Transcription
Security information1Preface2SIMATICBasics3PCS 7OpenPCS 7 (V9.0)Installation and licensing4PCS 7 Engineering5Plant configurations6OpenPCS 7 interface7AppendixALists and foldersBFunction ManualValid for PCS 7 as of V9.005/2017A5E39222196-AA
Legal informationWarning notice systemThis manual contains notices you have to observe in order to ensure your personal safety, as well as to preventdamage to property. The notices referring to your personal safety are highlighted in the manual by a safety alertsymbol, notices referring only to property damage have no safety alert symbol. These notices shown below aregraded according to the degree of danger.DANGERindicates that death or severe personal injury will result if proper precautions are not taken.WARNINGindicates that death or severe personal injury may result if proper precautions are not taken.CAUTIONindicates that minor personal injury can result if proper precautions are not taken.NOTICEindicates that property damage can result if proper precautions are not taken.If more than one degree of danger is present, the warning notice representing the highest degree of danger will beused. A notice warning of injury to persons with a safety alert symbol may also include a warning relating to propertydamage.Qualified PersonnelThe product/system described in this documentation may be operated only by personnel qualified for the specifictask in accordance with the relevant documentation, in particular its warning notices and safety instructions. Qualifiedpersonnel are those who, based on their training and experience, are capable of identifying risks and avoidingpotential hazards when working with these products/systems.Proper use of Siemens productsNote the following:WARNINGSiemens products may only be used for the applications described in the catalog and in the relevant technicaldocumentation. If products and components from other manufacturers are used, these must be recommended orapproved by Siemens. Proper transport, storage, installation, assembly, commissioning, operation andmaintenance are required to ensure that the products operate safely and without any problems. The permissibleambient conditions must be complied with. The information in the relevant documentation must be observed.TrademarksAll names identified by are registered trademarks of Siemens AG. The remaining trademarks in this publicationmay be trademarks whose use by third parties for their own purposes could violate the rights of the owner.Disclaimer of LiabilityWe have reviewed the contents of this publication to ensure consistency with the hardware and software described.Since variance cannot be precluded entirely, we cannot guarantee full consistency. However, the information inthis publication is reviewed regularly and any necessary corrections are included in subsequent editions.Siemens AGDivision Process Industries and DrivesPostfach 48 4890026 NÜRNBERGGERMANYA5E39222196-AA 05/2017 Subject to changeCopyright Siemens AG 2017.All rights reserved
Table of contents1Security information.72Preface.93Basics.114563.1General information.113.2Microsoft basics.133.3OPC Foundation.153.4Components of OpenPCS 7.163.5Security concept for OPC UA connections in PCS 7.193.6OLE DB interface.203.7COM / DCOM components of OpenPCS 7.21Installation and licensing.234.1Hardware requirements.234.2Installing the OpenPCS 7 station.244.3Licensing of the OpenPCS 7 station.264.4Licensing of the OS-internal OPC server.27PCS 7 Engineering.295.1Configuring an OpenPCS 7 station.295.2OpenPCS 7 and OS application on a shared PC station.315.3Configuring an OPC client.325.4Loading the OpenPCS 7 station.335.5Configuration support with the PCS 7 project wizard.34Plant configurations.356.1General configuration.356.2OpenPCS 7 without OS.376.36.3.16.3.26.3.3OpenPCS 7 combined with an OS.38OpenPCS 7 combined with an OS client.38OpenPCS 7 combined with an OS server.39OpenPCS 7 combined with an OS single station system.396.4OpenPCS 7 station for multiple PCS 7 projects.416.5DA linking of two PCS 7 projects using OpenPCS 7.436.6Plant configuration with firewall.456.7Setting the Windows firewall for OpenPCS 7.46OpenPCS 7 (V9.0)Function Manual, 05/2017, A5E39222196-AA3
Table of contents6.874Users and passwords in a workgroup.48OpenPCS 7 interface.497.1Access options.497.2Data 3.9.37.3.9.47.3.9.57.3.9.67.3.9.77.3.9.8OPC Unified Architecture (OPC UA).51How the OPC UA server works.52Configuring the OPC UA server.53Security concept.54Configuration of security mechanisms.55Supported OPC UA services and profiles.56Namespace of the OPC UA server.57OPC UA Data Access.60OPC UA Log Access.60OPC UA alarm & conditions.61Supported event methods.61Filters.62Mapping the WinCC message system to OPC UA.62OPC UA event types.62WinCC attributes.63Message class and message type.64Priority.64OPC UA mapping rules.64Message statuses / acknowledgment statuses.65Settings for mapping the WinCC message system.66Alarm groups.667.47.4.17.4.2OPC Data