 A rising edge 0 → 1 at the parameter starts

processing of the block. ConnectionHdl IN DWORD 1 .. 5 Connection identifier supplied by UA_Connect NodeHdlCount IN WORD 1 Number of elements in the data area von

"NodeHdls". The number of must be 1. NodeHdls IN ARRAY of

DWORD 0 .. 4 294 967 295 Array of the IDs of the handles to be canceled.

If execution of the block is successful, the han-dles are canceled on the server and therefore become invalid.




rors


Programming the OPC UA client blocks 5.7 FB234 UA_Disconnect


Parameter Declaration S7 data type Range of values Meaning / remarks Error OUT BOOL 0, 1 Error code

• 0: No error • 1: An error has occurred. See "" parameter

"ErrorID".



See “Meaning” Contains error codes for all elements of the data area of "NodeHdls".

5.7 FB234 UA_Disconnect

5.7.1 Function and call interface - UA_Disconnect

Function of the block With the block you terminate an existing connection between the CP as OPC UA client and a UA server. This ends the existing session.

Call interface


Programming the OPC UA client blocks 5.8 FB235 UA_ReadList


5.7.2 Parameter - UA_Disconnect


Table 5- 8 Parameters of the block UA_Disconnect


processing of the block. ConnectionHdl IN DWORD 1 .. 5 Connection identifier supplied by UA_Connect Timeout IN TIME 5000 .. 120000 Maximum time for establishing the connection

in milliseconds. If the value is exceeded, pro-cessing of the block is aborted with error num-ber B0007001. If a value is entered outside the permitted range, the default value of 60000 (60 seconds) is used.



rors



"ErrorID".


5.8 FB235 UA_ReadList

5.8.1 Function and call interface - UA_ReadList

Function of the block With the block you read data from the connected UA server.



You program the attributes to be read in a UDT "UANodeAdditionalInfo" that is referenced by the input parameter "NodeAddInfos".

The handles required at the input parameter "NodeHdls" are read from array of the output parameter "NodeHdls" of the "UA_NodeGetHandleList" block.

The number of nodeIDs at the input parameter "NodeIDCount" is always 1 so you need to call the block separately for each target node.

Call interface


5.8.2 Parameter - UA_ReadList


Table 5- 9 Parameters of the block UA_ReadList


processing of the block. ConnectionHdl IN DWORD 1 .. 5 Connection identifier supplied by UA_Connect NodeHdlCount IN WORD 1 Number of elements in the target area to be

read. The number of must be 1. NodeHdls IN ARRAY of

DWORD 1 Array of the handles of the target nodes (items)

of the OPC UA server. The handles are read from array of the output parameter "NodeHdls" of the "UA_NodeGetHandleList" block.

NodeAddInfos IN ARRAY of UDT

See “Meaning” Specifies the attribute of the items to be read and the index range. For information on the structure of the UDT, see UDT754 UANodeAdditionalInfo (Page 98).



Parameter Declaration S7 data type Range of values Meaning Timeout IN TIME 5000 .. 120000 Maximum time for establishing the connection

in milliseconds. If the value is exceeded, pro-cessing of the block is aborted with error num-ber B0007001. If a value is entered outside the permitted range, the default value of 60000 (60 seconds) is used.

Variables IN_OUT ARRAY [1..1] of UDT

See “Meaning” Reference to the data to be read. For infor-mation on the structure of the UDT, see UDT757 UAAnyPointer (Page 99). For the supported data types of the process data, refer to the section Data types (Page 40).



rors


Error OUT BOOL 0, 1 Error code • 0: No error • 1: An error has occurred. See "ErrorID"

parameter.



See “Meaning” Contains error numbers for all elements of the data area of "Variables". For the significance of the numbers, refer to the section Error numbers (Page 107).

TimeStamps OUT ARRAY [1..1] of UDT

See “Meaning” Contains time stamps for all elements of the data area of "Variables". For information on the structure of the UDT, see UDT756 UATimeStamp (Page 101).



5.8.3 UDT754 UANodeAdditionalInfo

UANodeAdditionalInfo Specifies the attribute of the item and the index range for the block parameter "NodeAddInfos".

Table 5- 10 Parameters of UDT UANodeAdditionalInfo

Parameter S7 data type Range of values Meaning AttributeID WORD 13 Attribute of the items Only attribute 13

(UAAI_Value) for the value of the item is supported.

IndexRangeCount WORD 0 .. 1 Number of index ranges The value is unimportant with elementary data types. For items data type ARRAY the following applies: • 0: A single index The entire array is

read/written • 1: A subsection of an array defined by

"IndexRange".

IndexRange UDT See “Meaning” Area of the array for the parameter In-dexRangeCount. For information on the structure of the UDT, see UDT755 UAIndexRange (Page 98).

5.8.4 UDT755 UAIndexRange

UAIndexRange Specifies the start and end index for the block parameter "IndexRange”.

Table 5- 11 Parameters of UDT UAIndexRange

Parameter Data type Range of values

Meaning

StartIndex WORD 0 .. 65535 Index as of which reading will take place. EndIndex WORD 0 .. 65535 Index up to which reading will take place.



Rules:

If IndexRangeCount = 1 is used, the following rules apply to programming the index range:

● StartinIndex and EndIndex must be assigned.

● For access to more than one element the StartIndex must be lower than the EndIndex.

If this is not the case, this causes an error with the number 80360000.

● If you want to read a single element of an array, enter the same value for the StartIndex and EndIndex.

● To be able to access all elements of the array, the StartIndex and EndIndex must be assigned based on the total number of elements of the array.

If values are specified outside the size of the array, this causes an error with the number 80370000.

Example of assigning "StartIndex" and EndIndex" with arrays.

From an array with a size of 10 elements (no. 1 .. 10) the elements 3 to 5 need to be read. The two indexes are programmed as follows:

● StartIndex = 2 (element no. 3)

● EndIndex = 4 (element no. 5)

5.8.5 UDT757 UAAnyPointer

UAAnyPointer The UDT "UAAnyPointer" is referenced by the "Variables" parameter of the program block.

The UDT references the memory area of the process data in the CPU. To do this process data in the operand areas "inputs" or "outputs" must be copied to a data block.

Store the UDT in a data block.

Table 5- 12 Parameters of UDT UAAnyPointer

Parameter S7 data type Range of values Meaning SyntaxID WORD 10 The value for the syntax ID is always 10. DataType WORD See “Meaning” Data type of the target node For the range

of values see below, table "Coding of the data type".

RepetitionFactor WORD 0 .. 65535 Repetition factor For further information, refer to the STEP 7 online help.

DB_Number WORD 0 .. 65535 Number of the data block (DB) Enter either the number of a DB or a memory area. If you specify a DB, enter a zero in "memArea".



Parameter S7 data type Range of values Meaning MemArea WORD See “Meaning” Memory area

Enter either the number of a DB or a memory area. If you specify a memory area, enter a zero in "DB_Number". For the range of values of the memory area see below, table "Coding of the memory area".

ByteOffset WORD Depends on the memory area, see "Meaning"

Byte offset in the specified memory area, as of which the data is accessed.

BitOffset WORD 0 .. 7 Bit offset in the specified memory area

Data type

The following table explains the coding of the data type in the "DataType" parameter of the UDT UAAnyPointer.

Table 5- 13 Coding of the data type

Hexadecimal code S7 data type Description b#16#01 BOOL Bit b#16#02 BYTE Byte (8 bits) b#16#03 CHAR Character (8 bits) b#16#04 WORD Word (16 bits) b#16#05 INT Integer (16 bits) b#16#06 DWORD Word (32 bits) b#16#07 DINT Integer (32 bits) b#16#08 REAL Floating-point number (32 bits) b#16#09 DATE Date b#16#0A TIME_OF_DAY (TOD) Time of day b#16#0B TIME Time b#16#0C S5TIME Data type S5TIME b#16#0E DATE_AND_TIME

(DT) Date and time (64 bits)

b#16#02 * STRING Character string

* The string uses the lower-level data type BYTE. Refer to the special features in the section Data types (Page 40).

Memory area

The following table explains the coding of the memory area in the "MemArea" parameter of the UDT UAAnyPointer.

