Transcription

Configure an OPC UA serveron a CompactLogix 5480controller using FactoryTalkLinx Gateway

Table of contentsCompactLogix 5480 Controller . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 03OPC Unified Architecture (UA) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 04FactoryTalk Linx Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 04Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .05Required hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 05Required software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 05Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 06Configuration summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 065480 Controller Windows OS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 07FactoryTalk application/FactoryTalk Linx . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 08FactoryTalk Linx Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 09UaExpert (remote OPC UA client) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12Design considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15Additional resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16About Rockwell Automation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17Rockwell Automation Configure an OPC UA server on a CompactLogix 5480 controller using FactoryTalk Linx Gateway 02

CompactLogix 5480 ControllerThe Allen-Bradley CompactLogix 5480 Controller offers the benefits of Logix control with Windows based computing. With a commercially available CPU and a Windows 10 IoT Enterprise operating systemrunning independently of the Logix control engine, it provides a high-performance architecture with theability to run 3rd-party applications.End users and OEMs are inventing ways to collect data from machines and turning it into valuable informationcloser to the plant floor. This ability to make decisions at the machine level helps to enable our ConnectedEnterprise vision. Key features of the controller include: Built upon our high-performance architecture, which was first introduced with the ControlLogix 5580and CompactLogix 5380 controllers Uses Studio 5000 environment and development tools Provides Logix real-time control and an instance of Windows 10 IoT Enterprise operating system on asingle platform Increased performance provides faster scan time execution and motion loop updates, therefore, bettermachine throughput and increased production Embedded Logix security with FactoryTalk Security user authentication and authorizationThis document guides users through the configuration of an OPC UA server using FactoryTalk Linx Gatewayon the Windows core of a 5480 Controller. Using the products in this configuration allows users to connecttheir CompactLogix 5480 controllers to third party OPC UA clients without the need for external software orhardware. This solution utilizes the Windows core of the CompactLogix 5480 controller as an OPC UA serverproviding a quick and easy OPC UA solution integrated with a Logix controller architecture.The objective of this document is to demonstrate secure access to a CompactLogix 5480 controller for anon-Rockwell OPC UA client. This configuration requires FactoryTalk Linx Gateway to provide access to thecontroller via FactoryTalk Linx. The CompactLogix 5480 Controller provides users with a controller platformthat will support OPC UA connectivity natively without the use of external gateways/protocols.Rockwell Automation Configure an OPC UA server on a CompactLogix 5480 controller using FactoryTalk Linx Gateway 03

OPC Unified Architecture (UA)OPC stands for Open Platform Communication and is the interoperability standard for the secureand reliable exchange of data in the industrial automation space, as defined by the OPC Foundation.The OPC Foundation’s mission is to create data transfer standards for multi-vendor, multi-platform,secure and reliable interoperability in industrial automation.The OPC standards are a series of specifications which define the interface between clients and servers,as well as servers and servers, including access to real-time data, monitoring of alarms and events, accessto historical data and other applications.OPC UA (Unified Architecture) is one of the OPC Standards defined by the OPC Foundation. OPC UA is aplatform independent service-oriented architecture that integrates OPC Classic standards [which includeOPC Data Access (DA), OPC alarm and events (AE), and OPC Historical Data Access (HDA)] and adds security(encryption, authentication, and auditing) and comprehensive information modeling.For more information on OPC standards, visit the OPC Foundation website: https://opcfoundation.org/.FactoryTalk Linx GatewayOFactoryTalk Linx Gateway is a Classic OPC-DA and OPC UA server interface to deliver information collectedby FactoryTalk Linx from Logix 5000 and other Allen-Bradley controllers to external OPC clients, permittingthird-party software to coexist with FactoryTalk software.Starting with FactoryTalk Services Platform version 3.00 and FactoryTalk Linx Gateway version 6.00,FactoryTalk Applications have been enhanced with OPC UA functionality OPC UA servers can be addedinto FactoryTalk Applications and OPC UA clients can obtain information from FactoryTalk Applications viaFactoryTalk Linx Gateway.The implementation is based on OPC UA specification revision v1.03 FactoryTalk Linx Gateway version6.10 and later has added the capability to create secure OPC UA Server endpoints. This allows OPC UAclients to create a secure connection with FactoryTalk Linx Gateway and exchange encrypted data withFactoryTalk applications.Rockwell Automation Configure an OPC UA server on a CompactLogix 5480 controller using FactoryTalk Linx Gateway 04

