CNCnetPDM OPC UA for Siemens Sinumerik Operate version 4.7 or 4.8 enables you to monitor machine-, process- and quality-data from Sinumerik 840D SL & 828D controllers from a remote PC. It also allows to write and change a wide range of parameters on these devices.
This document describes setup and configuration of OPC UA components on controllers with software Operate 4.7 SP2 or Operate 4.8 SP1 and communication with a remote PC. Instructions on OPC UA setup and test with free SINUTRAIN versions are also included.
To read/write data from/to machines with Sinumerik 840D & 828D controllers connected to CNCnetPDM with your applications you can use our free Open Source Client (C-Sharp)
FIG 1: Sinumerik Operate 4.7
DOWNLOAD SOFTWARE
CONTROLLER SETUP (REAL DEVICE)
Make sure that you have option "Access MyMachine /OPC UA 6FC5800-0AP67-0YB0" activated (Startup->Licenses).
FIG 2: Activate License
Start the OPC UA configuration in area [Startup]->[Network]->[OPC UA]
FIG 3: Configure OPC UA (Operate 4.7)
FIG 4: Configure OPC UA (Operate 4.8)
FIG 5: OPC UA Authentication (Operate 4.8)
Please make sure that the date and time on your HMI is correct, otherwise certificate based OPC UA authentication does not work!
Only activate the IP Address that is reachable from PCs on your network, here 'Company network' (1), uncheck all other networks (2).
Authentication: Enter a username for the Administrator (4) of the OPC UA server on the controller, for setup it is recommended to use ‘OpcUaClient’ and enter and confirm password for this user. It is also recommended to use ‘OpcUaClient’ as password. Also check 'Accept certificates automatically' (5).
Activation: Check ‘Activate OPC UA’ (6), click [Change] and restart the controller.
Important: The following instructions only apply to Sinumerik Operate versions with 'Miniweb' OPC UA Server (<= Build year 2020):
With Windows Explorer navigate to folder .. \siemens\sinumerik\hmi\miniweb\System\ and verify that it contains file UserDataBase.xml.
Make sure that the following files are in folder .. \user\sinumerik\hmi\miniweb\cfg\: AddressModeller.xml, OPC_UAApplication.xml, SinumerikOemConfiguration.xml and TraceConfig.xml.
If files are missing, copy them to this directory from .. \siemens\sinumerik\hmi\template\cfg\miniweb\
Restart the controller.
CONTROLLER SETUP (SINUTRAIN)
Important: The following instructions only apply to older SinuTrain versions with 'Miniweb' OPC UA Server (<= Build year 2020):
OPC UA setup on the free versions of SinuTrain for SINUMERIK Operate V4.7 or V4.8 differs a bit from the procedure on a real controller but exactly works in the same way. You have to register a free account to be able to download the program.
Download and install SinuTrain for SINUMERIK Operate V4.7 or V4.8 - Basic. If you accept all default settings you are able to use the paths mentioned below.
Start SinuTrain and create one new machine f.i. ‘Lathe with driven tool…’, it is recommended NOT to use the ‘DEMO-Lathe’ device.
Click [MENU SELECT] - [Setup] - ‘>’ [Licenses] - [All Options] - [Search], enter OPC, activate the license and click [OK].
Shut down the machine.
V4.7: Copy ALL files from folder C:\Siemens\SinuTrain\SINUMERIK CNC-SW 840D sl 4.7 SP3 HF1\hmi\siemens\sinumerik\hmi\template\cfg\miniweb\ to folder C:\Siemens\SinuTrain\SINUMERIK CNC-SW 840D sl 4.7 SP3 HF1\hmi\user\sinumerik\hmi\miniweb\cfg\
V4.8: Copy ALL files from folder C:\Siemens\SinuTrain\SINUMERIK CNC-SW 840D sl 4.8 SP1 HF2\hmi\siemens\sinumerik\hmi\template\cfg\miniweb\ to folder C:\Siemens\SinuTrain\SINUMERIK CNC-SW 840D sl 4.8 SP1 HF2\hmi\user\sinumerik\hmi\miniweb\cfg\
Open UAApplication.xml with a text editor and replace all ‘localhost’ entries in this file with the IPv4 address of your PC.
V4.7: Add file UserDataBase.xml (from the .zip archive) to directory C:\Siemens\SinuTrain\SINUMERIK CNC-SW 840D sl 4.7 SP3 HF1\hmi\siemens\sinumerik\hmi\miniweb\System\UserDataBase\
V4.8: Add file UserDataBase.xml (from the .zip archive) to directory C:\Siemens\SinuTrain\SINUMERIK CNC-SW 840D sl 4.8 SP1 HF2\hmi\siemens\sinumerik\hmi\miniweb\System\UserDataBase\
File UserDataBase.xml contains entries for OPC UA user ‘OpcUaClient’ with Password ‘OpcUaClient’. This user is administrator of the OPC UA server and has the right to read and write all items at the controller.
Note: It may be that SinuTrain removes the files from the target directory on next startup. In this case simply repeat the steps above while SinuTrain is running.