Programming the OPC UA client blocks 5.9 FB236 UA_WriteList


Table 5- 14 Coding of the memory area

Hexadecimal code Area Description b#16#80 P Memory area of the I/O b#16#81 E Memory area of the inputs b#16#82 A Memory area of the outputs b#16#83 M Memory area of the bit memory b#16#84 DB Data block

5.8.6 UDT756 UATimeStamp

UATimeStamp Contains the time stamps of the elements of the data area in milliseconds. UATimeStamp supplies the block parameter "TimeStamps".

Table 5- 15 Parameters of UDT UATimeStamp

Parameter S7 data type Range of values Meaning TimestampL WORD see below Least significant word (bits 0..15) TimestampH WORD see below Most significant word (bits 16..31)

Range of values of the entire double word:

TOD#0:0:0.0 .. TOD#23:59:59.999 (0 .. 86 399 999 milliseconds)

5.9 FB236 UA_WriteList

5.9.1 Function and call interface - UA_WriteList

Function of the block With the block you write data to the connected UA server.

You program the attributes to be written in a UDT "UANodeAdditionalInfo" that is referenced by the input parameter "NodeAddInfos".

The handles required at the input parameter "NodeHdls" are read from array of the output parameter "NodeHdls" of the "UA_NodeGetHandleList" block.

The number of nodeIDs at the input parameter "NodeIDCount" is always 1 so you need to call the block separately for each target node.



Call interface


5.9.2 Parameter - UA_WriteList


Table 5- 16 Parameters of the block UA_WriteList


processing of the block. ConnectionHdl IN DWORD 1 .. 5 Connection identifier supplied by UA_Connect NodeHdlCount IN WORD 1 Number of elements in the target area to be

written to. The number of must be 1. NodeHdls IN ARRAY of

DWORD 1 Array of the handles of the target nodes (items)

of the OPC UA server. The handles are read from array of the output parameter "NodeHdls" of the "UA_NodeGetHandleList" block.

NodeAddInfos IN ARRAY of UDT

See “Meaning” Specifies the attribute of the items to be written and the index range. For information on the structure of the UDT, see UDT754 UANodeAdditionalInfo (Page 104).




Parameter Declaration S7 data type Range of values Meaning Variables IN_OUT ARRAY

[1..1] of UDT See “Meaning” Reference to the data to be written. For infor-

mation on the structure of the UDT, see UDT757 UAAnyPointer (Page 105). For the supported data types of the process data, refer to the section Data types (Page 40).



rors



"ErrorID".



See “Meaning” Contains error numbers for all elements of the data area of "Variables". For the significance of the numbers, refer to the section Error numbers (Page 107).



5.9.3 UDT754 UANodeAdditionalInfo

UANodeAdditionalInfo Specifies the attribute of the item and the index range for the block parameter "NodeAddInfos".

Table 5- 17 Parameters of UDT UANodeAdditionalInfo

Parameter S7 data type Range of values Meaning AttributeID WORD 13 Attribute of the items Only attribute 13

(UAAI_Value) for the value of the item is supported.

IndexRangeCount WORD 0 .. 1 Number of index ranges The value is unimportant with elementary data types. For items data type ARRAY the following applies: • 0: A single index The entire array is

read/written • 1: A subsection of an array defined by

"IndexRange".

IndexRange UDT See “Meaning” Area of the array for the parameter In-dexRangeCount. For information on the structure of the UDT, see UDT755 UAIndexRange (Page 104).

5.9.4 UDT755 UAIndexRange

UAIndexRange Specifies the start and end index for the block parameter "IndexRange”.

Table 5- 18 Parameters of UDT UAIndexRange

Parameter Data type Range of values

Meaning

StartIndex WORD 0 .. 65535 Index as of which reading will take place. EndIndex WORD 0 .. 65535 Index up to which reading will take place.



Rules:

If IndexRangeCount = 1 is used, the following rules apply to programming the index range:

● StartinIndex and EndIndex must be assigned.

● For access to more than one element the StartIndex must be lower than the EndIndex.

If this is not the case, this causes an error with the number 80360000.

● If you want to read a single element of an array, enter the same value for the StartIndex and EndIndex.

● To be able to access all elements of the array, the StartIndex and EndIndex must be assigned based on the total number of elements of the array.

If values are specified outside the size of the array, this causes an error with the number 80370000.

Example of assigning "StartIndex" and EndIndex" with arrays.

From an array with a size of 10 elements (no. 1 .. 10) the elements 3 to 5 need to be read. The two indexes are programmed as follows:

● StartIndex = 2 (element no. 3)

● EndIndex = 4 (element no. 5)

5.9.5 UDT757 UAAnyPointer

UAAnyPointer The UDT "UAAnyPointer" is referenced by the "Variables" parameter of the program block.

The UDT references the memory area of the process data in the CPU. To do this process data in the operand areas "inputs" or "outputs" must be copied to a data block.

Store the UDT in a data block.

Table 5- 19 Parameters of UDT UAAnyPointer

Parameter S7 data type Range of values Meaning SyntaxID WORD 10 The value for the syntax ID is always 10. DataType WORD See “Meaning” Data type of the target node For the range

of values see below, table "Coding of the data type".

RepetitionFactor WORD 0 .. 65535 Repetition factor For further information, refer to the STEP 7 online help.

DB_Number WORD 0 .. 65535 Number of the data block (DB) Enter either the number of a DB or a memory area. If you specify a DB, enter a zero in "memArea".



Parameter S7 data type Range of values Meaning MemArea WORD See “Meaning” Memory area

Enter either the number of a DB or a memory area. If you specify a memory area, enter a zero in "DB_Number". For the range of values of the memory area see below, table "Coding of the memory area".

ByteOffset WORD Depends on the memory area, see "Meaning"

Byte offset in the specified memory area, as of which the data is accessed.

BitOffset WORD 0 .. 7 Bit offset in the specified memory area

Data type

The following table explains the coding of the data type in the "DataType" parameter of the UDT UAAnyPointer.

Table 5- 20 Coding of the data type

Hexadecimal code S7 data type Description b#16#01 BOOL Bit b#16#02 BYTE Byte (8 bits) b#16#03 CHAR Character (8 bits) b#16#04 WORD Word (16 bits) b#16#05 INT Integer (16 bits) b#16#06 DWORD Word (32 bits) b#16#07 DINT Integer (32 bits) b#16#08 REAL Floating-point number (32 bits) b#16#09 DATE Date b#16#0A TIME_OF_DAY (TOD) Time of day b#16#0B TIME Time b#16#0C S5TIME Data type S5TIME b#16#0E DATE_AND_TIME

(DT) Date and time (64 bits)

b#16#02 * STRING Character string

* The string uses the lower-level data type BYTE. Refer to the special features in the section Data types (Page 40).

Memory area

The following table explains the coding of the memory area in the "MemArea" parameter of the UDT UAAnyPointer.

Programming the OPC UA client blocks 5.10 Error numbers


Table 5- 21 Coding of the memory area

Hexadecimal code Area Description b#16#80 P Memory area of the I/O b#16#81 E Memory area of the inputs b#16#82 A Memory area of the outputs b#16#83 M Memory area of the bit memory b#16#84 DB Data block

5.10 Error numbers

Evaluation of the output parameters The output parameters Done (BOOL), Error (BOOL) and ErrorID (DWORD) of the OPC UA client program blocks are updated each time the block is called. Evaluate the statuses of the output parameters in the user program.

Example:

After it is called, the program block UA_Connect returns the following values at the three output parameters.

● Done = 1

● Error = 0

● ErrorID = 00000000

Meaning: The job was completed successfully.

Meaning of the error numbers (hexadecimal) of ErrorID

Table 5- 22 Meaning of ErrorID in conjunction with Done and Error

Done Error ErrorID (hex) Name Meaning 1 0 00000000 The block execution was completed successfully. CP-specific error numbers 0 1 B0006001 Missing positive edge for the program block call 0 1 B0007001 Timeout 0 1 B0008004 Invalid NodeIDCount 0 1 B0008086 Invalid node handle 0 1 B0008087 The maximum number of connections (5) has been reached. 0 1 B0008090 Wrong logical address. Connection establishment aborted. 0 1 B0008093 The logical address cannot be processed. An impermissible

module is being used. 0 1 B00080A1 The node handle was not set up for this connection.