RequirementsThis section covers the required hardware and software for configuring an OPC UA Server on a CompactLogix5480 controller.Required hardware CompactLogix 5480 Controller (5069-L4xxxERMW)Required software FactoryTalk Linx v6.11 FactoryTalk Linx Gateway v6.11 Unified Automation UaExpert v1.5 (or equivalent) Studio 5000 Logix Designer v32 Rockwell Automation Configure an OPC UA server on a CompactLogix 5480 controller using FactoryTalk Linx Gateway 05

ConfigurationThis section covers the basic configuration and also explains the software configuration of FTLinx andFTLinx Gateway.Configuration summaryIn a FactoryTalk application, an area is created hosting FactoryTalk Linx with a shortcut configured to pointto the controller. FactoryTalk Linx Gateway is configured as an OPC UA Server with secure endpoints.Both FactoryTalk Linx and FactoryTalk Gateway are hosted in the CompactLogix 5480 OS (Windows 10IoT Enterprise). FactoryTalk Linx utilizes the built in internal channel to access tag data in the 5480 Logixcontroller through a Virtual Backplane Driver. This prevents the need of making an external connectionbetween the CompactLogix 5480 Windows core and the Logix controller.A non-Rockwell OPC UA client like the UaExpert client application from Unified Automation can be used totest the client connection.FIG 1. OPC UA architecture on CompactLogix 5480Rockwell Automation Configure an OPC UA server on a CompactLogix 5480 controller using FactoryTalk Linx Gateway 06

5480 Controller Windows OSUse Studio 5000 Logix Designer to download the applicable application to the CompactLogix 5480 controller.The controller program used in the example is OPCUADemo.acd.FIG 2. Virtual Backplane Driver (VBD) for CompactLogix 5480 in Studio 5000 Logix DesignerLogix Designer has adopted the option to use FTLinx as Communication Software for the Who Active bowserwindow (as opposed to RSLinx Classic).Rockwell Automation Configure an OPC UA server on a CompactLogix 5480 controller using FactoryTalk Linx Gateway 07

FactoryTalk application/FactoryTalk LinxThis example uses a FactoryTalk View SE local station application called OPCUADemo. The applicationcontains an instance of FactoryTalk Linx with a shortcut OPCUaDemo5480 pointing to the 5069 controllerthrough the virtual Backplane drive:FIG 3. Virtual Backplane Driver (VBD) for CompactLogix 5480 in FactoryTalk Administration ConsoleRockwell Automation Configure an OPC UA server on a CompactLogix 5480 controller using FactoryTalk Linx Gateway 08

FactoryTalk Linx GatewayUnder the Server Configuration tab, select the OPCUADemo application as the FactoryTalk Directory Scopethat was created in the previous step.FIG 4. FactoryTalk Linx Gateway Server ConfigurationThe default Service Name FactoryTalkLinxGateway has been changed to FTLGWYOn5480.Rockwell Automation Configure an OPC UA server on a CompactLogix 5480 controller using FactoryTalk Linx Gateway 09

The connection with the OPCUA Server is established by creating one or more server endpoints under theUA Server Endpoints tab.The default endpoint, FactoryTalkLinxGateway1, is created automatically when selecting the ‘Add’ button.The name of this endpoint was changed to FTLGWY5480DefaultEndPt while all the other security settingswere kept at their default values. This means that an Anonymous user will be able to use this endpoint.FIG 5. FactoryTalk Linx Gateway Endpoints ConfigurationIf required, additional endpoints can be added with various security policies, encryption and authenticationoptions. For example, if the FactoryTalk Security User checkbox was selected (instead of Anonymous), userauthentication would be required when establishing the connection through the endpoint.Rockwell Automation Configure an OPC UA server on a CompactLogix 5480 controller using FactoryTalk Linx Gateway 10

