Difference between revisions of "IBH OPC UA IoT2040:Startup operations"
(Created page with "== Mounting and Connection == The '''IBH Link UA''' is designed for DIN rail mount: 255px 64px '''ATTENTION!'''...") |
m |
||
Line 1: | Line 1: | ||
== Mounting and Connection == | == Mounting and Connection == | ||
− | + | The '''Siemens IoT2040''' is designed for DIN rail mount: | |
− | + | ||
− | The ''' | + | |
− | + | ||
[[Image:IBH_IoT_2040_300px.jpg|255px]] | [[Image:IBH_IoT_2040_300px.jpg|255px]] | ||
Line 9: | Line 6: | ||
[[Image:ACHTUNG.png|64px]] | [[Image:ACHTUNG.png|64px]] | ||
− | |||
− | |||
− | |||
− | |||
'''Use only supply voltage from 12V to 36V to operate the device. Higher voltage may destroy the device.''' | '''Use only supply voltage from 12V to 36V to operate the device. Higher voltage may destroy the device.''' | ||
− | |||
<br /> | <br /> | ||
− | |||
<br /> | <br /> | ||
− | |||
<br /> | <br /> | ||
− | |||
== Inserting the microSD card == | == Inserting the microSD card == | ||
− | |||
− | |||
The microSD card delivered with the device needs to be exchanged with the card provided by '''IBHsoftec GmbH'''. | The microSD card delivered with the device needs to be exchanged with the card provided by '''IBHsoftec GmbH'''. | ||
− | |||
<br /> | <br /> | ||
− | |||
[[Image:ACHTUNG.png|64px]] | [[Image:ACHTUNG.png|64px]] | ||
− | |||
− | |||
Power off the devicee before changing the microSD card! | Power off the devicee before changing the microSD card! | ||
− | |||
<br /> | <br /> | ||
− | |||
The slot for the microSD card is located on the board: | The slot for the microSD card is located on the board: | ||
− | |||
[[Image:IBH_IoT_2040_microSD.png|400px]] | [[Image:IBH_IoT_2040_microSD.png|400px]] | ||
− | |||
<br /> | <br /> | ||
− | |||
<br /> | <br /> | ||
− | |||
− | |||
== Configuration of the IP addresses == | == Configuration of the IP addresses == | ||
− | |||
− | |||
The administration can be made with a recent web browser over the Ethernet port 1 by using the host name f.i. http://'''iot2000''' | The administration can be made with a recent web browser over the Ethernet port 1 by using the host name f.i. http://'''iot2000''' | ||
− | + | <br /> | |
− | + | ||
or over the port 2 by entering the default IP Address '''192.168.1.14''' | or over the port 2 by entering the default IP Address '''192.168.1.14''' | ||
− | |||
No other tools are required. | No other tools are required. | ||
− | |||
Default IP Address configuration: | Default IP Address configuration: | ||
Line 62: | Line 33: | ||
{| class="wikitable" | {| class="wikitable" | ||
− | |||
− | |||
|- | |- | ||
− | |||
− | |||
! Level !! Port !! Address | ! Level !! Port !! Address | ||
− | |||
− | |||
|- | |- | ||
− | |||
− | |||
| Management level|| Port 1 || Host name: f.i.'''iot2000''' | | Management level|| Port 1 || Host name: f.i.'''iot2000''' | ||
− | |||
− | |||
|- | |- | ||
− | |||
− | |||
| Control level || Port 2 - 4 || '''192.168.1.14''' | | Control level || Port 2 - 4 || '''192.168.1.14''' | ||
− | |||
− | |||
|} | |} | ||
− | |||
Default Login: | Default Login: | ||
− | |||
'''admin''' | '''admin''' | ||
− | + | <br /> | |
− | + | ||
'''admin''' | '''admin''' | ||
− | |||
[[Image:IBH_IoT_2040_Login.png|786px]] | [[Image:IBH_IoT_2040_Login.png|786px]] | ||
− | + | <br /> | |
− | + | <br /> | |
== Network: Management Level == | == Network: Management Level == | ||
− | |||
Network configuration for Port 1 (Management level respectively Supervision Level): | Network configuration for Port 1 (Management level respectively Supervision Level): | ||
− | |||
[[Image:IBH_IoT_2040_Management_Level.png|786px]] | [[Image:IBH_IoT_2040_Management_Level.png|786px]] | ||
− | + | <br /> | |
− | + | <br /> | |
== Network: Control Level == | == Network: Control Level == | ||
− | |||
Network configuration for Port 1 (Control Level respectively Machine Level): | Network configuration for Port 1 (Control Level respectively Machine Level): | ||
− | |||
[[Image:IBH_IoT_2040_Controlt_Level.png|786px]] | [[Image:IBH_IoT_2040_Controlt_Level.png|786px]] | ||
− | |||
From both levels the '''Endpoint URL''' can be copied: | From both levels the '''Endpoint URL''' can be copied: | ||
− | |||
[[Image:IBH_IoT_2040_Endpoint_URL.png|329px]] | [[Image:IBH_IoT_2040_Endpoint_URL.png|329px]] | ||
− | |||
The Endpoint URL is provided by the IBH Link UA and is the destination URL for the OPC Client. | The Endpoint URL is provided by the IBH Link UA and is the destination URL for the OPC Client. | ||