Done Error ErrorID (hex) Name Meaning 0 1 B00080C3 The connection resources of the CPU are temporarily ex-

hausted. 0 1 B0009085 The maximum memory space for items (64000 bytes) of the

OPC UA client has been exceeded. 0 1 B000800A The OPC client was not enabled in the configuration. 0 1 B0008723 The read/write job references a non-existent data area in a

DB. 0 1 B000F001 Two function blocks were called in one cycle. 0 1 B000F002 OPC UA session not yet established. Call the UA_Connect

block again. 0 1 B000F003 Communication error 0 1 B000F004 Invalid value for the "SyntaxID" parameter in the UDT

"UAAnyPointer" 0 1 B000F005 Invalid data type in UAAnyPointer 0 1 B000F006 Invalid value for the "RepetitionFactor" parameter in the UDT

"UAAnyPointer" 0 1 B000F007 Invalid operand area of UAAnyPointer 0 1 B000F010 Invalid operand area in a read or write job: Arrays of inputs,

arrays of outputs, arrays of memory bits, arrays of local data and arrays of local data of the predecessor block are not permitted.

0 1 B000F011 The bit offset must be zero. 0 1 B0010001 Wrong data packet in UA_Connect 0 1 B0010002 Invalid URL of a server end point 0 1 B0010003 Invalid value for Timeout 0 1 B0010004 Invalid value for SessionTimeout 0 1 B0010005 Invalid value for MonitorConnection 0 1 B0010006 Invalid transport profile 0 1 B0010007 Invalid server URI 0 1 B0010008 Invalid Security procedure 0 1 B0010009 Invalid Security profile 0 1 B001000A Invalid value for UserIdentityToken 0 1 B001000B Invalid application name 0 1 B001000C No connection establishment to partners with security func-

tions (no authentication if security functions are disabled). Enable the security functions.

0 1 B0010101 Invalid format of the server end point URL. It must start with "opc.tcp://".

0 1 B0010102 The path of the server end point URL is not supported. 0 1 B0010103 The client must not connect itself to the server of its own CP. 0 1 B0010104 Invalid port 0 1 B0010105 Invalid address. DNS is not supported. 0 1 B0020001 Wrong data packet in UA_NameSpaceGetIndex 0 1 B0030001 Wrong data packet in UA_NodeGetHandleList 0 1 B0030002 Invalid NodeID Identifier



Done Error ErrorID (hex) Name Meaning 0 1 B0030003 Max. number of items (64000) exceeded 0 1 B0030004 Unsupported attribute "ValueRank" of a tag. The ValueRank

values (one dimensional array)and -1 (scalar) are supported. 0 1 B0040001 Wrong data packet in UA_NodeReleaseHandleList 0 1 B0050001 Wrong data packet in UA_Disconnect 0 1 B0050002 UA_Disconnect cannot be called, because there is no con-

nection. 0 1 B0060001 Wrong data packet in UA_ReadList 0 1 B0060002 The length of the data to be read exceeds the maximum of

64000. 0 1 B0060003 Invalid range of IndexRangeCount 0 1 B0060004 Invalid IndexRange. StartIndex must not be higher than

EndIndex and EndIndex must not be higher than the array length.

0 1 B0060005 Invalid AttributeID 0 1 B0060006 The read data area is too small.

Correct the data in the UDT "UAIndexRange". 0 1 B0060007 Invalid string length. The value (user data) must be 254. 0 1 B0060008 Invalid value of the node. The value cannot be read in in S7

tag. 0 1 B0060009 Invalid characters in the string

Replace the invalid characters with supported characters. 0 1 B0060010 Invalid operand area in a read or write job: Arrays of inputs,

arrays of outputs, arrays of memory bits, arrays of local data and arrays of local data of the predecessor block are not permitted.

0 1 B0070001 Wrong data packet in UA_WriteList 0 1 B0070002 The length of the data to be written exceeds the maximum. 0 1 B0070003 Invalid range of IndexRangeCount 0 1 B0070004 Invalid IndexRange. StartIndex must not be higher than

EndIndex and EndIndex must not be higher than the array length.

0 1 B0070005 Invalid AttributeID 0 1 B0070006 The data area is outside the permitted area. 0 1 B0070009 Invalid character in the string Error numbers according to IEC 61131-3 for OPC UA 0 1 002D0000 GoodSubscription

Transferred The subscription was transferred to another session.

0 1 002E0000 GoodCompletes Asynchronously

The processing will complete asynchronously.

0 1 002F0000 GoodOverload Sampling has slowed down due to resource limitations. 0 1 00300000 GoodClamped The value written was accepted but was clamped. 0 1 00960000 GoodLocalOverride The value has been overridden. 0 1 00A20000 GoodEntryInserted The data or event was successfully inserted into the historical

database.



Done Error ErrorID (hex) Name Meaning 0 1 00A30000 GoodEntryReplaced The data or event field was successfully replaced in the his-

torical database. 0 1 00A50000 GoodNoData No data exists for the requested time range or event filter. 0 1 00A60000 GoodMoreData The data or event field was successfully replaced in the his-

torical database. 0 1 00A70000 GoodCommunicationEvent The communication layer has raised an event. 0 1 00A80000 GoodShutdownEvent The system is shutting down. 0 1 00A90000 GoodCallAgain The operation is not finished and needs to be called again. 0 1 00AA0000 GoodNonCriticalTimeout A non-critical timeout occurred. 0 1 00BA0000 GoodResultsMayBe

Incomplete The server should have followed a reference to a node in a remote server but did not. The result set may be incomplete.

0 1 406C0000 UncertainReferenceOutOf Server

One of the references to follow in the relative path references to a node in the address space in another server.

0 1 408F0000 UncertainNoCommunication LastUsableValue

Communication to the data source has failed. The variable value is the last value that had a good quality.

0 1 40900000 UncertainLastUsableValue Whatever was updating this value has stopped doing so. 0 1 40910000 UncertainSubstituteValue The value is an operational value that was manually overwrit-

ten. 0 1 40920000 UncertainInitialValue The value is an initial value for a variable that normally re-

ceives its value from another variable. 0 1 40930000 UncertainSensorNotAccurate The value is at one of the sensor limits. 0 1 40940000 UncertainEngineeringUnits

Exceeded The value is outside of the range of values defined for this parameter.

0 1 40950000 UncertainSubNormal The value is derived from multiple sources and has less than the required number of Good sources.

0 1 40A40000 UncertainDataSubNormal The value is derived from multiple values and has less than the required number of Good values.

0 1 40BC0000 UncertainReferenceNot Deleted

The server was not able to delete all target references.

0 1 40C00000 UncertainNotAllNodes Available

The list of references may not be complete because the un-derlying system is not available.

0 1 80010000 BadUnexpectedError An unexpected error occurred 0 1 80020000 BadInternalError An internal error occurred as a result of a programming or

configuration error. 0 1 80030000 BadOutOfMemory Not enough memory to complete the operation. 0 1 80040000 BadResourceUnavailable An operating system resource is not available 0 1 80050000 BadCommunicationError A low level communication error occurred. 0 1 80060000 BadEncodingError Encoding halted because of invalid data in the objects being

serialized. 0 1 80070000 BadDecodingError Decoding halted because of invalid data in the stream. 0 1 80080000 BadEncodingLimits-

Exceeded The message encoding/decoding limits imposed by the stack have been exceeded.

0 1 80B80000 BadRequestTooLarge The resources (memory) of the CPU are temporarily occu-pied

0 1 80B90000 BadResponseTooLarge The response message size exceeds limits set by the client. 0 1 80B90000 BadUnknownResponse An unrecognized response was received from the server.



Done Error ErrorID (hex) Name Meaning 0 1 800A0000 BadTimeout The operation timed out. 0 1 800B0000 BadServiceUnsupported The server does not support the requested service. 0 1 800C0000 BadShutdown The operation was cancelled because the application is shut-

ting down. 0 1 800D0000 BadServerNotConnected The operation could not complete because the client is not

connected to the server. 0 1 800E0000 BadServerHalted The server has stopped and cannot process any requests. 0 1 800F0000 BadNothingToDo There was nothing to do because the client passed a list of

operations with no elements. 0 1 80100000 BadTooManyOperations The request could not be processed because it specified too

many operations. 0 1 80110000 BadDataTypeIdUnknown The extension object cannot be (de)serialized because the

data type id is not recognized. 0 1 80120000 BadCertificateInvalid The certificate provided as a parameter is not valid. 0 1 80130000 BadSecurityChecksFailed Message from remote server: An error occurred verifying

security. The certificate provided as a parameter is not valid. 0 1 80140000 BadCertificateTimeInvalid The Certificate has expired or is not yet valid. 0 1 80150000 BadCertificateIssuer

TimeInvalid An Issuer Certificate has expired or is not yet valid.