The Certificate Management tab lists certificates used in a secure OPC UA communication. FactoryTalk LinxGateway installs v1.03 of the UA Local Discovery Server. It comes with the certificate that is automaticallyadded to the list of Trusted Certificates when the FactoryTalk Linx Gateway service is restarted (uponcreating and accepting the server endpoints).FIG 6. FactoryTalk Linx Gateway Certificate Management ConfigurationRockwell Automation Configure an OPC UA server on a CompactLogix 5480 controller using FactoryTalk Linx Gateway 11

UaExpert (remote OPC UA client)As mentioned earlier, UaExpert can be used to test a client connection. The section explains how this can beused to make a connection to the newly created OPC UA server. In this example the object is configured toconnect to the FactoryTalk Linx Gateway secure endpoint FTLGWY5480DefaultEndPt.FIG 7. UaExpert Client ConfigurationSince this endpoint allows Anonymous access, the connection does not require authentication.Although the authentication is successfully processed, the connection with the FactoryTalk Linx GatewayOPC UA server cannot be made:FIG 8. UaExpert Client AuthenticationRockwell Automation Configure an OPC UA server on a CompactLogix 5480 controller using FactoryTalk Linx Gateway 12

Prior to establishing a connection, the OPC UA client and the OPC UA server must trust each other. Errorsoriginate from an untrusted security certificate generated by the OPC UA client. In order to establish theconnection, the certificate must be made trusted in FactoryTalk Linx Gateway Certificate Management.FIG 9. FactoryTalk Linx Gateway Certificate Management for the UA ClientAfter repeating the connection process, the UaExpert client on the remote machine willconnect successfully.Rockwell Automation Configure an OPC UA server on a CompactLogix 5480 controller using FactoryTalk Linx Gateway 13

The Address Space pane in the lower left lists all data items available through the FactoryTalk LinxCookieDemo shortcut. This includes data items from the controller (Online folder) and FactoryTalk Linxdiagnostic data (Diagnostic Items folder). The selection of data items is made by dragging and droppingthe items onto the Data Access View pane.For the purpose of this example we selected several items associated with the Mixer program that allowa user to see Mixer component information such as Mixer VFD, Tank Products and selected Tank Storagealarms and level information.FIG 10. Accessing tags with UaExpert ClientOne of the UaExpert configuration options is a data sampling interval that can be set in accordancewith specific monitoring requirements. Note that the faster sampling intervals may inadvertently affectperformance of both the computer hosting the OPC UA Server (FactoryTalk Linx Gateway) and theUaExpert client. For our purposes, the sampling interval was set to 1 second:FIG 11. UaExpert Client Update Rate ConfigurationRockwell Automation Configure an OPC UA server on a CompactLogix 5480 controller using FactoryTalk Linx Gateway 14