Access (OPC DA).67Introduction to the OPC Data Access interface.67How the OPC DA server 8OPC Historical Data Access (OPC HDA).69How the OPC HDA server works.69Data structure of the OPC HDA server.70Overview of supported attributes.71Overview of supported aggregates.71Overview of supported functions.72Time format of the OPC HDA server.73Quality codes of the OPC HDA server.75Write access supported by the OPC HDA .87.6.8.17.6.8.2OPC Alarms and Events (OPC A&E).76Introduction to OPC A&E.76Mapping the PCS 7 OS message system on OPC A&E.78Mapping the message classes and message types of PCS 7 OS on OPC A&E.80Mapping priorities of PCS 7 OS messages on OPC A&E.80Attributes of the PCS 7 OS message system.81Acknowledgment scheme.82Quality codes for OPC A&E.84OPC A&E with hierarchical access.85Differences between OPC A&E and OPC A&E with hierarchical access.85Example 1: Messages are not assigned to any area.87OpenPCS 7 (V9.0)Function Manual, 05/2017, A5E39222196-AA
Table of contentsA7.6.8.37.6.8.47.6.97.6.9.17.6.9.2Example 2: Messages are assigned to an area.89Example 3: Messages of an area are assigned to an alarm hiding group.90Upgrading OPC A&E.91Updating PCS 7 projects with OPC A&E.91How to update an OPC project with PCS 7 V9.0.917.77.7.17.7.27.7.37.7.47.7.5OPC Historical Alarms and Events (OPC "H" A&E).93Introduction to OPC "H" A&E.93Reading archived messages.94Syntax for access to archived messages.94Read modes for archived messages.96Identifying archived 8.4.37.8.4.4OLE DB.99Basics of OLE DB.99Establishing the connection to the database.100Access to the OLE DB provider.101Querying archive data.102Representation of the process value archive.102Querying process value archives.102Representation of the message archives.106Querying the message archives.108Appendix.111A.1BCommissioning.111Lists and folders.113B.1List of sources.113B.2List of abbreviations/acronyms.114Index.115OpenPCS 7 (V9.0)Function Manual, 05/2017, A5E39222196-AA5
Table of contents6OpenPCS 7 (V9.0)Function Manual, 05/2017, A5E39222196-AA
Security information1Siemens provides products and solutions with industrial security functions that support thesecure operation of plants, systems, machines, and networks.In order to protect plants, systems, machines and networks against cyber threats, it isnecessary to implement – and continuously maintain – a holistic, state-of-the-art industrialsecurity concept. Siemens’ products and solutions only form one element of such a concept.Customer is responsible to prevent unauthorized access to its plants, systems, machines andnetworks. Systems, machines and components should only be connected to the enterprisenetwork or the internet if and to the extent necessary and with appropriate security measures(e.g. use of firewalls and network segmentation) in place.Additionally, Siemens’ guidance on appropriate security measures should be taken intoaccount. For more information about industrial security, please emens’ products and solutions undergo continuous development to make them more secure.Siemens strongly recommends to apply product updates as soon as available and to alwaysuse the latest product versions. Use of product versions that are no longer supported, andfailure to apply latest updates may increase customer’s exposure to cyber threats.To stay informed about product updates, subscribe to the Siemens Industrial Security RSSFeed nPCS 7 (V9.0)Function Manual, 05/2017, A5E39222196-AA7
Security information8OpenPCS 7 (V9.0)Function Manual, 05/2017, A5E39222196-AA
2PrefacePurpose of this documentationPCS 7 is an open system that allows access to process values, archived process values andhardware interrupts by third-party applications. PCS 7 uses the following industry standardsof the OPC Foundation for this purpose: OPC Unified Architecture (DA, HA, A&C) OPC Data Access OPC Historical Data Access OPC Alarm and EventsPCS 7 also supports access by third-party applications using the WinCC OLE DB databasemechanism.This documentation describes access to one or more PCS 7 OS servers using the OpenPCS 7station. The information provided here will show you the configuration options with OpenPCS 7and help you get started with the configuration of the OpenPCS 7 station in PCS 7.To familiarize yourself in detail with the topics relating to the OPC interfaces, you will alsorequire the OPC-documentation from the OPC Foundation. You can find the documentationon the Internet at: www.opcfoundation.org (www.opcfoundation.org)Required basic knowledgeYou require general knowledge of automation engineering to understand this manual. BecauseOpenPCS 7 is based on the PCS 7 process control system, you should also be familiar withthe operation of PCS 7.Basic knowledge of the general use of the PC/programming device and of the use of theWindows operating system is required.ConventionsIn this documentation, the names of elements in the software interface are specified in thelanguage of this documentation. If you have installed a multi-language package for theoperating system, some of the designations will be displayed in the basic operating systemlanguage even after you change the language and will, therefore, differ from the designationsused in the documentation.If you use the operating system Windows 10, you can find the Siemens SIMATIC programs inthe Start menu under All apps Siemens Automation.Target Audience of this DocumentationThis documentation is intended for PCS 7 users and SIMATIC S7 specialists.OpenPCS 7 (V9.0)Function Manual, 05/2017, A5E39222196-AA9
