4/10/2024 8:38 AM | |
Joined: 3/4/2024 Last visit: 6/27/2024 Posts: 2 Rating: (0) |
Our S7-1200 PLC's OPC UA server, after establishing an OPC session with Ignition or UaExpert OPC UA client using self-signed RSA 2048 sha256 certificate, roughly takes ~6 seconds to process a secure channel renewal request every 45 minutes. Which is 75% of a SecureChannel's SecurityToken lifetime (default 1 hour). The renewal process is in line with OPC UA protocols UA Part 4: Services - 5.5.2 OpenSecureChannel (opcfoundation.org) and is vendor/platform independent. Our secure channel is established using Basic256Sha256 - Sign & encrypt, our system design dictates we use user authentication & encryption and we cannot leave the security policy as none. We have purchased and enabled 6ES7823-0BE00-2BA0 - SIMATIC OPC UA S7-1200 Basic, runtime license. We have no session timeouts or drops, nor are there any errors logged in PLC diagnostics. Number of OPC monitored tags, number of concurrent OPC sessions, sampling interval and publishing interval are all withing the system limits of S7-1200 OPC UA server (What are the system limits of the OPC UA Server with S7-1500 and S7-1200? - ID: 109755846 - Industry Support Siemens). Our communication load is set at 50% and we are running a simple PLC program (5 millisecond cycle time, 6% memory use). We have tested with multiple OPC UA clients, tried direct/isolated connection with PLC over ethernet and from virtual machines as well but we keep getting the same result. The result is, while the OPC server takes ~6 seconds to process secure channel renewal request, it ignores all publish requests by the OPC UA clients. Hence there is a loss of data over this ~6 second communication delay. Creating a havoc as our SCADA isn't able to keep track of steel beams being produced regularly at an interval of 2-3 seconds during this ~6 second window. We are using the SCADA to keep track of parts in real-time as opposed to storing the information on PLC. So: 1. Is this a limitation of S7-1200 CPU's ability to process asymmetrical encryption at the time of renewing a secure channel? 2. Is there any way to speed this up other than disabling security/encryption? 3. Would we see a better performance with S7-1500 PLC which has a more powerful CPU? |
Last edited by: Jen_Moderator at: 04/11/2024 08:10:30Link optimized. |
|
5/2/2024 4:45 AM | |
Joined: 3/4/2024 Last visit: 6/27/2024 Posts: 2 Rating: (0) |
We are using TIA V18 and the firmware on our PLC S7-1200 is Version 4.6.1 |
8/16/2024 10:44 AM | |
Joined: 8/16/2024 Last visit: 8/29/2024 Posts: 3 Rating: (0) |
Hello AAEJC4, could you provide more information about your issue, please? BR |
Follow us on