Design considerationsThis section covers basic design considerations.PerformanceThe performance results listed below were gathered using the configuration that was highlighted in thisexample. All tags were scattered (non-arrayed) and were all DINTs. The collection rate for the OPC UA clientwas set to a one second update. This should provide a reasonable expectation of performance. Additionally,no software was installed and/or running on the Windows core of the 5480 controller. This is an importantthing to remember since the Windows OS of the 5480 controller will likely be the limiting factor when pushinglimits of this use case. This is primarily because the Windows OS is running on a single physical core of the i7processor. The remaining cores of the i7 are dedicated to real-time Logix control.The table below shows how resource utilization depends on the number of tags being requested by the OPCUA client. Key performance parameters are as follows: Total CPU utilization of the Windows OS on the 5480 controller. CPU utilization and virtual memory of the FactoryTalk Linx gateway OPC UA Server process. This is theprocess that moves data between the 5480 Windows OS to the OPC UA Client. CPU utilization and virtual memory of the FactoryTalk Linx server process. This is the process thatacquires data from the 5480 controller. Network packets per second.CPU (Avg) [%]Virtual Process Memory [MB]Tag CountTotalFactoryTalk LinxGatewayFactoryTalk LinxFactoryTalk LinxGatewayFactoryTalk LinxPackets 6370Based on this data, we can conclude that the main concern is the total CPU utilization that increases almostlinearly with the number of tags. 15,000 tags require 50% of the total CPU utilization of the 5480 WindowsOS. Increasing the number of tags requested by the OPC UA client above 15,000 tags causes the 5480Windows OS CPU utilization to exceed 50% utlization, which causes some concern. Remember, the WindowsOS is running on a single physical core of the i7 processor. This will cause the Windows resources to spikequicker than a standard PC in the event that the Windows OS executes additional applications. In this test,when above 15,000 tags, a simple remote desktop connection caused a relatively quick spike of the WindowsOS CPU percentage above 90%; therefore, the recommendation is to keep the number of tags below 15,000.Rockwell Automation Configure an OPC UA server on a CompactLogix 5480 controller using FactoryTalk Linx Gateway 15

If a user is planning to run additional software on the Windows OS of the CompactLogix 5480, a tag countreduction is recommended.Other observations: After an expected initial spike when the first group of tags is put on scan, the virtual process memory forboth FactoryTalk Linx and FactoryTalk Linx Gateway showed a relatively small increase throughout thetest, remaining well below the 2GB limit that exists for 32-bit Windows processes. Performance degradation was not observed at the OPC UA client above the recommended 15,000 tags.Additional resourcesAids, Literature Library Documents, Websites, etc.CompactLogix 5480 additional resources Knowledgebase ID QA57636: FAQ: Book of Knowledge for the ControlLogix Compute Module &CompactLogix 5480 scalable compute products CompactLogix 5480 Controllers User ManualFactoryTalk Linx Gateway and OPC UA additional resources FactoryTalk Linx Getting Results Guide FactoryTalk Linx Gateway User Manual Rebranding of RSLinx Enterprise and FactoryTalk Gateway (CPR9 SR10) For more information on OPC and OPC UA, refer to the OPC Foundation website Performance information was gathered following the procedure in Monitoring FactoryTalk View SEmemory and CPU usage using Performance Monitor for the process ‘FTLinxOPCUA’Rockwell Automation Configure an OPC UA server on a CompactLogix 5480 controller using FactoryTalk Linx Gateway 16

About Rockwell AutomationRockwell Automation, Inc. (NYSE: ROK), the world’s largest company dedicated to industrial automationand information, makes its customers more productive and the world more sustainable. Headquarteredin Milwaukee, Wis., Rockwell Automation employs about 20,000 people serving customers in more than80 countries.Connect with us.ControlLogix, CompactLogix, expanding human possibility, FactoryTalk Alarms and Events, FactoryTalk Diagnostics, FactoryTalk Directory, FactoryTalk Transaction Manager, FactoryTalk ViewME, FactoryTalk View Studio, FactoryTalk View SE, FactoryTalk ViewPoint, FlexLogix , Logix, Logix 5000, RSLinx Gateway, RSLogix5000, FactoryTalk Integrator,RSView 32, SoftLogix and Rockwell Automation are all trademarks or registered trademarks of Rockwell Automation, Inc.Publication FTALK-WP020A-EN-P - October 2020Copyright 2020 Rockwell Automation, Inc. All Rights Reserved. Printed in USA.

OPC Unified Architecture (UA) OPC stands for Open Platform Communication and is the interoperability standard for the secure and reliable exchange of data in the industrial automation space, as defined by the OPC Foundation. The OPC Foundation’s mission is to create