PrefaceOptions for accessing PCS 7 documentationThe documentation required for PCS 7 includes the following types: PCS 7 ReadmeThe readme file is available in two versions:– PCS 7 Readme (offline)This version is installed by PCS 7 Setup. The file only contains general information andlinks to documents on the Internet.– PCS 7 Readme (online)This version contains all information on the installation and use of PCS 7 in the formatwhich is already familiar to you. The file is only available on the Internet to keep it alwaysup-to-date.NoteThe information provided in the PCS 7 Readme (online) on the Internet takesprecedence over all other PCS 7 documentation.Read this PCS 7 Readme carefully, because it contains important information andamendments on PCS 7. PCS 7 System DocumentationSystem documentation contains information that covers several products, such asconfiguration manuals and Getting Started manuals. This documentation serves as aguideline for the overall system and explains the interaction between the individualhardware and software components.Note the information on "PCS 7 Documentation Portal Setup" in the product overviewProcess Control System PCS 7; PCS 7 ‑ Documentation; Section "Options for accessingthe documentation". PCS 7 Product DocumentationProduct documentation contains information about special hardware and softwarecomponents. The individual documents provide detailed information on the specificcomponent.Full versions of the documentation are available from the "Technical Documentation SIMATICPCS 7" website:www.siemens.com/pcs7-documentation (www.siemens.com/pcs7-documentation)You can find additional information in the product overview Process Control System PCS 7;PCS 7 - Documentation; Section "Options for accessing the documentation".10OpenPCS 7 (V9.0)Function Manual, 05/2017, A5E39222196-AA
3Basics3.1General informationOverviewHigher-level process control systems for production planning, process data evaluation, andprocess data management can access SIMATIC PCS 7 process data via the OpenPCS 7station. The higher-level systems are OPC clients of the OpenPCS 7 station.23& FOLHQWV2SHQ3&6 VWDWLRQ3&6 26 FOLHQWV)URQW )LUHZDOO%DFN )LUHZDOO7HUPLQDO EXV3&6 26 VHUYHU3ODQW EXV6 6 6 )LHOGEXV(7 (7 (7 Depending on the system configuration, the OpenPCS 7 station can provide data from variousOS servers and from a Process Historian. The OpenPCS 7 station hides the distribution of thedata in terms of: Time period (OS1, OS2, , Process Historian) Location (OS1, OS2, , Process Historian) and Redundancy (OS1 master, OS1 standby )OpenPCS 7 replaces @PCS 7previously available in the context of SIMATIC PCS 7 and is,at the same time, the equivalent of the Connectivity Station and the Connectivity Pack of theOpenPCS 7 (V9.0)Function Manual, 05/2017, A5E39222196-AA11
Basics3.1 General informationWinCC SCADA system. Direct access to SIMATIC BATCH and SIMATIC Route Control datais not possible with OpenPCS 7.LayoutThe OpenPCS 7 station can be operated in various configurations: OpenPCS 7 station without OS client, based on a SIMATIC PCS 7 Industrial Workstationin the client version. This is the recommended preferred configuration. OpenPCS 7 station on an OS client. OpenPCS 7 station on an OS single station. OpenPCS 7 station on the OS server.NoteThe hardware and software requirements of the PC station on which the OpenPCS 7 stationis to be installed must be met.12OpenPCS 7 (V9.0)Function Manual, 05/2017, A5E39222196-AA
Basics3.2 Microsoft basics3.2Microsoft basicsMicrosoft basicsThe basis of OPC "Classic" is provided by several Microsoft technologies. These technologiesare explained in the following section.OPCOPC stands for "OLE for Process Control".OPC is a standardized, vendor-independent software interface that allows data to beexchanged between hardware and software. One system can provide another system withprocess data via OPC .OLEOLE means "Object Linking and Embedding", the technology for embedding objects indocuments.COMCOM means "Component Object Model" and is necessary for the use of OPC.COM is a central component of Windows operating systems and controls the interactionbetween multiple software components. By using COM , the OPCserver effectively becomespart of the Windows operating system and is therefore not dependent on file names, storagelocations and versions.COM defines a standard that allows objects to be defined as self-contained units in Windowsand to access these units