− | |||
In our sample, the UA Expert diagnostic client from Unified Automation is shown: | In our sample, the UA Expert diagnostic client from Unified Automation is shown: | ||
− | |||
[[Image:IBH_IoT_2040_Endpoint_URL_Client.png|409px]] | [[Image:IBH_IoT_2040_Endpoint_URL_Client.png|409px]] | ||
− | |||
<br /> | <br /> | ||
− | |||
<br /> | <br /> | ||
− | |||
− | |||
== Time Settings == | == Time Settings == | ||
− | |||
[[Image:ACHTUNG.png|64px]] | [[Image:ACHTUNG.png|64px]] | ||
− | |||
'''Before creating certificates, the clock of the IBH Link UA must be set with the correct date and time!''' | '''Before creating certificates, the clock of the IBH Link UA must be set with the correct date and time!''' | ||
− | |||
[[Image:IBH_IoT_2040_Time.png|866px]] | [[Image:IBH_IoT_2040_Time.png|866px]] | ||
− | |||
<br /> | <br /> | ||
− | |||
<br /> | <br /> | ||
− | |||
<br /> | <br /> | ||
− | |||
− | |||
== Security == | == Security == | ||
− | |||
OPC UA defines different Security Levels: | OPC UA defines different Security Levels: | ||
− | |||
[[Image:IBH_IoT_2040_Security.png|866px]] | [[Image:IBH_IoT_2040_Security.png|866px]] | ||
− | |||
There are different levels of encryption '''None, Basic128Rsa15''' and '''Basic256''' | There are different levels of encryption '''None, Basic128Rsa15''' and '''Basic256''' | ||
− | |||
{| | {| | ||
− | |||
− | |||
|- | |- | ||
− | |||
| '''None''' || No encryption | | '''None''' || No encryption | ||
− | |||
|- | |- | ||
− | |||
| '''Basic128Rsa15''' || 128 Bit encryption | | '''Basic128Rsa15''' || 128 Bit encryption | ||
− | |||
|- | |- | ||
− | |||
| '''Basic256''' || 256 Bit encryption | | '''Basic256''' || 256 Bit encryption | ||
− | |||
|- | |- | ||
− | |||
| '''Basic256Sha256''' || 256 Bit encryption | | '''Basic256Sha256''' || 256 Bit encryption | ||
− | |||
|} | |} | ||
− | |||
The IBH Link UA supports the level '''Sign''', '''Sign and Encrypt''' and '''Sign + Sign and Encrypt''' | The IBH Link UA supports the level '''Sign''', '''Sign and Encrypt''' and '''Sign + Sign and Encrypt''' | ||
− | |||
{| | {| | ||
− | |||
− | |||
|- | |- | ||
− | |||
− | |||
| '''Sign''' || The messages contain signed certificates | | '''Sign''' || The messages contain signed certificates | ||
− | |||
− | |||
|- | |- | ||
− | |||
− | |||
| '''Sign and Encrypt''' || The messages contain signed certificates and are encrypted | | '''Sign and Encrypt''' || The messages contain signed certificates and are encrypted | ||
− | |||
− | |||
|- | |- | ||
− | |||
− | |||
| '''Sign + Sign and Encrypt''' || The messages may contain only signed certificates, or can be signed and are encrypted as well | | '''Sign + Sign and Encrypt''' || The messages may contain only signed certificates, or can be signed and are encrypted as well | ||
− | |||
− | |||
|} | |} | ||
− | |||
− | |||
<br /> | <br /> | ||
− | |||
− | |||
<br /> | <br /> | ||
− | |||
− | |||
<br /> | <br /> | ||
− | |||
− | |||
== Certificates == | == Certificates == | ||
− | |||
[[Image:ACHTUNG.png|64px]] | [[Image:ACHTUNG.png|64px]] | ||
− | |||
'''Before creating certificates, the time of the IBH Link UA must be set''' | '''Before creating certificates, the time of the IBH Link UA must be set''' | ||
− | |||
Exchange of Certificates is another important security level of OPC UA. | Exchange of Certificates is another important security level of OPC UA. | ||
− | + | <br /> | |
− | + | ||
A communication is only possible, if both Server and Client have a valid certificate assigned by the respective partners. | A communication is only possible, if both Server and Client have a valid certificate assigned by the respective partners. | ||
Line 254: | Line 144: | ||
or they offer other options for the handling of certificates. | or they offer other options for the handling of certificates. | ||
− | |||
'''Make the Client Certificate visible for the IBH Link UA Server:''' | '''Make the Client Certificate visible for the IBH Link UA Server:''' | ||
Line 271: | Line 160: | ||
<br /> | <br /> | ||
<br /> | <br /> | ||
− | |||
− | |||
==Historical Data== | ==Historical Data== | ||
