IBH Link UA:Description
Contents
Integrating S5 and S7 controllers in the OPC UA world
The slogan "Industry 4.0" introduces more and more new communication and information technologies into industry automation. In order to implement these requirements efficiently and as quickly as possible must be tried to reduce the complexity by modularization and standardization. In this context, OPC UA has proven to be the pioneering communication standard. With OPC UA the industry 4.0 requirements for independence from manufacturer- industry- and company-communication-system are fulfilled.
Since OPC UA is not only transferring machine data, i.e. process values and measured values, but also allows the semantic description, OPC UA is becoming increasingly important to transfer machine data to higher level controllers systems.But how it is accomplished to read process data from Siemens SIMATIC controllers and integrated into the OPC UA communication?
The solution to this is the IBH Link UA.
The IBH Link UA, OPC UA server / client module with firewall, is designed to connect the SIMATIC controllers S5, S7-200, S7-300, S7-400, S7-1200 and S7-1500 into the OPC UA communication. The IBH Link UA is a compact device with four Ethernet ports and a 24V power supply for DIN rail mounting. Configuration is accomplished with the original Siemens STEP 7 tool or the TIA Portal. No special software must be installed on the programming device. The variable definitions are transferred by the programming software via Ethernet into the IBH Link UA. The variable attributes (e.g. read-only or limits) are directly defined within the PLC project. Thus a symbolic access to variables and data block structures is possible. A direct call of a PLC client functions can be done in the PLC program. This allows the PLC to communicate with controllers from other manufacturers via OPC UA. The IBH Link UA has three Ethernet ports for the machine level and one Ethernet port for the management level. On the management level only OPC access are possible. The integrated firewall between the two levels prevent possible manipulation out of the management level. The device has a certificate management for secure communication. The configuration of the security levels and the certificates management is easily accomplished via a web browser. The communication with the control takes place using TCP / IP. If the control has no Ethernet port available, the function can be achieve by using the proven communication adapter IBH Link S7++ or IBH Link S5++.
One of the advantages of the IBH Link UA from IBHsoftec is, that the IBH Link UA supports Client and Server functions simultaneously. This allows data exchange between different OPC UA Servers. For example control systems and other equipment with OPC UA servers from different manufacturers can exchange data with each other. The configuration of the client functions will be made using a standard web browser.
Operation and configurationn
As already mentioned, the IBH Link is UA is configured with the original Siemens STEP7 or the TIA Portal. No special software must be installed on the programming system. Thus, the IBH Link UA is seamlessly integrated into the PLC project. The variable definitions of the programming software are transferred into the IBH Link UA via Ethernet. The variable attributes (e.g. read-only or limits) are defined directly in the PLC project. Symbolic access to variables and data block structures therefore are possible.
Configuration is done as followed:
1. Create a PC.
2. Inserted the OPC server (SW8.2) into slot 1.
3. Inserted the Ethernet interface (IE General SW8.2) into slot 2.
4. Next the S7 connection to the required controls are established.
5. The variables are easily configured in the properties of the OPC server.
6. Subsequently the configuration is transferred via Ethernet into the IBH Link UA. The IBH Link UA then immediately knows the access paths to the controls and puts the required variables in the OPC client. All done!
Communication with the controllers
The communication with the control takes place using TCP / IP. If the control has no Ethernet port available, the function can be achieve by using the proven communication adapter IBH Link S7++ or IBH Link S5++. The IBH Link UA has three Ethernet ports for the machine level and one Ethernet port for the management level. On the management level only OPC access are possible. A firewall between the two levels is integrated. The configuration of the ports is accomplished via a standard web browser.
OPC Data Access
OPC Data Access, also known as OPC DA, is a set of standards providing the specifications for the transmission of real-time data from data processed devices such as PLCs to display and interface devices such as Human Machine Interfaces (HMI). The IBH Link UA can be accessed by multiple OPC UA clients. This provides a data source for any OPC UA compliant applications such as SAP, MES and ERP systems available.
Historical Data
While OPC Data Access allows the access to data in real time, supports OPC Historical Access, also called OPC HDA access, access to already stored data. From simple data logging systems to complex SCADA systems historical data can be queried on standardized manner. The activation of the Historical data is easily performed using the web browser.
Safety
The IBH Link UA provides a certificate management for secure communication. For this purpose, an appropriate software interface is provided, which can be displayed in any web browser. In this configuration the security levels and to the certificates are managed. This is placed onto the mechanisms defined by the OPC Foundation. OPC UA Security includes authentication and authorization, encryption, and data integrity by signing. Therefore the control will be protected of the uncontrolled access by a superior system.
There are different levels of encryption None, Basic128Rsa15 and Basic256
| None | No encryption |
| Basic128Rsa15 | 128 Bit encryption |
| Basic256 | 256 Bit encryption |
The IBH Link UA supports the level Sign, Sign and Encrypt and Sign + Sign and Encrypt
| Sign | The messages contain signed certificates |
| Sign and Encrypt | The messages contain signed certificates and are encrypted |
| Sign + Sign and Encrypt | The messages may contain only signed certificates, or can be signed and are encrypted as well |
Certificates
Exchange of Certificates is another important security level of OPC UA.
A communication is only possible, if both Server and Client have a valid certificate assigned by the respective partners.
OPC Client
One of the advantages of the IBH Link UA from IBHsoftec is, that the IBH Link UA supports Client and Server functions simultaneously.
This allows data exchange between different OPC UA Servers.
For example control systems and other equipment with OPC UA servers from different manufacturers can exchange data with each other.
The configuration of the client functions will be made using a standard web browser.
Additional advantages
The gateway can optionally use a MicroSD memory card to save the data temporary locally. In the case of an exchange of the device, it offers the advantage of faster new configuration. Another important aspect of the compact device is that it is an independent assembly and does not require a Windows PC.
