Baixe o app para aproveitar ainda mais
Prévia do material em texto
Communication between a PC-Based Beckhoff PLC and a Comfort Panel via OPC UA WinCC Comfort / V15.1 / OPC UA https://support.industry.siemens.com/cs/ww/en/view/109772341 Siemens Industry Online Support https://support.industry.siemens.com/cs/ww/de/view/109772341 Legal information Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 2 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d Legal information Use of application examples Application examples illustrate the solution of automation tasks through an interaction of several components in the form of text, graphics and/or software modules. The application examples are a free service by Siemens AG and/or a subsidiary of Siemens AG (“Siemens”). They are non- binding and make no claim to completeness or functionality regarding configuration and equipment. The application examples merely offer help with typical tasks; they do not constitute customer-specific solutions. You yourself are responsible for the proper and safe operation of the products in accordance with applicable regulations and must also check the function of the respective application example and customize it for your system. Siemens grants you the non-exclusive, non-sublicensable and non-transferable right to have the application examples used by technically trained personnel. Any change to the application examples is your responsibility. Sharing the application examples with third parties or copying the application examples or excerpts thereof is permitted only in combination with your own products. The application examples are not required to undergo the customary tests and quality inspections of a chargeable product; they may have functional and performance defects as well as errors. It is your responsibility to use them in such a manner that any malfunctions that may occur do not result in property damage or injury to persons. Disclaimer of liability Siemens shall not assume any liability, for any legal reason whatsoever, including, without limitation, liability for the usability, availability, completeness and freedom from defects of the application examples as well as for related information, configuration and performance data and any damage caused thereby. This shall not apply in cases of mandatory liability, for example under the German Product Liability Act, or in cases of intent, gross negligence, or culpable loss of life, bodily injury or damage to health, non-compliance with a guarantee, fraudulent non-disclosure of a defect, or culpable breach of material contractual obligations. Claims for damages arising from a breach of material contractual obligations shall however be limited to the foreseeable damage typical of the type of agreement, unless liability arises from intent or gross negligence or is based on loss of life, bodily injury or damage to health. The foregoing provisions do not imply any change in the burden of proof to your detriment. You shall indemnify Siemens against existing or future claims of third parties in this connection except where Siemens is mandatorily liable. By using the application examples you acknowledge that Siemens cannot be held liable for any damage beyond the liability provisions described. Other information Siemens reserves the right to make changes to the application examples at any time without notice. In case of discrepancies between the suggestions in the application examples and other Siemens publications such as catalogs, the content of the other documentation shall have precedence. The Siemens terms of use (https://support.industry.siemens.com) shall also apply. Security information Siemens provides products and solutions with industrial security functions that support the secure operation of plants, systems, machines and networks. In order to protect plants, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art industrial security concept. Siemens’ products and solutions constitute one element of such a concept. Customers are responsible for preventing unauthorized access to their plants, systems, machines and networks. Such systems, machines and components should only be connected to an enterprise network or the Internet if and to the extent such a connection is necessary and only when appropriate security measures (e.g. firewalls and/or network segmentation) are in place. For additional information on industrial security measures that may be implemented, please visit https://www.siemens.com/industrialsecurity. Siemens’ products and solutions undergo continuous development to make them more secure. Siemens strongly recommends that product updates are applied as soon as they are available and that the latest product versions are used. Use of product versions that are no longer supported, and failure to apply the latest updates may increase customer’s exposure to cyber threats. To stay informed about product updates, subscribe to the Siemens Industrial Security RSS Feed at: https://www.siemens.com/industrialsecurity. https://support.industry.siemens.com/ Table of Contents Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 3 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d Table of Contents Legal information ..................................................................................................... 