While OPC Data Access allows the access to data in real time, supports OPC Historical Access, also called OPC HDA access, access to already stored data. From simple data logging systems to complex SCADA systems historical data can be queried on standardized manner. The activation of the Historical data is easily performed using the web browser. | While OPC Data Access allows the access to data in real time, supports OPC Historical Access, also called OPC HDA access, access to already stored data. From simple data logging systems to complex SCADA systems historical data can be queried on standardized manner. The activation of the Historical data is easily performed using the web browser. | ||
Line 280: | Line 167: | ||
[[Image:IBH_Link_UA_HDA.png|1200px]] | [[Image:IBH_Link_UA_HDA.png|1200px]] | ||
− | |||
<br /> | <br /> | ||
<br /> | <br /> | ||
<br /> | <br /> | ||
− | |||
== System == | == System == | ||
System information like the MAC address of the IBH Link UA can be found here: | System information like the MAC address of the IBH Link UA can be found here: | ||
[[Image:IBH_IoT_2040_System.png|597px]] | [[Image:IBH_IoT_2040_System.png|597px]] |
Revision as of 08:36, 23 February 2017
Contents
Mounting and Connection
The Siemens IoT2040 is designed for DIN rail mount:
Use only supply voltage from 12V to 36V to operate the device. Higher voltage may destroy the device.
Inserting the microSD card
The microSD card delivered with the device needs to be exchanged with the card provided by IBHsoftec GmbH.
Power off the devicee before changing the microSD card!
The slot for the microSD card is located on the board:
Configuration of the IP addresses
The administration can be made with a recent web browser over the Ethernet port 1 by using the host name f.i. http://iot2000
or over the port 2 by entering the default IP Address 192.168.1.14
No other tools are required.
Default IP Address configuration:
Level | Port | Address |
---|---|---|
Management level | Port 1 | Host name: f.i.iot2000 |
Control level | Port 2 - 4 | 192.168.1.14 |
Default Login:
admin
admin
Network: Management Level
Network configuration for Port 1 (Management level respectively Supervision Level):
Network: Control Level
Network configuration for Port 1 (Control Level respectively Machine Level):
From both levels the Endpoint URL can be copied:
The Endpoint URL is provided by the IBH Link UA and is the destination URL for the OPC Client.
In our sample, the UA Expert diagnostic client from Unified Automation is shown:
Time Settings
Before creating certificates, the clock of the IBH Link UA must be set with the correct date and time!
Security
OPC UA defines different Security Levels:
There are different levels of encryption None, Basic128Rsa15 and Basic256
None | No encryption |
Basic128Rsa15 | 128 Bit encryption |
Basic256 | 256 Bit encryption |
Basic256Sha256 | 256 Bit encryption |
The IBH Link UA supports the level Sign, Sign and Encrypt and Sign + Sign and Encrypt
Sign | The messages contain signed certificates |
Sign and Encrypt | The messages contain signed certificates and are encrypted |
Sign + Sign and Encrypt | The messages may contain only signed certificates, or can be signed and are encrypted as well |
Certificates
Before creating certificates, the time of the IBH Link UA must be set
Exchange of Certificates is another important security level of OPC UA.
A communication is only possible, if both Server and Client have a valid certificate assigned by the respective partners.
After setting the time of the IBH Link UA, a new server certificate can be created:
To get the best reliability of the Server Certificate, all fields need to be completed in detail:
If an existing Server Certificate shall be used with the IBH Link UA, it can be uploaded via the button <Upload Server Certificate>.
Make the IBH Link UA Server Certificate visible for the Client:
OPC UA clients usually detect server certificates automatically, when the first connection is established
or they offer other options for the handling of certificates.
Make the Client Certificate visible for the IBH Link UA Server:
After the client has accepted the server certificate, it will send the client certificate.
Whether new certificates are existing, can be checked using the Refresh button or the key <F5>:
Once the certificate is trusted, the communication with the Client can be established:
Historical Data
While OPC Data Access allows the access to data in real time, supports OPC Historical Access, also called OPC HDA access, access to already stored data. From simple data logging systems to complex SCADA systems historical data can be queried on standardized manner. The activation of the Historical data is easily performed using the web browser.
System
System information like the MAC address of the IBH Link UA can be found here: