Professional Documents
Culture Documents
Remote Control Panels Audit DOCU v10 en
Remote Control Panels Audit DOCU v10 en
https://support.industry.siemens.com/cs/ww/en/view/109482692
Warranty and Liability
We do not accept any liability for the information contained in this document.
Any claims against us – based on whatever legal reason – resulting from the use of
the examples, information, programs, engineering and performance data etc.,
described in this Application Example shall be excluded. Such an exclusion shall
not apply in the case of mandatory liability, e.g. under the German Product Liability
Act (“Produkthaftungsgesetz”), in case of intent, gross negligence, or injury of life,
body or health, guarantee for the quality of a product, fraudulent concealment of a
deficiency or breach of a condition which goes to the root of the contract
Siemens AG 2016 All rights reserved
Security Siemens provides products and solutions with industrial security functions that
informa- support the secure operation of plants, systems, machines and networks.
tion In order to protect plants, systems, machines and networks against cyber
threats, it is necessary to implement – and continuously maintain – a holistic,
state-of-the-art industrial security concept. Siemens’ products and solutions only
form one element of such a concept.
Customer is responsible to prevent unauthorized access to its plants, systems,
machines and networks. Systems, machines and components should only be
connected to the enterprise network or the internet if and to the extent necessary
and with appropriate security measures (e.g. use of firewalls and network
segmentation) in place.
Additionally, Siemens’ guidance on appropriate security measures should be
taken into account. For more information about industrial security, please visit
http://www.siemens.com/industrialsecurity.
Siemens’ products and solutions undergo continuous development to make them
more secure. Siemens strongly recommends to apply product updates as soon
as available and to always use the latest product versions. Use of product
versions that are no longer supported, and failure to apply latest updates may
increase customer’s exposure to cyber threats.
To stay informed about product updates, subscribe to the Siemens Industrial
Security RSS Feed under http://www.siemens.com/industrialsecurity.
Table of Contents
Warranty and Liability ................................................................................................. 2
1 Task ..................................................................................................................... 4
1.1 Overview............................................................................................... 4
1.2 Requirements ....................................................................................... 5
2 Solution............................................................................................................... 6
2.1 Overview............................................................................................... 6
2.2 Description of the core functionality ..................................................... 6
2.2.1 General ................................................................................................. 6
2.2.2 Combination of both options ................................................................ 7
2.3 Hardware and software components ................................................... 8
2.3.1 Validity .................................................................................................. 8
2.3.2 Components used ................................................................................ 8
3 Mode of Operation ............................................................................................. 9
3.1 Connection control ............................................................................... 9
4 Configuration and Settings............................................................................. 11
4.1 Configuring the server operator panel................................................ 11
4.2 Configuring the client.......................................................................... 16
4.3 Configuring another client .................................................................. 17
4.4 Configuring the controller ................................................................... 20
Siemens AG 2016 All rights reserved
1 Task
1.1 Overview
Introduction
In plants requiring validation, it is important that all operator actions are recorded
and that they can be assigned to the corresponding operators.
In addition, there is the demand for “location-independent access to process data”.
1.2 Requirements
Requirements of the automation task
Table 1-1
Requirement Explanation
Only one user is allowed to operate. It has to be guaranteed that no other
operations can be performed remotely
when the operator panel is operated
directly.
It has to be ensured that no operations are
performed on the device when it is
controlled remotely.
If one operator panel connects with another, To ensure the uniqueness of the audit
the current user has to be logged off recording, only one operator can be logged
automatically. on.
The current user is only logged off
automatically after a re-registration period.
If the remote control is exited, the user has
to be logged off automatically.
The connection has to be disconnected Automatic disconnection is only enabled
automatically in order to avoid a permanent after a longer period with no operation
Siemens AG 2016 All rights reserved
2 Solution
2.1 Overview
Schematic layout
The figure below shows a schematic overview of the most important components of the
solution:
Figure 2-1
Siemens AG 2016 All rights reserved
Illegal combination
If both options are combined, the requirements with regard to an application
requiring validation are not fulfilled since there is no interlock for “remote
control/remote service”.
Additional functionality
In addition to the use of both options, server and client are synchronized in this
application via the SIMATIC HMI HTTP protocol.
By means of this additional communication channel, the basic connection and the
interlock for the “remote control” are established.
Hardware components
Table 2-1
Component Qty Article number Note
TP1200 Comfort 1 6AV2124-0MC01-0AX0 Another Comfort Panel with a
different display size can be
used as well.
TP900 Comfort 1 6AV2124-0JC01-0AX0 Another Comfort Panel with a
different display size can be
Siemens AG 2016 All rights reserved
used as well.
S7-1516 1 6ES7516-3AN00-0AB0 Alternatively, a different S7
controller can be used as well.