0 1 80160000 BadCertificateHost NameInvalid

The HostName used to connect to a Server does not match a HostName in the Certificate.

0 1 80170000 BadCertificateUriInvalid The URI specified in the Application Description does not match the URI in the Certificate.

0 1 80180000 BadCertificateUseNotAl-lowed

The Certificate may not be used for the requested operation.

0 1 80190000 BadCertificateIssuerUse NotAllowed

The Issuer Certificate may not be used for the requested operation.

0 1 801A0000 BadCertificateUntrusted The Certificate is not trusted. 0 1 801B0000 BadCertificateRevocation

Unknown It was not possible to determine if the Certificate has been revoked.

0 1 801C0000 BadCertificateIssuer RevocationUnknown

It was not possible to determine if the Issuer Certificate has been revoked.

0 1 801D0000 BadCertificateRevoked The Certificate has been revoked. 0 1 801E0000 BadCertificateIssuerRevoked The Issuer Certificate has been revoked. 0 1 801F0000 BadUserAccessDenied User does not have permission to perform the requested

operation. 0 1 80200000 BadIdentityTokenInvalid The user identity token is not valid. 0 1 80210000 BadIdentityTokenRejected The user identity token is valid but the server has rejected it. 0 1 80220000 BadSecureChannelIdInvalid The specified secure channel is no longer valid. 0 1 80230000 BadInvalidTimestamp The timestamp is outside the range allowed by the server. 0 1 80240000 BadNonceInvalid The nonce does appear to be not a random value or it is not

the correct length. 0 1 80250000 BadSessionIdInvalid The session id is not valid. 0 1 80260000 BadSessionClosed The session was closed by the client. 0 1 80270000 BadSessionNotActivated The session cannot be used because ActivateSession has

not been called.



Done Error ErrorID (hex) Name Meaning 0 1 80280000 BadSubscriptionIdInvalid The subscription id is not valid. 0 1 802A0000 BadRequestHeaderInvalid The header for the request is missing or invalid. 0 1 802B0000 BadTimestampsTo

ReturnInvalid The timestamps to return parameter is invalid.

0 1 802C0000 BadRequestCancelled ByClient

The request was cancelled by the client.

0 1 80310000 BadNoCommunication Communication with the data source is defined, but not es-tablished, and there is no last known value available.

0 1 80320000 BadWaitingForInitialData Waiting for the server to obtain values from the underlying data source.

0 1 80330000 BadNodeIdInvalid The syntax of the node id is not valid. 0 1 80340000 BadNodeIdUnknown The node id refers to a node that does not exist in the server

address space. 0 1 80350000 BadAttributeIdInvalid The attribute is not supported for the specified Node. 0 1 80360000 BadIndexRangeInvalid The syntax of the index range parameter is invalid. 0 1 80370000 BadIndexRangeNoData No data exists within the range of indexes specified. 0 1 80380000 BadDataEncodingInvalid The data encoding is invalid. 0 1 80390000 BadDataEncoding

Unsupported The server does not support the requested data encoding for the node.

0 1 803A0000 BadNotReadable The access level does not allow reading or subscribing to the Node.

0 1 803B0000 BadNotWritable The access level does not allow writing to the Node. 0 1 803C0000 BadOutOfRange The value was out of range. 0 1 803D0000 BadNotSupported The requested operation is not supported. 0 1 803E0000 BadNotFound A requested item was not found or a search operation ended

without success. 0 1 803F0000 BadObjectDeleted The object cannot be used because it has been deleted. 0 1 80400000 BadNotImplemented Requested operation is not implemented. 0 1 80410000 BadMonitoringModeInvalid The monitoring mode is invalid. 0 1 80420000 BadMonitoredItemIdInvalid The monitoring item id does not refer to a valid monitored

item. 0 1 80430000 BadMonitoredItem

FilterInvalid The monitored item filter parameter is not valid.

0 1 80440000 BadMonitoredItem FilterUnsupported

The server does not support the requested monitored item filter.

0 1 80450000 BadFilterNotAllowed A monitoring filter cannot be used in combination with the attribute specified.

0 1 80460000 BadStructureMissing A mandatory structured parameter was missing or null. 0 1 80470000 BadEventFilterInvalid The event filter is not valid. 0 1 80480000 BadContentFilterInvalid The content filter is not valid. 0 1 80490000 BadFilterOperandInvalid The operand used in a content filter is not valid. 0 1 804A0000 BadContinuation

PointInvalid The continuation point provide is longer valid.

0 1 804B0000 BadNoContinuationPoints The operation could not be processed because all continua-tion points have been allocated.



Done Error ErrorID (hex) Name Meaning 0 1 804C0000 BadReferenceTypeIdInvalid The operation could not be processed because all continua-

tion points have been allocated. 0 1 804D0000 BadBrowseDirectionInvalid The browse direction is not valid. 0 1 804E0000 BadNodeNotInView The node is not part of the view. 0 1 804F0000 BadServerUriInvalid The ServerUri is not a valid URI. 0 1 80500000 BadServerNameMissing No ServerName was specified 0 1 80510000 BadDiscoveryUrlMissing No DiscoveryUrl was specified. 0 1 80520000 BadSempahoreFileMissing The semaphore file specified by the client is not valid. 0 1 80530000 BadRequestTypeInvalid The security token request type is not valid. 0 1 80540000 BadSecurityModeRejected The security mode does not meet the requirements set by the

Server. 0 1 80550000 BadSecurityPolicyRejected The security policy does not meet the requirements set by the

Server. 0 1 80560000 BadTooManySessions The server has reached its maximum number of sessions. 0 1 80570000 BadUserSignatureInvalid The user token signature is missing or invalid. 0 1 80580000 BadApplicationSignature

Invalid The signature generated with the client certificate is missing or invalid.

0 1 80590000 BadNoValidCertificates The client did not provide at least one software certificate that is valid and meets the profile requirements for the server.

0 1 805A0000 BadRequestCancelled ByRequest

The request was cancelled by the client with the Cancel ser-vice.

0 1 805B0000 BadParentNodeIdInvalid The parent node id does not to refer to a valid node. 0 1 805C0000 BadReferenceNotAllowed The reference could not be created because it violates con-

straints imposed by the data model. 0 1 805D0000 BadNodeIdRejected The requested node id was reject because it was either inva-

lid or server does not allow node ids to be specified by the client.

0 1 805F0000 BadNodeClassInvalid The node class is not valid. 0 1 80600000 BadBrowseNameInvalid The browse name is invalid. 0 1 80610000 BadBrowseNameDuplicated The browse name is not unique among nodes that share the

same relationship with the parent. 0 1 80620000 BadNodeAttributesInvalid The node attributes are not valid for the node class. 0 1 80630000 BadTypeDefinitionInvalid The type definition node id does not reference an appropriate

type node. 0 1 80640000 BadSourceNodeIdInvalid The source node id does not reference a valid node. 0 1 80650000 BadTargetNodeIdInvalid The target node id does not reference a valid node. 0 1 80660000 BadDuplicateReference

NotAllowed The reference type between the nodes is already defined.

0 1 80670000 BadInvalidSelfReference The server does not allow this type of selfreference on this node.

0 1 80680000 BadReferenceLocalOnly The reference type is not valid for a reference to a remote server.

0 1 80690000 BadNoDeleteRights The server will not allow the node to be deleted. 0 1 806A0000 BadServerIndexInvalid The server index is not valid. 0 1 806B0000 BadViewIdUnknown The view id does not refer to a valid view node.



Done Error ErrorID (hex) Name Meaning 0 1 806D0000 BadTooManyMatches The requested operation has too many matches to return. 0 1 806E0000 BadQueryTooComplex The requested operation requires too many resources in the

server. 0 1 806F0000 BadNoMatch The requested operation has no match to return. 0 1 80700000 BadMaxAgeInvalid The max age parameter is invalid. 0 1 80710000 BadHistoryOperationInvalid The history details parameter is not valid. 0 1 80720000 BadHistoryOperation

Unsupported The server does not support the requested operation.

0 1 80730000 BadWriteNotSupported The server not does support writing the combination of value, status and timestamps provided.

0 1 80740000 BadTypeMismatch The value supplied for the attribute is not of the same type as the attribute's value.

0 1 80750000 BadMethodInvalid The method id does not refer to a method for the specified object.