Start SinuTrain, minimize it.
V4.7: Open file C:\Siemens\SinuTrain\SINUMERIK CNC-SW 840D sl 4.7 SP3 HF1\hmi\user\sinumerik\hmi\cfg\systemconfiguration.ini with a text editor.
V4.8: Open file C:\Siemens\SinuTrain\SINUMERIK CNC-SW 840D sl 4.8 SP1 HF2\hmi\user\sinumerik\hmi\cfg\systemconfiguration.ini with a text editor
At the end add (V4.7): [processes] PROC100= image:="C:\Siemens\SinuTrain\SINUMERIK CNC-SW 840D sl 4.7 SP3 HF1\hmi\siemens\sinumerik\hmi\miniweb\release\miniweb.exe", process:=MiniWebServer, cmdline:="..\System ..\WWWRoot", startupTime:=afterServices, workingdir:="C:\Siemens\SinuTrain\SINUMERIK CNC-SW 840D sl 4.7 SP3 HF1\hmi\siemens\sinumerik\hmi\miniweb\release"
At the end add (V4.8): [processes] PROC100= image:="C:\Siemens\SinuTrain\SINUMERIK CNC-SW 840D sl 4.8 SP1 HF2\hmi\siemens\sinumerik\hmi\miniweb\release\miniweb.exe", process:=MiniWebServer, cmdline:="..\System ..\WWWRoot", startupTime:=afterServices, workingdir:="C:\Siemens\SinuTrain\SINUMERIK CNC-SW 840D sl 4.8 SP1 HF2\hmi\siemens\sinumerik\hmi\miniweb\release"
Restart the machine from the SinuTrain Workbench and make sure that systemconfiguration.ini still contains the additional process.
Note: If your PC gets it's IPv4 address from a DHCP server you have to make sure that file UAApplication.xml contains the correct IPv4 address. after startup of SinuTrain. If the IPv4 address changes SinuTrain reverts it to the previous value! Open UAApplication.xml with a text editor while SinuTrain is running, correct the entries, save the file and restart the machine (menu on top Machine -> Restart).
If configured correctly on startup of the machine now an additional command line window opens that shows details about the activities of miniweb.exe. Do NOT close this window!
CONFIGURE USERS
Important: The following instructions only apply to SinuTrain versions with 'Miniweb' OPC UA Server (<= Build year 2020):
When you run the free version of SinuTrain for SINUMERIK Operate V4.7 you do NOT have access to the OPC UA configuration soft key at the controller. At a real controller it’s not possible to directly add or change users To do so proceed as follows.
Shut down the controller.
Make a backup copy of UserDataBase.xml.
User information is defined between tags < USER and < /USER>. An existing user belongs to groups. All GROUP NAME Tags have an additional A1= entry with an encrypted value which are automatically created by the miniweb OPC UA server.
To add user ‘OpcUaClient’ with Password ‘OpcUaClient’ add the following section to the end of the file before < /UserDataBase >
< USER NAME="OpcUaClient" PASSWORD="OpcUaClient" DESCRIPTION="Initial Opc User" REAL_NAME="OpcUaClient"> < GROUP NAME="HMIBased"/> < GROUP NAME="miniweb"/> < GROUP NAME="UserManager"/> < GROUP NAME="SinuReadAll"/> < GROUP NAME="SinuWriteAll"/> < GROUP NAME="User"/> < /USER>
Note that the PASSWORD entry is automatically removed by miniweb.exe after startup. Membership to groups define the rights for the user. SinuReadAll and SinuWriteAll enable the user to read and write all items. You can also define:
Group
Access Right
StateRead
Status data - NC, channel, axis, read
StateWrite
Status data - NC, channel, axis, write
FrameRead
Zero offsets, read
FrameWrite
Zero offsets, write
SeaRead
Setting data, read
SeaWrite
Setting data, write
TeaRead
Machine data, write
TeaWrite
Machine data, write
ToolRead
Tool and magazine data, read
ToolWrite
Tool and magazine data, write
DriveRead
Drive data, read
DriveWrite
Drive data, write
GudRead
User data, read
GudWrite
User data, write
PlcRead
PLC, read
PlcWrite
PLC, write
RandomRead
Random (and ReadVar method), read
RandomWrite
Random (and WriteVar method), write
FIG 6: User Access Rights (Miniweb)
Save file UserDataBase.xml and start the controller.
SOFTWARE SETUP & USAGE (PC)
Note: For testing please use our CNCnetPDM Standard OPC UA Client as it comes with enhanced certificate handling and supports calling methods as well as all OPC UA security modes and policies used by recent Siemens Sinumerik controllers!
Make sure that TCP Port 4840 is opened in your Firewall. You can use our tool Device Port Scanner to check if your controller is reachable via this port.
For both programs Message encryption 'None' mandatorily has to be activated, see controller setup.
Both programs require .NET Framework 4 components and run on newer Microsoft Windows x86 and x64 OSes (>= Windows 7).
