×
Siemens Industry Online Support
Siemens AG
Entry type: FAQ, Entry ID: 15368142, Entry date: 10/06/2016
(6)
Rate

Which communication services are supported by the Industrial Ethernet CPs of SIMATIC S7-400?

  • Entry
  • Associated product(s)
The Industrial Ethernet CPs of SIMATIC S7-400 differ in terms of their hardware interfaces and communication utilities including quantity frameworks.

The differences are shown in the following table:

  15368142_IE_CP_S7400_e.pdf (13,0 KB)

A migration document that describes what to watch out for when changing from previous modules to the successor modules CP443-1 (6GK7 443-1EX30-0XE0) and CP443-1 Advanced (6GK7 443-1GX30-0XE0) is available in Entry ID: 34894744.

Description of the differentiation criteria:

ISO transport protocol
ISO transport connections are used for data exchange between S7 stations and for communication with PC stations, S5 stations and third-party systems.

Properties of the ISO transport connection:

  • Communication between stations is based on MAC addresses.
  • Data transmission with data blocks is suitable for data volumes of up to 8 Kbytes.
  • Data transmission can take place with the "SEND/RECEIVE" and "FETCH/WRITE" services.
  • Data reception is confirmed by the partner via an acknowledgment on layer 4 of the ISO reference model.
  • Data cannot be conducted over a router (no protocol with routing capability, because communication is based on MAC addresses and not IP addresses).

ISO-on-TCP protocol
ISO-on-TCP connections are used for data exchange between S7 stations and for communication with PC stations, S5 stations and third-party stations.

Properties of the ISO-on-TCP connection:

  • Communication between stations is based on IP addresses.
  • Data transmission with data blocks is suitable for data volumes of up to 8 Kbytes.
  • Data transmission can take place with the "SEND/RECEIVE" and "FETCH/WRITE" services.
  • Data reception is confirmed by the partner via an acknowledgment on layer 4 of the ISO reference model.
  • Data can be conducted via a router (protocol with routing capability).
  • Corresponds to the TCP/IP standard with the RFC1006 extension based on layer 4 of the ISO reference model. More information about the RFC 1006 protocol extension is available in Entry ID: 15048962.

TCP protocol
Data exchange between stations (including third-party stations) is implemented via the configuration of TCP connections.

Properties of the TCP connection:

  • Corresponds to the TCP/IP standard.
  • Data transmission with data blocks is suitable for data volumes of up to 8 Kbytes.
  • Data transmission can take place with the "SEND/RECEIVE" and "FETCH/WRITE" services.
  • The operating system's existing TCP/IP implementation can usually be used on the PC.
  • Data can be conducted via a router (protocol with routing capability.

UDP protocol
Data exchange between two stations is implemented via the configuration of UDP connections.

Properties of the UDP connection:

  • UDP protocol
  • Non-secure transmission of associated data blocks between two nodes (a block of 2048 bytes is split into two packages (MaxTpduSize = 1496)).
  • Support of Multicast
    By setting up Multicast circles, Multicast allows groups of stations to receive messages together and to send them to this group.
  • Data transmission is conducted with the "SEND/RECEIVE" service.
  • Data can be conducted via a router (protocol with routing capability.

S7 Communication
Data exchange between S7 stations and with PC stations is implemented via the configuration of S7 connections.

Properties of the S7 connection:

  • Connection available in all S7/M7 devices.
  • Can be used on all subnets (MPI, PROFIBUS, Industrial Ethernet).
  • S7 communication via Industrial Ethernet is based on the ISO transport protocol and the ISO-on-TCP protocol.
  • Secure transmission of data between SIMATIC S7/M7-300/400 stations (using SFBs "BSEND/BRCV" and "PUT/GET").
  • High-speed, insecure transmission of data depending on the time-related processing of the partner (using the SFBs "USEND/URCV").
  • In the case of secure transmission of data using SFBs "BSEND/BRCV" and "PUT/GET", the data transmission of the partner is acknowledged on layer 7 of the ISO reference model.
  • In the case of high-speed, insecure transmission of data via SFBs "USEND/URCV", the data transmission is not acknowledged.