0 1 80760000 BadArgumentsMissing The client did not specify all of the input arguments for the method.

0 1 80770000 BadTooManySubscriptions The server has reached its maximum number of subscrip-tions.

0 1 80780000 BadTooManyPublish Requests

The server has reached the maximum number of queued publish requests.

0 1 80790000 BadNoSubscription There is no subscription available for this session. 0 1 807A0000 BadSequenceNumber

Unknown The sequence number is unknown to the server.

0 1 807B0000 BadMessageNotAvailable The requested notification message is no longer available. 0 1 807C0000 BadInsufficientClientProfile The Client of the current Session does not support one or

more Profiles that are necessary for the Subscription. 0 1 80BF0000 BadStateNotActive The sub-state machine is not currently active. 0 1 807D0000 BadTcpServerTooBusy The server cannot process the request because it is too busy. 0 1 807E0000 BadTcpMessageTypeInvalid The type of the message specified in the header invalid. 0 1 807F0000 BadTcpSecureChannel

Unknown The SecureChannelId and/or TokenId are not currently in use.

0 1 80800000 BadTcpMessageTooLarge The size of the message specified in the header is too large. 0 1 80810000 BadTcpNotEnough

Resources There are not enough resources to process the request.

0 1 80820000 BadTcpInternalError An internal error occurred. 0 1 80830000 BadTcpEndpointUrlInvalid The Server does not recognize the QueryString specified. 0 1 80840000 BadRequestInterrupted The request could not be sent because of a network interrup-

tion. 0 1 80850000 BadRequestTimeout Timeout occurred while processing the request. 0 1 80860000 BadSecureChannelClosed The secure channel has been closed. 0 1 80870000 BadSecureChannelToken

Unknown The token has expired or is not recognized.

0 1 80880000 BadSequenceNumberInvalid The sequence number is not valid. 0 1 80890000 BadConfigurationError There is a problem with the configuration that affects the

usefulness of the value.



Done Error ErrorID (hex) Name Meaning 0 1 808A0000 BadNotConnected The variable should receive its value from another variable,

but has never been configured to do so. 0 1 808B0000 BadDeviceFailure There has been a failure in the device/data source that gen-

erates the value that has affected the value. 0 1 808C0000 BadSensorFailure There has been a failure in the sensor from which the value is

derived by the device/data source. 0 1 808D0000 BadOutOfService The source of the data is not operational. 0 1 808E0000 BadDeadbandFilterInvalid The dead band filter is not valid. 0 1 80970000 BadRefreshInProgress This Condition refresh failed, a Condition refresh operation is

already in progress. 0 1 80980000 BadConditionAlreadyDisa-

bled This condition has already been disabled.

0 1 80990000 BadConditionDisabled Property not available, this condition is disabled. 0 1 809A0000 BadEventIdUnknown The specified event id is not recognized. 0 1 809B0000 BadNoData No data exists for the requested time range or event filter. 0 1 809D0000 BadDataLost Data is missing due to collection started/stopped/lost. 0 1 809E0000 BadDataUnavailable Expected data is unavailable for the requested time range

due to an unmounted volume an off-line archive or tape or similar reason for temporary unavailability.

0 1 809F0000 BadEntryExists The data or event was not successfully inserted because a matching entry exists.

0 1 80A00000 BadNoEntryExists The data or event was not successfully updated because no matching entry exists.

0 1 80A10000 BadTimestampNotSupported The client requested history using a timestamp format the server does not support (i. e. requested ServerTimestamp when server only supports SourceTimestamp).

0 1 80AB0000 BadInvalidArgument One or more arguments are invalid. 0 1 80AC0000 BadConnectionRejected Could not establish a network connection to remote server. 0 1 80AD0000 BadDisconnect The server has disconnected from the client. 0 1 80AE0000 BadConnectionClosed The network connection has been closed. 0 1 80AF0000 BadInvalidState The operation cannot be completed because the object is

closed uninitialized or in some other invalid state. 0 1 80B00000 BadEndOfStream Cannot move beyond end of the stream. 0 1 80B10000 BadNoDataAvailable No data is currently available for reading from a non-blocking

stream. 0 1 80B20000 BadWaitingForResponse The asynchronous operation is waiting for a response. 0 1 80B30000 BadOperationAbandoned The asynchronous operation was abandoned by the caller. 0 1 80B40000 BadExpectedStreamToBlock The stream did not return all data requested (possibly be-

cause it is a non-blocking stream). 0 1 80B50000 BadWouldBlock Non-blocking behavior is required and the operation would

block. 0 1 80B60000 BadSyntaxError A value had an invalid syntax. 0 1 80B70000 BadMaxConnections

Reached The operation could not be finished because all available connections are in use.

0 1 80BB0000 BadEventNot Acknowledgeable

The event cannot be acknowledged.



Done Error ErrorID (hex) Name Meaning 0 1 80BD0000 BadInvalidTimestamp

Argument The defined timestamp to return was invalid.

0 1 80BE0000 BadProtocolVersion Unsupported

The applications do not have compatible protocol versions.

0 1 80C10000 BadFilterOperatorInvalid An unrecognized operator was provided in a filter. 0 1 80C20000 BadFilterOperator

Unsupported A valid operator was provided, but the server does not pro-vide support for this filter operator.

0 1 80C30000 BadFilterOperandCount Mismatch

The number of operands provided for the filter operator was less than expected for the operand provided.

0 1 80C40000 BadFilterElementInvalid The referenced element is not a valid element in the content filter.

0 1 80C50000 BadFilterLiteralInvalid The referenced literal is not a valid value. 0 1 80C90000 BadViewTimestampInvalid The view timestamp is not available or not supported. 0 1 80CA0000 BadViewParameterMismatch The view parameters are not consistent with each other. 0 1 80CB0000 BadViewVersionInvalid The view version is not available or not supported. 0 1 80CC0000 BadConditionAlready

Enabled This condition has already been enabled.

0 1 80CD0000 BadDialogNotActive The dialog condition is not active. 0 1 80CF0000 BadConditionBranch

AlreadyAcked The condition branch has already been acknowledged.

0 1 80D00000 BadConditionBranch AlreadyConfirmed

The condition branch has already been confirmed.

0 1 80D10000 BadCondition-AlreadyShelved

The condition has already been shelved.

0 1 80D20000 BadConditionNotShelved The condition is not currently shelved. 0 1 80D30000 BadShelving-

TimeOutOfRange The shelving time not within an acceptable range.

0 1 80D40000 BadAggregateListMismatch The requested number of Aggregates does not match the requested number of NodeIds.

0 1 80D50000 BadAggregateNotSupported The requested Aggregate is not support by the server. 0 1 80D60000 BadAggregateInvalidInputs The aggregate value could not be derived due to invalid data

inputs. 0 1 80DB0000 BadTooManyMonitoredItems The request could not be processed because there are too

many monitored items in the subscription. 0 1 80D70000 BadBoundNotFound No data found to provide upper or lower bound value. 0 1 80D80000 BadBoundNotSupported The server cannot retrieve a bound for the variable. 0 1 00D90000 GoodDataIgnored The request specifies fields which are not valid for the

EventType or cannot be saved by the historian. 0 1 80DA0000 BadAggregateConfiguration

Rejected The aggregate configuration is not valid for specified node.

0 1 810D0000 BadCertificateChain Incomplete

Message from remote server: The certificate chain is incom-plete.

Error numbers of PLCOpen for OPC UA 0 1 A0000001 PLCopenUA_Bad_FW_

PermanentError Internal, permanent error.



Done Error ErrorID (hex) Name Meaning 0 1 A0000002 PLCopenUA_Bad_FW_

TempError Temp. Error; FB could retry to reach FW.

0 1 A0000003 PLCopenUA_Bad_ ConnectionError

Connection could not be established.

0 1 A0000004 PLCopenUA_Bad_ HostNotFound

The requested hostname could not be found.

0 1 A0000005 PLCopenUA_Bad_ AlreadyConnected

Connection was already established.

0 1 A0000006 PLCopenUA_Bad_ SecurityFailed

Connection failed due to security setup.

0 1 A0000007 PLCopenUA_Bad_ Suspended

Connection is suspended.

0 1 A0000008 PLCopenUA_Bad_ ConnectionInvalidHdl

Provided ConnectionHdl is not known.

0 1 A0000009 PLCopenUA_Bad_ NSNotFound

A namespace with the requested name cannot be found on server.

