×
Siemens Industry Online Support
Siemens AG
Entry type: Application example Entry ID: 24960449, Entry date: 04/09/2013
(0)
Rate

Secure Remote Access to SIMATIC Stations via Internet and UMTS

  • Entry
  • Associated product(s)
Task Due to the increasing networking through the Ethernet, remote diagnostic and/or remote maintenance also takes on a high priority in modern automation systems. Today’s internet access mechanisms (radio, broadband) united with the security components by Siemens are a successful combination. Th...

Task
Due to the increasing networking through the Ethernet, remote diagnostic and/or remote maintenance also takes on a high priority in modern automation systems. Today’s internet access mechanisms (radio, broadband) united with the security components by Siemens are a successful combination. The task is now to connect several SIMATIC remote stations with devices (S7-CPUs, HMI devices, Ethernet CPs, etc.) via a wireless transmission medium with a service center via the industrial Ethernet. A PG/PC in the service center or in any place is to carry out all the service and diagnostic functions.

Solution 
Siemens offers a large selection of components with security functionality to secure access to and from production plants: With these modules a secured connection can be established by means of an IPSec VPN tunnel. The following picture shows the entire constellation.

The first document shows the use of the UMTS router SCALANCE M875, the security module SCALANCE S612 V3 and the security CP 343-1 Advanced V3

The focus of the second document here is in the use of dynamic IP addresses and access via dynamic DNS. This is demonstrated by a VPN connection between the security module UMTS router SCALANCE M875 and the SOFTNET Security Client, which is installed on the Remote Service PG

Both documents show you all configuration steps in detail that are required to establish the VPN tunnels between the security components.

Diagnostic scenarios of the documents:

  • STEP 7 standard diagnostic
  • STEP 7 program upload and download
  • HTML access to webpages of the modules
  • Secure FTP data communication (FTPES) (document 1)
  • Time synchronization with NTP (secure) (document 1)

Downloads

Contents of the downloads

Download

Document 1
Secure Remote Access to SIMATIC Stations with the S612 V3 via Internet and UMTS 
24960449_S612_RemoteAccess_UMTS_DOKU_V3_en.pdf ( 5636 KB )
Code
STEP 7 projects to remote station 1 and 2 via S612 V3
24960449_S612_RemoteAccess_UMTS_CODE_V30.zip ( 3670 KB )
Document 2
Secure Remote Access to SIMATIC Stations with the SOFTNET Security Client via Internet and UMTS 
24960449_SSC_RemoteAccess_UMTS_DOKU_V1_en.pdf ( 1013 KB )
Code
STEP 7 projects to remote station via SOFTNET Security Client
24960449_SSC_RemoteAccess_UMTS_CODE_V10.zip ( 1125 KB )

Archives

Content of the archives  

Archive

The archive contains the following older documentations and example codes:

Version 1.0 Use of a MD740-1 GPRS router and SCALANCE S612 V2
Version 2.0: Use of a MD741-1 EDGE/GPRS router and SCALANCE S612 V2 + additional scenarios

  • SIMOCODE Pro diagnosis and configuration via SIMATIC PDM
  • OPC access,
  • Smart@Service and SOAP accesses or project download to a panel via HTTP/VNC

Archive of version V1.0 and V2.0

24960449_RemoteAccess_ARCHIV_CODE.zip ( 49337 KB )

Further Information

Title

Link

Getting Started with Industrial Remote Communication Entry-ID: 64721753
Protection of an Automation Cell Using the SCALANCE S602 V3 and SCALANCE S623 Security Modules via a Firewall Entry-ID: 22376747
Industrial Security with SCALANCE S Modules Over IPSec VPN Tunnels (Configuration 4) Entry-ID: 22056713
Security with SIMATIC NET Entry-ID: 27043887

Last changes
Complete revision of scenarios
Additional documentation Remote Access with dynamic DNS

Additional Keywords
CPx43-1 Advanced, SCALANCE S612 V3, SOFTNET Security Client, SCALANCE M875, DynDNS, dynamic DNS, VPN, FTPES, FTPS, NTP (secure), Roadwarrior


Security information
In order to protect technical infrastructures, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art IT security concept. Siemens’ products and solutions constitute one element of such a concept. For more information about cyber security, please visit
https://www.siemens.com/cybersecurity#Ouraspiration.