Scribd Logo
Upload

Welcome to Scribd!

  • SIMATIC S5 As511 PDF

    Uploaded by

    Sam eagle good
    355 views4 pages
    The document describes the AS511 protocol for communicating with a Siemens SIMATIC S5 PLC over a programming port. It details the data formatting, use of DLE as an escape character, and functions for obtaining block information, reading data blocks, and writing data blocks. Byte order is reversed between SIMATIC and Intel formats.

    Original Description:

    Original Title

    SIMATIC S5 as511.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document describes the AS511 protocol for communicating with a Siemens SIMATIC S5 PLC over a programming port. It details the data formatting, use of DLE as an escape character, and functions for obtaining block information, reading data blocks, and writing data blocks. Byte order is reversed between SIMATIC and Intel formats.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    355 views4 pages

    SIMATIC S5 As511 PDF

    Uploaded by

    Sam eagle good
    The document describes the AS511 protocol for communicating with a Siemens SIMATIC S5 PLC over a programming port. It details the data formatting, use of DLE as an escape character, and functions for obtaining block information, reading data blocks, and writing data blocks. Byte order is reversed between SIMATIC and Intel formats.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 4

    as511.

    txt
    SIEMENS SIMATIC S5 AS511 (Programming port) protocol description
    ------------------------------------------------------------------

    Siemens data frame is not usual, open your port with:


    speed 9600 baud
    data 8 bits
    stop 1 bit
    parity EVEN

    DLE (10hex) is a control character, used to inform the receiver that the
    following char is to be considered a control character and not a data byte.
    In other words, DLE is a software switch within the AS511 protocol to divide
    control and data bytes.
    Whenever a DATA byte containing the value 10hex is to be sent, the sender must
    DOUBLE the char. This means that to send a data byte 10hex, the sender must
    send 10hex 10hex (DLE DLE).
    The receiver must consider the thing, so a single DLE will mean a protocol
    signal, while two consecutive DLE are to be interpreted as a SINGLE data byte
    containing the 10hex value. This is a little tricky, since the receiver NEVER
    knows exactly how many bytes to expect.

    Take also note that the AG can answer DLE NAK instead of DLE ACK if the
    requested operation can not be carried out.
    In this case, the PG must abort the communication and wait for 500ms before
    attempting a new communication.
    The value of 500mS is also applied as timeout value in case of missing response
    from the partner.This also means that no "holes" of 500mS (or more) are allowed
    during a communication (e.g. within a DB_READ function)

    To read or write a datablock value, you need to know its address in PLC memory.
    Therefore you must invoke B_INFO function to know the address, then you can
    call DB_READ or DB_WRITE by giving the initial and final address of the area to
    be read or written.

    Be aware that in SIMATIC the LSB/MSB bytes order is reversed:


    SIMATIC:
    15..............0
    BYTE 0 BYTE 1

    INTEL:
    15..............0
    BYTE 1 BYTE 0

    To obtain the correct integer value of a dataword, the user


    must therefore:

    - swap the received bytes


    and

    - swap the bytes before sending them to the PLC

    //////////////////////////////////////////////////////////////////////////////
    B_INFO
    input: block number
    Página 1
    as511.txt
    output: initial address of DW0 in AG

    PG AS
    (hex) (hex)
    ---------------------- function start --------
    02 ----> STX
    <---- 10 DLE
    <---- 06 ACK
    1A ----> B_INFO function code = 1Ah
    <---- 02 STX
    10 ----> DLE
    06 ----> ACK
    <---- 16 AG answer=16h
    <---- 10 DLE
    <---- 03 ETX
    10 ----> DLE
    06 ----> ACK
    ---------------------- header info --------
    01 ----> ID=01h for Datablock
    XX ----> DB number (0..255)
    10 ----> DLE
    04 ----> EOT
    <---- 10 DLE
    <---- 06 ACK
    ---------------------- data --------
    <---- 02 STX
    10 ----> DLE
    06 ----> ACK
    <---- 00 NUL
    <---- XX DB initial address
    <---- XX
    <---- 70 synchronization code: 70 70
    <---- 70
    <---- 41 block ID and DB number : 41 XX
    <---- XX
    <---- XX PG ID code: XX XX
    <---- XX
    <---- XX library number: XX XX
    <---- XX
    <---- XX block length (words): XX XX
    <---- XX
    <---- 10 DLE
    <---- 03 ETX
    10 ----> DLE
    06 ----> ACK
    ---------------------- terminate --------
    <---- 02 STX
    10 ----> DLE
    06 ----> ACK
    <---- 12 AG "end of transmission" code: 12h
    <---- 10 DLE
    <---- 03 ETX
    10 ----> DLE
    06 ----> ACK
    //////////////////////////////////////////////////////////////////////////////

    DB_READ
    input: initial address in AG
    final address in AG

    Página 2
    as511.txt
    output: contents of datawords

    PG AS
    (hex) (hex)
    ---------------------- function start --------

    02 ----> STX
    <---- 10 DLE
    <---- 06 ACK
    04 ----> DB_READ function code = 04h
    <---- 02 STX
    10 ----> DLE
    06 ----> ACK
    <---- 16 AG answer=16h
    <---- 10 DLE
    <---- 03 ETX
    10 ----> DLE
    06 ----> ACK
    ---------------------- header info --------

    XX ----> initial address in AG: XX XX


    XX ---->
    XX ----> final address in AG: XX XX
    XX ---->
    10 ----> DLE
    04 ----> EOT
    <---- 10 DLE
    <---- 06 ACK
    ---------------------- data --------
    <---- 02 STX
    10 ----> DLE
    06 ----> ACK
    <---- 00 NUL
    <---- 00 NUL
    <---- 00 NUL
    <---- 00 NUL
    <---- 00 NUL
    <---- XX first byte of data
    <---- XX
    <---- XX
    . . .
    . . .
    <---- XX
    <---- XX
    <---- XX last byte of data
    <---- 10 DLE
    <---- 03 ETX
    10 ----> DLE
    06 ----> ACK
    ---------------------- terminate --------
    <---- 02 STX
    10 ----> DLE
    06 ----> ACK
    <---- 12 AG "end of transmission" code: 12h
    <---- 10 DLE
    <---- 03 ETX
    10 ----> DLE
    06 ----> ACK

    Página 3
    as511.txt
    //////////////////////////////////////////////////////////////////////////////
    DB_WRITE
    input: - initial address in AG
    - contents of datawords
    output: - none

    PG AS
    (hex) (hex)
    ---------------------- function start --------
    02 ----> STX
    <---- 10 DLE
    <---- 06 ACK
    03 ----> DB_WRITE function code = 03h
    <---- 02 STX
    10 ----> DLE
    06 ----> ACK
    <---- 16 AG answer=16h
    <---- 10 DLE
    <---- 03 ETX
    10 ----> DLE
    06 ----> ACK
    ---------------------- header info --------
    XX ----> initial address in AG: XX XX
    XX ---->
    ---------------------- data --------
    XX ----> first byte of data
    XX ---->
    XX ---->
    . . .
    . . .
    XX ---->
    XX ---->
    XX ----> last byte of data
    10 ----> DLE
    04 ----> EOT
    ----> 10 DLE
    ----> 06 ACK
    ---------------------- terminate --------
    <---- 02 STX
    10 ----> DLE
    06 ----> ACK
    <---- 12 AG "end of transmission" code: 12h
    <---- 10 DLE
    <---- 03 ETX
    10 ----> DLE
    06 ----> ACK

    //////////////////////////////////////////////////////////////////////////////
    end of document

    Página 4

    You might also like