0 1 A000000A PLCopenUA_Bad_ ResultTooLong

Target PLC variable is too short for retrieved data.

0 1 A000000B PLCopenUA_Bad_ InvalidType

Invalid or unsupported Type.

0 1 A000000C PLCopenUA_Bad_ NodeInvalidHdl

Provided NodeHdl is not known.

0 1 A000000D PLCopenUA_Bad_ MethodInvalidHdl

Provided MethodHdl is not known.

0 1 A000000E PLCopenUA_Bad_ ReadFailed

Read failed for unknown reason.

0 1 A000000F PLCopenUA_Bad_ WriteFailed

Write failed for unknown reason.

0 1 A0000010 PLCopenUA_Bad_ CallFailed

Method Call failed for unknown reason.

0 1 A0000011 PLCopenUA_Bad_ InParamFailed

Method Call Input parameter conversion failed.

0 1 A0000012 PLCopenUA_Bad_ OutParamFailed

Method Call Output parameter conversion failed. ATTENTION: this means the MethodCall was executed suc-cessfully but the returned values could not be converted.

0 1 A0000013 PLCopenUA_Bad_ SubscriptionInvalidHdl

Provided SubscriptionHdl is not known.

0 1 A0000014 PLCopenUA_Bad_ MonitoredItemInvalidHdl

Provided MonitoredItemHdl is not known.




Diagnostics and maintenance 6 6.1 Diagnostics options

The following diagnostics options are available:

LEDs of the module For information on the LED displays, refer to the section LEDs (Page 25).

Based on the LEDs, you can identify different problems on the CP.

Diagnostics via SNMP with SINEMA Server With a network management system, for example "SINEMA Server" (does not ship with the product), you can read out diagnostics data from the CP using SNMP MIBs.

You will find details of the SNMP functions supported by the CP and MIBs in the section SNMP (Page 120).

For the manual of SINEMA Server see /5/ (Page 134).

STEP 7 V5 The known diagnostics tools of STEP 7 are available to you.

STEP 7 Professional ● The "Diagnostics" tab in the Inspector window

Here, you can obtain the following information on the selected module:

– Information on the online status of the module

● Diagnostics functions in the "Online > Online and diagnostics" menu

Here, you can obtain static information on the selected module:

– General information on the module

– Diagnostics status

– Information on the Ethernet interface

– Security (with security enabled)

You can obtain further information on the diagnostics functions of STEP 7 in the STEP 7 online help.

Diagnostics and maintenance 6.2 SNMP


Web diagnostics The CP provides you with the functionality of a Web server for access using a Web browser.

You will find suitable Web browsers in the section Web browser for access using HTTPS (Page 21).

With the aid of a Web server of the CP (see below) you can read out diagnostics data from the S7 station connected via the CP to a PG/PC with a Web browser

The HTML pages are used to transfer and display information in a Web browser. This makes it possible to read the diagnostics buffers of the intelligent modules in the rack.

Using the integrated update center of the diagnostics pages, you can download new firmware files and language files for diagnostics to the station.

If you do not require the functions, you can disable them in the STEP 7 configuration and block port 443.

To use the Web server functionality of the CP, enable the relevant option in STEP 7 in the module properties, "Web" parameter group (STEP 7 V5) or "Security > Web server" (STEP 7 Professional).

As default, this function is disabled.


Access to the Web server

With the following address, you have access to Web diagnostics: https://<IP address of the CP>

Diagnostics buffer entries When the CP is supplied, diagnostics buffer entries shown on diagnostics pages are always in English. This is not influenced by the language selected for display of the Web pages.

How to load other languages on the CP is described in the manual /2/ (Page 133).

6.2 SNMP

SNMP (Simple Network Management Protocol) SNMP is a protocol for management and diagnostics of networks and nodes in the network. To transmit data, SNMP uses the connectionless UDP protocol.

The information on the properties of SNMP-compliant devices is entered in MIB files (MIB = Management Information Base).

Diagnostics and maintenance 6.2 SNMP


Range of performance of the CP as an SNMP agent The CP supports data queries in the following SNMP versions:

● SNMPv1 (standard)

● SNMPv3 (Security)

It returns the contents of MIB objects of the standard MIB II according to RFC 1213 and the Siemens Automation MIB.

● MIB II

The CP supports the following groups of MIB objects:

– System

– Interfaces

The "Interfaces" MIB object provides status information about the CP interfaces.

The following groups of the MIB II standard are not supported:

– Adress Translation (AT)

– EGP

– ICMP

– IP

– SNMP

– TCP

– Transmission

– UDP

● Siemens Automation MIB

The following exceptions / restrictions apply to the CP.

Write access is permitted only for the following MIB objects of the system group:

– sysContact

– sysLocation

– sysName

A set sysName is sent as the host name using DHCP option 12 to the DHCP server to register with a DNS server.

For all other MIB objects / MIB object groups, only read access is possible for security reasons.

Traps are not supported by the CP.

For more detailed information about the MIB files and SNMP, refer to the manual /4/ (Page 134).

Diagnostics and maintenance 6.3 Upload from device (to PG / ES)


Access permissions using community names In the presettings, the CP uses the following community strings to authenticate access to its SNMP agent via SNMPv1:

Table 6- 1 Access rights and authentication with SNMPv1

Type of access Community string for authentication *) Read access public Read and write access private *) Note the use of lowercase letters!

Configuration For information on the configuration, refer to:

● STEP 7 V5: "SNMP" Tab (Page 45)

● STEP 7 Professional: Parameter group "SNMP" (Page 62)

6.3 Upload from device (to PG / ES)

Restrictions when uploading to PG / engineering station When you upload configuration data to the PG / ES, the names of the configured symbols are renamed and therefore unusable. The station loaded back to the PG can no longer be used for productive operation in this status (OPC UA).

6.4 Loading new firmware

Options for a firmware update If you have configured a protection level for the CP, note the information in section "Options" tab: Effects of protection levels (Page 52) relating to loading new firmware files.

You can use the following method to download a new firmware file to the CP:

● The update center of the Web server

You can reach the update center using Web diagnostics.

The CP supports the storage of several firmware versions. Using the firmware load function in the update center, you can activate the required firmware version.

Requirement: The "Firmware download via Web" option is selected in the configuration and the user rights have been set.

Diagnostics and maintenance 6.4 Loading new firmware


● The firmware loader supplied with STEP 7 V5

Requirement for downloading:

– To download firmware, you require an Industrial Ethernet CP module in the PG/PC (for example, CP 1613) or a normal Ethernet module with the "Softnet" software package.

– The S7ONLINE interface must be set to the "ISO - Industrial Ethernet" protocol. It is not possible to download using TCP/IP (and therefore not to other networks).

Note

Security functions enabled:

If the Security functions are enabled, a protection level is automatically configured that prevents loading a new firmware file with the firmware loader.

Instead, we recommend that you load the firmware when necessary using the update center in Web diagnostics.

To load the firmware on the module, however, using the firmware loader, in addition to the CP the CPU must be in the STOP mode.

● In STEP 7 Professional

"Online & diagnostics > Firmware update"

For the requirements, see above (STEP 7 V5)

A language file (s7wmeldx.edb) loaded earlier for the diagnostics display via the Web server is not deleted by a new firmware file.

Note the description of firmware downloads in the manual /2/ (Page 133).

How to download new firmware Follow the steps outlined below:

1. Connect the CP module to the PG/PC via a LAN cable.

2. Start the download on your PG/PC using one of the firmware download functions described above.

You will find the corresponding LED displays in the section LEDs (Page 25). Downloading new firmware via the update center does not affect the LED display.

The download involves two stages:

– Section 1: Downloading firmware

– Section 2: Activating firmware

3. Restart the CP after activating the firmware.

If the download using the firmware loader is aborted, the RUN and STOP LEDs flash alternately.

Diagnostics and maintenance 6.5 Memory reset / reset to factory defaults


What to do if a download is interrupted Disturbances or collisions on the network can lead to packets being lost. In such cases, this can lead to an interruption of the firmware download. The CP writes an entry in the diagnostics buffer.

Repeat the download after the CP has started up again.

If you cannot start the download again following an aborted attempt, turn off the entire rack and turn it on again. You can then restart the firmware download.

6.5 Memory reset / reset to factory defaults The CP has a two level function available for resetting:

● Memory reset

● Resetting to factory settings

Note

Data on the CP is deleted - CPU data is retained

The functions for resetting and resetting to factory defaults described here do not change the configuration data on the CPU! Only the data kept on the CP (RAM areas) is deleted.