beyond the limits of a process.COMobjects can be understood as extensions of the operating system. They are notdependent on programming languages and are available in principle to all applications.The data and code of the object are not directly accessible to the user of the COMobject.DCOMDCOM is the acronym for "Distributed Component Object Model". It is based on COMtechnology and provides the additional option of communicating over a network.ObjectObjects are defined by properties and methods that can be used on objects.EventsAn event is used to control program flow. Program execution is not linear, instead special eventhandling routines are executed whenever a specific event occurs.OpenPCS 7 (V9.0)Function Manual, 05/2017, A5E39222196-AA13
Basics3.2 Microsoft basicsIn terms of OpenPCS 7 and the OPC standard, events mean messages/operation messagesof the PCS 7-system.DLLIt is possible to use DLLs with Microsoft Visual Basic (VB) and Microsoft Visual Basic forApplications (VBA). DLL stands for Dynamic Link Library. A DLL is a dynamic link library. Userscan link the functionalities of a DLL into their own applications. If you want to program anOPCclient with VB, make sure that the relevant automation interface DLL is selected in theVB Editor in "Project References".CollectionCollections are objects that support count and item properties. A collection consists of a certainnumber of items. An item can be collection-specific, any data structure, or an object. The countproperty specifies the number of items in a collection. In Microsoft Visual Basic, each item ina collection can be identified using loops.14OpenPCS 7 (V9.0)Function Manual, 05/2017, A5E39222196-AA
Basics3.3 OPC Foundation3.3OPC FoundationOPC FoundationThe aim of the OPC Foundation is to ensure compatibility between different subsystems inautomation and process control engineering. Compatibility is achieved by creating andmaintaining open specifications for the standardization of communication between subsystemsof different manufacturers. This allows process data, alarms and messages as well as archivedprocess data to be exchanged between subsystems regardless of their manufacturer.The OPC Foundation has more than 300 members worldwide. These include the mostimportant manufacturers of control systems, process instrumentation and process controlsystems worldwide. SIEMENS is a member of the OPC Foundation.The declared goal of the OPC Foundation is vertical integration of information from the fieldlevel through to the enterprise level. Using the OPC standard, this integration is possibleregardless of the system and manufacturer.The most important standards of the OPC Foundation for OpenPCS 7 OPC Unified Architecture– DataAccess– Historical Data Access– Alarms&Conditions OPC “Classic”:– Data Access Custom Interface– Data Access Automation Interface– Historical Data Access Specification– Historical Data Access Automation Interface– Alarms and Events Custom Interface– Alarm & Events Automation InterfaceOpenPCS 7 (V9.0)Function Manual, 05/2017, A5E39222196-AA15
Basics3.4 Components of OpenPCS 73.4Components of OpenPCS 7OverviewOpenPCS 7 provides the following components: OPC Unified Architecture (OPC UA server for OpenPCS 7) OPC "Classic":– OPC DA (Data Access server)– OPC HDA (Historical Data Access server)– OPC A&E (Alarms & Events server)– OPC "H" A&E (Historical Alarms & Events server) OLE DBNoteFor security reasons, we recommend converting the applications to OPC Unified Architecture(UA). The OPC UA server uses the TCP/IP protocol to exchange data. Certificates areexchanged for authorization between OPC UA server and OPC UA client. You can encrypt orsign data traffic in addition.In the following graphic, you can see all the OPC components that will run on the OpenPCS 7station. The figure also shows the PCS 7environment. OLE DB starts a direct database queryon the PCS 7 OS server.16OpenPCS 7 (V9.0)Function Manual, 05/2017, A5E39222196-AA
Basics3.4 Components of OpenPCS 72SHQ 3&6 VHUYHU23& 8 6HUYHU23& ' 6HUYHU23& ' 6HUYHU23& ( 6HUYHU23& ( 6HUYHU23& FOLHQW(QWHUSULVH 1HWZRUN3&6 26 FOLHQW)URQW )LUHZDOO%DFN )LUHZDOO7HUPLQDO EXV3ODQW EXV6 6 )LHOGEXV(7 (7 OPC UA (Unified Architecture server)For access to the data management, messages and archive system according to the OPCspecification OPC UA 1.02.As OPC UA server, the OpenPCS 7 station offers other applications the following data: Current data from the OS data management (data access) Historical data from the OS measured value archives (historical access) OS messages (alarms & conditions)Possible uses: An OPC UA client can register on the OPC UA server for ongoing changes of processvalues (subscriptions) or write values. An OPC UA client can ac
SIMATIC PCS 7 OpenPCS 7 (V9.0) Function Manual Valid for PCS 7 as of V9.0 05/2017 A5E39222196-AA Security information 1 Preface 2 Basics 3 Installation and licensing 4 PCS 7 Engineering 5 Plant configurations 6 OpenPCS 7 interface 7 Appendix A Lists and folders B