Software components
Table 2-2
Component Qty Article number Note
WinCC Comfort V13 1 6AV2101-0AA03-0AA5
SP1
WinCC Audit for 1 6AV2107-0RP00-0BB0
SIMATIC Panels
WinCC 1 6AV2107-0CP00-0BB0
Sm@rtServer for
SIMATIC panels
3 Mode of Operation
3.1 Connection control
General
In addition to the function of the two options Sm@rtAccess and Audit, the
connection control between server and client is controlled by means of an “HMI
HTTP communication”.
The basic functional mechanisms are explained below.
Connection
request
no no no
Request is Request Time elapsed
Siemens AG 2016 All rights reserved
yes yes
no
Upon signaling
of availability
no Time for no
Disconnection
by user disconnection
elapsed
yes yes
Connection
is
disconnected
Table 3-1
Step Flowchart
Connection request (client server)
1. The user requests the connection via the button.
2. The button sets the tag for the connection request.
3. The tag for connection request accesses the tags of the server via the HMI
HTTP protocol.
Thus, the connection request is known to the server.
Dialog for connection request (server)
4. A special screen is displayed once the client has set the bit for the connection
request.
Siemens AG 2016 All rights reserved
Table 4-1
No. Action
1. In the project tree, navigate to the operator panel you want to use as Sm@rtServer
and open the Runtime settings.
2. Under “Services”, activate the entries “Start Sm@rtServer” and “HTTP Channel
Server”.
Siemens AG 2016 All rights reserved
Table 4-2
No. Action Remark or figure
3. Open the “Control Panel” of your server e. g. when switching on the operator
operator panel, panel.
4. Open the “WinCC Internet Settings”
entry.
Note
“Start automatically after booting” has to
be disabled, because the server must
only be started upon connection
request.
Note
Siemens AG 2016 All rights reserved
Note
The password is not needed in
operation and must not be known to
the user.
Assigning a password
Table 4-3
No. Action Remark or figure
1. Start the “Password” dialog in the
“Control Panel” of the server operator
panel.
2. Assign a password.
Note
The user must not know the password.
Siemens AG 2016 All rights reserved
Table 4-4
No. Action Remark or figure
1. Start the “Transfer” dialog in the
“Control Panel” of the server operator
panel.
2. Set the time for delaying the boot
process to “0” seconds.
Note
If the ”OpenControlPanel” system
function is used in the configuration, it
has to be protected in such a way that
only authorized users can access the
Control Panel this way.
Table 4-5
No. Action Remark or figure
1. Open the Runtime settings of the
operator panel.
Table 4-6
No. Action Remark or figure
1. In the project tree, open the
“Connections” editor of the operator
panel.
communication driver.
Table 4-7
No. Action Remark or figure
1. Copy the client operator panel to add
another client.
2. In the tag table (HMI tags >
Remote_Access > Tag table_1), set the
start value of the “Your_Clientnumber”
tag to the value of the client.
If you are to configure e. g. client 3, the
start value of the tag is to be set to
value “3”.
Note
If you are to configure e. g. “Client
three”, the address is to be set to
“Client3_rejected”.
Table 4-8
No. Action
1. Create the “Clientx_rejected” tag under “TagsClient_SyncClients”.
Example: “Client3_rejected”
2. In the “Ask_for_Connection” script, add a new “Case” for the new client and adjust
the client number. The new “Case” always has to correspond to the client number.
Siemens AG 2016 All rights reserved
3. In the “Clients_call” script, add a new “Case” for the new client and adjust the client
number. The new “Case” always has to correspond to the client number.
No. Action
4. In the “Clients_rejected” script, add a new “Case” for the new client and adjust the
tag (as explained in step 1).
The values from the script do not have to be adjusted.
The new “Case” always has to correspond to the client number.
Siemens AG 2016 All rights reserved
5. In the “SmartClient_Test” script, add a new “Case” for the new client and adjust the
client number. The new “Case” always has to correspond to the client number.
Note The configurations of the operator panels access flag words and the clock
memory of the controller.
The flag words MW140 and MW142 are used. Observe these flag words, if you
integrate the example into an existing controller project.
Table 4-9
No. Action Remark or figure
1. Open the Device configuration of the
controller.
Siemens AG 2016 All rights reserved
5.2 Commissioning
Adjusting the IP addresses to the operator panels
Table 5-1
No. Action
1. In the Control Panel of the two panels, change the IP addresses according to the specifications
of your network.
2. Assign an individual password in the safety settings of the Sm@rtServer.
Table 5-2
No. Action
1. Select the server operator panel.
2. Load the project into the operator panel as described in the manual.
WinCC V13 SP1 Manual > Visualize processes > Compiling and loading
2.
Siemens AG 2016 All rights reserved
5.
Siemens AG 2016 All rights reserved
2.
Siemens AG 2016 All rights reserved
7 Related Literature
Table 7-1
Topic
\1\ Siemens Industry Online Support
https://support.industry.siemens.com
\2\ Download page of the entry
https://support.industry.siemens.com/cs/ww/en/view/109482692
8 History
Table 8-1
Version Date Modification
V1.0 02/2016 First version