IT communication

  • E-mail function
    The S7 station can send event-triggered e-mails. Usually, the e-mail consists of fields for sender, recipient, subject and body text. Binary data can also be added at the end of the body text. The maximum length of an e-mail is 8192 bytes for all the defined fields together.
  • HTTP / HTTPS
    The CPs have a web server. Among other things, JavaBeans are also available for supplying and visualizing the HTML pages with S7 variables. Applications written with JAVA can access S7 variables with the JavaBeans using the HTTP protocol.
    In the case of CP443-1GX30 the secure protocol HTTPS can be enabled.
  • FTP / FTPS function (as server and client)
    The FTP server function is used to save files (HTML pages, image files, ...) in the CP's file system. Values can also be read directly from and written directly to data blocks via a file.
    As FTP client, the IE CP sets up the connection to the FTP server to save or get the data in files on/from the FTP server
    In the case of CP443-1GX30 the secure protocol FTPS can be enabled.
  • Web diagnostics
    Various information, such as the diagnostic buffer and connection statistics, can be read from the CP via HTTP / HTTPS.

IP access protection (IP-ACL)
IP access protection allows the user to restrict communication via the CP on the local S7 station to partners with specific IP addresses.

IP configuration
You can configure the path or process by which the IP address, the subnet mask and the address of a gateway are assigned to the CP. In addition, the connection configuration can be assigned to the CP alternatively via STEP 7, as well as via a block interface in the user program (FB55: "IP_CONFIG").
Remark: not applicable for S7 connections.

PG/OP communication
Programming and configuring the S7 station with STEP 7 via Industrial Ethernet. The programming device is connected to the Ethernet.

  • S7 routing
    With STEP 7 V5.0 SP3 HF3 and higher you can reach S7 stations online beyond subnet limits with the PG/PC, in order, for example, to load user programs or a hardware configuration or in order to execute test and diagnostic functions. You can connect a PG/PC at any place within the network and connect online to all stations which are reached via gateways. When the project is compiled, the routing data is generated automatically by the network configuration of the S7 project in STEP 7 and saved in the system data in SDB999. You must configure all the stations that lie between the start device and the target device in a STEP 7 project.

SNMP (Simple Network Management Protocol)
SNMP Agent
The CP supports data querying via SNMP in version V1. Here, it provides the contents of specific MIB objects according to Standard MIB II, LLDP MIB, Automation System MIB and MRP Monitoring MIB.

When Security is enabled, the CP443-1GX30 supports SNMPv3 for secure transmission of network analysis information.

PROFINET
PROFINET is the standard used by the PROFIBUS Users Organization (PNO) which defines an inter-manufacturer communication and engineering model.

1. PROFINET IO
A PROFINET IO system has a distributed configuration of the following devices:

  • PROFINET IO controller
    A PROFINET IO controller is a control system (PLC, PC) that controls the automation task.
  • PROFINET IO device
    A PROFINET IO device is a field device which is monitored and controlled by a PROFINET IO controller. A PROFINET IO device may comprise multiple modules and submodules (ET200S, for example).
  • I device
    On a PROFINET interface, an I device can also be an IO controller in addition to its role as IO device, depending on the configuration.
    In this way the I device can be part of a higher-level IO system via its PROFINET interface and establish a lower-level IO system as IO controller.
    An I device can also be used as a shared device.
  • Shared device
    A shared device is an IO device that makes its data available to multiple IO controllers.

2. PROFINET CBA
A PROFINET CBA system comprises different automation components. A component comprises all the mechanical, electrical and IT variables. The component may have been created with the normal programming tools. A PROFINET Component Description (PCD) file is created in XML. A planning tool loads these descriptions and permits the establishing of the logical connections between the individual components for the purposes of creating a plant.

    Usable in S7 H systems
    The module can be used as a communication partner in fault-tolerant systems (H systems).
    The modules operate the redundant S7 connections. These connections possess more stringent time monitoring mechanisms. In the case of communication problems, data exchange is switched over to parallel transport connections.

    Time synchronization
    Time synchronization via Industrial Ethernet in accordance with the following configurable processes:

    • SIMATIC procedure
      The CP receives MMS time messages and synchronizes its local time. The user can choose whether to forward the time. In addition, the direction of forwarding can be determined.
    • NTP procedure (Network Time Protocol)
      The CP transmits time queries to an NTP server at regular intervals and synchronizes its local time.
      In addition, the time can be automatically forwarded to the CPU modules in the S7 station, thereby synchronizing the time in the entire S7 station.
      When Security is enabled, the CP443-1GX30 supports the NTP protocol (secure) for secure time synchronization and time transmission.
    Security information
    In order to protect plants, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art industrial security concept. Siemens’ products and solutions constitute one element of such a concept. For more information about industrial security, please visit
    http://www.siemens.com/industrialsecurity.