2 1 Introduction .................................................................................................... 4 1.1 Overview ........................................................................................... 4 1.2 Principle of Operation ........................................................................ 4 1.3 Components Used ............................................................................. 5 2 Engineering Beckhoff Controller ................................................................... 6 2.1 Basics ............................................................................................... 6 2.1.1 Note on the Documentation ............................................................... 6 2.1.2 Certificate Handling ........................................................................... 6 2.1.3 Certificate Storage Location ............................................................... 7 2.1.4 Adjusting the Port Address................................................................. 8 2.1.5 Problem Handling .............................................................................. 8 2.2 Preparatory Measures ..................................................................... 11 2.2.1 Beckhoff Software Installation .......................................................... 11 2.2.2 Customizing the Menu Bar ............................................................... 11 2.3 Beckhoff Configuration..................................................................... 12 2.3.1 PLC Tag Declaration ....................................................................... 12 2.3.2 Creating a TwinCAT Connectivity Project ......................................... 20 2.3.3 Setting UA Endpoints ....................................................................... 23 3 Engineering Comfort Panel .......................................................................... 32 3.1 HMI Configuration Without Encryption.............................................. 32 3.2 HMI Configuration with Encryption ................................................... 34 3.3 Transferring HMI Configuration ........................................................ 37 4 Appendix ....................................................................................................... 39 4.1 Service and support .........................................................................39 4.2 Links and literature .......................................................................... 40 4.3 Change documentation .................................................................... 40 1 Introduction Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 4 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d 1 Introduction 1.1 Overview SIEMENS Comfort Panels offer a variety of communication options. This application example shows how to configure communication between a PC-based Beckhoff PLC controller and a Comfort Panel via OPC UA. All necessary steps and settings required on the “Beckhoff Engineering Station” and the SIMATIC HMI Comfort Panel are described. For software, Beckhoff uses “TwinCAT 3” on the Beckhoff side with the “TF6100-OPC-UA” option. On the HMI side, “WinCC Comfort V15.1” is used. Note If you have questions/problems concerning the parameterization of the Beckhoff software, please contact Beckhoff support directly. 1.2 Principle of Operation OPC UA (Open Platform Communications Unified Architecture) is a collection of standards for communication and data exchange in the industrial automation environment. OPC UA standardizes industrial connectivity, ensuring compatibility between products from different manufacturers. In this application example, the Comfort Panel works as a client and obtains the values from the “Beckhoff Controller” (server). The server exchanges certificates with the client for the encrypted connection. Figure 1-1 Beckhoff PLC (TwinCAT 3) Comfort Panel (WinCC Comfort V15.1) OPC UA Server Client Certificates 1 Introduction Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 5 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d 1.3 Components Used The following hardware and software components were used to create this application example: Table 1-1 Components Quantity Item number Note WinCC Comfort V15.1 1 6AV210.-....5-0 WinCC Advanced V15.1 or newer version. SIMATIC Comfort Panel 1 6AV2124-0MC01-0AX0 All Comfort Panel and KTP Mobile and PC Runtime Systems Standard PC 1 -- Installation of the TwinCAT software/server. TwinCAT 3 Software 1 -- Download via the manufacturer page. TF6100-OPC-UA Version 4.3.20.0 1 -- Download via the manufacturer page. This application example consists of the following components: Table 1-2 Components File name Note Documentation 109772341_Communication_Beckhoff_OpcUa_DOC_en.pdf Project 109772341_Communication_Beckhoff_OpcUa_CODE.zip 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 6 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d 2 Engineering Beckhoff Controller 2.1 Basics Below is a list of some standard functions that are repeatedly executed during engineering. 2.1.1 Note on the Documentation Used interface terminology in the documentation. • (1) Function bar • (2) Toolbar • (3) Solution Explorer • (4) Area where the parameterization is carried out Figure 2-1 1 2 3 4 2.1.2 Certificate Handling The clients’ certificates are listed under the “UA Endpoints” (1) menu item. To do this, double-click the connectivity project (2) in the “Solution Explorer” to open it. Figure 2-2 1 2 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 7 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d If a client tries to access the server, the client’s certificate is first stored in the “Rejected” folder. The configuration engineer then decides whether to trust this certificate. If the configuration engineer trusts the certificate, they must manually move the certificate from the “Rejected” folder to the “Trusted” folder. View of a “Client certificate” in the Rejected folder (red background) Figure 2-3 Moving the Client certificate to the “Trusted Folder” Right-click the entry. Then select “To Trust List” from the context menu. The certificate is automatically moved to the “Trusted” folder. Click “Refresh” to update the list. Figure 2-4 2.1.3 Certificate Storage Location Certificates are automatically generated for encrypted communication between the server (Beckhoff Controller) and the client (Comfort Panel). Some of these certificates must be moved from the “Rejected folder” to the “Trusted folder”. TwinCAT software Storage path of the “Rejected” or “Trusted” folder. The certificates are stored under the following directories. • C:\TwinCAT\Functions\TF6100-OPC-UA\Win32\Server\PKI\CA\rejected • C:\TwinCAT\Functions\TF6100-OPC-UA\Win32\Server\PKI\CA\trusted\certs 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 8 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d Comfort Panel The certificates are stored in the following directory. • \flash\simatic\SystemRoot\OPC\PKI\CA\default\rejected\ • \flash\simatic\SystemRoot\OPC\PKI\CA\default\certs\ 2.1.4 Adjusting the Port Address By default, the server uses port address 4840 (1). You can adjust the port address if required. Figure 2-5 In order for the change of the port address to become effective, the “TcUaServerConfig.xml” file must be modified. You can find the file under the directory “C:\TwinCAT\Functions\TF6100-OPC-UA\Win32\Server”. You can edit the file with a text editor. Search in the file for the entry “4840” and modify it accordingly. Restart the server manually The first step is to shut down the server via the “Task Manager”. Then start the server from the “DOS command prompt” using the following command: C:\TwinCAT\Functions\TF6100-OPC-UA\Win32\Server\TcOpcUaServer.exe\desktop 2.1.5 Problem Handling “Anonymous” user The “Anonymous” user must be present for communication. This is automatically created when “TwinCAT Connectivity” is created. If this entry is missing, the easiest way is to delete the existing “TwinCAT Connectivity” project and create a new one. 1 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 9 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d BadIdentityTokenRejected If you get a notification regarding “BadIdentityTokenRejected” when assigning the server, it may be helpful to create a new “OPC UA Server Configuration” (1). Then check that the “Anonymous” user is present (2). Figure 2-6 VM Ware For example, if you are using a virtual machine to test the application, it is best to use the following configuration. VM Ware: Enter “4” in the “Number of processor cores” field. Figure 2-7 1 2 1 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 10 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d TwinCAT 3 configuration: Open the configuration under “Solution Explorer > TwinCAT Controller > Real- Time”. Enter 2 I 2 in the “Available cores (Shared/Isolated)” (1) menu item. Activate the “2 (Isolated)” default option (2). Figure 2-8 2 1 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 11 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d 2.2 Preparatory Measures 2.2.1 Beckhoff Software Installation 1. Download the latest “TwinCAT 3” Engineering Software. The engineering environment includes the TwinCAT 3 controller software. (TExxxx | Engineering). 2. Download the “TF6100-OPC-UA” option package. (TFxxxx |Functions -> TF6xxx | Connectivity). Note You can download the software from the download area of the manufacturer’s site under the folder “Software” (see \3\). 3. Install the two software packages. 2.2.2 Customizing the Menu Bar After creating a TwinCAT project, you can additionally show or hide various icons in the function bar. Table 2-1 No. Description 1. Customizing the menu bar • Create a TwinCAT project (see Chapter 2.3). • Open the toolbar menu via “View > Toolbars”. • Use all the icons shown in the figure (1). After selection, the icons are listed below the menu bar. 1 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 12 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d 2.3 Beckhoff Configuration 2.3.1 PLC Tag Declaration This chapter describes the procedure for transferring tag values from the Beckhoff Controller to the HMI Operator Panel (Comfort Panel) via OPC UA. Table 2-2 No. Description 1. • Open the TwinCAT XAE software and create a new project. “New TwinCAT Project…” • Another window opens. 2. • Select the “TwinCAT Projects” option in the window and then select the “TwinCAT XAE Project (XML format)” graphic. • Assign a project name and specify the storage location. • Click OK to confirm the entry. 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 13 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 3. • Right-click the “PLC” folder to select it. • Select “Add new element...” from the context menu. • Another window opens. 4. • Left-click the “Standard PLC Project” menu item to select it. • Confirm the setting with the “Add” button. 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 14 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 5. • A “PLC standard configuration” is created in the “Solution Explorer”. • The program blocks are created in the “POUs” subfolder and accessed via the “MAIN block”. 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 15 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 6. Example: Configuring PLC tags for OPC UA access The tags displayed on the Comfort Panel via OPC UA must have a certain “syntax”. In the tag declaration, the following comment must be stored above the tag. {attribute ‘OPC.UA.DA‘ := ‘1‘} => The apostrophe character, “ ‘ ”, is located above the “#” character on the English keyboard. Note: You can find details on PLC tag configuration for OPC UA access in the “TwinCAT 3 Connectivity – TC3 OPC UA” manual (see \4\). 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 16 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 7. Configuring OPC UA name space To ensure that the icon file is automatically transferred into the PLC runtime, enable the icon file download in the PLC project settings. • Double-click the newly created “Control project” (in this case “Untitled1”) in the “Solution Explorer”. A dialog window opens. • Select the “Settings” tab in the dialog box. • Activate the “TMC File” check box. 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 17 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 8. Assigning a license If you do not have a license for using the software, the TwinCAT software offers a “trial license”, which is valid for 7 days. • Use the “Solution Explorer” to open the “SYSTEM” folder. • Double-click the “License” entry. A dialog window opens. • In the dialog box, click the button “Activate 7-day trial license…” (1). • Enter the specified security code in the dialog box that opens (2) (case sensitive). • Click “OK” (3) to confirm the entry. 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 18 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 9. Activating the configuration (simulation of process values) You must activate the program in order to test the PLC program. • Select the TwinCAT OPC UA project. • Click the “Activate Configuration” icon in the toolbar (1). Confirm the following dialog boxes. • Then click the “Login” icon (2). Confirm the following dialog box. 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 19 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 10. Activating the configuration • Click the “Start” icon in the toolbar (1). Simulation is started. This finalizes the “Simulation of process values” settings. 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 20 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d 2.3.2 Creating a TwinCAT Connectivity Project This chapter describes the configuration of the OPC UA communication interface. Table 2-3 No. Description 1. Creating a new project • Right-click the project folder (1) in the “Solution Explorer”. • Select the “Add > New Project…” menu command (2). Another window opens. 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 21 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 2. • Left-click the “TwinCAT Connectivity” entry under the “Installed” directory (1). • Select the “Empty TwinCAT...” folder in the middle of the screen (2). • Assign a name for the project (3). • In the “Location” field, you only need to select a directory if the project should not be located in the same directory as the PLC program. • Click “OK” to confirm the selection: 3. • Right-click the newly created connectivity project in the “Solution Explorer” (1). • Select the “Add > New Item…” menu command (2). The “Add New Item” window opens. 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 22 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 4. • Select the “TwinCAT OPC-U…” folder in the window (1). • Click “Add” to confirm the selection. 5. Assigning a license If you do not have a license for using the software, the TwinCAT software offers a “trial license”, which is valid for 7 days. • Use the “Solution Explorer” to open the “SYSTEM” folder. • Double-click the “License” menu item. A dialog window opens. • Select the “Manage Licenses” tab in the menu bar (1). • Scroll to “Order No” TF6100 and check the corresponding check box (2). • Return to the “Order Information (Runtime)” tab (3). • Click the “7 Days Trial License…” button in the dialog box (4). • Enter the default security code in the context menu (5) (case sensitive). • Click “OK” to confirm the entry. 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 23 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 2.3.3 Setting UA Endpoints Table 2-4 No. Description1. Define UA endpoints • Double-click the connectivity project in the “Solution Explorer” to open it. A dialog box (1) opens. • Select the “UA Endpoints” tab in the dialog box (2). The following screenshot shows the default settings. Note The Comfort Panels do not support all the “encryptions” listed here. For this reason, the standard setting will be adjusted as described below. 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 24 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 2. Setting the server address • Select “TwinCAT OPC UA Configurator” in the function bar. If the configurator is not displayed, check the activated tools (see Chapter 2.2.2). • Open the drop-down list and click the “Add Target OPC-UA Server” entry (1). A dialog window opens. 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 25 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 3. Configured UA Servers • Enter the server address in the “Server Url:” field. Syntax: opc.tcp://[localhost]:Port or opc.tcp://[IP-Adresse]:Port In this example: opc.tcp://localhost:4840 • Confirm the settings with the “Add” button (1). Note When the server address is assigned for the first time, a message regarding the certificate is displayed. Click the “Trust” button (1) to confirm the certificate. 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 26 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 4. After confirming the server address via the “Add” button, the address is displayed as shown. • Click the “Use” button (1). Note The button name changes from “Use” to “Not Use”. • Click “OK” to confirm the settings. Note If the specified address of the server is incorrect/does not exist, an error message is displayed. In this case, check the address of the server. Otherwise, no connection can be established between the client and the server. 5. • Select “TwinCAT OPC UA Configurator” in the function bar. You can now use the drop-down list to select the previously created “Server”. In this example: TcOpcUaServer@hh-PC 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 27 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 6. Selecting encryption • Select “TwinCAT OPC UA Configurator” in the function bar. Use the “Please select an endpoint” drop-down list to select an encryption that the “client” supports (1). See, for example, the settings in the HMI configuration under “Project navigation > Connections” (see Chapter 3.2 “HMI Configuration with Encryption“). The selection options you will find here depend on the options selected in the “UA Endpoint” menu. Note In this example, you can first select any encryption option. In the second step, the encryption required for the Comfort Panel is parameterized. • Click “Connect” (2). The “Authentication” dialog box is displayed. 7. “Authentication” dialog box By default, only the option field “Anonymous” is selected in the dialog box. Confirm this entry in the dialog box by clicking “OK”. 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 28 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 8. Client certificate By confirming the “Authentication”, a series of certificates are automatically created/imported, which either have the status “Trusted” or are declared as Rejected. Which certificates are listed in detail depends on the installed software environment and hardware. Move the “TcOpcUaGateway@hh-PC” certificate from the “Rejected” folder to the “Trusted” folder (see Chapter 2.1.2). 9. Editing UA Endpoints The two screenshots show a sample of the possible connection settings for a Comfort Panel that are also supported by the Beckhoff Controller. Without Security II With Security Security policy: None II Basic256 Security Mode message: None II Sign 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 29 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 10. To edit the “UA Endpoints”, a connection to the server must be established. An existing connection can be recognized by the fact that the “TwinCAT OPC UA Configurator” is grayed out in the function bar Furthermore, the “Disconnect” button is active, with which you can terminate the connection (1). 1 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 30 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 11. • Open the “UA Endpoints” dialog box (1). • Enable only the following options General – Enable Anonymous logon – Allow Deprecated Security Policies Security – None – Basic256 Sign (select “Sign” from the drop-down list) • Press the “Activate OPC-UA Server Config” (2) button in the function bar. • The “Activate OPC UA Configuration” dialog window is displayed. Only check the “Activate Server Configuration” option (3). • Click “OK” to confirm the settings: • The “Activate Configuration” dialog box is displayed. Click the “Yes” button to confirm the process and that the changes will only become active after a restart of the server. • Another window is displayed. Click “OK” to confirm that the server will be restarted. 2 Engineering Beckhoff Controller Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 31 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 12. Setting a new endpoint • After restarting the server, the connection to the server is automatically disconnected. If this is not the case, terminate the server connection using the “Disconnect” button (1). • Select “TwinCAT OPC UA Configurator” in the function bar. Use the drop- down list to select encryption “opc.tcp://[Rechner Name:4840] [Sign:Basic256:Binary]” (2) “opc.tcp://hh-PC:4840 [Sign:Basic256:Binary]” (2). • Click the “Connect” button (3) to connect to the server • The “Authentication” dialog box is displayed. Confirm the entries in the dialog box with the “OK” button. 13. Certificates are re-created and stored in the “Rejected” folder. In this case, these certificates already exist and are stored in the “Trusted” folder. Note: You can delete duplicate certificates. 14. The “UA Endpoints” settings are now complete. 3 Engineering Comfort Panel Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 32 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d 3 Engineering Comfort Panel This chapter describes the settings that must be configured using the “Connections” menu item when engineering the Comfort Panel and when configuring the HMI tags (access to the PLC tags of the Beckhoff Controller). 3.1 HMI Configuration Without Encryption Table 3-1 No. Description 1. First create a WinCC Comfort Panel project or open an existing WinCC Comfort configuration. 2. Creating a connection • Open the “Connections” entry via the project directory. • Create a new connection. • Select the “OPC UA” entry from the “CommunicationDriver” list (1). • Enter the following parameterization in the “OPC server” section (2). – UA server discovery URL: IP address of the server including port address In this example: opc.tcp://172.16.34.2:4840 – Security policy: None – Message security mode: None 1 2 3 Engineering Comfort Panel Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 33 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 3. Creating tags • Open the “HMI tags” entry via the project directory. • Open a tag table. • Create a new tag with a controller connection (1). • Click the button to the right of the “Address” field to open the drop-down list (2). • A window opens displaying a server and its address (3). • Open the details of the server (4). • Navigate to the “PLC1” folder (5). The folder name is the same as the “Beckhoff Controller” that you assigned. This folder contains the PLC tags that have been enabled in the Beckhoff Controller for access via OPC UA. Select the tag you want to use in the HMI project and double-click it to apply it. 1 5 3 Engineering Comfort Panel Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 34 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d 3.2 HMI Configuration with Encryption Table 3-2 No. Description 1. First create a WinCC Comfort Panel project or open an existing WinCC Comfort configuration. 2. Creating a connection If you have already been able to establish an unencrypted connection to the server, this now simplifies the configuration with “encryption”. • Open the “Connections” entry via the project directory. • Create a new connection or open the existing connection. • Select the “OPC UA” entry from the “Communication Driver” list (1). • Enter the following parameterization in the “OPC server” section (2). – UA server discovery URL: IP address of the server including port address In this example: opc.tcp://172.16.34.2:4840 – Security policy: Basic256 – Message security mode: Sign 1 2 3 Engineering Comfort Panel Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 35 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 3. Creating tags • Open the “HMI tags” entry via the project directory. • Open a tag table. • Create a new tag with a controller connection (1). • Click the button to the right of the “Address” field to open the drop-down list (2). • A window opens displaying a server with a communication error (3). 4. Assigning a certificate • Change to the TwinCAT configuration. • Refresh the “Client certificates” display using the “Refresh” button (1). • A new certificate is displayed, which you must then move to the “Trusted” folder (see Chapter 2.1.2). • Return to the HMI configuration. 3 1 2 3 Engineering Comfort Panel Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 36 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 5. • Click the button to the right of the “Address” field to open the drop-down list (1). • A window opens displaying a server and its address (2). A secure connection to the server is established by moving the certificate to the “Trusted” folder. • Open the details of the server (3). • Navigate to the “PLC1” folder (4). This folder contains the PLC tags that have been enabled in the Beckhoff Controller for access via OPC UA. • Select the corresponding tag and double-click it to apply it. 3 Engineering Comfort Panel Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 37 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d 3.3 Transferring HMI Configuration If no encryption has been configured in the connection settings, you can transfer the configuration to the Comfort Panel as you would normally. A connection to the server (Beckhoff Controller) is established provided one exists. The following describes certificate handling in the case that “encryption” has been configured in the connection settings. Table 3-3 No. Description 1. Transfer the HMI project configuration to the Comfort Panel. After transferring the project configuration and starting the Panel Runtime, a connection error is initially displayed on the panel. 2. When trying to establish a connection between the server and the Comfort Panel, the server transferred a certificate to the Comfort Panel in the “rejected” folder. This certificate must now be manually moved to the “cert” folder in the Comfort Panel. • Open the “rejected” folder on the Comfort Panel and move the certificate to the “cert” folder. • Click “My Computer” on the Comfort Panel (1). • Navigate to the folder “\flash\simatic\SystemRoot\OPC\PKI\CA\default”. The other folders “rejected” and “certs” are located here. 3 Engineering Comfort Panel Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 38 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d No. Description 3. Moving the certificate • Open the “rejected” folder and copy the certificate into the “cert” folder. • Then delete the certificate in the “rejected” folder. • Start the Panel Runtime. 4. Assigning a certificate • Change to the TwinCAT configuration. • Click “Refresh” (1) to refresh the “Client certificates” display. • A new certificate is displayed, which you must then move to the “Trusted” folder (see Chapter 2.1.2). 5. After the certificate has been moved to the “Trusted” folder, the connection between the Comfort Panel and the Beckhoff Controller is established. Note: The update of the tags on the Comfort Panel can be delayed when the connection is first established. 4 Appendix Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 39 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d 4 Appendix 4.1 Service and support Industry Online Support Do you have any questions or need assistance? Siemens Industry Online Support offers round the clock access to our entire service and support know-how and portfolio. The Industry Online Support is the central address for information about our products, solutions and services. Product information, manuals, downloads, FAQs, application examples and videos – all information is accessible with just a few mouse clicks: https://support.industry.siemens.com Technical Support The Technical Support of Siemens Industry provides you fast and competent support regarding all technical queries with numerous tailor-made offers – ranging from basic support to individual support contracts. Please send queries to Technical Support via Web form: www.siemens.com/industry/supportrequest SITRAIN – Training for Industry We support you with our globally available training courses for industry with practical experience, innovative learning methods and a concept that’s tailored to the customer’s specific needs. For more information on our offered trainings and courses, as well as their locations and dates, refer to our web page: www.siemens.com/sitrain Service offer Our range of services includes the following: • Plant data services • Spare parts services • Repair services • On-site and maintenance services • Retrofitting and modernization services • Service programs and contracts You can find detailed information on our range of services in the service catalog web page: https://support.industry.siemens.com/cs/sc Industry Online Supportapp You will receive optimum support wherever you are with the "Siemens Industry Online Support" app. The app is available for Apple iOS, Android and Windows Phone: https://support.industry.siemens.com/cs/ww/en/sc/2067 https://support.industry.siemens.com/ http://www.siemens.com/industry/supportrequest http://www.siemens.com/sitrain 4 Appendix Beckhoff HMI Kommunikation OPC UA Entry ID: 109772341, V1.0, 02/2020 40 © S ie m e n s A G 2 0 2 0 A ll ri g h ts r e s e rv e d 4.2 Links and literature Note Bischoff’s manufacturer-specific links cannot be guaranteed and were valid at the time of publication. Table 4-1 No. Subject \1\ Siemens Industry Online Support https://support.industry.siemens.com \2\ Link to the article page of the Application Example https://support.industry.siemens.com/cs/ww/en/view/109772341 \3\ Beckhoff Automation https://www.beckhoff.de TwinCAT 3 (Download>Software>TwinCAT 3>TE1xxx Engineering TF6100 (Download>Software>TwinCAT 3>TFxxxx Functions>TF6xxx Connectivity) \4\ “TwinCAT 3 Connectivity – TC3 OPC UA” manual https://download.beckhoff.com/download/document/automation/twincat3/TF6100_T C3_OPC-UA_DE.pdf 4.3 Change documentation Table 4-2 Version Date Change V1.0 02/2020 First edition https://support.industry.siemens.com/ https://support.industry.siemens.com/cs/ww/de/view/109772341 https://www.beckhoff.de/ https://download.beckhoff.com/download/document/automation/twincat3/TF6100_TC3_OPC-UA_DE.pdf https://download.beckhoff.com/download/document/automation/twincat3/TF6100_TC3_OPC-UA_DE.pdf Communication between a PC-Based Beckhoff PLC and a Comfort Panel via OPC UA Legal information 1 Introduction 1.1 Overview 1.2 Principle of Operation 1.3 Components Used 2 Engineering Beckhoff Controller 2.1 Basics 2.1.1 Note on the Documentation 2.1.2 Certificate Handling 2.1.3 Certificate Storage Location 2.1.4 Adjusting the Port Address 2.1.5 Problem Handling 2.2 Preparatory Measures 2.2.1 Beckhoff Software Installation 2.2.2 Customizing the Menu Bar 2.3 Beckhoff Configuration 2.3.1 PLC Tag Declaration 2.3.2 Creating a TwinCAT Connectivity Project 2.3.3 Setting UA Endpoints 3 Engineering Comfort Panel 3.1 HMI Configuration Without Encryption 3.2 HMI Configuration with Encryption 3.3 Transferring HMI Configuration 4 Appendix 4.1 Service and support 4.2 Links and literature 4.3 Change documentation
Compartilhar