If you subsequently upload the configuration data from the CPU to a PG you will always obtain the configuration data that was previously on the CP (with parameters, connections, IP address).

If you have configured a protection level for the CP, note the information in section "Options" tab: Effects of protection levels (Page 52).

How to use the functions You can start the memory reset functions in STEP 7. The CP must be in STOP. When you reset memory using special diagnostics, the CP is automatically changed to STOP.

● Memory reset

– In STEP 7 V5.5 with the menu command "PLC" > "Clear/Reset"

– In STEP 7 special diagnostics with the "Operating Mode" > "Clear/Reset Module" menu command

– In STEP 7 Basic/Professional via "Online & diagnostics" > "Go online" > "Online tools" > open input box > button "MRES"

● Resetting to factory settings

– In STEP 7 V5.5 with the menu command "PLC" > "Edit Ethernet Node..." > Select CP > "OK" > "Reset to Factory Defaults"

– In STEP 7 Professional in the Online & Diagnostics view using the parameter group " > "Functions" > "Reset to Factory Settings"

– In STEP 7 special diagnostics with the "Operating Mode" > "Reset to Factory Settings" menu command

Diagnostics and maintenance 6.6 Replacing a module without a programming device


Clear/reset module - effects Following the memory reset, the CP retains the IP address. The CP is therefore immediately ready for downloads using the IP address.

The configuration data is retained on the CPU.

The CPU in the S7 station does not recognize that the CP memory was reset. The CP changes to the "Stopped (STOP) with error" state (see LEDs (Page 25)). The configuration data must then be reloaded. You can also initiate this loading from the CPU by cycling power (OFF > ON).

Reset to factory defaults - effects After resetting to factory defaults, the CP always retains the factory set MAC address (as supplied).

The IP address and the configuration data in the CP RAM are deleted. The configuration data is retained on the CPU.

A language file (s7wmeldx.edb) loaded earlier for the diagnostics display via the Web server is not deleted by a new firmware file.

6.6 Replacing a module without a programming device

General procedure The configuration data of the CP is stored on the CPU. This makes it possible to replace this module with a module of the same type (identical article number) without a PG.

Module replacement: Special feature of IP address assignment from a DHCP server When configuring in the Properties dialog, you can specify the IP configuration for the CP. One option here is that the CP obtains the IP address from a DHCP server.

Note Recommendation: Configuring a client ID

When replacing modules, remember that the factoryset MAC address of the new module is different from the previous module. When the factoryset MAC address of the new module is sent to the DHCP server, this will return either a different or no IP address.

Ideally, you should therefore configure IP as follows:

Always configure a client ID and configure your DHCP server accordingly if you always want to obtain the same IP address from the DHCP server after replacing the module.

Diagnostics and maintenance 6.6 Replacing a module without a programming device



Technical specifications 7 7.1 Technical specifications of the CP

Table 7- 1 Technical specifications of the CP 443-1 OPC UA

Technical specifications Article number • CP 443-1 OPC UA • 6GK7 443-1UX00-0XE0

Attachment to Industrial Ethernet Amount 1 x Ethernet interface Design Connector 1 x RJ-45 jack

Transmission speed 10/100/1000 Mbps Permitted cable lengths (Ethernet) Alternative combinations per length range * 0 ... 55 m • Max. 55 m IE TP Torsion Cable with IE FC RJ45 Plug 180

• Max. 45 m IE TP Torsion Cable with IE FC RJ45 + 10 m TP Cord via IE FC RJ45 Outlet

0 ... 85 m • Max. 85 m IE FC TP Marine/Trailing/Flexible/FRNC/Festoon/Food Cable with IE FC RJ45 Plug 180

• Max. 75 m IE FC TP Marine/Trailing/Flexible/FRNC/Festoon/Food Cable + 10 m TP Cord via IE FC RJ45 Outlet

0 ... 100 m • Max. 100 m IE FC TP Standard Cable with IE FC RJ45 Plug 180 • Max. 90 m IE FC TP Standard Cable + 10 m TP Cord via IE FC RJ45 Outlet

Electrical data Power supply via S7 backplane bus 5 V Current consumption From backplane bus 1.8 A

Power dissipation 7.25 W Permitted ambient conditions Ambient temperature During operation 0 °C to +60 °C

During storage -40 °C to +70 °C During transportation -40 °C to +70 °C

Relative humidity During operation ≤ 95 % at 25 °C, no condensation Operating altitude ≤ 2,000 m above sea level Contaminant concentration Acc. to ISA-S71.04 severity level G1, G2, G3 Design, dimensions and weight Module format Compact module for S7-400, single width

Degree of protection IP20 Weight Approx. 700 g

Technical specifications 7.2 Pinout of the Ethernet interface


Technical specifications Dimensions (W x H x D) 25 x 290 x 210 mm Installation options Mounting in an S7-400 rack * For details, refer to the catalog IK PI Cabling technology.

You will find the product functions in the section Application and functions (Page 11).

For further data, refer to section Performance data (Page 15)

In addition to this, all the information in the S7400/M7400 reference manual "Module Data" /3/ (Page 134) in the section "General Technical Specifications" on the topics listed below applies to the CP

● Electromagnetic compatibility

● Transportation/storage conditions

● Mechanical and climatic environmental conditions

● Information on insulation checks, protection class and degree of protection

7.2 Pinout of the Ethernet interface

Pinout of the Ethernet interface The table below shows the pin assignment of the Ethernet interface. The pin assignment corresponds to the Ethernet standard 802.3ab version 1000BASE-T.

All four pairs of wires (DA, DB, DC, DD) can be operated with duplex (BI).

Table 7- 2 Pin assignment of the Ethernet interface

View of the RJ-45 jack Pin Signal name Function

1 BI_DA+ DA: Transmit + / Receive + 2 BI_DA- DA: Transmit - / Receive - 3 BI_DB+ DB: Transmit + / Receive + 4 BI_DC+ DC: Transmit + / Receive + 5 BI_DC- DC: Transmit - / Receive - 6 BI_DB- DB: Transmit - / Receive - 7 BI_DD+ DD: Transmit + / Receive + 8 BI_DD- DD: Transmit - / Receive -


Approvals A

Approvals issued

Note Issued approvals on the type plate of the device

The specified approvals apply only when the corresponding mark is printed on the product. You can check which of the following approvals have been granted for your product by the markings on the type plate.

Approvals for shipbuilding are not printed on the device type plate.

EC declaration of conformity The CP meets the requirements and safety objectives of the following EU directives and it complies with the harmonized European standards (EN) for programmable logic controllers which are published in the official documentation of the European Union.

● 2014/34/EU (ATEX explosion protection directive)

Directive of the European Parliament and the Council of 26 Febrary 2014 on the approximation of the laws of the Member States concerning equipment and protective systems intended for use in potentially explosive atmospheres, official journal of the EU L96, 29/03/2014, pages. 309-356

● 2014/30/EU (EMC)

EMC directive of the European Parliament and of the Council of February 26, 2014 on the approximation of the laws of the member states relating to electromagnetic compatibility.; official journal of the EU L96, 29/03/2014, pages. 79-106

● 2011/65/EU (RoHS)

Directive of the European Parliament and of the Council of 8 June 2011 on the restriction of the use of certain hazardous substances in electrical and electronic equipment

The EC Declaration of Conformity is available for all responsible authorities at:

Siemens Aktiengesellschaft Division Process Industries and Drives Process Automation DE-76181 Karlsruhe Germany

You will find the EC Declaration of Conformity on the Internet at the following address:

Link: (https://support.industry.siemens.com/cs/ww/en/ps/15351/cert)

> Entry type: "Certificates", certificate type: "EC Declaration of Conformity"

https://support.industry.siemens.com/cs/ww/en/ps/15351/cert

Approvals


IECEx The CP meet the requirements of explosion protection according to IECEx.

IECEx certificate: IECEx DEK 14.0034X

The CP meets the requirements of the following standards:

● IEC 60079-0

Hazardous areas - Part 0: Equipment - General requirements

● EN 60079-15

Explosive atmospheres - Part 15: Equipment protection by type of protection 'n'

You can see the current versions of the standards in the IECEx certificate that you will find on the Internet at the following address:


The conditions must be met for the safe deployment of the CP according to the section Notes on use in hazardous areas according to ATEX / IECEx (Page 31).

You should also note the information in the document "Use of subassemblies/modules in a Zone 2 Hazardous Area" that you will find on the Internet at the following address:


ATEX The CP meets the requirements of the EC directive 2014/34/EU "Equipment and Protective Devices for Use in Potentially Explosive Atmospheres".

Applied standards:

● EN 60079-0

Hazardous areas - Part 0: Equipment - General requirements

● EN 60079-15

Explosive atmospheres - Part 15: Equipment protection by type of protection 'n'

The current versions of the standards can be seen in the EC Declaration of Conformity, see above.

ATEX approval: II 3 G Ex nA IIC T4 Gc

Test number: KEMA 03 ATEX1125 X

The conditions must be met for the safe deployment of the CP according to the section Notes on use in hazardous areas according to ATEX / IECEx (Page 31).

You should also note the information in the document "Use of subassemblies/modules in a Zone 2 Hazardous Area" that you will find on the Internet at the following address:


EMC Until 19.04.2016 the CP meets the requirements of the EC Directive 2014/30/EU "Electromagnetic Compatibility” (EMC directive).




Approvals


Applied standards:

● EN 61000-6-4

Electromagnetic compatibility (EMC) - Part 6-4: Generic standards - Emission standard for industrial environments

● EN 61000-6-2

Electromagnetic compatibility (EMC) - Part 6-2: Generic standards - Immunity for industrial environments

RoHS The CP meets the requirements of the EC directive 2011/65/EU on the restriction of the use of certain hazardous substances in electrical and electronic equipment.

Applied standard:

● EN 50581:2012

c(UL)us Applied standards:

● Underwriters Laboratories, Inc.: UL 61010-1 (Safety Requirements for Electrical Equipment for Measurement, Control, and Laboratory Use - Part 1: General Requirements)

● IEC/UL 61010-2-201 (Safety requirements for electrical equipment for measurement, control and laboratory use. Particular requirements for control equipment)

● Canadian Standards Association: CSA C22.2 No. 142 (Process Control Equipment)

Report / UL file: E85972 (NRAG, NRAG7)

cULus Hazardous (Classified) Locations Underwriters Laboratories, Inc.: cULus IND. CONT. EQ. FOR HAZ. LOC.

Applied standards:

● ANSI ISA 12.12.01

● CSA C22.2 No. 213-M1987

APPROVED for Use in:

● Cl. 1, Div. 2, GP. A, B, C, D T4

● Cl. 1, Zone 2, GP. IIC T4

Ta: Refer to the temperature class on the type plate of the CP

Report / UL file: E223122 (NRAG, NRAG7)

Note the conditions for the safe deployment of the CP according to the section Notes on use in hazardous areas according to UL HazLoc (Page 31).

Approvals


FM Factory Mutual Approval Standard Class Number 3600, 3611, 3810

Class I, Division 2, Group A, B, C, D, T4 or Class I, Zone 2, Group IIC, T4

Ta: Refer to the temperature class on the type plate of the CP

Certificate of Compliance: 3030463

Australia - RCM The CP meets the requirements of the AS/NZS 2064 standards (Class A).

Marking for the customs union EAC (Eurasian Conformity)

Customs union of Russia, Belarus and Kazakhstan

Declaration of the conformity according to the technical regulations of the customs union (TR CU)

MSIP 요구사항 - For Korea only Certification Number: MSIP-REM-S49-S7400CP

A급 기기(업무용 방송통신기자재)

이 기기는 업무용(A급) 전자파 적합기기로서 판매자 또는 사용자는 이 점을 주의하시기 바라며, 가정 외의 지역에서 사용하는것을 목적으로 합니다.

Current approvals SIMATIC NET products are regularly submitted to the relevant authorities and approval centers for approvals relating to specific markets and applications.

If you require a list of the current approvals for individual devices, consult your Siemens contact or check the Internet pages of Siemens Industry Online Support:


Overview of the approvals for SIMATIC NET products You will find an overview of the approvals for SIMATIC NET products including approvals for shipbuilding on the Internet pages of Siemens Industry Online Support under the following address:





Documentation references B

Where to find Siemens documentation ● Article numbers

You will find the article numbers for the Siemens products of relevance here in the following catalogs:

– SIMATIC NET - Industrial Communication / Industrial Identification, catalog IK PI

– SIMATIC - Products for Totally Integrated Automation and Micro Automation, catalog ST 70

You can request the catalogs and additional information from your Siemens representative. You will also find the product information in the Siemens Industry Mall at the following address:

Link: (https://mall.industry.siemens.com)

● Manuals on the Internet

You will find SIMATIC NET manuals on the Internet pages of Siemens Industry Online Support:

Link: (https://support.industry.siemens.com/cs/ww/en/ps/15247/man)

Go to the required product in the product tree and make the following settings:

Entry type “Manuals”

● Manuals on the data medium

You will find manuals of SIMATIC NET products on the data medium that ships with many of the SIMATIC NET products.

/1/ SIMATIC NET CP 443-1 OPC UA Operating Instructions Siemens AG Link: (https://support.industry.siemens.com/cs/ww/en/view/109738422)

/2/ SIMATIC NET S7 CPs for Industrial Ethernet Configuring and Commissioning - configuration manual manual Part A - General Applications Siemens AG Link: (https://support.industry.siemens.com/cs/ww/en/view/60053848)

https://mall.industry.siemens.com/

https://support.industry.siemens.com/cs/ww/en/ps/15247/man



Documentation references /3/


/3/ SIMATIC S7 Automation System S7-400, M7-400 Siemens AG

● Installation: Installation manual Link: Link: (https://support.industry.siemens.com/cs/ww/en/view/1117849)

● Module Data: Reference Manual Link: Link: (https://support.industry.siemens.com/cs/ww/en/view/1117740)

● CPU data Link:Link:CPU (https://support.industry.siemens.com/cs/ww/en/view/53385241/85292998155)

/4/ SIMATIC NET Diagnostics and configuration with SNMP Diagnostics manual Siemens AG Link: (https://support.industry.siemens.com/cs/ww/en/ps/15392/man)

/5/ SIMATIC NET SINEMA Server Operating Instructions Siemens AG Link: (https://support.industry.siemens.com/cs/ww/en/ps/15393/man)

/6/ SIMATIC NET Industrial Ethernet Security Security basics and applications Configuration manual Siemens AG Link: (https://support.industry.siemens.com/cs/ww/en/view/56577508)



https://support.industry.siemens.com/cs/ww/en/view/53385241/85292998155





Index

A Abbreviations/acronyms, 4 Article number, 3 ASCII characters, 40

C Can be reached from HMI/OPC UA (STEP 7 Prof.), 68 Can be written from HMI/OPC UA (STEP 7 Prof.), 68 Certificate blocking list, 60, 75 Connection resources, 17 CP (abbreviation), 4 CPU - assigning, 15 Cross references (PDF), 4

D DCP, 14 Deadband, 77 DHCP, 14, 125 Disposal, 6 Documentation, 5 Download, 33

E ES (abbreviation), 4 Ethernet interface

Assignment, 128

F Firmware

Version, 3

G Glossary, 6

H H system, 14 Hardware product version, 3

HTTPS, 50

I Initial addressing, 33 IPv4, 14

K KNOW_HOW_PROTECT, 37

L Logging server, 59, 74

M MAC address, 3 MIB, 121

N Namespace index, 76 NCM diagnostics (locking), 58 NodeID / Identifier (Server), 76 NTP (secure), 50, 64

P Parameter types, 43 PG (abbreviation), 4 PG/OP connections, 17 PLC tags for OPC UA, 40

Q Queue size, 16

R Recycling, 6

Index


S Safety notices, 29 Security

Security Configuration Tool, 19 Security enabling, 47 Web, 50

Security functions, 12 Server URI, 53, 68 Service & Support, 6 SIMATIC NET glossary, 6 SNMP, 45, 62, 120 SNMPv3, 65 Special diagnostics (block), 72 STEP 7

Version, 19 Symbols for OPC UA, 40 Syntax of the symbol names, 40

T Training, 6

U UTF-8, 40

W Web server

Diagnostics data, 120

Documents

CP 443-1 OPC UA - Siemens AG · CP 443-1 OPC UA Operating ... of the SIMATIC S7-400 to an OPC UA client and server ... of the full product name "CP 443-1 OPC UA". PG Programming device