For OPC UA it is required that your PC trusts the Siemens certificate issued by your controller. Therefore it is necessary that it is installed in the certificate store of your PC. As this is a self-signed certificate it is NOT automatically installed. To install the certificate right click CNCnetPDM.OpcUA.Client.exe or CNCnetPDM.OpcUA.SimpleClient.exe, select ‘Run as Administrator’ and connect to your controller. This only has to be done once!
CNCnetPDM OPC UA CLIENT
The CNCnetPDM OPC UA Client enables you to connect to your controller via OPC UA, browse items, see details of items and add or remove them from a subscription.
Start CNCnetPDM.OpcUA.Client.exe and enter the IP Address of your controller into textbox Node (1).
FIG 7: Connect CNCnetPDM.OpcUA.Client
Activate checkbox SW 4.7 (2) fields User name and Password show up with default entry ‘OpcUaClient’ for user name and password.
Click on the arrow in textbox Endpoints, you should see 3 entries, select Sinumerik OPC UA OEM [None, None] [opc.tcp://IP-Address:4840] (3).
Click Connect.
You are now connected to your controller via OPC UA.
In the upper left pane expand Objects->Sinumerik->/Bag->/Bag/State (1).
Click on /Bag/State/opMode (=Current operation mode of your controller).
FIG 8: CNCnetPDM.OpcUA.Client
Now you can see details of the selected object in the upper right pane (2).
By dragging the item from the upper left pane to the empty area at the bottom of the dialog you can add it to a subscription (3). If you now change the operation mode of your controller to AUTO, MANUAL or MDI you can immediately see the results under ‘Value’. If you right click the item you can change the sampling interval or remove it from the subscription.
You can add additional items to your subscription.
If you’re done, disconnect from your controller.
CNCnetPDM OPC UA SIMPLE CLIENT
This program enables you to connect to your controller via OPC UA, select a specific namespace of the OPC server, monitor, read and write items.
Start CNCnetPDM.OpcUA.SimpleClient.exe, enter the IP Address of your controller into the textbox right to [Connect] (1). Change the default value 4840 for port (2) only if you use a different port at the controller!
Activate checkbox SW 4.7 (3) fields User name and Password show up with default entry ‘OpcUaClient’ for user name and password.
FIG 9: Connect CNCnetPDM.OpcUA.SimpleClient
Click [Connect] you now should be connected to the OPC UA server on your controller.
FIG 10: CNCnetPDM.OpcUA.SimpleClient
Initially one item is activated. You can adjust that by changing the value in field ‘Active Items’ (1) to a different value, up to 15 items are possible.
The predefined values under ItemID (2) are known to work well on Sinumerik 828 and 840D controllers, of course you can change them according to your needs.
The last two items are 2 R Parameters (user variables) that are visible at the controller: [MENU SELECT] - [Parameter] - [User Variable]. As these 2 items are writable you can change them remotely.
When you click on [Read] (3) the values of all activated items are read from you controller and displayed in the dialog.
By entering numeric values for the last two items and clicking on [Write] (4) you can change the user variables at the controller.
Clicking on [Monitor] (5) adds all activated items to a subscription and shows their current value.
If you’re done, click on [Disconnect].
TROUBLESHOOTING
In case there are errors the program writes a log file which can be found in the folder where CNCnetPDM OPC UA Client is installed. This log file contains detailed information about any issues.
On connect CNCnetPDM OPC UA Client shows no connections in textbox Endpoints or CNCnetPDM OPC UA Simple Client opens popup ‘Connect failed: Could not open UA TCP request channel’: a) Make sure that the controller is reachable via the network and port 4840 is opened at the controller and your firewall. Use our tool Device Port Scanner to check if communication works. b) Verify that process miniweb.exe is started at the controller. On a SinuTrain setup check that an additional command line window exists and one of the last lines contains ‘OPC UA Server started successfully on IP-Address:4840’.
If no additional command line window opens at all check that the required entries in section [processes] of systemconfiguration.ini exist. If not, add them and restart the controller.
If the window is opened but there’s no line with ‘OPC UA Server started successfully on IP-Address:4840’ check file OPC_UAApplication.xml.
If you see multiple lines in this window with text ‘BAILED OUT’ and error messages related to files not found check that the additional entry for miniweb.exe in systemconfiguration.ini points to the directory that contains miniweb.exe (search for it). You can also use the full path to miniweb.exe instead of the relative path. If this does not help, navigate to the folder that contains miniweb.exe, open subfolder \System and open file WebCfg.xml with a text editor. Verify that uncommented lines with long path entries point to directories that contain the specific .xml files.
If you see error message ‘Connect failed Error: cannot add self-signed certificate to certificate store’ on startup run the program one time as Administrator.
If the fields under Read Value in CNCnetPDM OPC UA Simple Client show up in red you are connected as anonymous user that doesn’t have the right to read values. Check that you have checkbox SW 4.7 enabled.
If you see error ‘Connect failed BadIdentityTokenRejected’ on SW 4.7 make sure that you use the correct user name and password.
